last executing test programs: 2m10.031882116s ago: executing program 0 (id=794): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xa0000) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@host}) 2m9.966518761s ago: executing program 0 (id=796): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@private2, @in=@rand_addr=0x64010101, 0x0, 0xfffe, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0xffffffffffff235b, 0x0, 0x10000000000, 0x1000000}, {}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x0, 0x6c}, 0x2, @in6=@loopback, 0x0, 0x2, 0x0, 0x0, 0xffdffffc, 0x1000000}}, 0xe8) close_range(r0, 0xffffffffffffffff, 0x0) 2m9.883423042s ago: executing program 0 (id=798): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000300)={0xaa, 0x110}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000380)={&(0x7f0000bfd000/0x400000)=nil, &(0x7f0000bd1000/0x2000)=nil, 0x400000, 0x1}) 2m9.741966063s ago: executing program 0 (id=799): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m9.733513193s ago: executing program 0 (id=800): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) timer_gettime(0x0, 0x0) 2m9.521994139s ago: executing program 0 (id=801): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001940)) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000300)) 2m9.26766302s ago: executing program 32 (id=801): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001940)) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000300)) 57.538022396s ago: executing program 4 (id=1435): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x2000000) 48.284941621s ago: executing program 4 (id=1435): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x2000000) 37.55760901s ago: executing program 4 (id=1435): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x2000000) 32.304376929s ago: executing program 1 (id=2163): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8, 0x1, 0xee}) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0xfffffd52, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, r2, 0x3, 0x0, 0xa, 0x1ff, 0x1}) 32.231172639s ago: executing program 1 (id=2164): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x3c}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x14, &(0x7f0000000040), 0x50) listen(r0, 0x0) accept$inet6(r0, 0x0, 0x0) 32.08173285s ago: executing program 1 (id=2165): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000080)={0x0, 0x1, 0x3, 0xffff}, &(0x7f00000000c0)=0x10) 32.071440043s ago: executing program 1 (id=2167): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00') 31.927951151s ago: executing program 1 (id=2169): syz_open_dev$usbfs(&(0x7f0000000180), 0x12, 0x40000) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x100, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x75fa, 0xe475, 0x0, 0x0, 0x0) 31.593817256s ago: executing program 1 (id=2171): socket$nl_rdma(0x10, 0x3, 0x14) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000780)={0x1c, r0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x10) 31.358530187s ago: executing program 33 (id=2171): socket$nl_rdma(0x10, 0x3, 0x14) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000780)={0x1c, r0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x10) 29.049703573s ago: executing program 4 (id=1435): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x2000000) 18.102609553s ago: executing program 4 (id=1435): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x2000000) 9.381900664s ago: executing program 4 (id=1435): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x2000000) 2.658761197s ago: executing program 3 (id=2468): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x800c050}, 0x4000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newtaction={0x64, 0x30, 0xb, 0x70bd2c, 0x0, {}, [{0x50, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x8, 0x2800, 0x0, 0x5, 0x2}, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x8000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2.552500177s ago: executing program 3 (id=2470): r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x215}, &(0x7f0000000280)=0x0, &(0x7f0000000240)=0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r3}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x8, 0x0, @fd, 0x10, 0x0, 0xfffdfff9, 0x5, 0x259792cd96d38d81}) io_uring_enter(r0, 0x2d3e, 0x0, 0x8, 0x0, 0x0) 2.401189585s ago: executing program 3 (id=2472): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) socket$xdp(0x2c, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x400000000000004) writev(r1, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1) 2.348420486s ago: executing program 5 (id=2473): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000280)={0x48, 0x13, r2, 0x0, r1}) 2.289836676s ago: executing program 3 (id=2474): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0xffffff5f, {0x4000, 0x6000}}, "d07ee5119ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9fae702d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b9f802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963cd14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb193213f4bccab1c34c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f0d9ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d579531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a785d820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37dfd149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f2729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab21842da1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb17ba194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336343f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a99b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f8f4ed0b27cedd1c5e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"}) 2.241204093s ago: executing program 5 (id=2475): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) bind$netrom(r1, &(0x7f0000000000)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48) listen(r1, 0x80) 2.183094115s ago: executing program 3 (id=2476): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000feffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000002c0)=r0, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={{0x14}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}}, 0x20050800) 2.102531843s ago: executing program 3 (id=2477): r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000e3ddef20501da1604fa1010203010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000f00)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)={0x40, 0x9, 0x1, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000140)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000540)={0x24, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000140)={0x0, 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.002638519s ago: executing program 2 (id=2478): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001a000100000000000000000002000000ef0000000000000008000100e000000108000300", @ANYRES32=r2], 0x34}}, 0x400c840) 1.914318773s ago: executing program 5 (id=2479): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000}) 1.882133175s ago: executing program 2 (id=2481): ioperm(0x0, 0x401, 0xfffffffffffffffc) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) 1.755128636s ago: executing program 2 (id=2483): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000000680)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x0, 0x3d6fc80, 0x380, 0x0}) 1.738803842s ago: executing program 5 (id=2484): r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r0, 0x5) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r1, 0x1) flock(r1, 0x2) 1.277130982s ago: executing program 2 (id=2485): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sendfile(r0, r0, 0x0, 0x40008) 841.186864ms ago: executing program 5 (id=2486): sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x7, 0x4) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) 755.793974ms ago: executing program 5 (id=2487): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000100b060a5000000000000109022400010000500009040002010300000009210000000122f80409058103"], 0x0) syz_usb_connect$printer(0x2, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x0, 0x0}, {0x16, &(0x7f0000000240)=@string={0x16, 0x3, "d8ae0e65d37b8b298491fbcc0d78e77f0fb80857"}}]}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="000706000000ff03"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) 528.840919ms ago: executing program 6 (id=2489): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000280)={{@local}, {@local}, 0x400, "787c2ce2fba15d4e9f8e96bc11e2ca247a20c3e26661b174fe1825253be9e8480cb4f3524914f59ba189c1429727ef39b4164f93bb821987b3b7f73495bc8e745304668e0e46798c7f5917ea8428d41cab5612336f04000000000000008e9c1c86a394feb64fb06f77dadbcb20fc62741432b7dca37007d68e98fe46135d6a1c5ed42102f58daa5211319db84aa9abac734be47c908dc3ffa3aa7b61ec16d3d1209fc618f6c4532ea582628502ac46d167db6d53d8f3184df68414e6b6ec0109664c570e155654e03d58dadd0e5a7bab42bbb4a9afdefc115eb1609e7b50dbd94b94ba09000000000000001c9e4a41d3e16af21d6c897a1121bc14de16e78d6d7f2ae79db44e302539fd926e0b91e0fc589e2fa19b218d0508b5ce3ad40d03936693ca5aa41ddc07cf492874569ab037e0530e38245b98131ae0c9afd871df5f51331938764f5a7dd96890edd467b2fbc335ed081729b5ea722a98b34d0dac6de995de4ee263c81b2567b3f87e0897857edd5d7e97d61fc67076eab4846010d4828cc879f95cddb69ff6438f2a109285c46d8224c36069d30c3c9cf4a6800ae224111136bd9c1e06c4bfc4685d7bb6a72345772b3ce9bf105490743dc4b700f24ce6b250b95e6c383fe44967a55d140baf0ec339e3815b29a2246cb5c953048c43266485bbd9d0caecf00e9501a4433b54930cba54e06607ada2f5d818e4804294fcf53058e58e0d33d4aa6dc943811056908fe9116e65cdddac1d2fb24d1eacee389af38b7e5a7056d0de50c6b49fb38388cf28c2d6dd3dbbab84ffbef4b0c02a77f018e8a9749a557909e6aa96185d268dad7744b094d8c6134b8defe26674d65f908f9c3a8c201f661fc26efe0eff248d3a473fe32a5b3643bfad8f186c2af3fbaa1d38560c1244c79a0e48893eefb792af281650f34f6c2d9a6c622aba234b63586713cb66179a0897d98ee5228569c32c1a682807c8db7eb197ccbbd6549db86a6a9aebbf5dc14060f22e2b07d6166f43c25ae0c88be7a4dc38e7ed08972a355b0e5d6fc43b8e5594fa6b36a36a44bb94b75eaff11dc17105f54beda54da2a1ea1acfab354745057dd2e7725f2c8450b19fdf37e19f6ce43449e9191f5a5beb4a1bc176f6130052e83acefd8ff18d592bb75f15f86c9113e4bd67ad420c33ae706cdc10060277b83ef30a50d4ac19c9a791b309377aa20a4743bbb799abc3ba58071b628c9ba8103bbfe389939e55296ec9b4f8d3a03aff30ce9aa0dd6e5158a672be8f3da8349ed4ad82f6ca67ee29e8b234840cf7846e604e5b8135abd94d71fe0a79180e75d4e193ea8df466c087b660fe984943751a9f6df8545699701d478c2b3daa949155770e74835bcd972de27afd20b02ce0e504c15b0237437200"}, 0x418, 0x7fffffff}) ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r0, 0x7ac, &(0x7f0000000000)={0x0, 0x0, 0x6}) 353.759149ms ago: executing program 6 (id=2490): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_START_P2P_DEVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x48801}, 0x4000080) 286.165266ms ago: executing program 6 (id=2491): ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x109400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="020000000000000408010040"]) 83.606493ms ago: executing program 6 (id=2492): openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) 82.380637ms ago: executing program 2 (id=2493): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dc4a) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200), &(0x7f00000006c0)=@v2={0x2000000, [{0x9, 0x4}, {0x0, 0x10000}]}, 0x14, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 62.603882ms ago: executing program 6 (id=2494): r0 = socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x80d, 0x2) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x2c, 0x10, 0x44b, 0x0, 0x25dfdbff, {0x7a, 0x0, 0x0, r2, 0x14200, 0x64808}, [@IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40002}, 0x4004040) 906.416µs ago: executing program 2 (id=2495): r0 = timerfd_create(0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000002}) 0s ago: executing program 6 (id=2496): r0 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bca, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r4, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103}) io_uring_enter(r0, 0x46f3, 0x0, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000200)='~', 0x1) kernel console output (not intermixed with test programs): 193][ T58] usb 6-1: USB disconnect, device number 18 [ 178.286419][ T30] audit: type=1400 audit(1747082216.393:728): avc: denied { recv } for pid=912 comm="kworker/1:2" saddr=10.128.0.169 src=30006 daddr=10.128.10.31 dest=55210 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 178.342155][ T30] audit: type=1400 audit(1747082216.453:729): avc: denied { read } for pid=10237 comm="syz.3.1910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 178.460633][ T30] audit: type=1400 audit(1747082216.563:730): avc: denied { egress } for pid=23 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 178.484798][ T30] audit: type=1400 audit(1747082216.563:731): avc: denied { sendto } for pid=23 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 178.508754][ T30] audit: type=1400 audit(1747082216.583:732): avc: denied { ioctl } for pid=10247 comm="syz.2.1914" path="socket:[32296]" dev="sockfs" ino=32296 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 178.795059][ T30] audit: type=1400 audit(1747082216.903:733): avc: denied { setopt } for pid=10269 comm="syz.5.1924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 178.840262][ T58] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 178.962388][ T30] audit: type=1326 audit(1747082217.073:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10276 comm="syz.3.1927" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f18d1d8e969 code=0x0 [ 179.012944][ T58] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 179.028239][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 179.033699][T10280] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1928'. [ 179.039545][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 179.063521][ T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 179.077257][ T58] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 179.089496][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.105108][ T58] usb 3-1: config 0 descriptor?? [ 179.111516][T10256] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 179.154902][ T3029] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.527682][ T58] plantronics 0003:047F:FFFF.001E: reserved main item tag 0xd [ 179.536471][ T58] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving [ 179.548404][ T58] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 179.712389][ T3029] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.813329][ T912] usb 3-1: USB disconnect, device number 19 [ 179.972556][ T3029] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.123703][ T3029] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.247238][ T5818] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 180.262161][ T5818] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 180.272280][ T5818] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 180.292992][ T5818] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 180.310335][ T5818] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 180.340316][ T3029] bridge_slave_1: left allmulticast mode [ 180.348540][ T3029] bridge_slave_1: left promiscuous mode [ 180.374331][ T3029] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.448178][ T3029] bridge_slave_0: left allmulticast mode [ 180.459145][ T3029] bridge_slave_0: left promiscuous mode [ 180.499232][ T3029] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.532289][ T5816] Bluetooth: hci3: command 0x0406 tx timeout [ 180.670953][ T5850] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 180.760859][ T92] usb 4-1: new full-speed USB device number 23 using dummy_hcd [ 180.851460][ T5850] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 180.863353][ T5850] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 180.875479][ T5850] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 180.886571][ T5850] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.907670][T10301] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 180.917887][ T5850] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 180.942981][ T92] usb 4-1: unable to get BOS descriptor or descriptor too short [ 180.955166][ T92] usb 4-1: not running at top speed; connect to a high speed hub [ 180.973906][ T92] usb 4-1: config 9 has an invalid interface number: 76 but max is 0 [ 180.983180][ T92] usb 4-1: config 9 has no interface number 0 [ 180.994706][ T92] usb 4-1: config 9 interface 76 has no altsetting 0 [ 181.004009][ T92] usb 4-1: New USB device found, idVendor=16d8, idProduct=6804, bcdDevice=68.d5 [ 181.013655][ T92] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.021873][ T92] usb 4-1: Product: syz [ 181.026181][ T92] usb 4-1: Manufacturer: syz [ 181.030882][ T92] usb 4-1: SerialNumber: syz [ 181.137205][ T10] usb 2-1: USB disconnect, device number 25 [ 181.249792][ T92] hub 4-1:9.76: bad descriptor, ignoring hub [ 181.258878][ T92] hub 4-1:9.76: probe with driver hub failed with error -5 [ 181.269083][ T92] option 4-1:9.76: GSM modem (1-port) converter detected [ 181.276737][ T3029] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 181.298077][ T3029] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 181.307849][ T92] usb 4-1: USB disconnect, device number 23 [ 181.328105][ T92] option 4-1:9.76: device disconnected [ 181.383187][ T3029] bond0 (unregistering): Released all slaves [ 181.426741][T10298] lo speed is unknown, defaulting to 1000 [ 181.846887][T10333] syzkaller1: entered promiscuous mode [ 181.858077][T10333] syzkaller1: entered allmulticast mode [ 182.080764][T10298] chnl_net:caif_netlink_parms(): no params data found [ 182.298514][ T3029] hsr_slave_0: left promiscuous mode [ 182.318848][ T3029] hsr_slave_1: left promiscuous mode [ 182.324894][ T3029] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 182.332360][ T3029] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 182.352700][ T3029] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 182.370224][ T5821] Bluetooth: hci1: command tx timeout [ 182.387741][ T3029] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 182.456109][ T3029] veth1_macvtap: left promiscuous mode [ 182.476168][ T3029] veth0_macvtap: left promiscuous mode [ 182.492349][ T5861] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 182.503429][ T3029] veth1_vlan: left promiscuous mode [ 182.531511][ T3029] veth0_vlan: left promiscuous mode [ 182.660821][ T5861] usb 2-1: Using ep0 maxpacket: 8 [ 182.668970][ T5861] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 182.678157][ T5861] usb 2-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 182.689750][ T5861] usb 2-1: config 179 has no interface number 0 [ 182.696269][ T5861] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 182.708167][ T5861] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 182.720296][ T5861] usb 2-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 182.733904][ T5861] usb 2-1: config 179 interface 65 has no altsetting 0 [ 182.741147][ T5861] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 182.750343][ T5861] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.004493][ T30] audit: type=1400 audit(1747082221.113:735): avc: denied { write } for pid=10368 comm="syz.2.1965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 183.041393][ T5861] usb 2-1: USB disconnect, device number 26 [ 183.203847][ T3029] team0 (unregistering): Port device team_slave_1 removed [ 183.253625][ T3029] team0 (unregistering): Port device team_slave_0 removed [ 183.970162][T10298] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.982913][T10298] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.005337][T10298] bridge_slave_0: entered allmulticast mode [ 184.007911][T10298] bridge_slave_0: entered promiscuous mode [ 184.015734][T10298] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.047515][T10298] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.047681][T10298] bridge_slave_1: entered allmulticast mode [ 184.053024][T10298] bridge_slave_1: entered promiscuous mode [ 184.082364][ T30] audit: type=1400 audit(1747082222.193:736): avc: denied { setopt } for pid=10385 comm="syz.2.1973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 184.200530][T10298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 184.204986][ T30] audit: type=1400 audit(1747082222.313:737): avc: denied { append } for pid=10392 comm="syz.5.1976" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 184.205359][ T30] audit: type=1400 audit(1747082222.313:738): avc: denied { open } for pid=10392 comm="syz.5.1976" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 184.207273][T10298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 184.214961][T10393] random: crng reseeded on system resumption [ 184.365342][T10298] team0: Port device team_slave_0 added [ 184.391066][T10298] team0: Port device team_slave_1 added [ 184.450418][ T5821] Bluetooth: hci1: command tx timeout [ 184.475474][T10298] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 184.497056][T10298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.523780][T10298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 184.536284][T10298] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 184.543264][T10298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.570118][T10298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 184.666808][T10298] hsr_slave_0: entered promiscuous mode [ 184.681048][T10298] hsr_slave_1: entered promiscuous mode [ 184.687245][T10298] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 184.710067][T10298] Cannot create hsr debugfs directory [ 184.717274][ T30] audit: type=1400 audit(1747082222.823:739): avc: denied { connect } for pid=10408 comm="syz.3.1983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 184.755325][ T30] audit: type=1400 audit(1747082222.843:740): avc: denied { read } for pid=10408 comm="syz.3.1983" path="socket:[33784]" dev="sockfs" ino=33784 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 185.004795][ T30] audit: type=1400 audit(1747082223.113:741): avc: denied { read } for pid=10421 comm="syz.2.1989" path="socket:[34030]" dev="sockfs" ino=34030 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 185.091740][ T5861] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 185.149407][T10426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1991'. [ 185.215099][T10298] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 185.227522][T10298] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 185.248041][T10298] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 185.252519][ T5861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 185.275157][T10298] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 185.282086][ T5861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 185.282116][ T5861] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 185.282157][ T5861] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 185.334753][ T5861] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.356214][ T5861] usb 4-1: config 0 descriptor?? [ 185.484553][T10298] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.519953][T10298] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.536139][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.543342][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.575763][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.582964][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.796707][ T5861] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving [ 185.825472][ T5861] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 185.888880][ T30] audit: type=1400 audit(1747082223.993:742): avc: denied { mount } for pid=10444 comm="syz.5.1999" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 186.038637][T10298] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 186.109947][ T5861] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 186.134056][ T5850] usb 4-1: USB disconnect, device number 24 [ 186.166531][T10469] Invalid source name [ 186.265595][ T5861] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 186.285943][ T5861] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 186.307270][ T5861] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 186.326480][ T5861] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 186.352214][ T5861] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 186.362772][ T5861] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.382800][ T5861] usb 3-1: Product: syz [ 186.389114][T10298] veth0_vlan: entered promiscuous mode [ 186.394773][ T5861] usb 3-1: Manufacturer: syz [ 186.405694][ T5861] usb 3-1: SerialNumber: syz [ 186.422216][T10298] veth1_vlan: entered promiscuous mode [ 186.432001][ T5861] usb 3-1: config 0 descriptor?? [ 186.440463][ T5861] ums-isd200 3-1:0.0: USB Mass Storage device detected [ 186.473981][ T30] audit: type=1400 audit(1747082224.583:743): avc: denied { mount } for pid=10477 comm="syz.1.2008" name="/" dev="autofs" ino=34956 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 186.481261][T10298] veth0_macvtap: entered promiscuous mode [ 186.496423][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.536271][ T5821] Bluetooth: hci1: command tx timeout [ 186.545956][ T30] audit: type=1400 audit(1747082224.643:744): avc: denied { unmount } for pid=5808 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 186.586858][T10298] veth1_macvtap: entered promiscuous mode [ 186.617843][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.641911][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.652047][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.668561][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.683082][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.704912][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.716856][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.728289][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.739615][T10298] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.755868][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.770854][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.782213][ T5861] ums-isd200 3-1:0.0: probe with driver ums-isd200 failed with error -22 [ 186.801069][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.815819][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.825704][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.836370][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.846203][T10298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.858133][T10298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.869769][T10298] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.873196][ T5850] usb 3-1: USB disconnect, device number 20 [ 186.882558][T10298] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.891677][T10298] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.929993][T10298] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.938716][T10298] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.088346][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.102898][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.137842][T10496] kvm: kvm [10495]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x4c [ 187.148743][T10498] netlink: 11 bytes leftover after parsing attributes in process `syz.5.2016'. [ 187.161525][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.169350][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.402107][T10511] lo speed is unknown, defaulting to 1000 [ 187.725865][T10524] sp0: Synchronizing with TNC [ 187.805684][T10529] sp0: Synchronizing with TNC [ 188.075418][T10540] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2033'. [ 188.203493][T10545] netlink: 'syz.2.2034': attribute type 9 has an invalid length. [ 188.215206][T10545] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2034'. [ 188.220662][ T5862] usb 6-1: new full-speed USB device number 19 using dummy_hcd [ 188.391553][ T5862] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 188.407771][ T5862] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 188.417015][ T5862] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.443509][ T5862] usb 6-1: config 0 descriptor?? [ 188.459570][T10534] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 188.503582][ T3029] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.883730][ T5862] elan 0003:04F3:0755.0020: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.5-1/input0 [ 189.443804][ T3029] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.596462][ T3029] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.600061][T10567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2042'. [ 189.707171][T10567] 8021q: adding VLAN 0 to HW filter on device team1 [ 189.731134][T10565] lo speed is unknown, defaulting to 1000 [ 189.809565][ T3029] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.825386][ T5816] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 189.838528][ T5816] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 189.850099][ T5816] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 189.876995][ T5816] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 189.885941][ T5816] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 190.070226][T10568] lo speed is unknown, defaulting to 1000 [ 190.094535][T10574] Bluetooth: MGMT ver 1.23 [ 190.127231][ T3029] bridge_slave_1: left allmulticast mode [ 190.135180][ T3029] bridge_slave_1: left promiscuous mode [ 190.144281][ T3029] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.173876][ T3029] bridge_slave_0: left allmulticast mode [ 190.179585][ T3029] bridge_slave_0: left promiscuous mode [ 190.193757][ T3029] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.419467][T10580] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2047'. [ 190.600013][ T10] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 190.684905][ T3029] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.703863][ T3029] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 190.716199][ T3029] bond0 (unregistering): Released all slaves [ 190.755744][ T10] usb 2-1: Using ep0 maxpacket: 8 [ 190.764072][ T10] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 190.784141][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.812130][ T10] usb 2-1: Product: syz [ 190.820187][ T5859] usb 6-1: USB disconnect, device number 19 [ 190.830494][ T10] usb 2-1: Manufacturer: syz [ 190.835106][ T10] usb 2-1: SerialNumber: syz [ 190.880569][ T10] usb 2-1: config 0 descriptor?? [ 191.104126][ T10] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 191.333551][T10600] netlink: 212396 bytes leftover after parsing attributes in process `syz.5.2055'. [ 191.355889][T10600] openvswitch: netlink: Key 6 has unexpected len 0 expected 2 [ 191.458067][T10603] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2056'. [ 191.477626][T10603] netlink: 'syz.5.2056': attribute type 30 has an invalid length. [ 191.487451][T10568] chnl_net:caif_netlink_parms(): no params data found [ 191.532516][T10603] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 191.542102][T10603] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 191.551375][T10603] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 191.560353][T10603] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 191.595574][ T3029] hsr_slave_0: left promiscuous mode [ 191.610063][ T3029] hsr_slave_1: left promiscuous mode [ 191.617013][ T3029] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 191.624946][ T3029] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 191.637706][ T3029] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 191.649007][ T3029] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 191.679543][ T3029] veth1_macvtap: left promiscuous mode [ 191.687211][ T3029] veth0_macvtap: left promiscuous mode [ 191.693476][ T3029] veth1_vlan: left promiscuous mode [ 191.703715][ T3029] veth0_vlan: left promiscuous mode [ 191.913941][ T10] usb write operation failed. (-71) [ 191.936655][ T10] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 191.970075][ T5816] Bluetooth: hci1: command tx timeout [ 191.978462][ T10] dvbdev: DVB: registering new adapter (Terratec H7) [ 191.987516][ T10] usb 2-1: media controller created [ 192.020585][ T10] usb read operation failed. (-71) [ 192.040133][ T10] usb write operation failed. (-71) [ 192.075693][ T10] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 192.105255][ T10] usb 2-1: USB disconnect, device number 27 [ 192.163184][T10619] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2063'. [ 192.655395][ T3029] team0 (unregistering): Port device team_slave_1 removed [ 192.703097][ T3029] team0 (unregistering): Port device team_slave_0 removed [ 192.826251][ T5900] hid-generic 0005:16C0:5505.0021: item fetching failed at offset 0/3 [ 192.836540][ T5900] hid-generic 0005:16C0:5505.0021: probe with driver hid-generic failed with error -22 [ 193.197885][ T5859] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 193.206482][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 193.206494][ T30] audit: type=1400 audit(1747082231.313:746): avc: denied { append } for pid=10646 comm="syz.5.2075" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 193.273544][ T30] audit: type=1400 audit(1747082231.343:747): avc: denied { map } for pid=10646 comm="syz.5.2075" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 193.326348][ T30] audit: type=1400 audit(1747082231.343:748): avc: denied { write execute } for pid=10646 comm="syz.5.2075" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 193.389128][ T30] audit: type=1326 audit(1747082231.373:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10626 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18d1d8e969 code=0x7fc00000 [ 193.460163][ T5859] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 193.470779][ T5859] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 193.485490][ T5859] usb 3-1: config 1 has no interface number 0 [ 193.499985][ T5859] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.513152][ T5859] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 193.526950][ T5859] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 193.538197][ T5859] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.546242][ T5859] usb 3-1: Product: syz [ 193.554645][ T5859] usb 3-1: Manufacturer: syz [ 193.559251][ T5859] usb 3-1: SerialNumber: syz [ 193.763842][ T10] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 193.839970][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.890867][T10568] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.905614][T10568] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.915034][T10568] bridge_slave_0: entered allmulticast mode [ 193.927331][T10568] bridge_slave_0: entered promiscuous mode [ 193.944609][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 193.951081][T10568] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.975393][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.989995][T10568] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.996174][ T10] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 193.997165][T10568] bridge_slave_1: entered allmulticast mode [ 194.013153][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.027115][ T10] usb 6-1: config 0 descriptor?? [ 194.042616][T10568] bridge_slave_1: entered promiscuous mode [ 194.059879][ T5816] Bluetooth: hci1: command tx timeout [ 194.124602][T10568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.149227][T10568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.199021][T10568] team0: Port device team_slave_0 added [ 194.214824][T10568] team0: Port device team_slave_1 added [ 194.248640][T10568] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.255717][T10568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.281779][T10568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.297436][T10568] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.305484][T10568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.334183][T10568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.410744][ T5859] cdc_ncm 3-1:1.1: bind() failure [ 194.456560][T10568] hsr_slave_0: entered promiscuous mode [ 194.467365][T10568] hsr_slave_1: entered promiscuous mode [ 194.478063][T10568] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 194.478166][ T10] mcp2221 0003:04D8:00DD.0022: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 194.496913][T10568] Cannot create hsr debugfs directory [ 194.649673][ T912] usb 3-1: USB disconnect, device number 21 [ 194.911219][ T5850] usb 6-1: USB disconnect, device number 20 [ 194.989982][ T10] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 195.159934][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 195.167761][ T10] usb 4-1: config 0 has an invalid interface number: 167 but max is 0 [ 195.176157][ T10] usb 4-1: config 0 has no interface number 0 [ 195.184132][ T10] usb 4-1: New USB device found, idVendor=0c45, idProduct=62b0, bcdDevice=b8.ce [ 195.193352][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.202603][ T10] usb 4-1: Product: syz [ 195.207114][ T10] usb 4-1: Manufacturer: syz [ 195.211828][ T10] usb 4-1: SerialNumber: syz [ 195.219388][ T10] usb 4-1: config 0 descriptor?? [ 195.230039][ T10] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:62b0 [ 195.356557][T10568] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 195.385122][T10568] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 195.406550][T10568] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 195.444273][T10568] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 195.609801][T10568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.639995][ T10] gspca_sn9c20x: Write register 1001 failed -71 [ 195.646280][ T10] gspca_sn9c20x: Device initialization failed [ 195.667394][T10641] Set syz1 is full, maxelem 65536 reached [ 195.676719][T10568] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.695795][ T10] gspca_sn9c20x 4-1:0.167: probe with driver gspca_sn9c20x failed with error -71 [ 195.718622][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.725782][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.771621][ T10] usb 4-1: USB disconnect, device number 25 [ 195.805235][ T3029] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.812407][ T3029] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.834826][T10677] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2089'. [ 195.877335][T10680] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 195.901558][T10680] qnx6: wrong signature (magic) in superblock #1. [ 195.908107][T10680] qnx6: unable to read the first superblock [ 196.019548][T10685] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 196.104649][ T30] audit: type=1400 audit(1747082234.213:750): avc: denied { unmount } for pid=5808 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 196.130402][ T5816] Bluetooth: hci1: command tx timeout [ 196.427715][T10568] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.636416][T10714] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input44 [ 196.949755][T10568] veth0_vlan: entered promiscuous mode [ 196.976429][T10568] veth1_vlan: entered promiscuous mode [ 197.068624][T10568] veth0_macvtap: entered promiscuous mode [ 197.085048][T10568] veth1_macvtap: entered promiscuous mode [ 197.117190][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.143122][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.154149][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.164806][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.199993][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.215047][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.235077][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.267413][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.300994][T10568] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.318580][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.329181][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.340194][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.350715][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.361114][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.371685][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.382074][T10568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.393928][T10568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.405537][T10568] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.495645][T10568] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.517954][T10568] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.537006][T10568] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.555917][T10568] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.724257][ T3007] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.747069][ T3007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.796773][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.807783][T10761] netlink: 'syz.1.2119': attribute type 1 has an invalid length. [ 197.812514][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.817248][ T30] audit: type=1400 audit(1747082235.913:751): avc: denied { read } for pid=10760 comm="syz.2.2120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 198.126783][ T30] audit: type=1400 audit(1747082236.233:752): avc: denied { bind } for pid=10767 comm="syz.5.2122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 198.419927][ T92] usb 6-1: new full-speed USB device number 21 using dummy_hcd [ 198.573090][ T92] usb 6-1: config 0 has an invalid interface number: 41 but max is 0 [ 198.589716][ T92] usb 6-1: config 0 has no interface number 0 [ 198.609113][ T92] usb 6-1: config 0 interface 41 has no altsetting 0 [ 198.620340][ T92] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 198.631774][ T92] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.639770][ T92] usb 6-1: Product: syz [ 198.657703][ T92] usb 6-1: Manufacturer: syz [ 198.662552][ T92] usb 6-1: SerialNumber: syz [ 198.680863][ T92] usb 6-1: config 0 descriptor?? [ 198.925860][ T30] audit: type=1326 audit(1747082237.033:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.032986][ T30] audit: type=1326 audit(1747082237.033:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.056373][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.092479][ T30] audit: type=1326 audit(1747082237.033:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.147647][ T30] audit: type=1326 audit(1747082237.033:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.171049][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.206383][ T30] audit: type=1326 audit(1747082237.033:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.259923][ T30] audit: type=1326 audit(1747082237.033:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.316490][ T3007] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.364414][ T30] audit: type=1326 audit(1747082237.033:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.387790][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.418230][ T30] audit: type=1326 audit(1747082237.033:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.443471][ T30] audit: type=1326 audit(1747082237.063:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.470415][ T30] audit: type=1326 audit(1747082237.063:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10780 comm="syz.2.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 199.525717][ T3007] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.590745][ T3007] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.663622][ T3007] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.725051][ T92] CoreChips 6-1:0.41: probe with driver CoreChips failed with error -71 [ 199.738308][ T92] usb 6-1: USB disconnect, device number 21 [ 199.778184][ T3007] bridge_slave_1: left allmulticast mode [ 199.783944][ T3007] bridge_slave_1: left promiscuous mode [ 199.789581][ T3007] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.798529][ T3007] bridge_slave_0: left allmulticast mode [ 199.804280][ T3007] bridge_slave_0: left promiscuous mode [ 199.810438][ T3007] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.041368][ T3007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 200.054160][ T3007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 200.063650][ T3007] bond0 (unregistering): Released all slaves [ 200.270778][ T912] kernel write not supported for file /uhid (pid: 912 comm: kworker/1:2) [ 200.573841][T10801] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2135'. [ 200.662116][T10801] netlink: 'syz.1.2135': attribute type 18 has an invalid length. [ 200.709431][T10801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2135'. [ 200.746677][ T5821] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 200.757686][ T5821] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 200.767755][ T5821] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 200.775807][ T5821] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 200.784523][ T3007] hsr_slave_0: left promiscuous mode [ 200.792454][ T5821] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 200.799769][ T3007] hsr_slave_1: left promiscuous mode [ 200.818543][ T3007] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 200.829779][ T3007] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 200.841532][ T3007] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 200.849110][ T3007] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 200.877257][ T3007] veth1_macvtap: left promiscuous mode [ 200.882960][ T3007] veth0_macvtap: left promiscuous mode [ 200.888562][ T3007] veth1_vlan: left promiscuous mode [ 200.893925][ T3007] veth0_vlan: left promiscuous mode [ 200.971107][ T5900] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 201.151421][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 201.161554][ T5900] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 201.171324][ T5900] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82 [ 201.182959][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 201.205512][ T5900] usb 6-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f [ 201.215065][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.223374][ T5900] usb 6-1: Product: syz [ 201.227716][ T5900] usb 6-1: Manufacturer: syz [ 201.232484][ T5900] usb 6-1: SerialNumber: syz [ 201.240143][ T5900] usb 6-1: config 0 descriptor?? [ 201.248744][ T5900] redrat3 6-1:0.0: Couldn't find all endpoints [ 201.489688][ T5900] usb 6-1: USB disconnect, device number 22 [ 201.569223][ T3007] team0 (unregistering): Port device team_slave_1 removed [ 201.632760][ T3007] team0 (unregistering): Port device team_slave_0 removed [ 202.170554][T10804] lo speed is unknown, defaulting to 1000 [ 202.470038][ T5900] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 202.673693][ T5900] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 202.700486][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.711605][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 202.721400][ T5900] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 202.735484][ T5900] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 202.744727][ T5900] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 202.752987][ T5900] usb 2-1: Manufacturer: syz [ 202.759719][ T5900] usb 2-1: config 0 descriptor?? [ 202.839489][T10804] chnl_net:caif_netlink_parms(): no params data found [ 202.849989][ T5816] Bluetooth: hci1: command tx timeout [ 203.082175][T10804] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.101352][T10804] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.108576][T10804] bridge_slave_0: entered allmulticast mode [ 203.138247][T10804] bridge_slave_0: entered promiscuous mode [ 203.164968][T10804] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.183139][T10804] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.200188][T10804] bridge_slave_1: entered allmulticast mode [ 203.214256][T10804] bridge_slave_1: entered promiscuous mode [ 203.242806][ T5900] appleir 0003:05AC:8243.0023: unknown main item tag 0x0 [ 203.262368][ T5900] appleir 0003:05AC:8243.0023: No inputs registered, leaving [ 203.283241][ T5900] appleir 0003:05AC:8243.0023: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 203.331041][T10804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.367094][T10804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.419147][T10804] team0: Port device team_slave_0 added [ 203.435697][T10804] team0: Port device team_slave_1 added [ 203.463658][T10853] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2153'. [ 203.515320][T10804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.526198][T10804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.555042][ T58] usb 2-1: USB disconnect, device number 28 [ 203.583867][T10804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.613020][T10804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.631205][T10804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.735335][T10804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.822548][T10804] hsr_slave_0: entered promiscuous mode [ 203.828948][T10804] hsr_slave_1: entered promiscuous mode [ 203.835364][T10804] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 203.845092][T10804] Cannot create hsr debugfs directory [ 204.390113][ T5900] usb 6-1: new full-speed USB device number 23 using dummy_hcd [ 204.413941][T10804] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 204.434850][T10804] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 204.447216][T10804] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 204.467027][T10804] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 204.568250][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 204.568266][ T30] audit: type=1400 audit(1747082242.673:767): avc: denied { mount } for pid=10879 comm="syz.1.2167" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 204.591478][T10804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.609262][ T5900] usb 6-1: config 7 has an invalid interface number: 101 but max is 0 [ 204.619078][ T5900] usb 6-1: config 7 has no interface number 0 [ 204.635456][ T5900] usb 6-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b [ 204.645204][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.652605][T10804] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.685262][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.690373][ T30] audit: type=1400 audit(1747082242.783:768): avc: denied { unmount } for pid=5808 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 204.692398][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.694839][ T5900] usb 6-1: Product: syz [ 204.735698][ T3029] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.742842][ T3029] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.753398][ T5900] usb 6-1: Manufacturer: syz [ 204.758032][ T5900] usb 6-1: SerialNumber: syz [ 204.930314][ T5816] Bluetooth: hci1: command tx timeout [ 204.951399][T10804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 204.987756][ T5850] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 205.028276][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.131002][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.179918][ T5850] usb 4-1: Using ep0 maxpacket: 16 [ 205.201654][ T5850] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.219907][ T5850] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.229761][ T5850] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 205.254207][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.260128][ T5850] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.300529][ T5850] usb 4-1: config 0 descriptor?? [ 205.368514][T10804] veth0_vlan: entered promiscuous mode [ 205.389107][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.422625][T10804] veth1_vlan: entered promiscuous mode [ 205.459760][T10804] veth0_macvtap: entered promiscuous mode [ 205.474249][T10804] veth1_macvtap: entered promiscuous mode [ 205.519276][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.533557][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.546345][ T5900] as10x_usb: device has been detected [ 205.553173][ T5900] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 205.560999][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.576046][ T5821] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 205.579859][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.594461][ T5821] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 205.602356][ T5900] usb 6-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 205.612230][ T5821] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 205.620911][ T5821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 205.623466][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.639462][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.654763][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.661919][ T5821] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 205.665283][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.683594][T10804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 205.722302][ T5850] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.0024/input/input45 [ 205.726915][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.747528][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.757922][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.768408][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.779128][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.789673][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.799551][T10804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 205.811399][T10804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.823426][T10804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 205.831277][ T5900] as10x_usb: error during firmware upload part1 [ 205.832326][ T5850] appleir 0003:05AC:8241.0024: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 205.837898][ T5900] Registered device Elgato EyeTV DTT Deluxe [ 205.857097][ T5900] usb 6-1: USB disconnect, device number 23 [ 205.877341][T10804] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.887235][T10804] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.903818][ T5900] Unregistered device Elgato EyeTV DTT Deluxe [ 205.908786][ T5900] as10x_usb: device has been disconnected [ 205.920985][T10804] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.929863][T10804] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.960622][ T12] bridge_slave_1: left allmulticast mode [ 205.966330][ T12] bridge_slave_1: left promiscuous mode [ 205.977125][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.991233][ T12] bridge_slave_0: left allmulticast mode [ 205.996913][ T12] bridge_slave_0: left promiscuous mode [ 206.011962][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.012636][ T10] usb 4-1: USB disconnect, device number 26 [ 206.344544][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 206.354596][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 206.364222][ T12] bond0 (unregistering): Released all slaves [ 206.387140][T10901] lo speed is unknown, defaulting to 1000 [ 206.440034][ T58] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 206.448486][ T12] tipc: Disabling bearer [ 206.477044][ T12] tipc: Left network mode [ 206.520536][ T362] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.523810][ T12] IPVS: stopping backup sync thread 7806 ... [ 206.550345][ T362] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.620045][ T58] usb 3-1: Using ep0 maxpacket: 8 [ 206.664901][ T58] usb 3-1: unable to get BOS descriptor or descriptor too short [ 206.681299][ T58] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 206.729358][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.739369][ T58] usb 3-1: can't read configurations, error -71 [ 206.753063][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.850840][T10928] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2184'. [ 207.032223][ T12] hsr_slave_0: left promiscuous mode [ 207.042859][ T12] hsr_slave_1: left promiscuous mode [ 207.048683][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.055059][T10933] loop2: detected capacity change from 0 to 7 [ 207.068145][T10933] Dev loop2: unable to read RDB block 7 [ 207.069974][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 207.080956][T10933] loop2: unable to read partition table [ 207.088388][T10933] loop2: partition table beyond EOD, truncated [ 207.089165][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.102660][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 207.110061][ T30] audit: type=1400 audit(1747082245.213:769): avc: denied { execute } for pid=10930 comm="syz.5.2185" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=39376 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 207.137257][T10933] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 207.172310][ T12] veth1_macvtap: left promiscuous mode [ 207.177881][ T12] veth0_macvtap: left promiscuous mode [ 207.190331][ T12] veth1_vlan: left promiscuous mode [ 207.195668][ T12] veth0_vlan: left promiscuous mode [ 207.512213][ T30] audit: type=1400 audit(1747082245.613:770): avc: denied { read } for pid=10945 comm="syz.5.2192" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 207.547397][ T30] audit: type=1400 audit(1747082245.623:771): avc: denied { open } for pid=10945 comm="syz.5.2192" path="/302/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 207.730088][ T5816] Bluetooth: hci0: command tx timeout [ 207.789253][ T12] team0 (unregistering): Port device team_slave_1 removed [ 207.821397][ T12] team0 (unregistering): Port device team_slave_0 removed [ 208.191919][T10901] chnl_net:caif_netlink_parms(): no params data found [ 208.256034][T10901] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.263615][T10901] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.270817][T10901] bridge_slave_0: entered allmulticast mode [ 208.278097][T10901] bridge_slave_0: entered promiscuous mode [ 208.285259][T10901] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.293199][T10901] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.300578][T10901] bridge_slave_1: entered allmulticast mode [ 208.307807][T10901] bridge_slave_1: entered promiscuous mode [ 208.338016][T10901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 208.349586][T10901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 208.378677][T10901] team0: Port device team_slave_0 added [ 208.389033][T10901] team0: Port device team_slave_1 added [ 208.419296][T10901] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.426521][T10901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.453175][T10901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.465202][T10901] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.472548][T10901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.499469][T10901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.545720][T10901] hsr_slave_0: entered promiscuous mode [ 208.552254][T10901] hsr_slave_1: entered promiscuous mode [ 208.777620][T10901] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 208.820281][T10901] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 208.833152][T10901] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 208.865747][T10901] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 208.943682][T10901] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.950871][T10901] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.959476][T10901] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.966620][T10901] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.980363][ T92] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 208.988446][T10962] syz.5.2197: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 209.007595][T10962] CPU: 1 UID: 0 PID: 10962 Comm: syz.5.2197 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) [ 209.007622][T10962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 209.007633][T10962] Call Trace: [ 209.007639][T10962] [ 209.007646][T10962] dump_stack_lvl+0x16c/0x1f0 [ 209.007678][T10962] warn_alloc+0x248/0x3a0 [ 209.007700][T10962] ? __pfx_warn_alloc+0x10/0x10 [ 209.007715][T10962] ? __pfx_stack_trace_save+0x10/0x10 [ 209.007741][T10962] ? stack_depot_save_flags+0x28/0xa50 [ 209.007775][T10962] ? kasan_save_stack+0x42/0x60 [ 209.007789][T10962] ? kasan_save_stack+0x33/0x60 [ 209.007803][T10962] ? kasan_save_track+0x14/0x30 [ 209.007817][T10962] ? __kasan_kmalloc+0xaa/0xb0 [ 209.007841][T10962] ? xskq_create+0x52/0x1d0 [ 209.007862][T10962] ? do_sock_setsockopt+0x224/0x470 [ 209.007884][T10962] ? __sys_setsockopt+0x1a0/0x230 [ 209.007900][T10962] ? __x64_sys_setsockopt+0xbd/0x160 [ 209.007923][T10962] __vmalloc_node_range_noprof+0x10ea/0x1540 [ 209.007958][T10962] ? xskq_create+0xfb/0x1d0 [ 209.007985][T10962] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 209.008018][T10962] ? xskq_create+0xfb/0x1d0 [ 209.008040][T10962] vmalloc_user_noprof+0x6b/0x90 [ 209.008072][T10962] ? xskq_create+0xfb/0x1d0 [ 209.008091][T10962] xskq_create+0xfb/0x1d0 [ 209.008116][T10962] xsk_setsockopt+0x640/0x840 [ 209.008138][T10962] ? __pfx_xsk_setsockopt+0x10/0x10 [ 209.008163][T10962] ? selinux_socket_setsockopt+0x6a/0x80 [ 209.008188][T10962] ? __pfx_xsk_setsockopt+0x10/0x10 [ 209.008208][T10962] do_sock_setsockopt+0x224/0x470 [ 209.008230][T10962] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 209.008267][T10962] __sys_setsockopt+0x1a0/0x230 [ 209.008290][T10962] __x64_sys_setsockopt+0xbd/0x160 [ 209.008307][T10962] ? do_syscall_64+0x91/0x260 [ 209.008331][T10962] ? lockdep_hardirqs_on+0x7c/0x110 [ 209.008355][T10962] do_syscall_64+0xcd/0x260 [ 209.008382][T10962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.008399][T10962] RIP: 0033:0x7f72c778e969 [ 209.008414][T10962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.008432][T10962] RSP: 002b:00007f72c8511038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 209.008450][T10962] RAX: ffffffffffffffda RBX: 00007f72c79b5fa0 RCX: 00007f72c778e969 [ 209.008462][T10962] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 209.008473][T10962] RBP: 00007f72c7810ab1 R08: 0000000000000052 R09: 0000000000000000 [ 209.008483][T10962] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.008493][T10962] R13: 0000000000000000 R14: 00007f72c79b5fa0 R15: 00007fffc587dca8 [ 209.008515][T10962] [ 209.008831][T10962] Mem-Info: [ 209.030398][ T5821] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 209.059280][T10962] active_anon:6428 inactive_anon:0 isolated_anon:0 [ 209.059280][T10962] active_file:12929 inactive_file:40669 isolated_file:0 [ 209.059280][T10962] unevictable:768 dirty:461 writeback:0 [ 209.059280][T10962] slab_reclaimable:11428 slab_unreclaimable:104394 [ 209.059280][T10962] mapped:29304 shmem:1360 pagetables:867 [ 209.059280][T10962] sec_pagetables:0 bounce:0 [ 209.059280][T10962] kernel_misc_reclaimable:0 [ 209.059280][T10962] free:1316194 free_pcp:2443 free_cma:0 [ 209.073215][ T5821] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 209.099530][T10962] Node 0 active_anon:25812kB inactive_anon:0kB active_file:51628kB inactive_file:162472kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117216kB dirty:1840kB writeback:0kB shmem:3904kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11084kB pagetables:3568kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 209.108393][ T5821] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 209.137095][T10962] Node 1 active_anon:0kB inactive_anon:0kB active_file:88kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 209.143268][ T5821] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 209.157921][T10962] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 209.157974][T10962] lowmem_reserve[]: 0 2484 2486 2486 2486 [ 209.158011][T10962] Node 0 DMA32 free:1338648kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:25788kB inactive_anon:0kB active_file:51628kB inactive_file:160652kB unevictable:1536kB writepending:1836kB present:3129332kB managed:2543908kB mlocked:0kB bounce:0kB free_pcp:10092kB local_pcp:8784kB free_cma:0kB [ 209.166034][ T5821] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 209.178733][T10962] lowmem_reserve[]: [ 209.180170][ T92] usb 4-1: Using ep0 maxpacket: 32 [ 209.204799][T10962] 0 [ 209.246040][ T92] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 209.260841][T10962] 0 [ 209.263972][ T92] usb 4-1: config 0 has no interface number 0 [ 209.277601][T10962] 1 [ 209.294957][ T92] usb 4-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=6c.d5 [ 209.336802][ C0] vkms_vblank_simulate: vblank timer overrun [ 209.337878][T10962] 1 [ 209.344314][ T92] usb 4-1: New USB device strings: Mfr=208, Product=45, SerialNumber=3 [ 209.377610][ C0] vkms_vblank_simulate: vblank timer overrun [ 209.416379][ C0] vkms_vblank_simulate: vblank timer overrun [ 209.468513][T10962] 1 [ 209.492409][ T92] usb 4-1: Product: syz [ 209.560356][T10962] [ 209.563703][ T92] usb 4-1: Manufacturer: syz [ 209.567010][T10962] Node 0 [ 209.570443][ T92] usb 4-1: SerialNumber: syz [ 209.572253][ T92] usb 4-1: config 0 descriptor?? [ 209.578990][T10962] Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:24kB inactive_anon:0kB active_file:0kB inactive_file:1820kB unevictable:0kB writepending:4kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:28kB free_cma:0kB [ 209.623461][T10962] lowmem_reserve[]: 0 0 0 0 0 [ 209.628628][T10962] Node 1 Normal free:3910056kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:88kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 209.636005][T10974] input input46: cannot allocate more than FF_MAX_EFFECTS effects [ 209.657529][ C1] vkms_vblank_simulate: vblank timer overrun [ 209.671331][T10962] lowmem_reserve[]: 0 0 0 0 0 [ 209.677018][T10962] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 209.682735][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.709052][T10962] Node 0 DMA32: 136*4kB (UME) 65*8kB (E) 123*16kB (UME) 247*32kB (ME) 195*64kB (UME) 72*128kB (UME) 103*256kB (UME) 83*512kB (UME) 27*1024kB (UME) 14*2048kB (UM) 288*4096kB (UM) = 1337464kB [ 209.747927][ T362] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.755712][T10962] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB [ 209.771266][ T362] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.785057][T10962] Node 1 Normal: 228*4kB (UME) 61*8kB (UME) 33*16kB (UME) 209*32kB (UME) 110*64kB (UME) 27*128kB (UME) 13*256kB (UME) 7*512kB (UME) 3*1024kB (UME) 1*2048kB (E) 947*4096kB (M) = 3910056kB [ 209.804520][T10962] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 209.814959][T10962] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 209.824357][ T5821] Bluetooth: hci0: command tx timeout [ 209.834340][T10962] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 209.846328][T10962] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 209.856219][T10962] 54956 total pagecache pages [ 209.866913][T10962] 0 pages in swap cache [ 209.871655][T10962] Free swap = 124996kB [ 209.875893][T10962] Total swap = 124996kB [ 209.878634][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.893212][T10962] 2097051 pages RAM [ 209.894827][ T92] sierra 4-1:0.153: Sierra USB modem converter detected [ 209.897635][T10962] 0 pages HighMem/MovableOnly [ 209.909408][T10976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2203'. [ 209.920074][ T92] usb 4-1: USB disconnect, device number 27 [ 209.926948][ T92] sierra 4-1:0.153: device disconnected [ 209.927417][T10965] lo speed is unknown, defaulting to 1000 [ 209.935981][T10962] 428968 pages reserved [ 209.942795][T10962] 0 pages cma reserved [ 209.944680][T10976] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2203'. [ 209.994958][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.040978][T10976] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 210.049721][T10976] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 210.059293][T10976] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 210.068773][T10976] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 210.115487][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.200623][ T30] audit: type=1400 audit(1747082248.313:772): avc: denied { getopt } for pid=10981 comm="syz.2.2206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 210.206702][T10901] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.267697][ T30] audit: type=1326 audit(1747082248.373:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.302324][T10901] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.308976][ T30] audit: type=1326 audit(1747082248.413:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.335014][ T30] audit: type=1326 audit(1747082248.413:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.361575][ T30] audit: type=1326 audit(1747082248.413:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.396789][ T54] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.403900][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.424254][ T30] audit: type=1326 audit(1747082248.413:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.432453][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.454780][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.464690][ T30] audit: type=1326 audit(1747082248.413:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.488047][ C1] vkms_vblank_simulate: vblank timer overrun [ 210.539302][ T30] audit: type=1326 audit(1747082248.413:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.563535][ T30] audit: type=1326 audit(1747082248.443:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.587807][ T30] audit: type=1326 audit(1747082248.493:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10983 comm="syz.2.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe384b8e969 code=0x7ffc0000 [ 210.765166][ T12] bridge_slave_1: left allmulticast mode [ 210.775415][ T12] bridge_slave_1: left promiscuous mode [ 210.792337][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.804359][ T12] bridge_slave_0: left allmulticast mode [ 210.822477][ T12] bridge_slave_0: left promiscuous mode [ 210.828186][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.160102][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 211.172863][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 211.182839][ T12] bond0 (unregistering): Released all slaves [ 211.267041][T10965] chnl_net:caif_netlink_parms(): no params data found [ 211.335819][ T5821] Bluetooth: hci1: command tx timeout [ 211.351621][T11006] GUP no longer grows the stack in syz.2.2214 (11006): 200000004000-200000008000 (200000002000) [ 211.376835][T11006] CPU: 1 UID: 0 PID: 11006 Comm: syz.2.2214 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) [ 211.376865][T11006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 211.376876][T11006] Call Trace: [ 211.376881][T11006] [ 211.376889][T11006] dump_stack_lvl+0x16c/0x1f0 [ 211.376909][T11006] gup_vma_lookup+0x1d2/0x220 [ 211.376924][T11006] __get_user_pages+0x234/0x36f0 [ 211.376946][T11006] ? __pfx___get_user_pages+0x10/0x10 [ 211.376969][T11006] get_user_pages_remote+0x258/0xb20 [ 211.376986][T11006] ? __pfx_mtree_load+0x10/0x10 [ 211.377002][T11006] ? __pfx_get_user_pages_remote+0x10/0x10 [ 211.377023][T11006] __access_remote_vm+0x233/0x9d0 [ 211.377039][T11006] ? __pfx___access_remote_vm+0x10/0x10 [ 211.377058][T11006] proc_pid_cmdline_read+0x4de/0x900 [ 211.377076][T11006] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 211.377093][T11006] ? rw_verify_area+0xcf/0x680 [ 211.377109][T11006] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 211.377125][T11006] vfs_readv+0x6bf/0x8a0 [ 211.377143][T11006] ? __pfx_vfs_readv+0x10/0x10 [ 211.377159][T11006] ? kmem_cache_free+0x2d4/0x4d0 [ 211.377188][T11006] ? __fget_files+0x20e/0x3c0 [ 211.377201][T11006] ? do_preadv+0x1af/0x270 [ 211.377215][T11006] do_preadv+0x1af/0x270 [ 211.377229][T11006] ? __pfx_do_preadv+0x10/0x10 [ 211.377243][T11006] ? rcu_is_watching+0x12/0xc0 [ 211.377261][T11006] do_syscall_64+0xcd/0x260 [ 211.377277][T11006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.377288][T11006] RIP: 0033:0x7fe384b8e969 [ 211.377297][T11006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.377307][T11006] RSP: 002b:00007fe38596f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 211.377318][T11006] RAX: ffffffffffffffda RBX: 00007fe384db5fa0 RCX: 00007fe384b8e969 [ 211.377324][T11006] RDX: 0000000000000001 RSI: 0000200000000d00 RDI: 0000000000000003 [ 211.377331][T11006] RBP: 00007fe384c10ab1 R08: 0000000000000200 R09: 0000000000000000 [ 211.377337][T11006] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 211.377344][T11006] R13: 0000000000000000 R14: 00007fe384db5fa0 R15: 00007ffff2afe4f8 [ 211.377359][T11006] [ 211.597460][ C1] vkms_vblank_simulate: vblank timer overrun [ 211.645531][T11011] Bluetooth: MGMT ver 1.23 [ 211.650800][T11011] Bluetooth: hci0: expected 2 bytes, got 7 bytes [ 211.749309][T10901] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 211.890870][ T5821] Bluetooth: hci0: command tx timeout [ 211.973412][T10965] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.006019][T10965] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.038857][T10965] bridge_slave_0: entered allmulticast mode [ 212.090919][T10965] bridge_slave_0: entered promiscuous mode [ 212.118996][T10965] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.149405][T10965] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.176514][T10965] bridge_slave_1: entered allmulticast mode [ 212.234597][T10965] bridge_slave_1: entered promiscuous mode [ 212.311940][ T12] hsr_slave_0: left promiscuous mode [ 212.323804][ T12] hsr_slave_1: left promiscuous mode [ 212.340515][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.347921][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.366128][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 212.379708][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 212.424162][ T12] veth1_macvtap: left promiscuous mode [ 212.442173][ T12] veth0_macvtap: left promiscuous mode [ 212.447795][ T12] veth1_vlan: left promiscuous mode [ 212.472876][ T12] veth0_vlan: left promiscuous mode [ 212.895352][ T12] team0 (unregistering): Port device team_slave_1 removed [ 212.928999][ T12] team0 (unregistering): Port device team_slave_0 removed [ 213.253681][T10965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 213.276241][T10965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.365442][T11069] netlink: 'syz.3.2236': attribute type 13 has an invalid length. [ 213.368833][T10965] team0: Port device team_slave_0 added [ 213.385122][T10965] team0: Port device team_slave_1 added [ 213.410063][ T5821] Bluetooth: hci1: command tx timeout [ 213.427108][T11069] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 213.439491][T11069] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 213.450854][T11069] gretap1: entered promiscuous mode [ 213.457170][T11069] gretap1: entered allmulticast mode [ 213.554324][T10965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.583554][T10965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.609441][ C1] vkms_vblank_simulate: vblank timer overrun [ 213.628011][T10965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.644279][T10965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.657313][T10965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.684183][T10965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.788030][T10965] hsr_slave_0: entered promiscuous mode [ 213.808178][T10965] hsr_slave_1: entered promiscuous mode [ 213.874302][T10965] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.900317][T10965] Cannot create hsr debugfs directory [ 213.922885][T10901] veth0_vlan: entered promiscuous mode [ 213.977898][ T5821] Bluetooth: hci0: command tx timeout [ 214.122243][T10901] veth1_vlan: entered promiscuous mode [ 214.470599][T10901] veth0_macvtap: entered promiscuous mode [ 214.546059][T10901] veth1_macvtap: entered promiscuous mode [ 214.579642][T11111] input: syz0 as /devices/virtual/input/input47 [ 214.607059][T10901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.622756][T10901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.634707][T10901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.649011][T10901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.663026][T10901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.674123][T10901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.685866][T10901] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 214.767529][T10901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.792250][T10901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.802507][T10901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.813020][T10901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.827236][T10901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.837750][T10901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.849360][T10901] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 214.873041][T11120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2255'. [ 214.906323][T10901] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.915621][T10901] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.930063][T10901] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.945891][T10901] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.178883][ T3007] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 215.209799][ T3007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 215.253681][ T5859] usb 6-1: new full-speed USB device number 24 using dummy_hcd [ 215.338587][ T3029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 215.353220][T11137] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 215.362133][ T3029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 215.364620][T10965] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 215.394042][T10965] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 215.426494][T10965] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 215.448704][ T5859] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 215.463426][ T5859] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 215.472839][ T5859] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.484519][ T5859] usb 6-1: config 0 descriptor?? [ 215.491459][ T5821] Bluetooth: hci1: command tx timeout [ 215.493083][T10965] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 215.506435][T11126] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 215.652142][T10965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.711718][T10965] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.728474][ T3029] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.735614][ T3029] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.768521][ T54] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.775699][ T54] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.973458][ T5859] elan 0003:04F3:0755.0025: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.5-1/input0 [ 216.105082][T11159] wireguard: wg1: Could not create IPv4 socket [ 216.115686][T10965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 216.197862][ T9] usb 6-1: USB disconnect, device number 24 [ 216.363775][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 216.363790][ T30] audit: type=1400 audit(1747082254.473:792): avc: denied { watch } for pid=11169 comm="syz.3.2273" path="/513/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=2634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 216.432310][ T30] audit: type=1400 audit(1747082254.523:793): avc: denied { watch_sb watch_reads } for pid=11169 comm="syz.3.2273" path="/513/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=2634 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 216.471853][T10965] veth0_vlan: entered promiscuous mode [ 216.491877][T10965] veth1_vlan: entered promiscuous mode [ 216.513410][T10965] veth0_macvtap: entered promiscuous mode [ 216.522920][T10965] veth1_macvtap: entered promiscuous mode [ 216.540756][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 216.552632][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.562599][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 216.573231][ T5900] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 216.581044][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.591317][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 216.601791][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.613132][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 216.623576][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.634754][T10965] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 216.645820][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.656264][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.666461][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.676891][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.686719][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.697506][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.707393][T10965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 216.718096][T10965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 216.729302][T10965] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 216.741375][ T5900] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.756137][ T5900] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 216.766054][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.783875][ T5900] usb 3-1: Product: syz [ 216.788048][ T5900] usb 3-1: Manufacturer: syz [ 216.796409][ T5900] usb 3-1: SerialNumber: syz [ 216.801731][T10965] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.816427][T10965] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.828465][T10965] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.841414][T10965] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.951297][ T30] audit: type=1400 audit(1747082255.063:794): avc: denied { read } for pid=11178 comm="syz.5.2276" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 217.016512][ T30] audit: type=1400 audit(1747082255.083:795): avc: denied { open } for pid=11178 comm="syz.5.2276" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 217.045763][ T30] audit: type=1400 audit(1747082255.083:796): avc: denied { ioctl } for pid=11178 comm="syz.5.2276" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 217.071482][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.079298][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.106331][T11181] netlink: 212376 bytes leftover after parsing attributes in process `syz.6.2277'. [ 217.135797][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.144506][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.434895][T11199] loop2: detected capacity change from 0 to 7 [ 217.445559][T11199] Dev loop2: unable to read RDB block 7 [ 217.464630][T11199] loop2: AHDI p1 p2 p3 [ 217.470636][T11200] pim6reg1: entered promiscuous mode [ 217.476029][T11199] loop2: partition table partially beyond EOD, truncated [ 217.483279][T11200] pim6reg1: entered allmulticast mode [ 217.488806][T11199] loop2: p1 start 1601398130 is beyond EOD, truncated [ 217.501110][T11199] loop2: p2 start 1702059890 is beyond EOD, truncated [ 217.549719][T11205] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 217.572452][T11205] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 217.587272][T11205] overlayfs: failed to get uuid (328/file1, err=-13); falling back to uuid=null. [ 217.847257][T11220] lo: entered promiscuous mode [ 217.855425][T11220] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2294'. [ 217.860579][ T5900] cdc_ncm 3-1:1.0: bind() failure [ 217.869410][T11220] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 217.887956][ T5900] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 217.908173][ T5900] cdc_ncm 3-1:1.1: bind() failure [ 217.929126][ T5900] usb 3-1: USB disconnect, device number 24 [ 217.983816][ T30] audit: type=1326 audit(1747082256.083:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11223 comm="syz.5.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c778e969 code=0x7ffc0000 [ 218.047888][ T30] audit: type=1326 audit(1747082256.083:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11223 comm="syz.5.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c778e969 code=0x7ffc0000 [ 218.110930][ T30] audit: type=1326 audit(1747082256.083:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11223 comm="syz.5.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f72c778e969 code=0x7ffc0000 [ 218.158481][ T30] audit: type=1326 audit(1747082256.083:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11223 comm="syz.5.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c778e969 code=0x7ffc0000 [ 218.220108][ T30] audit: type=1326 audit(1747082256.083:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11223 comm="syz.5.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c778e969 code=0x7ffc0000 [ 218.383696][T11238] gre0: entered promiscuous mode [ 218.396908][T11238] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2302'. [ 218.501341][ T5862] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 218.573311][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.706568][ T5862] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 218.715695][ T5862] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.725571][ T5862] usb 4-1: config 0 descriptor?? [ 218.732068][ T5862] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 218.800041][ T5859] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 218.952280][ T5859] usb 7-1: config 1 interface 0 has no altsetting 0 [ 218.960503][ T5859] usb 7-1: New USB device found, idVendor=05ac, idProduct=0236, bcdDevice= 0.40 [ 218.969776][ T5859] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 218.979927][ T5859] usb 7-1: Product: syz [ 218.984652][ T5859] usb 7-1: Manufacturer: syz [ 218.989422][ T5859] usb 7-1: SerialNumber: syz [ 219.139457][ T5862] cpia1 4-1:0.0: unexpected state after lo power cmd: 00 [ 219.405611][ T5859] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/input/input48 [ 219.541684][ T5862] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 219.565996][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.642584][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.763070][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.772546][ T5850] usb 4-1: USB disconnect, device number 28 [ 219.964005][ T13] bridge_slave_1: left allmulticast mode [ 219.977494][ T13] bridge_slave_1: left promiscuous mode [ 219.994920][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.017710][ T13] bridge_slave_0: left allmulticast mode [ 220.033706][ T5170] bcm5974 7-1:1.0: could not read from device [ 220.039155][ T5862] usb 7-1: USB disconnect, device number 2 [ 220.039961][ T13] bridge_slave_0: left promiscuous mode [ 220.066864][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.131351][ T5816] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 220.141272][ T5816] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 220.149254][ T5816] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 220.157598][ T5816] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 220.170353][ T5816] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 220.599155][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 220.623697][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 220.634887][ T13] bond0 (unregistering): Released all slaves [ 220.675344][T11276] syzkaller1: entered promiscuous mode [ 220.684239][T11276] syzkaller1: entered allmulticast mode [ 220.869921][ T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 220.872000][T11265] lo speed is unknown, defaulting to 1000 [ 221.054686][ T9] usb 7-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 221.073759][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.091149][ T9] usb 7-1: Product: syz [ 221.101928][ T9] usb 7-1: Manufacturer: syz [ 221.118685][ T9] usb 7-1: SerialNumber: syz [ 221.132802][ T9] usb 7-1: config 0 descriptor?? [ 221.383695][ T9] cx82310_eth 7-1:0.0: probe with driver cx82310_eth failed with error -22 [ 221.499352][ T13] hsr_slave_0: left promiscuous mode [ 221.516102][ T13] hsr_slave_1: left promiscuous mode [ 221.526193][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 221.539944][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 221.555675][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 221.569876][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 221.600254][ T13] veth1_macvtap: left promiscuous mode [ 221.605804][ T13] veth0_macvtap: left promiscuous mode [ 221.620431][ T13] veth1_vlan: left promiscuous mode [ 221.630038][ T13] veth0_vlan: left promiscuous mode [ 221.801958][ T9] cxacru 7-1:0.0: usbatm_usb_probe: bind failed: -19! [ 222.015906][ T5862] usb 7-1: USB disconnect, device number 3 [ 222.212711][ T5821] Bluetooth: hci1: command tx timeout [ 222.339730][ T13] team0 (unregistering): Port device team_slave_1 removed [ 222.373637][ T13] team0 (unregistering): Port device team_slave_0 removed [ 222.755904][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 222.755918][ T30] audit: type=1400 audit(1747082260.863:808): avc: denied { getopt } for pid=11340 comm="syz.6.2345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 222.781837][ C0] vkms_vblank_simulate: vblank timer overrun [ 222.905716][T11265] chnl_net:caif_netlink_parms(): no params data found [ 223.162298][T11265] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.179684][T11265] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.191383][T11265] bridge_slave_0: entered allmulticast mode [ 223.211194][T11265] bridge_slave_0: entered promiscuous mode [ 223.232036][T11265] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.239160][T11265] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.275209][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2354'. [ 223.285140][T11265] bridge_slave_1: entered allmulticast mode [ 223.297661][T11367] openvswitch: netlink: Missing key (keys=40, expected=100) [ 223.305714][T11265] bridge_slave_1: entered promiscuous mode [ 223.465360][T11265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 223.501386][T11265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 223.530903][T11368] lo speed is unknown, defaulting to 1000 [ 223.557412][T11381] netlink: 'syz.6.2361': attribute type 29 has an invalid length. [ 223.591252][T11381] netlink: 'syz.6.2361': attribute type 29 has an invalid length. [ 223.618879][T11265] team0: Port device team_slave_0 added [ 223.626333][T11381] netlink: 500 bytes leftover after parsing attributes in process `syz.6.2361'. [ 223.632150][T11265] team0: Port device team_slave_1 added [ 223.638177][T11381] unsupported nla_type 58 [ 223.679905][ T5859] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 223.732727][T11265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 223.739693][T11265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.765563][ C0] vkms_vblank_simulate: vblank timer overrun [ 223.780067][ T9] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 223.809920][T11265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 223.826715][T11265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 223.839981][T11265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.865858][ C0] vkms_vblank_simulate: vblank timer overrun [ 223.874391][T11265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 223.890961][ T5859] usb 3-1: Using ep0 maxpacket: 32 [ 223.897680][ T5859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 223.909077][ T5859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 223.919045][ T5859] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 223.928199][ T5859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.938897][ T5859] usb 3-1: config 0 descriptor?? [ 223.951555][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 223.959277][ T9] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 223.971053][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 223.973821][T11265] hsr_slave_0: entered promiscuous mode [ 223.989484][T11265] hsr_slave_1: entered promiscuous mode [ 223.997062][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 224.002009][T11265] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 224.007357][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 224.016170][T11265] Cannot create hsr debugfs directory [ 224.025356][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 224.043440][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 224.052651][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.276554][ T9] usb 6-1: usb_control_msg returned -32 [ 224.285194][ T9] usbtmc 6-1:16.0: can't read capabilities [ 224.294454][ T5821] Bluetooth: hci1: command tx timeout [ 224.386079][ T5859] savu 0003:1E7D:2D5A.0026: hiddev1,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 224.447893][ T30] audit: type=1326 audit(1747082262.553:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.3.2368" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18d1d8e969 code=0x0 [ 224.528797][T11401] IPVS: Error connecting to the multicast addr [ 224.567551][ T5862] usb 3-1: USB disconnect, device number 25 [ 224.630044][T11265] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 224.639349][T11265] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 224.648911][T11265] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 224.672406][T11265] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 224.726009][T11265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.745242][T11265] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.756177][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.763302][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.781372][ T3029] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.788460][ T3029] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.014645][T11265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.224441][T11265] veth0_vlan: entered promiscuous mode [ 225.235669][T11265] veth1_vlan: entered promiscuous mode [ 225.258680][T11265] veth0_macvtap: entered promiscuous mode [ 225.268651][T11265] veth1_macvtap: entered promiscuous mode [ 225.281372][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.293676][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.303787][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.315500][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.325371][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.337525][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.348995][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.370974][ T5900] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 225.372428][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.390818][T11265] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 225.403105][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.414638][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.425620][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.436376][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.456751][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.470292][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.481864][T11265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.492822][T11265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.504065][T11265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 225.517278][T11265] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.526070][T11265] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.530124][ T5900] usb 3-1: Using ep0 maxpacket: 8 [ 225.536784][T11265] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.548911][T11265] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.554794][ T5900] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 225.575476][ T5900] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 225.586497][ T5900] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 225.621481][ T5900] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 225.646104][ T5900] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 225.680020][ T5900] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 225.691365][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.700593][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.714328][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.754798][ T3029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.764453][ T3029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.851789][ T30] audit: type=1400 audit(1747082263.963:810): avc: denied { create } for pid=11438 comm="syz.3.2380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 225.876211][ T30] audit: type=1400 audit(1747082263.963:811): avc: denied { bind } for pid=11438 comm="syz.3.2380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 225.946493][ T5900] usb 3-1: usb_control_msg returned -32 [ 225.955106][ T5900] usbtmc 3-1:16.0: can't read capabilities [ 226.007775][T11445] Bluetooth: hci1: Frame reassembly failed (-84) [ 226.015391][ T3029] Bluetooth: hci1: Frame reassembly failed (-84) [ 226.527416][ T10] usb 6-1: USB disconnect, device number 25 [ 226.900122][ T10] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 227.049922][ T10] usb 6-1: Using ep0 maxpacket: 32 [ 227.056902][ T10] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 227.069279][ T10] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 227.079773][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 227.087856][ T10] usb 6-1: Product: syz [ 227.092304][ T10] usb 6-1: Manufacturer: syz [ 227.096897][ T10] usb 6-1: SerialNumber: syz [ 227.111635][ T10] usb 6-1: config 0 descriptor?? [ 227.117112][T11450] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 227.132576][ T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 227.157648][ T30] audit: type=1400 audit(1747082265.263:812): avc: denied { write } for pid=11454 comm="syz.6.2387" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 227.272343][ T3007] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.379287][ T5900] usb 6-1: USB disconnect, device number 26 [ 228.050261][ T5821] Bluetooth: hci1: Entering manufacturer mode failed (-110) [ 228.058280][ T5816] Bluetooth: hci1: command 0xfc11 tx timeout [ 228.144254][ T10] usb 3-1: USB disconnect, device number 26 [ 228.502747][ T3007] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 228.580343][T11468] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2391'. [ 228.602090][T11468] netlink: 'syz.6.2391': attribute type 5 has an invalid length. [ 228.794697][ T30] audit: type=1400 audit(1747082266.903:813): avc: denied { getopt } for pid=11476 comm="syz.5.2395" lport=39575 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 228.845065][ T3007] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 228.881075][T11482] tun0: tun_chr_ioctl cmd 1074025675 [ 228.896630][T11482] tun0: persist enabled [ 228.942375][ T3007] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 228.979238][T11482] tun0: tun_chr_ioctl cmd 1074025675 [ 228.998048][T11482] tun0: persist enabled [ 229.013641][ T5816] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 229.024831][ T5816] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 229.031408][ T10] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 229.040309][ T5816] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 229.051956][ T5816] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 229.066792][ T5816] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 229.160530][ T5861] kernel read not supported for file /swradio2 (pid: 5861 comm: kworker/1:3) [ 229.185792][T11490] lo speed is unknown, defaulting to 1000 [ 229.198802][ T3007] bridge_slave_1: left allmulticast mode [ 229.205063][ T3007] bridge_slave_1: left promiscuous mode [ 229.210848][ T3007] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.212067][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 229.240705][ T3007] bridge_slave_0: left allmulticast mode [ 229.256517][ T3007] bridge_slave_0: left promiscuous mode [ 229.257573][ T10] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 229.269864][ T3007] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.298653][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.328130][ T10] usb 4-1: config 0 descriptor?? [ 229.420033][ T9] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 229.552849][ T10] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 229.564484][ T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 229.574377][ T10] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 229.582174][ T9] usb 7-1: Using ep0 maxpacket: 8 [ 229.587235][ T10] usb 4-1: media controller created [ 229.593675][ T9] usb 7-1: config 0 has no interfaces? [ 229.606377][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 229.625944][ T9] usb 7-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 229.635595][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.658884][ T9] usb 7-1: Product: syz [ 229.668053][ T9] usb 7-1: Manufacturer: syz [ 229.676334][ T9] usb 7-1: SerialNumber: syz [ 229.689277][ T9] usb 7-1: config 0 descriptor?? [ 229.726702][ T3007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 229.737669][ T3007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 229.747389][ T3007] bond0 (unregistering): Released all slaves [ 229.753527][ T10] az6027: usb out operation failed. (-71) [ 229.764989][ T10] az6027: usb out operation failed. (-71) [ 229.771137][ T10] stb0899_attach: Driver disabled by Kconfig [ 229.771314][T11504] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 229.777153][ T10] az6027: no front-end attached [ 229.777153][ T10] [ 229.801831][ T10] az6027: usb out operation failed. (-71) [ 229.807561][ T10] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 229.820267][ T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input49 [ 229.860721][ T10] dvb-usb: schedule remote query interval to 400 msecs. [ 229.867696][ T10] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 229.882360][ T10] usb 4-1: USB disconnect, device number 29 [ 229.962282][ T9] usb 7-1: USB disconnect, device number 4 [ 230.002303][ T10] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 230.084280][T11515] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2409'. [ 230.316250][T11524] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2413'. [ 230.349269][T11490] chnl_net:caif_netlink_parms(): no params data found [ 230.589949][ T30] audit: type=1400 audit(1747082268.693:814): avc: denied { append } for pid=11537 comm="syz.5.2419" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 230.711476][T11490] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.726239][T11490] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.756387][T11490] bridge_slave_0: entered allmulticast mode [ 230.771695][T11490] bridge_slave_0: entered promiscuous mode [ 230.787132][ T3007] hsr_slave_0: left promiscuous mode [ 230.796226][ T3007] hsr_slave_1: left promiscuous mode [ 230.803606][ T3007] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 230.812061][ T3007] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 230.820815][ T3007] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 230.828252][ T3007] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 230.868581][ T3007] veth1_macvtap: left promiscuous mode [ 230.876925][ T3007] veth0_macvtap: left promiscuous mode [ 230.890338][ T3007] veth1_vlan: left promiscuous mode [ 230.897875][ T3007] veth0_vlan: left promiscuous mode [ 230.934313][ T5861] hid-generic 0000:0004:0009.0027: unknown main item tag 0x0 [ 230.951389][ T5861] hid-generic 0000:0004:0009.0027: unknown main item tag 0x0 [ 230.982380][ T5861] hid-generic 0000:0004:0009.0027: unknown main item tag 0x0 [ 231.002921][ T5861] hid-generic 0000:0004:0009.0027: hidraw0: HID v0.04 Device [syz0] on syz1 [ 231.090181][ T5816] Bluetooth: hci1: command tx timeout [ 231.522056][T11572] overlayfs: unescaped trailing colons in lowerdir mount option. [ 231.555760][ T3007] team0 (unregistering): Port device team_slave_1 removed [ 231.612127][ T3007] team0 (unregistering): Port device team_slave_0 removed [ 232.248500][T11490] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.262751][T11490] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.274481][T11490] bridge_slave_1: entered allmulticast mode [ 232.283033][T11490] bridge_slave_1: entered promiscuous mode [ 232.290761][T11601] tipc: Started in network mode [ 232.295913][T11601] tipc: Node identity ac141425, cluster identity 4711 [ 232.324003][T11601] tipc: New replicast peer: 0.0.0.0 [ 232.331890][T11601] tipc: Enabled bearer , priority 10 [ 232.378251][T11602] tipc: New replicast peer: 172.20.20.170 [ 232.395541][T11490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 232.437281][T11490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 232.584379][T11490] team0: Port device team_slave_0 added [ 232.614156][T11490] team0: Port device team_slave_1 added [ 232.667488][ T30] audit: type=1400 audit(1747082270.773:815): avc: denied { mount } for pid=11624 comm="syz.6.2451" name="/" dev="rpc_pipefs" ino=42954 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 232.704952][ T30] audit: type=1400 audit(1747082270.783:816): avc: denied { watch } for pid=11624 comm="syz.6.2451" path="/50/file0" dev="rpc_pipefs" ino=42954 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1 [ 232.729399][ T30] audit: type=1400 audit(1747082270.783:817): avc: denied { unmount } for pid=11624 comm="syz.6.2451" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 232.800768][T11490] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 232.819898][T11490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 232.863714][T11490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 232.876221][T11490] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 232.883257][T11490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 232.901457][ T58] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 232.909968][T11490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 233.053452][T11490] hsr_slave_0: entered promiscuous mode [ 233.065843][T11490] hsr_slave_1: entered promiscuous mode [ 233.072476][T11490] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 233.084385][T11490] Cannot create hsr debugfs directory [ 233.111867][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 233.123352][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 233.153621][ T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 233.170410][ T5816] Bluetooth: hci1: command 0x041b tx timeout [ 233.205189][ T58] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 233.237522][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.289725][ T58] usb 3-1: config 0 descriptor?? [ 233.330387][ T10] tipc: Node number set to 2886997029 [ 233.573474][T11648] tipc: Started in network mode [ 233.585324][T11648] tipc: Node identity 4, cluster identity 4711 [ 233.605647][T11648] tipc: Node number set to 4 [ 233.720471][ T58] plantronics 0003:047F:FFFF.0028: No inputs registered, leaving [ 233.748292][ T58] plantronics 0003:047F:FFFF.0028: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 234.051719][ T58] usb 3-1: USB disconnect, device number 27 [ 234.066298][ T30] audit: type=1400 audit(1747082272.173:818): avc: denied { compute_member } for pid=11665 comm="syz.5.2469" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 234.206688][T11490] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 234.218923][T11490] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 234.239570][T11490] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 234.266256][T11490] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 234.303462][T11676] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 234.388135][T11490] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.415572][T11490] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.427924][ T54] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.435082][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state [ 234.455273][ T3029] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.462418][ T3029] bridge0: port 2(bridge_slave_1) entered forwarding state [ 234.464830][ T30] audit: type=1400 audit(1747082272.573:819): avc: denied { listen } for pid=11678 comm="syz.5.2475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 234.662329][T11690] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2478'. [ 234.698051][T11490] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.750956][ T9] usb 4-1: new full-speed USB device number 30 using dummy_hcd [ 234.904204][T11703] lo speed is unknown, defaulting to 1000 [ 234.927512][ T9] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 234.947185][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.969939][ T9] usb 4-1: Product: syz [ 234.974135][ T9] usb 4-1: Manufacturer: syz [ 234.988900][ T9] usb 4-1: SerialNumber: syz [ 235.011590][ T9] usb 4-1: config 0 descriptor?? [ 235.103285][T11490] veth0_vlan: entered promiscuous mode [ 235.125025][T11490] veth1_vlan: entered promiscuous mode [ 235.167374][T11490] veth0_macvtap: entered promiscuous mode [ 235.186364][T11490] veth1_macvtap: entered promiscuous mode [ 235.209363][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.223560][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.234463][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.245843][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.256113][ T5821] Bluetooth: hci1: command 0x041b tx timeout [ 235.262847][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.273726][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.283927][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.304690][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.321364][T11490] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.357615][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.374750][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.398072][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.410187][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.426133][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.446650][ T9] airspy 4-1:0.0: Board ID: 05 [ 235.452104][ T9] airspy 4-1:0.0: Firmware version:  [ 235.453335][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.483695][T11490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.494431][T11490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.505974][T11490] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.548879][T11490] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.565070][T11490] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.577504][T11490] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.586587][T11490] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.701959][ T3029] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.709794][ T3029] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.878239][ T3029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.886648][ T3029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.957376][T11721] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2488'. [ 236.056924][ T9] airspy 4-1:0.0: usb_control_msg() failed -71 request 12 [ 236.099577][ T9] airspy 4-1:0.0: Registered as swradio24 [ 236.119241][ T9] airspy 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 236.164881][ T9] usb 4-1: USB disconnect, device number 30 [ 236.210626][ T5859] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 236.370819][ T5859] usb 6-1: Using ep0 maxpacket: 16 [ 236.378015][ T5859] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 236.394252][ T5859] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 236.404193][ T5859] usb 6-1: config 0 interface 0 has no altsetting 0 [ 236.413774][ T5859] usb 6-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 236.423047][ T5859] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.433827][ T5859] usb 6-1: config 0 descriptor?? [ 236.499388][ T58] kernel write not supported for file /bluetooth/6lowpan_control (pid: 58 comm: kworker/1:1) [ 236.558030][T11732] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 238.620764][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 266.770510][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 321.820983][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 341.619792][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 341.626766][ C0] rcu: 1-...!: (1 GPs behind) idle=1f04/1/0x4000000000000000 softirq=57863/57867 fqs=0 [ 341.637340][ C0] rcu: (detected by 0, t=10502 jiffies, g=42985, q=386 ncpus=2) [ 341.645053][ C0] Sending NMI from CPU 0 to CPUs 1: [ 341.645079][ C1] NMI backtrace for cpu 1 [ 341.645091][ C1] CPU: 1 UID: 0 PID: 11734 Comm: syz.2.2495 Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) [ 341.645108][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 341.645116][ C1] RIP: 0010:taprio_set_budgets+0x181/0x310 [ 341.645139][ C1] Code: 20 49 83 fc 0f 0f 87 6e 01 00 00 4c 89 e8 48 c1 e8 03 42 80 3c 38 00 0f 85 4f 01 00 00 49 69 45 00 e8 03 00 00 31 d2 49 f7 f6 <49> 89 c6 e8 67 53 3a f8 49 83 fc 10 0f 87 e3 00 00 00 be 04 00 00 [ 341.645152][ C1] RSP: 0018:ffffc90000a08d20 EFLAGS: 00000046 [ 341.645163][ C1] RAX: 0000000000000000 RBX: ffff888029738080 RCX: ffffffff8980f26a [ 341.645172][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888029a542e0 [ 341.645180][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100534a85c [ 341.645187][ C1] R10: ffff888029a542e7 R11: 0000000000000000 R12: 0000000000000000 [ 341.645195][ C1] R13: ffff888029738000 R14: 0000000000000190 R15: dffffc0000000000 [ 341.645204][ C1] FS: 0000000000000000(0000) GS:ffff888124adf000(0000) knlGS:0000000000000000 [ 341.645217][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 341.645226][ C1] CR2: 0000001b2ef1cff8 CR3: 0000000062e90000 CR4: 00000000003526f0 [ 341.645235][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 341.645242][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 341.645250][ C1] Call Trace: [ 341.645256][ C1] [ 341.645270][ C1] advance_sched+0x5f6/0xc80 [ 341.645293][ C1] ? __pfx_advance_sched+0x10/0x10 [ 341.645310][ C1] __hrtimer_run_queues+0x202/0xad0 [ 341.645328][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 341.645341][ C1] ? read_tsc+0x9/0x20 [ 341.645361][ C1] hrtimer_interrupt+0x397/0x8e0 [ 341.645381][ C1] __sysvec_apic_timer_interrupt+0x108/0x3f0 [ 341.645397][ C1] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 341.645415][ C1] [ 341.645419][ C1] [ 341.645424][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 341.645438][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 341.645452][ C1] Code: 26 5c 55 00 48 89 df 5b e9 7d b8 5a 00 be 03 00 00 00 5b e9 72 bd 15 03 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 34 24 65 48 8b 15 e8 c9 e8 11 65 8b 05 f9 c9 e8 [ 341.645464][ C1] RSP: 0018:ffffc9000449f818 EFLAGS: 00000293 [ 341.645474][ C1] RAX: 0000000000000000 RBX: ffffea00016bce00 RCX: ffffffff820e13c8 [ 341.645482][ C1] RDX: ffff88807bd48000 RSI: ffffffff8206e23f RDI: ffffea00016bce00 [ 341.645490][ C1] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 341.645498][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 341.645505][ C1] R13: ffffc9000449f9a8 R14: dffffc0000000000 R15: ffff88807fc00140 [ 341.645517][ C1] ? folio_remove_rmap_ptes+0x138/0x970 [ 341.645536][ C1] ? unmap_page_range+0x1aaf/0x4320 [ 341.645554][ C1] const_folio_flags.constprop.0+0xa/0x70 [ 341.645568][ C1] unmap_page_range+0x1ab7/0x4320 [ 341.645591][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 341.645610][ C1] ? uprobe_munmap+0x20/0x5c0 [ 341.645627][ C1] unmap_single_vma+0x194/0x2a0 [ 341.645644][ C1] unmap_vmas+0x22c/0x490 [ 341.645661][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 341.645677][ C1] ? mas_next_slot+0x12d3/0x21b0 [ 341.645701][ C1] exit_mmap+0x1b9/0xb90 [ 341.645720][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 341.645739][ C1] ? __lock_acquire+0xaa4/0x1ba0 [ 341.645766][ C1] __mmput+0x12a/0x410 [ 341.645783][ C1] mmput+0x62/0x70 [ 341.645798][ C1] do_exit+0x9d1/0x2c30 [ 341.645818][ C1] ? __pfx_do_exit+0x10/0x10 [ 341.645835][ C1] ? preempt_schedule_thunk+0x16/0x30 [ 341.645850][ C1] do_group_exit+0xd3/0x2a0 [ 341.645869][ C1] __x64_sys_exit_group+0x3e/0x50 [ 341.645887][ C1] x64_sys_call+0x1530/0x1730 [ 341.645904][ C1] do_syscall_64+0xcd/0x260 [ 341.645923][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.645935][ C1] RIP: 0033:0x7fe384b8e969 [ 341.645945][ C1] Code: Unable to access opcode bytes at 0x7fe384b8e93f. [ 341.645951][ C1] RSP: 002b:00007ffff2afe858 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 341.645962][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe384b8e969 [ 341.645971][ C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 341.645979][ C1] RBP: 00007ffff2afe8bc R08: 00000005f2afe94f R09: 00000000000927c0 [ 341.645987][ C1] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000023c [ 341.645995][ C1] R13: 00000000000927c0 R14: 0000000000039bfb R15: 00007ffff2afe910 [ 341.646009][ C1] [ 341.646074][ C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g42985 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 342.102414][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 342.112371][ C0] rcu: RCU grace-period kthread stack dump: [ 342.118243][ C0] task:rcu_preempt state:R running task stack:27608 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 342.131727][ C0] Call Trace: [ 342.134997][ C0] [ 342.137929][ C0] __schedule+0x116f/0x5de0 [ 342.142435][ C0] ? find_held_lock+0x2b/0x80 [ 342.147110][ C0] ? __lock_acquire+0x5ca/0x1ba0 [ 342.152054][ C0] ? __pfx___schedule+0x10/0x10 [ 342.156906][ C0] ? find_held_lock+0x2b/0x80 [ 342.161582][ C0] ? schedule+0x2d7/0x3a0 [ 342.165913][ C0] schedule+0xe7/0x3a0 [ 342.169978][ C0] schedule_timeout+0x123/0x290 [ 342.174829][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 342.180199][ C0] ? __pfx_process_timeout+0x10/0x10 [ 342.185483][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 342.191288][ C0] ? prepare_to_swait_event+0xf5/0x480 [ 342.196752][ C0] rcu_gp_fqs_loop+0x1ea/0xb00 [ 342.201519][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 342.206805][ C0] ? rcu_gp_init+0xc76/0x15a0 [ 342.211484][ C0] ? rcu_gp_cleanup+0x7c1/0xd90 [ 342.216357][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 342.222176][ C0] rcu_gp_kthread+0x270/0x380 [ 342.226872][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 342.232079][ C0] ? rcu_is_watching+0x12/0xc0 [ 342.236843][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 342.242056][ C0] ? __kthread_parkme+0x19e/0x250 [ 342.247086][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 342.252286][ C0] kthread+0x3c2/0x780 [ 342.256357][ C0] ? __pfx_kthread+0x10/0x10 [ 342.260938][ C0] ? __pfx_kthread+0x10/0x10 [ 342.265521][ C0] ? __pfx_kthread+0x10/0x10 [ 342.270105][ C0] ? __pfx_kthread+0x10/0x10 [ 342.274709][ C0] ? rcu_is_watching+0x12/0xc0 [ 342.279483][ C0] ? __pfx_kthread+0x10/0x10 [ 342.284073][ C0] ret_from_fork+0x45/0x80 [ 342.288492][ C0] ? __pfx_kthread+0x10/0x10 [ 342.293077][ C0] ret_from_fork_asm+0x1a/0x30 [ 342.297855][ C0] [ 342.300865][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 342.307177][ C0] CPU: 0 UID: 0 PID: 10901 Comm: syz-executor Not tainted 6.15.0-rc6-syzkaller-00025-g627277ba7c23 #0 PREEMPT(full) [ 342.319407][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 342.329451][ C0] RIP: 0010:smp_call_function_many_cond+0x4aa/0x1290 [ 342.336122][ C0] Code: 0c 00 85 ed 74 48 48 8b 44 24 20 49 89 c4 83 e0 07 49 c1 ec 03 48 89 c5 4d 01 f4 83 c5 03 e8 5d 17 0c 00 f3 90 41 0f b6 04 24 <40> 38 c5 7c 08 84 c0 0f 85 de 0b 00 00 8b 43 08 31 ff 83 e0 01 41 [ 342.355721][ C0] RSP: 0018:ffffc900036378b8 EFLAGS: 00000293 [ 342.361779][ C0] RAX: 0000000000000000 RBX: ffff8880b853f740 RCX: ffffffff81af2ee9 [ 342.369743][ C0] RDX: ffff88802e510000 RSI: ffffffff81af2ec3 RDI: 0000000000000005 [ 342.377703][ C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000 [ 342.385666][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffed10170a7ee9 [ 342.393626][ C0] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff8880b843b040 [ 342.401587][ C0] FS: 000055558994e500(0000) GS:ffff8881249df000(0000) knlGS:0000000000000000 [ 342.410510][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 342.417089][ C0] CR2: 00007f37266e56c0 CR3: 000000006d35f000 CR4: 00000000003526f0 [ 342.425052][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 342.433011][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 342.440973][ C0] Call Trace: [ 342.444244][ C0] [ 342.447181][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 342.452383][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 342.457491][ C0] flush_tlb_mm_range+0x322/0x1780 [ 342.462601][ C0] ? find_held_lock+0x2b/0x80 [ 342.467276][ C0] ? copy_process+0x7947/0x91a0 [ 342.472129][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 342.477678][ C0] ? up_write+0x1b2/0x520 [ 342.482006][ C0] copy_process+0x7961/0x91a0 [ 342.486701][ C0] ? __pfx_copy_process+0x10/0x10 [ 342.491735][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 342.496767][ C0] kernel_clone+0xfc/0x960 [ 342.501183][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 342.506212][ C0] ? cgroup_rstat_updated+0x2a/0xb20 [ 342.511499][ C0] __do_sys_clone+0xce/0x120 [ 342.516087][ C0] ? __pfx___do_sys_clone+0x10/0x10 [ 342.521297][ C0] ? do_user_addr_fault+0x843/0x1370 [ 342.526586][ C0] do_syscall_64+0xcd/0x260 [ 342.531090][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.536974][ C0] RIP: 0033:0x7f37259851d3 [ 342.541383][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 342.560982][ C0] RSP: 002b:00007ffdbdf7cda8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 342.569387][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f37259851d3 [ 342.577347][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 342.585307][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 342.593272][ C0] R10: 000055558994e7d0 R11: 0000000000000246 R12: 0000000000000000 [ 342.601235][ C0] R13: 00000000000927c0 R14: 0000000000039c05 R15: 00007ffdbdf7cf40 [ 342.609213][ C0]