last executing test programs: 10m24.390467592s ago: executing program 32 (id=164): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c) syz_emit_ethernet(0xf77, &(0x7f00000014c0)={@broadcast, @random="f80d8a0d8527", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "8fd0a3", 0xf41, 0x2f, 0x0, @local, @mcast1, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x4, {{0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x7, 0x95}, 0x1, {0x2}}}, {0x8, 0x22eb, 0x3, {{0x1, 0x2, 0x81, 0x3, 0x0, 0x1, 0x3, 0x51}, 0x2, {0x7, 0x3, 0x2, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1}}}, {0x8, 0x6558, 0x2, "3adac338642726818c7090d89d5be77f335169ff9f4edc161aa346972be53b6e28fb0440a87b2fed6a33d10d9d62dc718525681da3c144dc7a635fb081fa5f2a1a64cc3c38a3e3c1ea61254f03bc160b18969c6aaf068b3014a0cc07916b36bf0817bff2ad6e66634c3dcfa83f6d44d4d24b12e6f99c5578013c0a2b9757ca306b01936905db0e43ccb5c1a2004bbf1080b709a2fde0c85395329e9b8c91c0b6bdec330e75bf565cbfcdc3ca9b306f1bd48e02ac8ce2b64d06f91709065fe8ae4a49ab1d6127c44ad571ca13be0aa4cd8c4fe7fb9df595796b35fe194ea66e15193254951d5e425edf225b83802afb2a589a77f693dd0a266ccd91aa4fa29a9551b7eaf232a2df59cb71e54ec9df2f62d9993c7287adb852f95f05432d1a6c5de74404c64c76311a8d90e4c3acca392fa28cb8a8250fec0efef6ec2d0dabd09f1adc2360116afc432aa44cf49535e770af5d22dd86569e7035e573cb806b63193db6065c9dca31ea13a5bff41682042cc0c9150a4422c46807064bc26500b6b96dcb63a08bb7c763a0332eff0dc863a3ef221235cfdfcbab043decfd177e15501d1ac4f44cbf90fd07d710420b38e501a2ac28a266554dfb7176df660b0bdc551539b8117ef992a2c183f67863723e57c0ad5becb6aeb72ae8eab5120beb93d6b665267713a15fe6e32e2a9a662ec038652e289bd79ea29d4005bad6295c69dda9e3ef21a9d813964851c465276c31a33226f757dbe7afc04daebab10b0fc8eed927183d986dd2d22dd48a2ef6bab459aaba60a5d6374d85d43242e834db420aa4ead0241f701a3026b938f96258ab98577f564726e3d46e6dde3c57ceadaf224b72968704acd82ae1c5bd102767eb966aa7b5a6ab79e14c8d593debda51f12c28c50abd86740f2e9cd814e92442713bded5e90661cf9342c7ffe4b0f96cf37d07bb5e4ad9b3a1b60d298cefba2e892ee6b98574fad8efa59ed3dea1ae42f8ee19619ed611ccb89938401f1ed34fdfaea12820b1aed47294dfcbaf8dcf2da2a959541660c7c5f184dfaa8cb65ecbfb148dbf082358dcf4f51982c9b72b27e47d24993c9d5b2efa616b04cf560799783d6bac8f7c045f261a8f5f5acac5101b7beddd44597e9f31843117c179bbafdd543dc022b6322ee63e082beed8d465cfcd8bfe4f7d0419952da730b6c31230069ba51be06401299787feb764889cfdedfd4f417188e9063ca0e0532c0637fe0f89bc87e41d35bdfed18ae608eb2b93c4d2db6f6d021ddd946edd721ce9b6138193b9e16e30cd72820e2588062195f5e18c170236fa705e12bde613f379e5e1dda2db2a99e5a17723d69c80f40d5a1d47c6e4ed16233e2cc2034a5ec8f424b26fb9b72e6ce3f8d535bfa08403841e89094d7a05c8ab68753812c70dcbbc5633d091cc6b89e5409370f5c2cba7a334731b192f51b455e3e9dafbcc29c4d4f01129862a4d3ba2f3a8296cd84a6adb61e3ee8e7723be0d769602e79d86d7bd3d0367db2848cafa0736c9196ee72acc644f8593ba643836579114ca6c32c55506949d35fcb39a271ca6b6d6326206df207c0db07e943d8a3c14c0dfd8c21d8bf4cda1202347994d7099c78a4e9b043715ffede8b0d5c47d8a078f2ca61414ffa5dfec6e8c3c1544396a6268a1205a51c5f81e257d89058da1e8a3a9c75d82687a408e380b6d4a5ddd45cd809c236ac2269404281471b19e917aa2049b59901b7445b4b26d9a93c19d1f78505c874aa34615df977fc2ecf2570804d198b46e28c790c4e823630b2a7bfcb7ff11acbdc42949b1d84d2bb66298e14a7d1f4fba62d1bda102d3b5c5ae2dd38e78cfabcb7316e8ff42e8c8234c6fac4261acf7683d2a419290b797d56ce2e82be1b34c13a7ebdfadc12f3fa892bff9bba9c4fa9d889860631353c28890124c862e4c35eaf17cea12c2ce3951f655170822da02b80d7998ba795d0d1141e9632e503f338de39b0f488efe68a017eda11df9a20f14c0e7f2532aa9d28cf7ab7045985795ece86474ad786ddcb9195dcf980a9858e36d81cc94c3415eee06b6386fa1612ce61e65683dde7a7df634641ae5add3c829a2c0361dc0b0f98ee65b8f4c2ceba445bbae39178f21db9cb09f318e56c2797100b6c8a89879edf2b965da16295a9ed6031da81ddcea595e7c888eba9e120425a2a606eb8c03e61057dabcb8e6fd135c157f198486efe9d804dbefd6d8d797a0ef2685a2b77155ac1c21a46be2e6b07c87c7348e0d957f433ee21afaf3ee7e0969dbbc717a2cb925e92530ef7d756c9dd1fcb379936507186b79ec475358110ada02a5713c0f09db449f7e83e06c45dd1af16826319d1b1b87d8eb4accd617f1cae603eb71d7c862a84eb6bb8be0ccdc780f6d860e8fe108e388c03ab1cb1deaf37d01a9a92b0803d6c014a6ca6c9f3803e98f7c12587ee82b1b771847647eb7daeb0788612513cb66cd2ba43449d7003fa1ae1fce96757718eeebbbf240ffa3ea9b9ba8a4cb371fd61b019930761dca37f9d5ed25227e7a94a10883de87dc065043ace1294935b73cc2550e56c27dc64c37aa2f00feb585a1d17cc153408e2fd05a33ccf22082ab752354403360213ae704051d21795d4704242576039754d843188c1cb170a1aabe3a991a0b9fac4332b38c94bea5e21cbeca70ad0ecc2fce6f8f9db54d482bb6453e086517ff238521c201e85a0532554bf0e1e030d8d582085b83f8ddc97288fe6f03ccfe19eabedcaa94c41bb1805a22a109607f857e5474d97380dad118721b2f0fef87e7b50f67dd8fc478e27dff58edc83681cd25adb19ca308d92069c0d28e4ac7577bf16153ea349586c9c62bb807ea2446435d97e732f4d9c8a1226c2289348313882de8075e4813158085517da5b30b32885a8a4c038d992f84108531cc11aae40a6dfa6cb9818a5ba640691b56a703e11feb1f8782556bdff98c9ce0311da8acf8854ade0a71c2eecebc324aa7b1aa02acd122f1afad9e970e6c17addf3b4fd0a26d57f5ec3568070bcf1e334cf4382c10c44fe9399e1998a5b53af67a8257ab2228444d891324a437202f913515e13daf9f12aba764b859afb14e77ef5cc4c6e0545d4a3ce9908e5d0cb06a1869f6bb7d225499981b0ef1d4d66980529087d5eb234f50285306e6e2e983ec0777624799f28f110d4fcbd381bec19ed770a9a2c6ab3f9e19c3d5a5f53cf198bdd9179e6e6cbb4857d5a66d4f2c6e796fc376051320d6a654b80368aaa906f4e3c4e64f317320660908f23f1e835b11914b7e78d1c05d74db7fa0f2ae6c3ca1a8e4590e63c248e67341e3b06f72a73646fbdb4db9202bc035a223015470a58acced10e9ab9b6fe679b2168e25ee924e4c41e1202077081bc79dd3c0158900b8b56319d6ada8be9ba2cd5eb23cc20be0895b4bfaaad7118694699e174d2b570c723cd6973a51f99f8055064427e29652e67548415eea8617b1c58632b6f7b6729d66605b1ab89876d6599a013008cbeb0432759567c05507262ddab3d4f09534f0009e5305b993dfeedda04e11982ec2f46d8f616a1e135213f5a9d005d709b280b7a0817849b39a2212a19e187d3a609c8ad730892c4866dd1cf057eda94f1083cf42fb836795b01ad593d4801dc53603d24bcd0440dafef5cd80d5bc1ddc48d9c8cc4b9e7f72fa17e459c05c6e3ecaec703bd400c516321a09c8ad779a2aaf216b421faa51075db50e6bc424c1932ebe5001991694a3ce2f8dc89613766b38015873697aaac30ca861cc57d19bbbccc960482444a815771d2d2905f2a5dd62888d3d6be6ca5e94dbff4898a4e90c882a1be8cf1d852f03114343d400592d3e049077f41380dc36c44f5c959fcda495aeec3702c872ae84ac3e60a5d14e3b17e03c5f865ab6aa8fa640c580690fe70fb748acc07c4a061df31281d76f402a63d7d5aa3e017dc9bbb7cc4e5882534ff90e447e80d6d593f083b3a0ffabc8e853ca92455453dec6e082ec0ec52e562aa1a00aa42e1fd3b8bd0320bb75bd0409ccae6619e4c09451e74dc1a002937ebcb4b9836b93f6dd1d8bbded894efd4d07fca3030faa40bc0e6e08c07717dae61499729771554081f75c15b877166e2ab677f2a49f320c37faadd721cce61a6f87fc837fd0452ad81e9f8b49547ac40d3d63b1236fabe78c8e89b900dd98779adc245d64daf68b118b9436ff019d094973d8763b04946a8d6ba9b627d169c293a7797fe5b1976c1c9ca3d39710721e9f865af8c7c3e4ab870d50520af19c68dc2fc5722b360a5d6b3d3ff8445812abc11b594c8ddfe61275e98772f956a8ba069311d82017092888957a803dfe055038c6ec606ea098386e4b69491eb5d00776b3ec864028ad15a9e5ed0d5da0e2b6c38a1ba13f5eaae7b2b3a79aa46fcc0eebc7fe393dc88403d3e765ddf692a6d99d303d6b5904e3dcaa783f9d5e8ba1cc37aea3867a3499d78922eb8af91864c129f69769b492f5bdd5311232a88df8333360b9493e72a473e635f07a58f68904f7b761c550cb6ec49cd33683e50ab0e903d829d4edf76f71fdbfa99381ae5533a249fd909f848447936e41a3a1c3255f9d77322977d41b290e5c9a367ebde5df2dcba9d1f34f2c42302845059fefe10dd96c50ba40ec078dc0ff2a7d7b10e441453eb852b0961cd4bc00183e41ddfcfbb7494675345dfd6c4279facab6cd5702e74497a150152a8a04be59c9ddd39dd3f4cd75d99771690ae7f3f7a8aac4861f438e9328e6c78363c0388b2ed2dd09f19dd341634e00daf4eed0a6b91c7cde0d394f9fd4e47cc901cc8f9e312b4f14fa29973e82eadadab96f9bfcf33e5d376ab48b7936cccf88779d6aa4d898bf47baebca96a20ee2b2c876933532ed1e4afd3d000e2063233238c5ce83b21b5a8a07c1ab71e430e3c24ce22890230d3407fef0ff7b2de497382b7f6bc76a0a99883b473bbb9401f4c4063fef84fa1ab8324f15146ad7c8aae15323bb33bb0365d854672a4f29a2397a0561cfb48e591ab3ef4b3d1e7329ecd3931b4ab82b5b14887e1d6a9b1c2ca6222e605136183fdee6466f90c08179c9c88ad7eb2f219c1f90eaaa61c37d53e8814726a891f1d94ff13d594fc53d9c7b1cf01837460299462d634f0801bf5ff024efa0ff30d086e589ca0df71fcf4334124fdd76429f10c536e5a14a27bfebeda45196460fdc30319f4dc115f7ad2282134904d9e51aa80f65ad1ea011b95e79e5315d8b7701787b750a45076cd600b8ca657c1d2ed9a1ba2c35c43b3a4ce8e82606202aab7944c2342737fe17cae913bf6cc422c6efafaf003fad9385f6627d6ec14d6bf6c1836e5bb131dfa57027f6b29a3751212d8713eb65b0ce5ea84a6d1dc88814368bb28c69cf0cc9ef9ff411fd17d8975299980a04b6c774120b6a985dd153c5dd3a"}}}}}}}, 0x0) 9m56.286042245s ago: executing program 33 (id=400): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000000000000100000001"]) 6m32.667791681s ago: executing program 5 (id=3436): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000ec8402"]) 6m32.402756683s ago: executing program 5 (id=3442): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc222, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x1000, 0x6, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xd, 0x3}}}}}]}}]}}, 0x0) socket$kcm(0x29, 0x2, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x7, {[@main=@item_012={0x1, 0x0, 0x8, '\x00'}, @main=@item_4={0x3, 0x0, 0xa, "6e0e8e8b"}]}}, 0x0}, 0x0) 6m30.5657623s ago: executing program 5 (id=3469): r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000001, 0x12, r0, 0xc3d33000) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c) 6m30.416065046s ago: executing program 5 (id=3473): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x15, &(0x7f0000000180)=0xffffffff, 0x4) 6m30.277539909s ago: executing program 5 (id=3475): r0 = socket$unix(0x1, 0x2, 0x0) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 6m30.167255012s ago: executing program 5 (id=3477): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc) 6m22.695408817s ago: executing program 4 (id=3557): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000000580)=[{{&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000100)=""/230, 0xe6}, {&(0x7f0000000240)=""/200, 0xc8}, {&(0x7f0000000340)=""/175, 0xaf}, {&(0x7f0000000400)=""/53, 0x35}, {&(0x7f0000000440)=""/119, 0x77}], 0x5, &(0x7f0000000540)=""/55, 0x37}}], 0x400000000000222, 0x0, 0x0) recvfrom(r0, 0x0, 0x0, 0x40020042, 0x0, 0x0) 6m22.476388919s ago: executing program 4 (id=3560): sigaltstack(0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x141, 0x8e, 0xe7, 0x18, 0x20, 0x781, 0x100, 0x100, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x75, 0x2, 0x0, 0x84, 0x36, 0xa0}}]}}]}}, 0x0) write$P9_RMKNOD(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) 6m21.050541705s ago: executing program 4 (id=3575): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000480)={0x1d, r1}, 0x10) sendmmsg$inet(r0, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000180)="9f336d70bf0008000000000000e388fb2c4f7ede37e7de1f2a1cfb06b88038c6ffbf07e70873b0384d86a1ceb4e570554ebc8154bf39", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x4000000000000e7, 0x0) 6m20.821359322s ago: executing program 4 (id=3579): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x10000, &(0x7f0000000040)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$cgroup2(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0xa00001, &(0x7f0000000300)={[], [{@smackfsdef={'smackfsdef', 0x3d, '@\xe8%*@\xfb\x8a-'}}]}) 6m20.739753418s ago: executing program 4 (id=3580): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}], {0x14}}, 0x50}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003"], 0x140}}, 0x0) 6m20.304457353s ago: executing program 4 (id=3585): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000003c0)={0x4, 0x1, 0x80, 0x0, 0x7}) 6m19.871728916s ago: executing program 34 (id=3585): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000003c0)={0x4, 0x1, 0x80, 0x0, 0x7}) 6m15.104288648s ago: executing program 35 (id=3477): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc) 5m14.972956161s ago: executing program 7 (id=4389): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x9000, &(0x7f0000000200)={0x0, 0x1, 0x100000}, 0x20) 5m14.920663454s ago: executing program 7 (id=4390): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508) syz_emit_ethernet(0x52, &(0x7f0000000a80)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000ed6a001c2c01fe8000000000000000000000bbff02003b"], 0x0) 5m14.80794514s ago: executing program 7 (id=4391): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xc, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400006c7fb2a4ffdd110000000010007301fe"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x41, 0x3f, 0x5f, 0x20, 0x61d, 0xc150, 0xce6f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x33, 0x0, 0x1, 0x18, 0x70, 0xfd, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x4}}]}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b"]) 5m11.621062241s ago: executing program 7 (id=4427): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 5m11.484369091s ago: executing program 7 (id=4429): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xe9) 5m11.174525143s ago: executing program 7 (id=4431): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000000100)={&(0x7f0000000780)=[0x0, 0x80, 0x8, 0x3, 0x7, 0x3, 0x59be, 0x4, 0x3, 0x4270, 0x7fff, 0x7, 0x6, 0x9, 0xff, 0x8, 0x4, 0x2, 0x4, 0x81, 0x3, 0x8001, 0x4, 0x7, 0xfffffffd, 0x9, 0x4, 0x7, 0x3, 0xc, 0x3ff, 0x9f1, 0x2, 0xfffffffc, 0xff, 0x7fffffff, 0x3, 0x80000001, 0x0, 0x8, 0x46, 0x4, 0x5, 0x400, 0x3, 0x4, 0x3, 0x4, 0x4956b8a3, 0x0, 0x40, 0x4, 0x26626e6, 0x4, 0xee, 0x7, 0x80000000, 0x8, 0x2, 0xc6, 0x8, 0x2825, 0x7, 0xd1, 0x9, 0x6, 0x9, 0x15f8000, 0x84fa, 0xe59, 0x8, 0x4, 0x3, 0xecc, 0xbb, 0x335, 0xa541, 0x8000, 0xffffffff, 0x4, 0xfff, 0x3, 0x2, 0xf, 0x6, 0xad, 0x21c, 0x7ff, 0x4, 0x81, 0x0, 0x4, 0x6, 0xff, 0x4, 0x3, 0x401, 0xa, 0x6, 0x7f, 0xe, 0x0, 0x9, 0x8001, 0x2, 0x2, 0xfffffffc, 0x81, 0x9, 0x46a, 0x8, 0x1, 0x0, 0x5, 0x7fff, 0x249, 0x1, 0x4, 0x2, 0x0, 0x6, 0x5c, 0x2, 0x4, 0x9, 0x4, 0x4, 0x2, 0xffffffff, 0x6e, 0x8fc1, 0x2, 0x9, 0x7ff, 0x8, 0x8, 0x800, 0x7f, 0x5, 0x7, 0x48d5c339, 0x8, 0x1, 0x1a00000, 0x80, 0x7f, 0xfffffffa, 0x0, 0x3, 0x6, 0x2, 0x0, 0x3f, 0xfff, 0x7, 0x9, 0xc00000, 0x5, 0x5, 0x6, 0xe, 0xfffffff7, 0x100, 0x32bf, 0x4, 0x8, 0x7fff, 0xfffeffff, 0x2, 0x3ff, 0x10000, 0x2, 0x7, 0x10001, 0x7, 0x80, 0xfffffffc, 0x5, 0x3, 0xfffffff2, 0x5, 0x1, 0x1, 0x800, 0x1, 0x4, 0x3, 0x1, 0xb, 0x9, 0x3, 0xd8, 0x9, 0x8, 0x0, 0x1, 0xffffffff, 0xc, 0x0, 0x5, 0x2, 0x10001, 0x2, 0x1, 0xb71, 0xffffffff, 0x7, 0x453, 0x2, 0xa, 0x8, 0xa, 0x1, 0x8000, 0x6, 0xfffffffb, 0x6, 0x6, 0x5, 0x7, 0x3, 0x101, 0x7ff, 0x0, 0x5, 0x1, 0x6, 0xc0000000, 0x10000, 0x5, 0x4, 0xffffffff, 0xff, 0x8000, 0x2, 0x8001, 0x1, 0x100, 0x401, 0x7, 0xbfc, 0x0, 0xc, 0x101, 0x7, 0x2, 0x200, 0xa, 0x101, 0x7, 0xfffffffe, 0xe, 0x4, 0x3, 0x5, 0xfa, 0x81, 0xc0000000, 0x249, 0x8, 0x5, 0x1, 0x9, 0x0, 0xe, 0x0, 0xfffffffa, 0x5, 0x5, 0x80000001, 0xfffffff9, 0x10, 0x0, 0xfffffffc, 0x158, 0x5, 0xc3d9, 0xa5a, 0x9, 0x1ff, 0x1, 0x6, 0x10000, 0x2, 0x81, 0x8, 0x8001, 0xea1, 0x9, 0x7, 0x8, 0x140000, 0x13d, 0xfffff9d4, 0x10001, 0x100, 0xffffffff, 0x3, 0x2, 0x0, 0xf49, 0xa, 0xf8600000, 0x0, 0xfffffff9, 0x92cb, 0x2, 0x4, 0x4, 0x1, 0x8, 0x2, 0x0, 0x40, 0xfffffffa, 0x4, 0x0, 0x9, 0xb497, 0xfffffffb, 0x15, 0x3, 0x9, 0x1000, 0x9, 0x8, 0x0, 0x3, 0x8000, 0x5, 0x2, 0x40, 0x7, 0x594, 0xda, 0x4, 0x6, 0xf, 0xd5, 0xd, 0x6, 0x1, 0x3, 0x9a6, 0x4, 0x9, 0xf2c, 0x6c, 0xae, 0x7f, 0x4, 0x8, 0x0, 0x6, 0x5, 0x1, 0x800, 0x9, 0x8, 0x8000, 0x40c1, 0x8001, 0x5, 0x9, 0x0, 0x3, 0x3, 0x5, 0x80, 0x0, 0x1c97, 0x9, 0x1000, 0x7, 0x5, 0x9, 0x3ff, 0xffffda79, 0xfffffff7, 0xb70, 0x9, 0x1240, 0x7, 0x6, 0x752b, 0x400, 0x4, 0x80000001, 0x6, 0x4a94, 0x100, 0xb4, 0x101, 0x9, 0x4d, 0x143e, 0x10001, 0x6, 0x800, 0x8, 0x0, 0xfffffffe, 0xb, 0x5, 0x2, 0x3, 0x1, 0xa, 0xfffffffd, 0x7, 0x8, 0x7ff, 0x6, 0x5, 0x3, 0x1, 0x3f, 0x6, 0x9b6b, 0x6, 0x10, 0x5, 0x6, 0x3, 0xb3a0, 0x69f1, 0x4, 0x6, 0x5, 0xde7, 0x2, 0x7, 0x4, 0x80000000, 0xcc, 0xfce, 0x2, 0xe19, 0x5, 0x9, 0x6, 0x3, 0x4, 0x5, 0x0, 0x1, 0x1000, 0x7, 0x4, 0x80, 0xff, 0x0, 0x9, 0x6, 0xeb, 0x8, 0x1741, 0xb646, 0xbc8, 0x7, 0x0, 0x9, 0x4, 0x2, 0xfffffffa, 0x8000, 0xfffffc94, 0x5, 0x9, 0x0, 0x3, 0x4, 0x7257, 0x1b9b, 0x4, 0x100, 0xa, 0x4, 0x1, 0x8, 0xfffffffb, 0xfffffe00, 0x2, 0x8722, 0x101, 0x7, 0xffffaa9c, 0x7, 0x5, 0x80000000, 0x4, 0xcf08, 0xffffffff, 0x9, 0x401, 0x6, 0xff, 0x3, 0x2, 0x8, 0x3ff, 0x2, 0x7, 0x4, 0xffffffff, 0x0, 0xd4, 0x7, 0xa28b, 0x7d3e87f7, 0x1ff, 0x8, 0xe342, 0x9, 0x7, 0x1, 0x20, 0x7, 0xa, 0x80, 0x3, 0x8, 0x6, 0x0, 0x1, 0x4, 0x81, 0x2b94dbb4, 0x0, 0x7e, 0x5, 0x5, 0x4, 0x100, 0x400, 0x253, 0x4, 0xadd, 0x2, 0x2, 0x0, 0x80, 0x4, 0x7e7, 0x2, 0x2, 0x0, 0x120a, 0x40000000, 0x4e, 0x1, 0x4, 0x2, 0xd, 0x2, 0x2000, 0x7d6, 0x300d, 0xa, 0xb, 0x630a, 0x7, 0x5, 0x0, 0x200, 0x9, 0x8000, 0x7, 0xc3b, 0x4c9c, 0x4, 0xffffffff, 0x2, 0x8, 0xfffffffa, 0x200, 0x1, 0xb72, 0x0, 0x80008000, 0x8, 0x81, 0x0, 0x0, 0x0, 0x4, 0xa4aa, 0x6, 0x7fffffff, 0x6b91, 0x6, 0x2, 0x3, 0x400, 0x0, 0x80000000, 0xd, 0x4, 0x0, 0x1, 0x7fffffff, 0x7, 0x8, 0x5, 0xfffffffe, 0x2, 0xdb2, 0x81, 0x98d6, 0x3, 0xd5ae, 0x206, 0xffffffff, 0x4, 0x63, 0x4, 0x8, 0x2, 0xfff, 0x4, 0x2, 0x0, 0x3f1d, 0x4, 0x9, 0x3ff, 0x940, 0xfffffff8, 0x1, 0xff, 0x0, 0xff, 0x8, 0x8, 0x5c200000, 0x2, 0x10000, 0x9, 0x6, 0x2, 0x6, 0x800, 0x5, 0x7, 0xfffffffe, 0x2, 0x3, 0x2, 0x1000, 0x6, 0x8, 0x0, 0x101, 0xfd, 0xf2, 0x8, 0x3ff, 0x2d, 0xfa, 0xfffffffe, 0x1, 0x10, 0x6, 0x0, 0x8, 0x81, 0x6, 0x7ff, 0x6, 0xfffffffe, 0x3, 0x3, 0x37, 0x8, 0x401, 0xe6, 0x7, 0x8, 0x81, 0x7ff, 0x5, 0x4, 0x8, 0x7, 0x4, 0x800, 0x1, 0x336f, 0x3, 0x0, 0x8000, 0xa2d, 0xfff, 0x50a8, 0x9, 0x2, 0x10000, 0x1000, 0x5, 0x9, 0x4, 0xc9a6, 0x3, 0x4, 0x0, 0xfffffff0, 0x8, 0x3ff, 0xb, 0x9, 0x8, 0x2, 0xffff, 0x3, 0x0, 0xffff, 0xfff, 0x3, 0x8001, 0x5, 0x83, 0x9, 0x6, 0xffffffff, 0x4, 0x9, 0xf3d, 0x6, 0x1, 0x4, 0x36b, 0xa00, 0x300, 0x777, 0xfffffffa, 0x2, 0x7, 0x101, 0xc, 0x7, 0xf9a8, 0xdf, 0xffffffff, 0x1, 0x8, 0x1000, 0x1, 0x5, 0x5, 0x0, 0x60, 0x7, 0x5, 0x8, 0x7, 0x200, 0x81, 0x7ff, 0xd, 0x4, 0x2, 0x8, 0x0, 0x81, 0xac, 0x1, 0x57e, 0x8, 0x80000, 0x8, 0xbc69, 0x6, 0x7, 0x9, 0x1, 0x4, 0x3f6, 0x7, 0x0, 0x8001, 0x3, 0x10000, 0x10001, 0xd, 0x8, 0x9, 0x0, 0x3, 0xfffffffe, 0xfffffffa, 0x1000, 0xfffffffd, 0x40, 0x3, 0x10000, 0x5d3a3577, 0x4, 0xd, 0x1, 0x6, 0x758, 0x7, 0x6da9, 0x4, 0x9, 0xd8db, 0x50, 0xe, 0xa1, 0x6, 0x8, 0xacb, 0xfffffff5, 0xc, 0x2, 0x1000, 0xa9cf, 0x2, 0xffffff9d, 0x1, 0x0, 0x7, 0x0, 0x5, 0x2a5, 0x1, 0x6, 0x54c1, 0x6, 0x8d0, 0x7, 0x9, 0xfffffff9, 0x5, 0x7, 0x400, 0x1, 0x615, 0x6, 0x2, 0x5, 0xd, 0xfffffffe, 0x6, 0x21, 0x5, 0x3, 0x9, 0x8, 0xffff8001, 0x7, 0x7, 0x9, 0x9, 0x7, 0x80000001, 0x101, 0x1, 0xcb, 0x5, 0xffffffff, 0xb4ce, 0x0, 0x0, 0x4, 0x5, 0x8, 0x8, 0x4, 0x99, 0x2, 0x0, 0x5000, 0x4, 0x3, 0x9, 0x1, 0x6, 0x8, 0x1, 0x80000001, 0x9, 0x5, 0x2, 0x0, 0x4, 0x100, 0x7fffffff, 0x674, 0x4, 0x100, 0x8, 0x3, 0x4, 0x5, 0x4a, 0x200, 0x8000, 0x4, 0x60000, 0x2e3e, 0x80, 0xc, 0x4, 0x4, 0x4, 0x1, 0x0, 0x100, 0x101, 0x0, 0x6, 0xffffff80, 0xfc, 0x8, 0x3b2c, 0x800, 0x1, 0x4e, 0xc, 0x4, 0xb528, 0xb1b3, 0x1, 0x13c8, 0x4, 0x6, 0xfffffffb, 0x8a39, 0x1, 0x10000, 0x4, 0x7f, 0x6, 0x1, 0xaae, 0x80000000, 0x2, 0x3, 0x401, 0x3fc, 0x5, 0x3, 0x9, 0x9, 0x8, 0x2, 0x401, 0x0, 0x6, 0x7f, 0x4, 0x71e, 0x81, 0x0, 0x3bc, 0x5, 0x86, 0x2, 0xd4da, 0x0, 0x4, 0x0, 0x9cae, 0x6, 0x3, 0x80000001, 0x3, 0x5, 0x5, 0x2, 0xc, 0x4, 0x30, 0x0, 0xfffffffa, 0x3, 0x6, 0x4, 0x5, 0x4, 0x100, 0x8, 0xeff, 0x6, 0x0, 0x401, 0x10, 0x1, 0x5, 0x9, 0x4788, 0x1, 0x4, 0xd54d, 0x0, 0xfffffffb, 0xc, 0x0, 0x401, 0x5, 0xf, 0x19, 0x8, 0x7, 0xcdb, 0x0, 0x6, 0xc0, 0x925e, 0x6, 0x1, 0x2, 0x0, 0x7, 0x1ff, 0xf, 0x401, 0x80000000, 0xff, 0x8695, 0x9, 0xfffffffd, 0x5], 0x1, 0x400, 0x55fb}) 5m10.754001846s ago: executing program 36 (id=4431): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000000100)={&(0x7f0000000780)=[0x0, 0x80, 0x8, 0x3, 0x7, 0x3, 0x59be, 0x4, 0x3, 0x4270, 0x7fff, 0x7, 0x6, 0x9, 0xff, 0x8, 0x4, 0x2, 0x4, 0x81, 0x3, 0x8001, 0x4, 0x7, 0xfffffffd, 0x9, 0x4, 0x7, 0x3, 0xc, 0x3ff, 0x9f1, 0x2, 0xfffffffc, 0xff, 0x7fffffff, 0x3, 0x80000001, 0x0, 0x8, 0x46, 0x4, 0x5, 0x400, 0x3, 0x4, 0x3, 0x4, 0x4956b8a3, 0x0, 0x40, 0x4, 0x26626e6, 0x4, 0xee, 0x7, 0x80000000, 0x8, 0x2, 0xc6, 0x8, 0x2825, 0x7, 0xd1, 0x9, 0x6, 0x9, 0x15f8000, 0x84fa, 0xe59, 0x8, 0x4, 0x3, 0xecc, 0xbb, 0x335, 0xa541, 0x8000, 0xffffffff, 0x4, 0xfff, 0x3, 0x2, 0xf, 0x6, 0xad, 0x21c, 0x7ff, 0x4, 0x81, 0x0, 0x4, 0x6, 0xff, 0x4, 0x3, 0x401, 0xa, 0x6, 0x7f, 0xe, 0x0, 0x9, 0x8001, 0x2, 0x2, 0xfffffffc, 0x81, 0x9, 0x46a, 0x8, 0x1, 0x0, 0x5, 0x7fff, 0x249, 0x1, 0x4, 0x2, 0x0, 0x6, 0x5c, 0x2, 0x4, 0x9, 0x4, 0x4, 0x2, 0xffffffff, 0x6e, 0x8fc1, 0x2, 0x9, 0x7ff, 0x8, 0x8, 0x800, 0x7f, 0x5, 0x7, 0x48d5c339, 0x8, 0x1, 0x1a00000, 0x80, 0x7f, 0xfffffffa, 0x0, 0x3, 0x6, 0x2, 0x0, 0x3f, 0xfff, 0x7, 0x9, 0xc00000, 0x5, 0x5, 0x6, 0xe, 0xfffffff7, 0x100, 0x32bf, 0x4, 0x8, 0x7fff, 0xfffeffff, 0x2, 0x3ff, 0x10000, 0x2, 0x7, 0x10001, 0x7, 0x80, 0xfffffffc, 0x5, 0x3, 0xfffffff2, 0x5, 0x1, 0x1, 0x800, 0x1, 0x4, 0x3, 0x1, 0xb, 0x9, 0x3, 0xd8, 0x9, 0x8, 0x0, 0x1, 0xffffffff, 0xc, 0x0, 0x5, 0x2, 0x10001, 0x2, 0x1, 0xb71, 0xffffffff, 0x7, 0x453, 0x2, 0xa, 0x8, 0xa, 0x1, 0x8000, 0x6, 0xfffffffb, 0x6, 0x6, 0x5, 0x7, 0x3, 0x101, 0x7ff, 0x0, 0x5, 0x1, 0x6, 0xc0000000, 0x10000, 0x5, 0x4, 0xffffffff, 0xff, 0x8000, 0x2, 0x8001, 0x1, 0x100, 0x401, 0x7, 0xbfc, 0x0, 0xc, 0x101, 0x7, 0x2, 0x200, 0xa, 0x101, 0x7, 0xfffffffe, 0xe, 0x4, 0x3, 0x5, 0xfa, 0x81, 0xc0000000, 0x249, 0x8, 0x5, 0x1, 0x9, 0x0, 0xe, 0x0, 0xfffffffa, 0x5, 0x5, 0x80000001, 0xfffffff9, 0x10, 0x0, 0xfffffffc, 0x158, 0x5, 0xc3d9, 0xa5a, 0x9, 0x1ff, 0x1, 0x6, 0x10000, 0x2, 0x81, 0x8, 0x8001, 0xea1, 0x9, 0x7, 0x8, 0x140000, 0x13d, 0xfffff9d4, 0x10001, 0x100, 0xffffffff, 0x3, 0x2, 0x0, 0xf49, 0xa, 0xf8600000, 0x0, 0xfffffff9, 0x92cb, 0x2, 0x4, 0x4, 0x1, 0x8, 0x2, 0x0, 0x40, 0xfffffffa, 0x4, 0x0, 0x9, 0xb497, 0xfffffffb, 0x15, 0x3, 0x9, 0x1000, 0x9, 0x8, 0x0, 0x3, 0x8000, 0x5, 0x2, 0x40, 0x7, 0x594, 0xda, 0x4, 0x6, 0xf, 0xd5, 0xd, 0x6, 0x1, 0x3, 0x9a6, 0x4, 0x9, 0xf2c, 0x6c, 0xae, 0x7f, 0x4, 0x8, 0x0, 0x6, 0x5, 0x1, 0x800, 0x9, 0x8, 0x8000, 0x40c1, 0x8001, 0x5, 0x9, 0x0, 0x3, 0x3, 0x5, 0x80, 0x0, 0x1c97, 0x9, 0x1000, 0x7, 0x5, 0x9, 0x3ff, 0xffffda79, 0xfffffff7, 0xb70, 0x9, 0x1240, 0x7, 0x6, 0x752b, 0x400, 0x4, 0x80000001, 0x6, 0x4a94, 0x100, 0xb4, 0x101, 0x9, 0x4d, 0x143e, 0x10001, 0x6, 0x800, 0x8, 0x0, 0xfffffffe, 0xb, 0x5, 0x2, 0x3, 0x1, 0xa, 0xfffffffd, 0x7, 0x8, 0x7ff, 0x6, 0x5, 0x3, 0x1, 0x3f, 0x6, 0x9b6b, 0x6, 0x10, 0x5, 0x6, 0x3, 0xb3a0, 0x69f1, 0x4, 0x6, 0x5, 0xde7, 0x2, 0x7, 0x4, 0x80000000, 0xcc, 0xfce, 0x2, 0xe19, 0x5, 0x9, 0x6, 0x3, 0x4, 0x5, 0x0, 0x1, 0x1000, 0x7, 0x4, 0x80, 0xff, 0x0, 0x9, 0x6, 0xeb, 0x8, 0x1741, 0xb646, 0xbc8, 0x7, 0x0, 0x9, 0x4, 0x2, 0xfffffffa, 0x8000, 0xfffffc94, 0x5, 0x9, 0x0, 0x3, 0x4, 0x7257, 0x1b9b, 0x4, 0x100, 0xa, 0x4, 0x1, 0x8, 0xfffffffb, 0xfffffe00, 0x2, 0x8722, 0x101, 0x7, 0xffffaa9c, 0x7, 0x5, 0x80000000, 0x4, 0xcf08, 0xffffffff, 0x9, 0x401, 0x6, 0xff, 0x3, 0x2, 0x8, 0x3ff, 0x2, 0x7, 0x4, 0xffffffff, 0x0, 0xd4, 0x7, 0xa28b, 0x7d3e87f7, 0x1ff, 0x8, 0xe342, 0x9, 0x7, 0x1, 0x20, 0x7, 0xa, 0x80, 0x3, 0x8, 0x6, 0x0, 0x1, 0x4, 0x81, 0x2b94dbb4, 0x0, 0x7e, 0x5, 0x5, 0x4, 0x100, 0x400, 0x253, 0x4, 0xadd, 0x2, 0x2, 0x0, 0x80, 0x4, 0x7e7, 0x2, 0x2, 0x0, 0x120a, 0x40000000, 0x4e, 0x1, 0x4, 0x2, 0xd, 0x2, 0x2000, 0x7d6, 0x300d, 0xa, 0xb, 0x630a, 0x7, 0x5, 0x0, 0x200, 0x9, 0x8000, 0x7, 0xc3b, 0x4c9c, 0x4, 0xffffffff, 0x2, 0x8, 0xfffffffa, 0x200, 0x1, 0xb72, 0x0, 0x80008000, 0x8, 0x81, 0x0, 0x0, 0x0, 0x4, 0xa4aa, 0x6, 0x7fffffff, 0x6b91, 0x6, 0x2, 0x3, 0x400, 0x0, 0x80000000, 0xd, 0x4, 0x0, 0x1, 0x7fffffff, 0x7, 0x8, 0x5, 0xfffffffe, 0x2, 0xdb2, 0x81, 0x98d6, 0x3, 0xd5ae, 0x206, 0xffffffff, 0x4, 0x63, 0x4, 0x8, 0x2, 0xfff, 0x4, 0x2, 0x0, 0x3f1d, 0x4, 0x9, 0x3ff, 0x940, 0xfffffff8, 0x1, 0xff, 0x0, 0xff, 0x8, 0x8, 0x5c200000, 0x2, 0x10000, 0x9, 0x6, 0x2, 0x6, 0x800, 0x5, 0x7, 0xfffffffe, 0x2, 0x3, 0x2, 0x1000, 0x6, 0x8, 0x0, 0x101, 0xfd, 0xf2, 0x8, 0x3ff, 0x2d, 0xfa, 0xfffffffe, 0x1, 0x10, 0x6, 0x0, 0x8, 0x81, 0x6, 0x7ff, 0x6, 0xfffffffe, 0x3, 0x3, 0x37, 0x8, 0x401, 0xe6, 0x7, 0x8, 0x81, 0x7ff, 0x5, 0x4, 0x8, 0x7, 0x4, 0x800, 0x1, 0x336f, 0x3, 0x0, 0x8000, 0xa2d, 0xfff, 0x50a8, 0x9, 0x2, 0x10000, 0x1000, 0x5, 0x9, 0x4, 0xc9a6, 0x3, 0x4, 0x0, 0xfffffff0, 0x8, 0x3ff, 0xb, 0x9, 0x8, 0x2, 0xffff, 0x3, 0x0, 0xffff, 0xfff, 0x3, 0x8001, 0x5, 0x83, 0x9, 0x6, 0xffffffff, 0x4, 0x9, 0xf3d, 0x6, 0x1, 0x4, 0x36b, 0xa00, 0x300, 0x777, 0xfffffffa, 0x2, 0x7, 0x101, 0xc, 0x7, 0xf9a8, 0xdf, 0xffffffff, 0x1, 0x8, 0x1000, 0x1, 0x5, 0x5, 0x0, 0x60, 0x7, 0x5, 0x8, 0x7, 0x200, 0x81, 0x7ff, 0xd, 0x4, 0x2, 0x8, 0x0, 0x81, 0xac, 0x1, 0x57e, 0x8, 0x80000, 0x8, 0xbc69, 0x6, 0x7, 0x9, 0x1, 0x4, 0x3f6, 0x7, 0x0, 0x8001, 0x3, 0x10000, 0x10001, 0xd, 0x8, 0x9, 0x0, 0x3, 0xfffffffe, 0xfffffffa, 0x1000, 0xfffffffd, 0x40, 0x3, 0x10000, 0x5d3a3577, 0x4, 0xd, 0x1, 0x6, 0x758, 0x7, 0x6da9, 0x4, 0x9, 0xd8db, 0x50, 0xe, 0xa1, 0x6, 0x8, 0xacb, 0xfffffff5, 0xc, 0x2, 0x1000, 0xa9cf, 0x2, 0xffffff9d, 0x1, 0x0, 0x7, 0x0, 0x5, 0x2a5, 0x1, 0x6, 0x54c1, 0x6, 0x8d0, 0x7, 0x9, 0xfffffff9, 0x5, 0x7, 0x400, 0x1, 0x615, 0x6, 0x2, 0x5, 0xd, 0xfffffffe, 0x6, 0x21, 0x5, 0x3, 0x9, 0x8, 0xffff8001, 0x7, 0x7, 0x9, 0x9, 0x7, 0x80000001, 0x101, 0x1, 0xcb, 0x5, 0xffffffff, 0xb4ce, 0x0, 0x0, 0x4, 0x5, 0x8, 0x8, 0x4, 0x99, 0x2, 0x0, 0x5000, 0x4, 0x3, 0x9, 0x1, 0x6, 0x8, 0x1, 0x80000001, 0x9, 0x5, 0x2, 0x0, 0x4, 0x100, 0x7fffffff, 0x674, 0x4, 0x100, 0x8, 0x3, 0x4, 0x5, 0x4a, 0x200, 0x8000, 0x4, 0x60000, 0x2e3e, 0x80, 0xc, 0x4, 0x4, 0x4, 0x1, 0x0, 0x100, 0x101, 0x0, 0x6, 0xffffff80, 0xfc, 0x8, 0x3b2c, 0x800, 0x1, 0x4e, 0xc, 0x4, 0xb528, 0xb1b3, 0x1, 0x13c8, 0x4, 0x6, 0xfffffffb, 0x8a39, 0x1, 0x10000, 0x4, 0x7f, 0x6, 0x1, 0xaae, 0x80000000, 0x2, 0x3, 0x401, 0x3fc, 0x5, 0x3, 0x9, 0x9, 0x8, 0x2, 0x401, 0x0, 0x6, 0x7f, 0x4, 0x71e, 0x81, 0x0, 0x3bc, 0x5, 0x86, 0x2, 0xd4da, 0x0, 0x4, 0x0, 0x9cae, 0x6, 0x3, 0x80000001, 0x3, 0x5, 0x5, 0x2, 0xc, 0x4, 0x30, 0x0, 0xfffffffa, 0x3, 0x6, 0x4, 0x5, 0x4, 0x100, 0x8, 0xeff, 0x6, 0x0, 0x401, 0x10, 0x1, 0x5, 0x9, 0x4788, 0x1, 0x4, 0xd54d, 0x0, 0xfffffffb, 0xc, 0x0, 0x401, 0x5, 0xf, 0x19, 0x8, 0x7, 0xcdb, 0x0, 0x6, 0xc0, 0x925e, 0x6, 0x1, 0x2, 0x0, 0x7, 0x1ff, 0xf, 0x401, 0x80000000, 0xff, 0x8695, 0x9, 0xfffffffd, 0x5], 0x1, 0x400, 0x55fb}) 2m44.241321802s ago: executing program 6 (id=6523): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x40000) readv(r1, &(0x7f0000000080)=[{&(0x7f0000000880)=""/97, 0x61}], 0x1) 2m43.271885381s ago: executing program 6 (id=6536): r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = socket$inet(0x2, 0x3, 0x102) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r2}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0x1d, 0x0, 0x0, {0x0, 0x1ec}}, 0x18, &(0x7f0000000000)={0x0}}, 0x0) 2m43.17575908s ago: executing program 6 (id=6537): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='fd\x00') r1 = fanotify_init(0x4, 0x0) fanotify_mark(r1, 0x1, 0x40000012, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000340)='attr\x00') getdents64(r2, &(0x7f0000000200)=""/39, 0x27) 2m43.063730484s ago: executing program 6 (id=6538): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xc0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount_setattr(r0, &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000001dc0)={0xb, 0x2, 0x80000}, 0x20) 2m42.916405166s ago: executing program 6 (id=6539): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10) write(r0, &(0x7f0000000180)="842a0a65bd8c002b0304000e0580a7b607ee62e286a5cefe", 0x18) 2m42.656992513s ago: executing program 6 (id=6541): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0xc3ff, &(0x7f0000000580)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r2}, @IFLA_HSR_SLAVE2={0x8, 0x2, r3}]}}}]}, 0x40}, 0x1, 0xba01, 0x0, 0x4000044}, 0x10) 2m42.238515414s ago: executing program 37 (id=6541): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0xc3ff, &(0x7f0000000580)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r2}, @IFLA_HSR_SLAVE2={0x8, 0x2, r3}]}}}]}, 0x40}, 0x1, 0xba01, 0x0, 0x4000044}, 0x10) 34.629745825s ago: executing program 9 (id=8211): r0 = syz_io_uring_setup(0x1f85, &(0x7f0000000340)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000300)) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x40400, 0x4) ppoll(&(0x7f0000000040)=[{r0}], 0x1, 0x0, 0x0, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) 33.600461794s ago: executing program 9 (id=8229): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e40)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x7}}]}, 0x40}, 0x1, 0x0, 0x0, 0xc083}, 0x2000400c) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 33.483147298s ago: executing program 9 (id=8231): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@uuid_off}]}) 33.298985572s ago: executing program 9 (id=8234): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) umount2(&(0x7f0000000480)='./file0\x00', 0x0) 33.124439957s ago: executing program 9 (id=8236): prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000100)={0x100}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) kcmp(r0, r0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) 32.761466657s ago: executing program 9 (id=8237): r0 = inotify_init1(0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000140)='./file0\x00', 0xc0000128) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') read$qrtrtun(r1, &(0x7f00000004c0)=""/57, 0x39) 32.218990506s ago: executing program 38 (id=8237): r0 = inotify_init1(0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000140)='./file0\x00', 0xc0000128) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') read$qrtrtun(r1, &(0x7f00000004c0)=""/57, 0x39) 3.571200466s ago: executing program 2 (id=8628): r0 = socket(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x5, 0x4) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)={0xc2a10a980d0dcec8}) 3.4161769s ago: executing program 2 (id=8632): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x0) readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000500)=""/265, 0x109}], 0x1) 2.454950137s ago: executing program 2 (id=8649): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c230000) ioctl$VIDIOC_S_MODULATOR(r0, 0x40445637, 0x0) 2.1730517s ago: executing program 2 (id=8655): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xeeef0000, 0xdddd1000, 0x0, 0x0, 0x8, 0x0, 0xfd, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}, {0x8080000, 0x5000, 0xc, 0x0, 0x4, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0xf000, 0xd000, 0x9, 0x0, 0xff, 0x0, 0xff, 0xfd, 0x0, 0x0, 0x4}, {0xeeee8000, 0x3000, 0x3, 0x0, 0xff, 0x4, 0x80, 0xe, 0x0, 0x7}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xff, 0x2, 0x0, 0x0, 0xfd, 0x80}, {0xdddd1000, 0x0, 0xb, 0xa, 0x0, 0x40, 0x3, 0x0, 0x80}, {0x4000, 0x3000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26, 0x6}, {0x80a0000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x4000, 0x70, 0x7, 0xf801, 0x0, [0xd2, 0xffffffffffffffff, 0x1, 0x200000]}) 1.934659096s ago: executing program 2 (id=8658): bpf$MAP_CREATE(0x100000000000000, &(0x7f00000002c0)=@base={0xa, 0x5, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x20002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000780)={0xfffffffe, 0x0, 0x0, 'queue0\x00', 0x48}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000100)={0x80, 0x1, 'client1\x00', 0xffffffff80000004, "04f10000efdb00", "a78560d99f00", 0x800000}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) 1.600012852s ago: executing program 2 (id=8662): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000700)={0x20, 0x11, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_PEC(r1, 0x708, 0x7) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000140)={0x0, 0xd0, 0x4, &(0x7f0000000080)={0x11, "42cae8b3df20afbcfcdd178c50e5d84526580489979a473f112453b228922bd31c"}}) 1.570200247s ago: executing program 0 (id=8663): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000240)={r1, 0x20, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be9"}, &(0x7f0000000180)=0xfc86) 1.366124325s ago: executing program 0 (id=8666): r0 = socket(0x200000000000011, 0x2, 0xd) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000001a80)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0) 1.323962695s ago: executing program 3 (id=8667): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz1\x00', 0x3f}) ioctl$UI_DEV_CREATE(r0, 0x5501) r1 = syz_open_dev$evdev(&(0x7f0000000100), 0x72, 0x0) ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f00000000c0)={0x54, 0x1, 0xc, {0x200, 0x1}, {0x9, 0x9}, @const={0x4, {0x9, 0xff, 0x9, 0x9}}}) 1.224469197s ago: executing program 1 (id=8668): r0 = landlock_create_ruleset(&(0x7f0000000000)={0x1080, 0x1}, 0x18, 0x0) r1 = landlock_create_ruleset(&(0x7f00000000c0)={0xa019, 0x1, 0x3}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) landlock_restrict_self(r0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f00000008c0)={{0x12, 0x1, 0x0, 0xf2, 0x6c, 0x44, 0x20, 0x84f, 0x1, 0xe0b8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xb2, 0x84, 0xbb}}]}}]}}, 0x0) 1.223968449s ago: executing program 0 (id=8669): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x20, r0, 0x1, 0x0, 0x0, {0x1e}, [@ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0) 1.143726059s ago: executing program 3 (id=8671): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1c5) getdents64(r0, &(0x7f0000000280)=""/76, 0x4c) lseek(r0, 0x4, 0x0) 1.086149388s ago: executing program 0 (id=8672): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x1a9c00) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000700)={{0x0, 0x1}, {0xe, 0xf5}, 0x400, 0x3, 0x4}) 1.00810799s ago: executing program 3 (id=8673): r0 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000000)=0x400, 0x4) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) bind$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0) 924.539784ms ago: executing program 0 (id=8675): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8) 875.031016ms ago: executing program 0 (id=8677): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) sendmsg$inet6(r0, &(0x7f0000001600)={&(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c, &(0x7f0000001580)=[{&(0x7f00000010c0)="bf", 0x1}], 0x1}, 0x0) sendmsg$inet6(r0, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000001100)={0x0, @in6={{0xa, 0x0, 0x80000000, @rand_addr=' \x01\x00'}}, 0x0, 0x4}, &(0x7f0000000080)=0x9c) 641.51032ms ago: executing program 8 (id=8679): r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r1 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r2 = fanotify_init(0xf00, 0x0) fanotify_mark(r2, 0x105, 0x40009975, r1, 0x0) fanotify_mark(r2, 0x105, 0x40009975, r0, 0x0) 632.545455ms ago: executing program 1 (id=8680): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x4b, &(0x7f0000000180)=0xfffffff7, 0x4) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0xffffffff, @private0, 0x1}, 0x1c) 503.928312ms ago: executing program 1 (id=8681): r0 = io_uring_setup(0x2e34, &(0x7f0000000100)={0x0, 0x0, 0x1000}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @pic={0x0, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}}) close_range(r0, 0xffffffffffffffff, 0x0) 446.268652ms ago: executing program 8 (id=8682): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) socket$nl_route(0x10, 0x3, 0x0) unshare(0x6020400) fcntl$setstatus(r0, 0x4, 0x2800) 349.568582ms ago: executing program 8 (id=8683): r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='bridge0\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x8004, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000240)='\x00', 0x1, 0x200008d0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000040)) 274.474064ms ago: executing program 1 (id=8684): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000100)=0xffff, 0x4) shutdown(r0, 0x1) setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f0000000040)=0x7, 0x4) recvmmsg(r1, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/26, 0x1a}, 0x3}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/152}, {&(0x7f0000000300)=""/217}, {&(0x7f00000000c0)=""/29}], 0x0, &(0x7f0000000400)=""/104}, 0x7fff}], 0x32, 0x0, 0x0) 273.779264ms ago: executing program 8 (id=8685): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000001080)='./file0\x00', 0x0, 0x1100020, &(0x7f0000005380)={[{@gid}, {}]}) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 241.695638ms ago: executing program 1 (id=8686): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) io_setup(0x4, &(0x7f0000000340)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8) creat(&(0x7f0000000000)='./file0\x00', 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 176.915552ms ago: executing program 8 (id=8687): capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) setns(r2, 0x20000000) 128.797469ms ago: executing program 3 (id=8688): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xc4, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60}, {0x0, 0x1000000000000401, 0xfffffffffffffffe, 0x40000000, 0x0, 0x1a, 0x1, 0xfffffffffffffffe}, {0x77, 0x5, 0x0, 0x7fff}, 0x8, 0x0, 0x1, 0x0, 0x3}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in6=@local, 0x0, 0x0, 0x3, 0x3}]}]}, 0xfc}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x59}}}}}}}, 0x0) 36.327751ms ago: executing program 3 (id=8689): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10) sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00) 35.935882ms ago: executing program 8 (id=8690): r0 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, &(0x7f00000001c0)="8b", 0x1, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x3}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000680)="495f3b3dee0000962612c44906d9b7e5cb0f19d0be77d28289ead3a9133ed2e5670275a86f05f9348754177cf35357c2cf03efa1b47db4fbe73e4b5c973652d9e0ed1a84fe25f80f29b02c7a71b309f8eef2de66b2b74e1cfdcc751b21a40b5f64aa20533898fd76a736f169f4cc4c9d477eec008adce4dd4a2487b287377e0d987501c837bec60849e8bc843b7655057c1ecad719dff5aff033358306b4904a6f3dfe324f3d9b792e380e5c0657e663bf452d62314003d320d45f5b32ffb3686a8ea2a23135757887f08731e9808f560bd1e41da92d379a9798480000000000000000000000ac96208bdb39a56fec58f197da3e5e6166e1f124f32edf951b4e0c6d1a2c3815b9cfce31fc19479dcd473249daaa286b302f78ecd63aeaa6088652918ef5a30c4231c221383c4a30821e974a346f461b06e7c92aaaaf77bffcf70c7ca2d8d948bc124d2fafc5a593c42ce9cf96c919d049341ebe159c23d82bf031fa3e13550f7b399d", 0x169, r2) keyctl$dh_compute(0x17, &(0x7f00000000c0)={r0, r3, r0}, &(0x7f0000000300)=""/171, 0xab, &(0x7f0000000400)={&(0x7f0000000180)={'sha384-generic\x00'}, &(0x7f00000003c0)="a1ec76f07d3826a887098f72", 0xc}) 35.699926ms ago: executing program 1 (id=8691): r0 = timerfd_create(0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 0s ago: executing program 3 (id=8692): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xe0}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0x50}, {0x7, 0x1, 0xb, 0x2, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) kernel console output (not intermixed with test programs): .631719][T21971] netlink: 492 bytes leftover after parsing attributes in process `syz.2.6956'. [ 612.646897][T17717] usb 9-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 612.657969][T17717] usb 9-1: selecting invalid altsetting 1 [ 612.664304][T17717] usb 9-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 612.672063][T21973] sctp: [Deprecated]: syz.9.6957 (pid 21973) Use of int in maxseg socket option. [ 612.672063][T21973] Use struct sctp_assoc_value instead [ 612.675762][T17717] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 612.698102][T17717] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 612.706648][T17717] usb 9-1: media controller created [ 612.767393][T17717] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 613.330936][ T5881] usb 10-1: new high-speed USB device number 26 using dummy_hcd [ 613.506494][ T5881] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 613.541154][ T5881] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 613.557419][ T5881] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 613.569835][ T5881] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 613.583341][ T5943] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 613.602606][ T5881] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 613.616793][ T5881] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 613.628596][ T5881] usb 10-1: config 0 descriptor?? [ 613.760927][ T5943] usb 3-1: Using ep0 maxpacket: 16 [ 613.773484][ T5943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 613.794202][ T5943] usb 3-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc [ 613.823896][ T5943] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 613.853485][ T5943] usb 3-1: Product: syz [ 613.857843][ T5943] usb 3-1: Manufacturer: syz [ 613.871371][ T5943] usb 3-1: SerialNumber: syz [ 613.883529][T17717] usb 9-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 613.892062][ T5943] usb 3-1: config 0 descriptor?? [ 613.893405][T17717] zl10353_read_register: readreg error (reg=127, ret==-110) [ 613.905228][ T5943] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 613.912140][T21957] usb 9-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 613.932659][T17717] usb 9-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 613.996486][T17717] usb 9-1: USB disconnect, device number 32 [ 614.057062][ T5881] plantronics 0003:047F:FFFF.004C: ignoring exceeding usage max [ 614.085229][ T5881] plantronics 0003:047F:FFFF.004C: No inputs registered, leaving [ 614.120651][ T5881] plantronics 0003:047F:FFFF.004C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 614.141260][ T5943] usb 3-1: USB disconnect, device number 8 [ 615.574932][T22044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6989'. [ 615.591558][T22044] bond_slave_0: entered promiscuous mode [ 615.597346][T22044] bond_slave_1: entered promiscuous mode [ 615.607277][T22044] macvlan2: entered promiscuous mode [ 615.633280][T22044] bond0: entered promiscuous mode [ 615.642934][T22044] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 615.761634][T22050] netlink: 'syz.1.6991': attribute type 29 has an invalid length. [ 615.782105][T22050] netlink: 'syz.1.6991': attribute type 29 has an invalid length. [ 615.817055][T22050] netlink: 492 bytes leftover after parsing attributes in process `syz.1.6991'. [ 615.987400][T22058] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6995'. [ 616.010222][T22058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6995'. [ 616.142912][ T5881] usb 10-1: USB disconnect, device number 26 [ 616.551266][T22074] vlan3: entered allmulticast mode [ 616.570113][T22074] bond0: entered allmulticast mode [ 616.591637][T22074] bond_slave_0: entered allmulticast mode [ 616.607087][T22077] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7005'. [ 616.617246][T22074] bond_slave_1: entered allmulticast mode [ 616.737956][T22077] macvlan2: entered promiscuous mode [ 616.756435][T22077] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 617.151723][T22093] netlink: 32 bytes leftover after parsing attributes in process `syz.9.7012'. [ 617.165458][T22093] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7012'. [ 617.681062][T22109] program syz.8.7019 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 617.836041][T22114] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7021'. [ 617.884643][T22114] macvlan3: entered promiscuous mode [ 617.907329][T22114] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 618.157359][T22124] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000004 [ 618.599558][T22147] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 618.628000][T22149] loop2: detected capacity change from 0 to 7 [ 618.640491][T22149] Dev loop2: unable to read RDB block 7 [ 618.656498][T22149] loop2: AHDI p2 p3 [ 618.663932][T22149] loop2: partition table partially beyond EOD, truncated [ 618.672759][T22149] loop2: p2 size 150995456 extends beyond EOD, truncated [ 619.943318][T22190] loop2: detected capacity change from 0 to 7 [ 619.967482][T22190] Dev loop2: unable to read RDB block 7 [ 619.980283][T22190] loop2: AHDI p2 p3 [ 619.994996][T22190] loop2: partition table partially beyond EOD, truncated [ 620.013268][T22190] loop2: p2 size 150995456 extends beyond EOD, truncated [ 620.195557][T22198] vlan2: entered allmulticast mode [ 620.223210][T22198] bond0: entered allmulticast mode [ 620.240905][T22198] bond_slave_0: entered allmulticast mode [ 620.262442][T22198] bond_slave_1: entered allmulticast mode [ 620.381634][T22208] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000004 [ 620.562377][T22215] fuse: Invalid gid '00000000000037777777777' [ 620.611075][ T5943] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 620.781971][ T5943] usb 4-1: Using ep0 maxpacket: 8 [ 620.813198][ T5943] usb 4-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 620.830706][ T5943] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 620.838803][ T5943] usb 4-1: Product: syz [ 620.871012][ T5943] usb 4-1: Manufacturer: syz [ 620.875695][ T5943] usb 4-1: SerialNumber: syz [ 620.883781][ T5943] usb 4-1: config 0 descriptor?? [ 620.899838][ T5943] gspca_main: sq905-2.14.0 probing 2770:9120 [ 621.521422][ T5881] usb 9-1: new high-speed USB device number 33 using dummy_hcd [ 621.718248][ T5881] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 621.732269][ T5881] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 621.769480][ T5881] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 621.783656][ T5881] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 621.796811][ T5881] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 621.806859][ T5881] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.827109][ T5881] usb 9-1: config 0 descriptor?? [ 621.933433][ T5943] gspca_sq905: sq905_read_data: usb_control_msg failed (-71) [ 621.950934][ T5943] sq905 4-1:0.0: probe with driver sq905 failed with error -71 [ 621.975892][ T5943] usb 4-1: USB disconnect, device number 51 [ 622.282466][ T5881] plantronics 0003:047F:FFFF.004D: ignoring exceeding usage max [ 622.314076][ T5881] plantronics 0003:047F:FFFF.004D: No inputs registered, leaving [ 622.364855][ T5881] plantronics 0003:047F:FFFF.004D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 622.589494][T22283] vlan2: entered allmulticast mode [ 622.594951][T22283] bond0: entered allmulticast mode [ 622.600191][T22283] bond_slave_0: entered allmulticast mode [ 622.606259][T22283] bond_slave_1: entered allmulticast mode [ 622.612766][T22283] batadv_slave_0: entered allmulticast mode [ 623.663785][T22309] block nbd2: shutting down sockets [ 623.891052][T17715] usb 2-1: new full-speed USB device number 57 using dummy_hcd [ 623.956096][ T30] audit: type=1326 audit(1749016133.903:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.9.7117" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f897f98e969 code=0x0 [ 624.041124][ T10] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 624.062902][T17715] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 624.131371][T17715] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 624.153429][T17715] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 624.170485][T17715] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 624.178614][T17715] usb 2-1: Product: syz [ 624.190946][T17715] usb 2-1: Manufacturer: syz [ 624.195634][T17715] usb 2-1: SerialNumber: syz [ 624.211031][ T10] usb 4-1: Using ep0 maxpacket: 8 [ 624.239836][ T10] usb 4-1: config 0 has an invalid interface number: 188 but max is 0 [ 624.255311][ T10] usb 4-1: config 0 has no interface number 0 [ 624.270883][ T10] usb 4-1: New USB device found, idVendor=048d, idProduct=9306, bcdDevice=6c.2c [ 624.287329][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.299230][ T5943] usb 9-1: USB disconnect, device number 33 [ 624.326795][ T10] usb 4-1: config 0 descriptor?? [ 624.415054][T17715] usb 2-1: 0:2 : does not exist [ 624.466982][T17715] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 624.538026][T17715] usb 2-1: USB disconnect, device number 57 [ 624.618867][ T5943] usb 4-1: USB disconnect, device number 52 [ 624.900962][ T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 625.061221][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 625.078808][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=08b5, bcdDevice=d7.01 [ 625.098869][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 625.116725][ T10] usb 3-1: Product: syz [ 625.126337][ T10] usb 3-1: Manufacturer: syz [ 625.131552][T22359] sctp: [Deprecated]: syz.8.7134 (pid 22359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 625.131552][T22359] Use struct sctp_sack_info instead [ 625.148098][ T10] usb 3-1: SerialNumber: syz [ 625.156337][ T10] usb 3-1: config 0 descriptor?? [ 625.165584][ T10] pwc: Logitech QuickCam Orbit/Sphere USB webcam detected. [ 625.240973][ T5943] usb 10-1: new full-speed USB device number 27 using dummy_hcd [ 625.313409][T22366] syzkaller1: entered promiscuous mode [ 625.319488][T22366] syzkaller1: entered allmulticast mode [ 625.372499][ T10] pwc: Warning: more than 1 configuration available. [ 625.384848][ T10] pwc: Failed to set LED on/off time (-71) [ 625.406020][ T5943] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 625.418838][ T10] pwc: send_video_command error -71 [ 625.426411][ T10] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 625.434258][ T5943] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 625.455306][ T10] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 625.470400][ T5943] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 625.491217][ T10] usb 3-1: USB disconnect, device number 9 [ 625.500859][ T5943] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 625.542423][ T5943] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 625.552526][ T5943] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 625.560731][ T5943] usb 10-1: Manufacturer: syz [ 625.577673][ T5943] usb 10-1: config 0 descriptor?? [ 625.956736][ T5943] rc_core: IR keymap rc-hauppauge not found [ 625.979255][ T5943] Registered IR keymap rc-empty [ 625.999782][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.041497][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.077092][ T5943] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0 [ 626.114253][ T5943] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input88 [ 626.162749][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.194129][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.231089][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.270951][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.303031][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.330865][T17715] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 626.336982][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.391081][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.430965][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.456425][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.477674][T22396] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 626.480903][T17715] usb 2-1: Using ep0 maxpacket: 8 [ 626.501071][ T5943] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 626.508943][T17715] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 626.534223][ T5943] mceusb 10-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 626.546028][T17715] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16 [ 626.549039][ T5943] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 626.578807][ T5943] usb 10-1: USB disconnect, device number 27 [ 626.586032][T17715] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 626.600821][T17715] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 626.608881][T17715] usb 2-1: Product: syz [ 626.637075][T17715] usb 2-1: Manufacturer: syz [ 626.648265][T17715] usb 2-1: SerialNumber: syz [ 626.790955][T22401] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 626.813759][T22403] syzkaller1: entered promiscuous mode [ 626.820946][T22403] syzkaller1: entered allmulticast mode [ 626.938133][T17715] cdc_ncm 2-1:1.0: bind() failure [ 626.966587][T17715] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 626.984572][T17715] cdc_ncm 2-1:1.1: bind() failure [ 627.000633][T22407] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000004 [ 627.017337][T17715] usb 2-1: USB disconnect, device number 58 [ 627.515003][T22423] block nbd8: shutting down sockets [ 628.086264][T22438] fuse: Invalid gid '00000000000037777777777' [ 629.306087][T17715] usb 9-1: new high-speed USB device number 34 using dummy_hcd [ 629.405801][T22501] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7194'. [ 629.483723][T17715] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 629.507855][T17715] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 629.535552][T17715] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 629.580303][T17715] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 629.609393][T17715] usb 9-1: SerialNumber: syz [ 629.870015][T17715] usb 9-1: 0:2 : does not exist [ 629.920031][T17715] usb 9-1: USB disconnect, device number 34 [ 629.928706][T22518] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 630.168223][T22532] sctp: [Deprecated]: syz.1.7210 (pid 22532) Use of struct sctp_assoc_value in delayed_ack socket option. [ 630.168223][T22532] Use struct sctp_sack_info instead [ 630.241038][T17717] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 630.399646][T17717] usb 3-1: Using ep0 maxpacket: 32 [ 630.408187][T17717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 630.438990][T17717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 630.460065][T17717] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 630.471079][T17717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 630.495922][T17717] usb 3-1: config 0 descriptor?? [ 630.519999][T17717] hub 3-1:0.0: USB hub found [ 630.726379][T17717] hub 3-1:0.0: 1 port detected [ 631.339599][T17717] hub 3-1:0.0: activate --> -90 [ 631.547778][T17715] usb 3-1: USB disconnect, device number 10 [ 631.554477][T17717] hub 3-1:0.0: hub_ext_port_status failed (err = -71) [ 631.803477][ T5835] Bluetooth: hci3: command 0x0419 tx timeout [ 632.331077][T22594] netlink: 'syz.2.7234': attribute type 15 has an invalid length. [ 632.507967][T22599] netlink: 408 bytes leftover after parsing attributes in process `syz.9.7237'. [ 632.596767][T22599] netlink: 104 bytes leftover after parsing attributes in process `syz.9.7237'. [ 632.687708][ T30] audit: type=1326 audit(1749016142.633:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22600 comm="syz.3.7238" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe84078e969 code=0x0 [ 633.112580][T22622] input: syz1 as /devices/virtual/input/input89 [ 633.617138][T22639] program syz.1.7254 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 633.637849][ T5881] usb 10-1: new high-speed USB device number 28 using dummy_hcd [ 633.761210][T17715] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 633.808032][ T5881] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 633.825435][ T5881] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 633.837047][ T5881] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 633.871310][ T5881] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 633.879476][ T5881] usb 10-1: SerialNumber: syz [ 633.931949][T17715] usb 4-1: Using ep0 maxpacket: 32 [ 633.939914][T17715] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 633.951034][T17715] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 633.970019][T17715] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 633.988254][T17715] usb 4-1: config 1 has no interface number 0 [ 634.001831][T17715] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 634.023436][T17715] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 634.047275][T17715] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 634.056914][T17715] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 634.065185][T17717] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 634.079618][T22653] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7260'. [ 634.104270][T22653] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7260'. [ 634.106506][T17715] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 634.125219][ T5881] usb 10-1: 0:2 : does not exist [ 634.149133][T22653] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7260'. [ 634.169477][T22653] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7260'. [ 634.187914][ T5881] usb 10-1: USB disconnect, device number 28 [ 634.243143][T17717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 634.266831][T17717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 634.299792][T17717] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 634.327424][T17715] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached [ 634.339869][T17717] usb 3-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00 [ 634.354785][T17717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 634.373985][T17717] usb 3-1: config 0 descriptor?? [ 634.749549][ T5881] usb 4-1: USB disconnect, device number 53 [ 634.767341][ T5881] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 634.821241][T17717] ntrig 0003:1B96:0009.004E: hidraw0: USB HID v0.00 Device [HID 1b96:0009] on usb-dummy_hcd.2-1/input0 [ 635.006268][T17717] ntrig 0003:1B96:0009.004E: Firmware version: 2.3.14.45.6 (cd15 bed5) [ 635.208849][T17717] usb 3-1: USB disconnect, device number 11 [ 635.570331][T17715] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 635.742545][T17715] usb 4-1: Using ep0 maxpacket: 8 [ 635.755514][T17715] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 17 [ 635.779967][T17715] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07 [ 635.817034][T17715] usb 4-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60 [ 635.841867][T17715] usb 4-1: Product: syz [ 635.846118][T17715] usb 4-1: Manufacturer: syz [ 635.857688][T17715] usb 4-1: SerialNumber: syz [ 635.877481][T17715] usb 4-1: config 0 descriptor?? [ 636.126145][T17715] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 636.416578][ T30] audit: type=1326 audit(1749016146.363:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 636.491157][ T30] audit: type=1326 audit(1749016146.363:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 636.540061][ T30] audit: type=1326 audit(1749016146.363:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 636.605418][ T30] audit: type=1326 audit(1749016146.363:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 636.721047][ T30] audit: type=1326 audit(1749016146.363:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 636.794525][ T30] audit: type=1326 audit(1749016146.363:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 636.816150][ C1] vkms_vblank_simulate: vblank timer overrun [ 636.868061][ T30] audit: type=1326 audit(1749016146.363:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 636.896927][ T30] audit: type=1326 audit(1749016146.363:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 636.918468][ C1] vkms_vblank_simulate: vblank timer overrun [ 636.933199][ T30] audit: type=1326 audit(1749016146.363:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22704 comm="syz.8.7284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 636.960245][T17715] gspca_sunplus: reg_w_riv err -71 [ 636.969337][T17715] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 636.979926][T17715] usb 4-1: USB disconnect, device number 54 [ 637.611689][T22753] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7307'. [ 637.830835][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 637.830858][ T30] audit: type=1326 audit(1749016147.773:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22757 comm="syz.2.7311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 637.916080][ T30] audit: type=1326 audit(1749016147.773:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22757 comm="syz.2.7311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 637.982675][ T30] audit: type=1326 audit(1749016147.773:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22757 comm="syz.2.7311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 638.034604][T22773] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7317'. [ 638.091735][T22775] netlink: 36 bytes leftover after parsing attributes in process `syz.9.7320'. [ 638.141992][T22775] bridge0: port 3(vlan2) entered blocking state [ 638.148520][T22775] bridge0: port 3(vlan2) entered disabled state [ 638.170178][T22775] vlan2: entered allmulticast mode [ 638.180039][T22775] dummy0: entered allmulticast mode [ 638.203284][T22775] vlan2: entered promiscuous mode [ 638.208599][T22775] dummy0: entered promiscuous mode [ 638.590882][ T5910] usb 10-1: new high-speed USB device number 29 using dummy_hcd [ 638.740915][ T5881] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 638.741180][ T5910] usb 10-1: Using ep0 maxpacket: 16 [ 638.771576][ T5910] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 638.787703][ T5910] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 638.798060][ T5910] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 638.817849][ T5910] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 638.832385][ T5910] usb 10-1: config 0 descriptor?? [ 639.072716][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 639.094252][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 639.131249][ T5881] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 639.140651][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 639.172918][ T5881] usb 3-1: config 0 descriptor?? [ 639.293976][ T5910] input: HID 05ac:8241 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:05AC:8241.004F/input/input90 [ 639.436525][ T5910] appleir 0003:05AC:8241.004F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.9-1/input0 [ 639.527705][ T5943] usb 10-1: USB disconnect, device number 29 [ 639.643098][ T5881] cm6533_jd 0003:0D8C:0022.0050: unknown main item tag 0x0 [ 639.660768][ T5881] cm6533_jd 0003:0D8C:0022.0050: unknown main item tag 0x0 [ 639.668079][ T5881] cm6533_jd 0003:0D8C:0022.0050: unknown main item tag 0x0 [ 639.675562][ T5881] cm6533_jd 0003:0D8C:0022.0050: unknown main item tag 0x0 [ 639.685704][ T5881] cm6533_jd 0003:0D8C:0022.0050: unknown main item tag 0x0 [ 639.702228][ T5881] cm6533_jd 0003:0D8C:0022.0050: No inputs registered, leaving [ 639.718078][ T5881] cm6533_jd 0003:0D8C:0022.0050: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 639.932868][ T5943] usb 3-1: USB disconnect, device number 12 [ 640.232690][T22825] input: syz0 as /devices/virtual/input/input91 [ 641.131038][ T5910] usb 10-1: new full-speed USB device number 30 using dummy_hcd [ 641.206599][T22860] netlink: 'syz.2.7358': attribute type 29 has an invalid length. [ 641.261444][T22865] netlink: 'syz.2.7358': attribute type 29 has an invalid length. [ 641.282962][ T5910] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 641.294585][T22860] netlink: 500 bytes leftover after parsing attributes in process `syz.2.7358'. [ 641.310888][ T5910] usb 10-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 641.320128][ T5910] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 641.379821][ T5910] usb 10-1: config 0 descriptor?? [ 641.805106][ T5910] usbhid 10-1:0.0: can't add hid device: -71 [ 641.813786][T17717] usb 9-1: new full-speed USB device number 35 using dummy_hcd [ 641.822178][ T5910] usbhid 10-1:0.0: probe with driver usbhid failed with error -71 [ 641.852664][ T5910] usb 10-1: USB disconnect, device number 30 [ 642.003107][T17717] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 642.040870][T17717] usb 9-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 642.050111][T17717] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 642.075858][T17717] usb 9-1: config 0 descriptor?? [ 642.088909][T22876] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 642.168266][T22885] netlink: 830 bytes leftover after parsing attributes in process `syz.3.7370'. [ 642.401534][ T5881] usb 3-1: new full-speed USB device number 13 using dummy_hcd [ 642.546258][T17717] elan 0003:04F3:0755.0051: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.8-1/input0 [ 642.593388][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 642.609988][ T5881] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 642.637675][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 642.659385][ T30] audit: type=1800 audit(1749016152.603:328): pid=22897 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.7375" name="file0" dev="tmpfs" ino=7926 res=0 errno=0 [ 642.661256][ T5881] usb 3-1: config 0 descriptor?? [ 642.721933][T22886] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 642.748187][T22903] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 642.748206][T22899] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 642.749863][T17717] usb 9-1: USB disconnect, device number 35 [ 643.091053][ T5910] usb 10-1: new high-speed USB device number 31 using dummy_hcd [ 643.111156][ T5943] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 643.143108][ T5881] elan 0003:04F3:0755.0052: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0 [ 643.240937][ T5910] usb 10-1: Using ep0 maxpacket: 8 [ 643.249140][ T5910] usb 10-1: config 168 descriptor has 1 excess byte, ignoring [ 643.256878][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 643.268451][ T5910] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 643.273632][ T5943] usb 2-1: config 0 has no interfaces? [ 643.280305][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 643.289263][ T5943] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 643.307406][ T5943] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 643.315756][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 643.321093][ T5943] usb 2-1: Product: syz [ 643.337315][ T5943] usb 2-1: Manufacturer: syz [ 643.349897][ T5881] usb 3-1: USB disconnect, device number 13 [ 643.361493][ T5910] usb 10-1: config 168 descriptor has 1 excess byte, ignoring [ 643.369213][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 643.378211][ T5943] usb 2-1: config 0 descriptor?? [ 643.387399][ T5910] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 643.399506][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 643.413199][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 643.426687][ T5910] usb 10-1: config 168 descriptor has 1 excess byte, ignoring [ 643.434561][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 643.447172][ T5910] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 643.459695][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 643.473774][ T5910] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 643.488577][ T5910] usb 10-1: string descriptor 0 read error: -22 [ 643.499526][ T5910] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 643.508935][ T5910] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 643.526519][ T5910] adutux 10-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 643.620412][ T5881] usb 2-1: USB disconnect, device number 59 [ 643.774556][ T5910] usb 10-1: USB disconnect, device number 31 [ 643.981794][ T5910] kernel read not supported for file /sequencer (pid: 5910 comm: kworker/1:6) [ 644.572711][T22945] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7395'. [ 644.628553][ T5910] usb 4-1: new low-speed USB device number 55 using dummy_hcd [ 644.814557][ T5910] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 644.828440][ T5910] usb 4-1: config 0 has no interface number 0 [ 644.837773][ T5910] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 644.852272][ T5910] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 644.863470][ T30] audit: type=1326 audit(1749016154.803:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22952 comm="syz.8.7399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 644.885045][ C1] vkms_vblank_simulate: vblank timer overrun [ 644.892809][ T5910] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 644.902306][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.911062][ T30] audit: type=1326 audit(1749016154.803:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22952 comm="syz.8.7399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 644.932783][ C1] vkms_vblank_simulate: vblank timer overrun [ 644.934080][T22955] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 644.943211][ T30] audit: type=1326 audit(1749016154.803:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22952 comm="syz.8.7399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 644.977257][ T5910] usb 4-1: config 0 descriptor?? [ 644.982741][ T30] audit: type=1326 audit(1749016154.813:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22952 comm="syz.8.7399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 644.991432][T22955] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 645.005675][T22936] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 645.032974][ T5910] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 645.311435][ T5943] usb 4-1: USB disconnect, device number 55 [ 645.425001][T22969] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7407'. [ 645.474317][ T5910] hid-generic 0000:0000:0000.0053: unknown main item tag 0x0 [ 645.504063][ T5910] hid-generic 0000:0000:0000.0053: hidraw0: HID v0.00 Device [syz1] on syz0 [ 646.149654][T22971] hid-generic 0000:0000:0000.0053: pid 22971 passed too short report [ 647.011093][T23021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7429'. [ 647.111991][T23026] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7430'. [ 648.530866][ T5881] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 648.719575][ T5881] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 648.835488][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 648.856567][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 648.866766][ T5881] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 648.919676][ T5881] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 648.966907][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.011787][ T5881] usb 2-1: config 0 descriptor?? [ 649.440486][ T5881] plantronics 0003:047F:FFFF.0054: unknown main item tag 0x0 [ 649.465993][ T5881] plantronics 0003:047F:FFFF.0054: unknown main item tag 0x0 [ 649.483315][ T5881] plantronics 0003:047F:FFFF.0054: unknown main item tag 0x0 [ 649.498611][ T5881] plantronics 0003:047F:FFFF.0054: unknown main item tag 0x0 [ 649.514538][ T5881] plantronics 0003:047F:FFFF.0054: unknown main item tag 0x0 [ 649.534855][ T5881] plantronics 0003:047F:FFFF.0054: No inputs registered, leaving [ 649.569561][ T5881] plantronics 0003:047F:FFFF.0054: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 649.713166][ T5881] usb 2-1: USB disconnect, device number 60 [ 650.022698][T23144] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7488'. [ 650.315355][T23162] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7495'. [ 650.324817][T23162] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7495'. [ 650.370861][ T5881] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 650.431168][T23164] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7496'. [ 650.533307][ T5881] usb 4-1: Using ep0 maxpacket: 16 [ 650.552045][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 650.571990][ T5881] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 650.581452][T23173] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7499'. [ 650.601032][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.621748][ T5881] usb 4-1: config 0 descriptor?? [ 650.748910][T23178] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 651.043623][ T5881] mcp2221 0003:04D8:00DD.0055: unknown main item tag 0x0 [ 651.060828][ T5881] mcp2221 0003:04D8:00DD.0055: unknown main item tag 0x0 [ 651.067965][ T5881] mcp2221 0003:04D8:00DD.0055: unknown main item tag 0x0 [ 651.081048][ T5881] mcp2221 0003:04D8:00DD.0055: unknown main item tag 0x0 [ 651.088602][ T5881] mcp2221 0003:04D8:00DD.0055: unknown main item tag 0x0 [ 651.101855][ T5881] mcp2221 0003:04D8:00DD.0055: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 651.190982][T17717] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 651.245435][ C0] usb 4-1: input irq status -75 received [ 651.345017][T17717] usb 3-1: Using ep0 maxpacket: 32 [ 651.363824][T17717] usb 3-1: config 0 has no interfaces? [ 651.376535][T17717] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 651.386263][T17717] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 651.402718][T17717] usb 3-1: Product: syz [ 651.407071][T17717] usb 3-1: Manufacturer: syz [ 651.417439][T17717] usb 3-1: SerialNumber: syz [ 651.425540][T17717] usb 3-1: config 0 descriptor?? [ 651.462236][T17717] usb 4-1: USB disconnect, device number 56 [ 651.615880][T23207] syzkaller1: entered promiscuous mode [ 651.622215][T23207] syzkaller1: entered allmulticast mode [ 651.641120][ T5934] usb 3-1: USB disconnect, device number 14 [ 651.801009][ T5910] usb 9-1: new high-speed USB device number 36 using dummy_hcd [ 651.961418][ T5910] usb 9-1: Using ep0 maxpacket: 8 [ 651.970947][ T5881] usb 10-1: new high-speed USB device number 32 using dummy_hcd [ 651.972688][ T5910] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 651.991624][ T5910] usb 9-1: config 0 has no interface number 0 [ 651.997864][ T5910] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 652.009478][ T5910] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 652.020697][ T5910] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.032936][ T5910] usb 9-1: config 0 descriptor?? [ 652.050480][ T5910] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 652.150971][ T5881] usb 10-1: Using ep0 maxpacket: 16 [ 652.160915][ T5881] usb 10-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 652.161077][T17715] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 652.180586][ T5881] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.209106][ T5881] usb 10-1: config 0 descriptor?? [ 652.218874][ T5881] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 652.331512][T17715] usb 2-1: Using ep0 maxpacket: 8 [ 652.342775][T17715] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 652.352400][T17715] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.360461][T17715] usb 2-1: Product: syz [ 652.365007][T17715] usb 2-1: Manufacturer: syz [ 652.369644][T17715] usb 2-1: SerialNumber: syz [ 652.378483][T17715] usb 2-1: config 0 descriptor?? [ 652.561092][ T5910] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 652.604882][T17715] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 652.753490][ T5910] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 652.763499][ T5910] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 652.774063][ T5910] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 652.785189][ T5910] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 652.796504][ T5910] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 652.811484][ T5910] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 652.820975][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 652.829034][ T5910] usb 4-1: Product: syz [ 652.833703][ T5910] usb 4-1: Manufacturer: syz [ 652.844859][ T5910] cdc_wdm 4-1:1.0: skipping garbage [ 652.850174][ T5910] cdc_wdm 4-1:1.0: skipping garbage [ 652.857741][ T5910] cdc_wdm 4-1:1.0: cdc-wdm1: USB WDM device [ 652.863944][ T5910] cdc_wdm 4-1:1.0: Unknown control protocol [ 653.237922][ T5881] usb 10-1: USB disconnect, device number 32 [ 653.412093][T17715] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 653.424731][T17715] usb 2-1: USB disconnect, device number 61 [ 654.088064][T23249] loop8: detected capacity change from 0 to 1 [ 654.098792][T23249] Dev loop8: unable to read RDB block 1 [ 654.106244][T23249] loop8: unable to read partition table [ 654.115539][T23249] loop8: partition table beyond EOD, truncated [ 654.136001][T23249] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 654.615910][T17715] usb 9-1: USB disconnect, device number 36 [ 655.008288][T23275] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7546'. [ 655.111550][T23277] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7547'. [ 655.399187][ T5934] usb 4-1: USB disconnect, device number 57 [ 656.447027][T17715] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 656.547211][T23318] netlink: 104 bytes leftover after parsing attributes in process `syz.1.7575'. [ 656.631095][T17715] usb 4-1: Using ep0 maxpacket: 8 [ 656.639350][T23324] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7564'. [ 656.660856][T17715] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 656.683800][T17715] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16 [ 656.718216][T17715] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 656.750828][T17715] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 656.758904][T17715] usb 4-1: Product: syz [ 656.769023][T17715] usb 4-1: Manufacturer: syz [ 656.796372][T17715] usb 4-1: SerialNumber: syz [ 656.872338][T21109] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 656.887404][T21109] CPU: 0 UID: 0 PID: 21109 Comm: kworker/u9:2 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 656.887438][T21109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 656.887453][T21109] Workqueue: hci1 hci_rx_work [ 656.887490][T21109] Call Trace: [ 656.887499][T21109] [ 656.887510][T21109] dump_stack_lvl+0x189/0x250 [ 656.887549][T21109] ? kernfs_path_from_node+0x2c/0x260 [ 656.887583][T21109] ? __pfx_dump_stack_lvl+0x10/0x10 [ 656.887617][T21109] ? __pfx__printk+0x10/0x10 [ 656.887642][T21109] ? kernfs_path_from_node+0x2c/0x260 [ 656.887673][T21109] ? kernfs_path_from_node+0x2c/0x260 [ 656.887708][T21109] ? kernfs_path_from_node+0x22c/0x260 [ 656.887741][T21109] ? kernfs_path_from_node+0x2c/0x260 [ 656.887778][T21109] sysfs_create_dir_ns+0x259/0x280 [ 656.887815][T21109] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 656.887851][T21109] ? do_raw_spin_unlock+0x122/0x240 [ 656.887882][T21109] kobject_add_internal+0x59f/0xb40 [ 656.887915][T21109] kobject_add+0x155/0x220 [ 656.887957][T21109] ? __pfx_kobject_add+0x10/0x10 [ 656.887994][T21109] ? _raw_spin_unlock+0x28/0x50 [ 656.888027][T21109] ? get_device_parent+0x366/0x3a0 [ 656.888060][T21109] device_add+0x408/0xb50 [ 656.888094][T21109] hci_conn_add_sysfs+0xd5/0x1e0 [ 656.888129][T21109] le_conn_complete_evt+0xc3a/0x1220 [ 656.888170][T21109] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 656.888196][T21109] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 656.888244][T21109] ? __pfx___mutex_lock+0x10/0x10 [ 656.888279][T21109] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 656.888311][T21109] ? skb_pull_data+0xfb/0x200 [ 656.888348][T21109] hci_le_enh_conn_complete_evt+0x189/0x470 [ 656.888374][T21109] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 656.888404][T21109] hci_event_packet+0x78f/0x1200 [ 656.888439][T21109] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 656.888465][T21109] ? __pfx_hci_event_packet+0x10/0x10 [ 656.888500][T21109] ? kcov_remote_start+0x4d3/0x7f0 [ 656.888528][T21109] ? local_clock_noinstr+0xe0/0xe0 [ 656.888562][T21109] ? hci_send_to_monitor+0xe2/0x570 [ 656.888591][T21109] hci_rx_work+0x46a/0xe80 [ 656.888632][T21109] ? process_scheduled_works+0x9ef/0x17b0 [ 656.888669][T21109] process_scheduled_works+0xae1/0x17b0 [ 656.888735][T21109] ? __pfx_process_scheduled_works+0x10/0x10 [ 656.888786][T21109] worker_thread+0x8a0/0xda0 [ 656.888824][T21109] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 656.888864][T21109] ? __kthread_parkme+0x7b/0x200 [ 656.888909][T21109] kthread+0x711/0x8a0 [ 656.888937][T21109] ? __pfx_worker_thread+0x10/0x10 [ 656.888970][T21109] ? __pfx_kthread+0x10/0x10 [ 656.888996][T21109] ? _raw_spin_unlock_irq+0x23/0x50 [ 656.889024][T21109] ? lockdep_hardirqs_on+0x9c/0x150 [ 656.889052][T21109] ? __pfx_kthread+0x10/0x10 [ 656.889077][T21109] ret_from_fork+0x3f9/0x770 [ 656.889110][T21109] ? __pfx_ret_from_fork+0x10/0x10 [ 656.889147][T21109] ? __switch_to_asm+0x39/0x70 [ 656.889168][T21109] ? __switch_to_asm+0x33/0x70 [ 656.889188][T21109] ? __pfx_kthread+0x10/0x10 [ 656.889224][T21109] ret_from_fork_asm+0x1a/0x30 [ 656.889267][T21109] [ 656.889299][T21109] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 657.076979][T17715] cdc_ncm 4-1:1.0: bind() failure [ 657.079226][T21109] Bluetooth: hci1: failed to register connection device [ 657.119006][T17715] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 657.266377][T23337] program syz.2.7569 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 657.438197][T17715] cdc_ncm 4-1:1.1: bind() failure [ 657.463813][T17715] usb 4-1: USB disconnect, device number 58 [ 657.729991][T23353] netlink: 408 bytes leftover after parsing attributes in process `syz.3.7578'. [ 657.774240][T23353] netlink: 104 bytes leftover after parsing attributes in process `syz.3.7578'. [ 658.090565][T23361] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7593'. [ 658.112089][T23361] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7593'. [ 658.147315][T23361] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7593'. [ 658.169372][T23361] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7593'. [ 658.910124][T23386] input: syz1 as /devices/virtual/input/input92 [ 658.970865][T17715] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 659.141041][T17715] usb 4-1: Using ep0 maxpacket: 16 [ 659.158574][T17715] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 659.180805][T17715] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 659.200837][T17715] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 659.209074][T17715] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 659.256303][T17715] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 659.274449][T17715] usb 4-1: config 0 has no interface number 0 [ 659.301008][T17715] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 659.312388][T17715] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 659.340983][T17715] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 659.341038][T17715] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 659.410223][T17715] usb 4-1: config 0 interface 125 has no altsetting 0 [ 659.431425][T17715] usb 4-1: config 0 interface 125 has no altsetting 2 [ 659.456937][T17715] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 659.476923][T17715] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 659.495550][T17715] usb 4-1: Product: syz [ 659.516239][T17715] usb 4-1: Manufacturer: syz [ 659.531102][T17715] usb 4-1: SerialNumber: syz [ 659.552068][T17715] usb 4-1: config 0 descriptor?? [ 659.593709][T17715] usb 4-1: selecting invalid altsetting 2 [ 659.931908][ T5910] usb 9-1: new high-speed USB device number 37 using dummy_hcd [ 660.050991][ T5934] usb 2-1: new high-speed USB device number 62 using dummy_hcd [ 660.101122][ T5910] usb 9-1: Using ep0 maxpacket: 32 [ 660.120178][ T5910] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 660.170841][ T5910] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 660.186498][ T5910] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 660.195825][ T5910] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.230351][ T5910] usb 9-1: config 0 descriptor?? [ 660.240488][ T5910] hub 9-1:0.0: USB hub found [ 660.240871][ T5934] usb 2-1: Using ep0 maxpacket: 8 [ 660.272117][ T5934] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 17 [ 660.294352][ T5934] usb 2-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07 [ 660.324638][ T5934] usb 2-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60 [ 660.341175][ T5934] usb 2-1: Product: syz [ 660.345421][ T5934] usb 2-1: Manufacturer: syz [ 660.350054][ T5934] usb 2-1: SerialNumber: syz [ 660.374747][ T5934] usb 2-1: config 0 descriptor?? [ 660.454208][ T5910] hub 9-1:0.0: 1 port detected [ 660.608434][ T5934] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 660.640485][ T5943] usb 4-1: USB disconnect, device number 59 [ 661.070894][ T5910] hub 9-1:0.0: activate --> -90 [ 661.279057][T17715] usb 9-1: USB disconnect, device number 37 [ 661.288731][ T5910] hub 9-1:0.0: hub_ext_port_status failed (err = -71) [ 661.421926][ T5934] gspca_sunplus: reg_w_riv err -71 [ 661.432693][ T5934] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 661.458186][ T5934] usb 2-1: USB disconnect, device number 62 [ 661.537124][T23433] input: syz0 as /devices/virtual/input/input93 [ 661.599576][T23435] netlink: 48 bytes leftover after parsing attributes in process `syz.9.7613'. [ 661.941214][T17715] usb 4-1: new full-speed USB device number 60 using dummy_hcd [ 662.112647][T17715] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 662.134192][T17715] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 662.155062][ T5910] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 662.168651][T17715] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 662.201463][T17715] usb 4-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00 [ 662.221010][T17715] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 662.235971][T17715] usb 4-1: config 0 descriptor?? [ 662.341126][ T5910] usb 3-1: Using ep0 maxpacket: 32 [ 662.349782][ T5910] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 662.366554][ T5910] usb 3-1: config 0 has no interface number 0 [ 662.374209][ T5910] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 662.389254][ T5910] usb 3-1: config 0 interface 85 has no altsetting 0 [ 662.405851][ T5910] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 662.417719][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.426388][ T5910] usb 3-1: Product: syz [ 662.430693][ T5910] usb 3-1: Manufacturer: syz [ 662.436568][ T5910] usb 3-1: SerialNumber: syz [ 662.446818][ T5910] usb 3-1: config 0 descriptor?? [ 662.660304][T17715] ntrig 0003:1B96:0009.0056: hidraw0: USB HID v0.00 Device [HID 1b96:0009] on usb-dummy_hcd.3-1/input0 [ 662.860930][T17715] ntrig 0003:1B96:0009.0056: Firmware version: 2.3.14.45.6 (cd15 bed5) [ 663.060546][ T5910] appletouch 3-1:0.85: Geyser mode initialized. [ 663.081428][ T5910] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input94 [ 663.097308][ T5943] usb 4-1: USB disconnect, device number 60 [ 663.270670][ T5881] usb 3-1: USB disconnect, device number 15 [ 663.281476][ T5934] usb 2-1: new high-speed USB device number 63 using dummy_hcd [ 663.294410][ T5881] appletouch 3-1:0.85: input: appletouch disconnected [ 663.450903][ T5934] usb 2-1: Using ep0 maxpacket: 16 [ 663.458563][ T5934] usb 2-1: config index 0 descriptor too short (expected 16456, got 72) [ 663.467156][ T5934] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 663.476281][ T5934] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 663.485515][ T5934] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 663.493852][ T5934] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 663.503032][ T5934] usb 2-1: config 0 has no interface number 0 [ 663.509214][ T5934] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 663.520827][ T5934] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 663.530848][ T5934] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 663.540845][ T5934] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 663.554084][ T5934] usb 2-1: config 0 interface 125 has no altsetting 0 [ 663.561010][ T5934] usb 2-1: config 0 interface 125 has no altsetting 2 [ 663.570117][ T5934] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 663.579351][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 663.587547][ T5934] usb 2-1: Product: syz [ 663.591891][ T5934] usb 2-1: Manufacturer: syz [ 663.596497][ T5934] usb 2-1: SerialNumber: syz [ 663.604154][ T5934] usb 2-1: config 0 descriptor?? [ 663.611978][ T5934] usb 2-1: selecting invalid altsetting 2 [ 664.184078][T23490] sctp: [Deprecated]: syz.3.7639 (pid 23490) Use of struct sctp_assoc_value in delayed_ack socket option. [ 664.184078][T23490] Use struct sctp_sack_info instead [ 664.684989][ T5934] usb 2-1: USB disconnect, device number 63 [ 665.592271][T23527] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7655'. [ 666.832603][T23559] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 666.837045][T23561] binder: 23560:23561 ioctl c0306201 2000000003c0 returned -14 [ 666.871251][ T5910] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 667.044176][ T5910] usb 3-1: Using ep0 maxpacket: 16 [ 667.059834][ T5910] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 667.069941][ T5910] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 667.089619][ T5910] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 667.098612][ T5910] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 667.108135][ T5910] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 667.128237][ T5910] usb 3-1: config 0 has no interface number 0 [ 667.135708][ T5910] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 667.147561][ T5910] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 667.158248][ T5910] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 667.181003][ T5910] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 667.194466][ T5910] usb 3-1: config 0 interface 125 has no altsetting 0 [ 667.201607][ T5910] usb 3-1: config 0 interface 125 has no altsetting 2 [ 667.241943][ T5910] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 667.251241][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 667.253324][T23575] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 667.259910][ T5910] usb 3-1: Product: syz [ 667.275357][ T5910] usb 3-1: Manufacturer: syz [ 667.276407][T23575] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 667.279999][ T5910] usb 3-1: SerialNumber: syz [ 667.321843][ T5910] usb 3-1: config 0 descriptor?? [ 667.337364][ T5910] usb 3-1: selecting invalid altsetting 2 [ 667.782865][T23592] Invalid ELF header magic: != ELF [ 668.436119][T17715] usb 3-1: USB disconnect, device number 16 [ 668.560871][ T5910] usb 2-1: new full-speed USB device number 64 using dummy_hcd [ 668.590702][T23617] netlink: 830 bytes leftover after parsing attributes in process `syz.9.7694'. [ 668.713103][ T5910] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 668.713159][ T5910] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 668.713187][ T5910] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 668.727409][ T5910] usb 2-1: config 0 descriptor?? [ 668.728165][T23612] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 668.824446][T23623] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 669.128599][T23635] input: syz0 as /devices/virtual/input/input95 [ 669.183530][ T5910] elan 0003:04F3:0755.0057: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0 [ 669.378314][ T5910] usb 2-1: USB disconnect, device number 64 [ 669.651353][ T5934] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 669.842929][ T5934] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 669.860522][ T5934] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 670.000879][ T5934] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 670.045882][ T5934] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 670.090680][ T5934] usb 4-1: config 0 descriptor?? [ 670.518827][ T5934] cp2112 0003:10C4:EA90.0058: unknown main item tag 0x0 [ 670.542308][ T5934] cp2112 0003:10C4:EA90.0058: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 670.718628][ T5934] cp2112 0003:10C4:EA90.0058: Part Number: 0x82 Device Version: 0xFE [ 670.917704][T23675] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7720'. [ 671.052961][T23675] netlink: 12 bytes leftover after parsing attributes in process `syz.8.7720'. [ 671.183219][ T5934] cp2112 0003:10C4:EA90.0058: error setting SMBus config [ 671.209291][ T5934] cp2112 0003:10C4:EA90.0058: probe with driver cp2112 failed with error -71 [ 671.230631][ T5934] usb 4-1: USB disconnect, device number 61 [ 671.249797][T23682] netlink: 'syz.1.7724': attribute type 3 has an invalid length. [ 671.259747][T23682] netlink: 64 bytes leftover after parsing attributes in process `syz.1.7724'. [ 671.317072][T23686] tipc: Started in network mode [ 671.322490][T23686] tipc: Node identity ff55, cluster identity 4711 [ 671.332647][T23686] tipc: Enabling of bearer rejected, failed to enable media [ 671.455796][T23679] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 671.474206][T23679] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 671.520925][T23679] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 671.532061][T23679] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 671.538504][T23679] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 671.567147][T23679] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 671.582133][T23679] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 671.597279][T23679] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 671.604729][T23679] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 671.625014][T23679] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 671.905309][T23712] tipc: Started in network mode [ 671.910267][T23712] tipc: Node identity 7f000001, cluster identity 4711 [ 671.927900][T23712] tipc: New replicast peer: 0.0.0.0 [ 671.934166][T23712] tipc: Enabled bearer , priority 10 [ 672.402508][T23731] vxcan3: entered allmulticast mode [ 673.050881][ T5910] tipc: Node number set to 2130706433 [ 673.410301][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 673.561182][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 673.641073][ T5835] Bluetooth: hci3: command 0x0419 tx timeout [ 674.588496][ T5934] usb 2-1: new high-speed USB device number 65 using dummy_hcd [ 674.610229][T23821] input: syz1 as /devices/virtual/input/input96 [ 674.761236][ T5934] usb 2-1: Using ep0 maxpacket: 16 [ 674.771288][ T5934] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 674.786594][ T5934] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 674.819192][ T5934] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 674.840924][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 674.870290][ T5934] usb 2-1: Product: syz [ 674.879735][ T5934] usb 2-1: Manufacturer: syz [ 674.904343][ T5934] usb 2-1: SerialNumber: syz [ 675.381250][ T5934] usb 2-1: USB disconnect, device number 65 [ 675.481162][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 675.489236][ T5910] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 675.509670][ T5910] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 675.640965][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 675.649191][ T5910] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 675.655391][ T5910] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 675.721272][ T5835] Bluetooth: hci3: command 0x0419 tx timeout [ 675.839876][T23858] netem: incorrect gi model size [ 675.875335][T23858] netem: change failed [ 676.646590][T23889] tap0: tun_chr_ioctl cmd 1074025675 [ 676.656922][T23889] tap0: persist enabled [ 676.662518][T23889] tap0: tun_chr_ioctl cmd 1074025675 [ 676.668134][T23889] tap0: persist enabled [ 676.860918][ T5934] usb 9-1: new high-speed USB device number 38 using dummy_hcd [ 677.024964][ T5934] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 677.049596][ T5934] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 677.061985][ T5934] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 677.082174][ T5934] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 677.111541][ T5934] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.135760][ T5934] usb 9-1: config 0 descriptor?? [ 677.326051][T23910] netlink: 84 bytes leftover after parsing attributes in process `syz.3.7813'. [ 677.563934][ T5934] plantronics 0003:047F:FFFF.0059: ignoring exceeding usage max [ 677.588669][ T5934] plantronics 0003:047F:FFFF.0059: No inputs registered, leaving [ 677.687943][ T5934] plantronics 0003:047F:FFFF.0059: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 677.738020][T23922] program syz.2.7819 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 677.751187][ T8949] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 677.800943][ T5835] Bluetooth: hci3: command 0x0419 tx timeout [ 677.808265][ T5910] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 677.833278][T17717] usb 9-1: USB disconnect, device number 38 [ 677.856437][ T5910] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 677.931110][ T8949] usb 4-1: Using ep0 maxpacket: 8 [ 677.942872][ T8949] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 677.959680][ T8949] usb 4-1: config 179 has no interface number 0 [ 677.966731][ T8949] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 678.005422][ T8949] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 678.022676][ T8949] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 678.044300][ T8949] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 678.070111][ T8949] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 678.100999][ T8949] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 678.117897][ T8949] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.147011][T23916] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 678.387524][T23916] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 678.402369][T23916] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 678.461479][ T5934] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 678.624070][ T8949] usb 4-1: USB disconnect, device number 62 [ 678.624133][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 678.630474][ T5934] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 678.638423][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 678.657269][ C1] vkms_vblank_simulate: vblank timer overrun [ 678.658479][ T5934] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 678.687007][ T5934] usb 3-1: Product: syz [ 678.691659][ T5934] usb 3-1: Manufacturer: syz [ 678.696367][ T5934] usb 3-1: SerialNumber: syz [ 678.704250][ T5934] usb 3-1: config 0 descriptor?? [ 678.811028][ T5943] usb 10-1: new full-speed USB device number 33 using dummy_hcd [ 678.918440][ T5934] usb 3-1: ignoring: probably an ADSL modem [ 678.983051][ T5943] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 678.994688][ T5943] usb 10-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 679.004726][ T5943] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 679.016706][ T5943] usb 10-1: config 0 descriptor?? [ 679.023858][T23946] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22 [ 679.320362][ T5934] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 679.444371][ T5943] elan 0003:04F3:0755.005A: unknown main item tag 0x0 [ 679.461165][ T5943] elan 0003:04F3:0755.005A: unknown main item tag 0x0 [ 679.470976][ T5943] elan 0003:04F3:0755.005A: unknown main item tag 0x0 [ 679.477858][ T5943] elan 0003:04F3:0755.005A: unknown main item tag 0x0 [ 679.485433][ T5943] elan 0003:04F3:0755.005A: unknown main item tag 0x0 [ 679.495755][ T5943] elan 0003:04F3:0755.005A: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.9-1/input0 [ 679.501022][ T8949] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 679.648280][T17717] usb 10-1: USB disconnect, device number 33 [ 679.706844][ T8949] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 679.718374][ T8949] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 679.740900][ T8949] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 679.751166][ T8949] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 679.770879][ T8949] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 679.780154][ T8949] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 679.793129][ T8949] usb 4-1: config 0 descriptor?? [ 679.921084][ T5943] usb 9-1: new high-speed USB device number 39 using dummy_hcd [ 680.004947][ T8949] hdpvr 4-1:0.0: firmware version 0xd dated jl;S11!vOp [ 680.004947][ T8949] 4(r [ 680.004947][ T8949] d2}d~٭^r [ 680.110872][ T5943] usb 9-1: Using ep0 maxpacket: 32 [ 680.122590][ T5943] usb 9-1: config index 0 descriptor too short (expected 35577, got 27) [ 680.140804][ T5943] usb 9-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 680.149492][ T5943] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 680.200942][ T5943] usb 9-1: config 1 has no interface number 0 [ 680.207146][ T5943] usb 9-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 680.251536][ T5943] usb 9-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 680.300898][ T5943] usb 9-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 680.310025][ T5943] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 680.354278][ T5943] snd_usb_pod 9-1:1.1: Line 6 Pocket POD found [ 680.473468][ T8949] hdpvr 4-1:0.0: Could not setup controls [ 680.479972][ T8949] hdpvr 4-1:0.0: registering videodev failed [ 680.499822][ T8949] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -71 [ 680.516679][ T8949] usb 4-1: USB disconnect, device number 63 [ 680.549981][ T5943] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now attached [ 680.553154][T17717] usb 10-1: new low-speed USB device number 34 using dummy_hcd [ 680.622999][T23979] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present [ 680.632695][T23979] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1) [ 680.717319][T17717] usb 10-1: config 0 has an invalid interface number: 1 but max is 0 [ 680.725763][T17717] usb 10-1: config 0 has no interface number 0 [ 680.732121][T17717] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 680.744998][T17717] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 680.756610][T17717] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 680.766278][T17717] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 680.779547][T17717] usb 10-1: config 0 descriptor?? [ 680.785723][T23975] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22 [ 680.802235][T17717] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 680.979451][ T5943] usb 9-1: USB disconnect, device number 39 [ 680.987966][ T5943] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now disconnected [ 681.006382][ T5934] usb 10-1: USB disconnect, device number 34 [ 681.220403][ T5934] usb 3-1: USB disconnect, device number 17 [ 681.851344][T17717] usb 9-1: new high-speed USB device number 40 using dummy_hcd [ 682.067950][T17717] usb 9-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 682.081946][T17717] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 682.116391][T17717] usb 9-1: config 0 descriptor?? [ 682.127958][T17717] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 682.418222][T24040] tap0: tun_chr_ioctl cmd 1074025675 [ 682.434122][T24040] tap0: persist enabled [ 682.441941][T24040] tap0: tun_chr_ioctl cmd 1074025675 [ 682.456045][T24040] tap0: persist enabled [ 682.554606][T17717] cpia1 9-1:0.0: unexpected state after lo power cmd: 00 [ 682.955808][T17717] gspca_cpia1: usb_control_msg 02, error -32 [ 682.975904][T17717] gspca_cpia1: usb_control_msg 02, error -71 [ 683.012302][T17717] cpia1 9-1:0.0: only firmware version 1 is supported (got: 0) [ 683.045049][T17717] usb 9-1: USB disconnect, device number 40 [ 684.756629][T24140] program syz.1.7915 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 685.230342][T24163] netlink: 596 bytes leftover after parsing attributes in process `syz.3.7921'. [ 685.255287][T24164] netlink: 'syz.9.7924': attribute type 1 has an invalid length. [ 685.277271][T24164] netlink: 168864 bytes leftover after parsing attributes in process `syz.9.7924'. [ 685.287548][T24156] netlink: 'syz.3.7921': attribute type 29 has an invalid length. [ 685.308422][T24160] netlink: 'syz.3.7921': attribute type 29 has an invalid length. [ 685.366033][T24166] pim6reg: entered allmulticast mode [ 685.478783][T24166] pim6reg: left allmulticast mode [ 685.522598][T24172] input: syz1 as /devices/virtual/input/input97 [ 686.013836][ T5934] usb 2-1: new full-speed USB device number 66 using dummy_hcd [ 686.144787][T24193] IPVS: ovf: UDP 224.0.0.2:20004 - no destination available [ 686.152519][ T8949] IPVS: starting estimator thread 0... [ 686.201092][ T5934] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 686.235648][ T5934] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 686.258130][T24199] IPVS: using max 26 ests per chain, 62400 per kthread [ 686.269321][ T5934] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 686.285829][ T5934] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 686.298973][ T5934] usb 2-1: config 0 descriptor?? [ 686.317761][ T5934] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 686.351802][ T5934] dvb-usb: bulk message failed: -22 (3/0) [ 686.392110][ T5934] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 686.417710][ T5934] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 686.436654][ T5934] usb 2-1: media controller created [ 686.447307][ T5934] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 686.485841][ T5934] dvb-usb: bulk message failed: -22 (6/0) [ 686.521093][ T5934] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 686.546093][ T5934] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input98 [ 686.594480][ T5934] dvb-usb: schedule remote query interval to 150 msecs. [ 686.602347][ T5934] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 686.775048][ T5934] dvb-usb: bulk message failed: -22 (1/0) [ 686.789879][ T5934] dvb-usb: error while querying for an remote control event. [ 686.881034][T17717] usb 2-1: USB disconnect, device number 66 [ 686.916085][T17717] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 687.001142][ T8949] usb 10-1: new high-speed USB device number 35 using dummy_hcd [ 687.170917][ T8949] usb 10-1: Using ep0 maxpacket: 8 [ 687.187501][ T8949] usb 10-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 687.204404][ T8949] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.215585][ T8949] usb 10-1: Product: syz [ 687.226107][ T8949] usb 10-1: Manufacturer: syz [ 687.235712][ T8949] usb 10-1: SerialNumber: syz [ 687.246717][ T8949] usb 10-1: config 0 descriptor?? [ 687.258136][ T8949] gspca_main: se401-2.14.0 probing 047d:5003 [ 687.388046][T24236] Invalid source name [ 687.527871][T24238] syz_tun: entered promiscuous mode [ 687.534841][T24238] macsec1: entered promiscuous mode [ 687.540844][ T5934] usb 9-1: new high-speed USB device number 41 using dummy_hcd [ 687.541073][T24238] macsec1: entered allmulticast mode [ 687.554410][T24238] syz_tun: entered allmulticast mode [ 687.569062][T24238] syz_tun: left allmulticast mode [ 687.575540][T24238] syz_tun: left promiscuous mode [ 687.673275][ T8949] gspca_se401: Frame size: 0x0 1/16th janggu [ 687.714316][ T5934] usb 9-1: config index 0 descriptor too short (expected 23569, got 27) [ 687.728725][ T5934] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 687.746322][ T5934] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 687.755802][ T5934] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 687.764334][ T5934] usb 9-1: Manufacturer: syz [ 687.773074][ T5934] usb 9-1: config 0 descriptor?? [ 687.854559][ T5934] rc_core: IR keymap rc-hauppauge not found [ 687.866674][ T5934] Registered IR keymap rc-empty [ 687.874761][ T5934] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0 [ 687.876607][ T8949] input: se401 as /devices/platform/dummy_hcd.9/usb10/10-1/input/input100 [ 687.888735][ T5934] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input99 [ 687.905167][ T5881] usb 2-1: new high-speed USB device number 67 using dummy_hcd [ 687.935080][ T8949] usb 10-1: USB disconnect, device number 35 [ 687.984344][ C0] igorplugusb 9-1:0.0: Error: urb status = -32 [ 687.993080][T17717] usb 9-1: USB disconnect, device number 41 [ 688.081015][ T5881] usb 2-1: Using ep0 maxpacket: 8 [ 688.088259][ T5881] usb 2-1: config 0 has an invalid descriptor of length 44, skipping remainder of the config [ 688.098654][ T5881] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 688.111740][ T5881] usb 2-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00 [ 688.120979][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 688.131377][ T5881] usb 2-1: config 0 descriptor?? [ 688.343876][T24242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 688.352966][T24242] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 688.566496][ T5881] usb 2-1: string descriptor 0 read error: -71 [ 688.593052][ T5881] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 688.635697][ T5881] usb 2-1: USB disconnect, device number 67 [ 688.691177][T24253] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 688.862477][T24264] Trying to write to read-only block-device nullb0 [ 689.452760][T24296] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7981'. [ 689.854713][T24311] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 690.931666][ T5934] usb 10-1: new high-speed USB device number 36 using dummy_hcd [ 691.110955][ T5934] usb 10-1: Using ep0 maxpacket: 32 [ 691.118470][ T5934] usb 10-1: config 0 has an invalid interface number: 2 but max is 0 [ 691.128586][ T5934] usb 10-1: config 0 has no interface number 0 [ 691.135029][ T5934] usb 10-1: config 0 interface 2 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 691.146988][ T5934] usb 10-1: config 0 interface 2 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 691.157344][ T5934] usb 10-1: config 0 interface 2 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 691.170677][ T5934] usb 10-1: config 0 interface 2 has no altsetting 0 [ 691.177568][ T5934] usb 10-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 691.187157][ T5934] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.198718][ T5934] usb 10-1: config 0 descriptor?? [ 691.611601][ T5934] uclogic 0003:5543:0781.005B: unknown main item tag 0x0 [ 691.629672][ T5934] uclogic 0003:5543:0781.005B: unknown main item tag 0x0 [ 691.637717][ T5934] uclogic 0003:5543:0781.005B: unknown main item tag 0x0 [ 691.649259][ T5934] uclogic 0003:5543:0781.005B: unknown main item tag 0x0 [ 691.657651][ T5934] uclogic 0003:5543:0781.005B: unknown main item tag 0x0 [ 691.665167][ T5934] uclogic 0003:5543:0781.005B: unknown main item tag 0x0 [ 691.672494][ T5934] uclogic 0003:5543:0781.005B: unknown main item tag 0x0 [ 691.680567][ T5934] uclogic 0003:5543:0781.005B: No inputs registered, leaving [ 691.690575][ T5934] uclogic 0003:5543:0781.005B: hidraw0: USB HID v0.07 Device [HID 5543:0781] on usb-dummy_hcd.9-1/input2 [ 691.828227][T17717] usb 10-1: USB disconnect, device number 36 [ 692.377088][ T30] audit: type=1326 audit(1749016202.323:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24372 comm="syz.2.8013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7fc00000 [ 692.398685][ C1] vkms_vblank_simulate: vblank timer overrun [ 692.481788][T24402] loop4: detected capacity change from 0 to 524288000 [ 692.825311][T24420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8035'. [ 692.839464][T24420] netlink: 'syz.3.8035': attribute type 1 has an invalid length. [ 692.847956][T24420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8035'. [ 693.181168][ T5934] usb 2-1: new high-speed USB device number 68 using dummy_hcd [ 693.205900][T24435] IPv6: Can't replace route, no match found [ 693.337277][ T30] audit: type=1326 audit(1749016203.283:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24439 comm="syz.8.8044" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f22a4b8e969 code=0x0 [ 693.361110][ T5934] usb 2-1: Using ep0 maxpacket: 32 [ 693.368131][ T5934] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 693.376917][ T5934] usb 2-1: config 0 has no interface number 0 [ 693.386796][ T5934] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 693.411116][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 693.419221][ T5934] usb 2-1: Product: syz [ 693.423725][ T5934] usb 2-1: Manufacturer: syz [ 693.428370][ T5934] usb 2-1: SerialNumber: syz [ 693.466936][ T5934] usb 2-1: config 0 descriptor?? [ 693.479139][ T5934] smsc95xx v2.0.0 [ 693.573293][T24452] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8048'. [ 693.592273][T24452] vlan2: entered promiscuous mode [ 693.597608][T24452] batadv0: entered promiscuous mode [ 693.801700][ T5881] usb 10-1: new high-speed USB device number 37 using dummy_hcd [ 693.973218][ T5881] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 693.983023][ T5881] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 694.010140][ T5881] usb 10-1: config 0 descriptor?? [ 694.019667][ T5881] cp210x 10-1:0.0: cp210x converter detected [ 694.425890][ T5881] cp210x 10-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 694.500403][ T5934] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 694.512642][ T5934] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 694.523555][ T5934] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 694.535240][ T5934] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71 [ 694.556844][ T5934] usb 2-1: USB disconnect, device number 68 [ 694.642959][ T5881] usb 10-1: cp210x converter now attached to ttyUSB0 [ 694.848584][T17717] usb 10-1: USB disconnect, device number 37 [ 694.874395][T17717] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 694.891364][ T5835] block nbd3: Receive control failed (result -32) [ 694.891982][T24464] block nbd3: shutting down sockets [ 694.928299][T17717] cp210x 10-1:0.0: device disconnected [ 694.951308][T24478] syzkaller1: entered promiscuous mode [ 694.959872][T24478] syzkaller1: entered allmulticast mode [ 695.383259][ T30] audit: type=1326 audit(1749016205.323:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24496 comm="syz.2.8071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 695.401215][T17717] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 695.450955][ T30] audit: type=1326 audit(1749016205.323:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24496 comm="syz.2.8071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 695.516376][ T30] audit: type=1326 audit(1749016205.323:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24496 comm="syz.2.8071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 695.551494][ T30] audit: type=1326 audit(1749016205.323:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24496 comm="syz.2.8071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 695.570916][T17717] usb 4-1: Using ep0 maxpacket: 32 [ 695.586031][T17717] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 695.598334][T17717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 695.615282][T17717] usb 4-1: config 0 descriptor?? [ 695.831501][T17717] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 695.845094][T17717] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 695.857082][T17717] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 695.867931][T17717] usb 4-1: media controller created [ 695.909660][T17717] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 696.651649][T17717] az6027: usb out operation failed. (-71) [ 696.662189][T17717] stb0899_attach: Driver disabled by Kconfig [ 696.675020][T17717] az6027: no front-end attached [ 696.675020][T17717] [ 696.685338][T17717] az6027: usb out operation failed. (-71) [ 696.696063][T17717] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 696.708893][T17717] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input101 [ 696.728068][T17717] dvb-usb: schedule remote query interval to 400 msecs. [ 696.735941][T17717] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 696.754242][T17717] usb 4-1: USB disconnect, device number 64 [ 696.823950][T17717] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 697.267204][T24563] netlink: 'syz.9.8098': attribute type 4 has an invalid length. [ 697.608610][ T30] audit: type=1326 audit(1749016207.553:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84078e969 code=0x7ffc0000 [ 697.679245][ T30] audit: type=1326 audit(1749016207.553:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84078e969 code=0x7ffc0000 [ 697.721762][ T30] audit: type=1326 audit(1749016207.553:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe84072ab39 code=0x7ffc0000 [ 697.793423][ T30] audit: type=1326 audit(1749016207.553:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84078e969 code=0x7ffc0000 [ 697.874821][ T30] audit: type=1326 audit(1749016207.553:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84078e969 code=0x7ffc0000 [ 697.917012][ T30] audit: type=1326 audit(1749016207.553:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84078e969 code=0x7ffc0000 [ 698.018591][ T30] audit: type=1326 audit(1749016207.593:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe84072ab39 code=0x7ffc0000 [ 698.068322][ T30] audit: type=1326 audit(1749016207.593:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe84072ab39 code=0x7ffc0000 [ 698.093425][ T30] audit: type=1326 audit(1749016207.593:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe84072ab39 code=0x7ffc0000 [ 698.124721][ T30] audit: type=1326 audit(1749016207.593:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.3.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe84072ab39 code=0x7ffc0000 [ 698.190162][T24594] batadv_slave_1: entered promiscuous mode [ 698.214519][T24593] batadv_slave_1: left promiscuous mode [ 698.403713][T24606] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 698.735921][T24627] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8124'. [ 699.322845][ T5934] usb 10-1: new high-speed USB device number 38 using dummy_hcd [ 699.492822][ T5934] usb 10-1: Using ep0 maxpacket: 16 [ 699.506993][ T5934] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 699.518792][ T5934] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 699.528935][ T5934] usb 10-1: config 0 interface 0 has no altsetting 0 [ 699.535774][ T5934] usb 10-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 699.547433][ T5934] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 699.558762][ T5934] usb 10-1: config 0 descriptor?? [ 699.730991][ T5881] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 699.748827][T24655] netlink: 156 bytes leftover after parsing attributes in process `syz.2.8137'. [ 699.759227][T24655] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8137'. [ 699.840098][T24657] sg_write: data in/out 35677/2 bytes for SCSI command 0x0-- guessing data in; [ 699.840098][T24657] program syz.8.8138 not setting count and/or reply_len properly [ 699.906881][ T5881] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 699.923756][ T5881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 699.938643][ T5881] usb 4-1: Product: syz [ 699.946020][ T5881] usb 4-1: Manufacturer: syz [ 699.950795][ T5881] usb 4-1: SerialNumber: syz [ 699.972508][ T5881] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 699.990165][ T5934] hid (null): unknown global tag 0xd [ 700.020167][ T5934] hid (null): global environment stack underflow [ 700.029820][ T5934] hid (null): unknown global tag 0xd [ 700.037629][ T5934] hid (null): invalid report_size 20669 [ 700.043721][ T5943] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 700.078116][T24667] netlink: 64 bytes leftover after parsing attributes in process `syz.8.8142'. [ 700.188522][ T5934] usb 10-1: USB disconnect, device number 38 [ 700.511043][ T8949] usb 9-1: new high-speed USB device number 42 using dummy_hcd [ 700.668417][ T5934] usb 4-1: USB disconnect, device number 65 [ 700.743572][ T8949] usb 9-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 700.765328][ T8949] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 700.798790][ T8949] usb 9-1: config 0 descriptor?? [ 700.824320][ T8949] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 701.086436][T24695] Bluetooth: hci0: expected 2 bytes, got 7 bytes [ 701.134188][T24697] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 701.229568][ T8949] cpia1 9-1:0.0: unexpected state after lo power cmd: 00 [ 701.326226][ T5943] usb 4-1: Service connection timeout for: 256 [ 701.351091][ T5943] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services [ 701.381779][ T5943] ath9k_htc: Failed to initialize the device [ 701.390301][ T5934] usb 4-1: ath9k_htc: USB layer deinitialized [ 701.633160][ T8949] gspca_cpia1: usb_control_msg 02, error -71 [ 701.649647][ T8949] gspca_cpia1: usb_control_msg 05, error -71 [ 701.659635][ T8949] cpia1 9-1:0.0: unexpected systemstate: 00 [ 701.711008][ T8949] usb 9-1: USB disconnect, device number 42 [ 701.998955][T24725] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8166'. [ 702.049393][T24729] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8166'. [ 702.211061][ T8949] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 702.408794][ T8949] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 702.469885][ T8949] usb 3-1: config 1 has no interface number 0 [ 702.486214][ T8949] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 702.559347][ T8949] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 702.584104][ T8949] usb 3-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 702.635365][ T8949] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 702.667072][ T8949] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 702.704674][ T8949] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 702.712567][T24755] loop2: detected capacity change from 0 to 7 [ 702.724464][ T8949] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 702.738629][T24755] Dev loop2: unable to read RDB block 7 [ 702.756379][ T8949] usb 3-1: Product: syz [ 702.758754][T24755] loop2: unable to read partition table [ 702.760626][ T8949] usb 3-1: Manufacturer: syz [ 702.792773][ T8949] usb 3-1: SerialNumber: syz [ 702.794494][T24755] loop2: partition table beyond EOD, truncated [ 702.821817][T24755] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 702.981266][T24764] syzkaller1: entered promiscuous mode [ 703.009965][T24764] syzkaller1: entered allmulticast mode [ 703.016444][T24723] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 703.435067][T17717] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 703.451848][T24785] netlink: 'syz.8.8188': attribute type 8 has an invalid length. [ 703.470068][T24785] bridge0: entered allmulticast mode [ 703.610956][T17717] usb 4-1: Using ep0 maxpacket: 8 [ 703.623079][T17717] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 703.654951][T17717] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 703.671513][T24723] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 703.680924][T17717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 703.703721][ T8949] cdc_ncm 3-1:1.1: bind() failure [ 703.722948][T17717] usb 4-1: config 0 descriptor?? [ 703.869499][T24795] syzkaller1: entered promiscuous mode [ 703.875253][T24795] syzkaller1: entered allmulticast mode [ 703.904803][ T5943] usb 3-1: USB disconnect, device number 18 [ 703.932226][T17717] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 704.137032][ T5943] usb 4-1: USB disconnect, device number 66 [ 704.610471][ T30] kauditd_printk_skb: 71 callbacks suppressed [ 704.610486][ T30] audit: type=1326 audit(1749016214.553:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24821 comm="syz.2.8204" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f662bf8e969 code=0x0 [ 704.775281][T24834] veth1_to_team: entered promiscuous mode [ 704.793849][T24832] veth1_to_team: left promiscuous mode [ 704.975728][T24848] sctp: [Deprecated]: syz.3.8215 (pid 24848) Use of int in max_burst socket option. [ 704.975728][T24848] Use struct sctp_assoc_value instead [ 705.510859][ T5943] usb 9-1: new high-speed USB device number 43 using dummy_hcd [ 705.671008][ T5943] usb 9-1: Using ep0 maxpacket: 8 [ 705.698710][ T5943] usb 9-1: config 150 has an invalid interface number: 204 but max is 1 [ 705.725936][T24876] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 705.726502][ T5943] usb 9-1: config 150 has no interface number 0 [ 705.749306][ T5943] usb 9-1: config 150 interface 204 has no altsetting 0 [ 705.767085][ T5943] usb 9-1: config 150 interface 1 has no altsetting 0 [ 705.788859][ T5943] usb 9-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 705.806736][ T5943] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 705.830625][ T5943] usb 9-1: Product: syz [ 705.852419][ T5943] usb 9-1: Manufacturer: syz [ 705.867283][ T5943] usb 9-1: SerialNumber: syz [ 705.968132][T24887] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 706.025995][T24887] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 706.095208][ T5943] xr_serial 9-1:150.204: xr_serial converter detected [ 706.300909][T17717] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 706.453277][T17717] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 706.453307][T17717] usb 3-1: config 0 has no interfaces? [ 706.453341][T17717] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 706.453369][T17717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 706.456055][T17717] usb 3-1: config 0 descriptor?? [ 706.735735][ T59] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.827185][ T5910] usb 3-1: USB disconnect, device number 19 [ 706.866765][ T59] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.899355][ T5943] xr_serial ttyUSB0: Failed to set reg 0x0e: -71 [ 706.899418][ T5943] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 706.918374][ T5943] usb 9-1: USB disconnect, device number 43 [ 706.920164][ T5943] xr_serial 9-1:150.204: device disconnected [ 706.983732][ T59] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.098438][ T59] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.285163][ T59] vlan2: left allmulticast mode [ 707.290102][ T59] dummy0: left allmulticast mode [ 707.314499][ T59] vlan2: left promiscuous mode [ 707.329676][ T59] dummy0: left promiscuous mode [ 707.341434][ T59] bridge0: port 3(vlan2) entered disabled state [ 707.368746][ T59] bridge_slave_1: left allmulticast mode [ 707.385216][ T59] bridge_slave_1: left promiscuous mode [ 707.406204][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 707.504115][ T59] bridge_slave_0: left allmulticast mode [ 707.509840][ T59] bridge_slave_0: left promiscuous mode [ 707.537775][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 707.897397][T21109] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 707.909318][T21109] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 707.928343][T21109] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 707.940597][T21109] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 707.954033][T21109] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 707.989525][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 708.004322][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 708.022766][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 708.045944][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 708.079484][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 708.226699][ T59] bond0 (unregistering): left promiscuous mode [ 708.233181][ T59] bond_slave_0: left promiscuous mode [ 708.238746][ T59] bond_slave_1: left promiscuous mode [ 708.248854][ T5910] usb 2-1: new high-speed USB device number 69 using dummy_hcd [ 708.275060][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 708.285320][ T59] bond_slave_0: left allmulticast mode [ 708.294253][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 708.304826][ T59] bond_slave_1: left allmulticast mode [ 708.314042][ T59] bond0 (unregistering): Released all slaves [ 708.451809][ T5910] usb 2-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 708.476857][ T5910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.499682][ T5910] usb 2-1: Product: syz [ 708.509294][ T5910] usb 2-1: Manufacturer: syz [ 708.523393][ T5910] usb 2-1: SerialNumber: syz [ 708.547295][ T5910] usb 2-1: config 0 descriptor?? [ 709.070016][ T59] hsr_slave_0: left promiscuous mode [ 709.078885][ T59] hsr_slave_1: left promiscuous mode [ 709.095025][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 709.105808][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 709.118155][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 709.126013][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 709.187495][ T59] veth1_macvtap: left promiscuous mode [ 709.193868][ T59] veth0_macvtap: left allmulticast mode [ 709.199932][ T59] veth0_macvtap: left promiscuous mode [ 709.205982][ T59] veth1_vlan: left promiscuous mode [ 709.208950][T24953] netlink: 48 bytes leftover after parsing attributes in process `syz.8.8259'. [ 709.215473][ T59] veth0_vlan: left promiscuous mode [ 709.411055][ T5934] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 709.448524][T24960] netlink: 104 bytes leftover after parsing attributes in process `syz.3.8262'. [ 709.576119][ T5934] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 709.589558][ T5934] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.611096][ T5934] usb 3-1: config 0 descriptor?? [ 709.633129][ T5934] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 710.040959][ T5934] cpia1 3-1:0.0: unexpected state after lo power cmd: 00 [ 710.086411][ T59] team0 (unregistering): Port device team_slave_1 removed [ 710.125765][ T5835] Bluetooth: hci1: command tx timeout [ 710.193633][ T59] team0 (unregistering): Port device team_slave_0 removed [ 710.661433][ T5934] gspca_cpia1: usb_control_msg 05, error -71 [ 710.667491][ T5934] cpia1 3-1:0.0: unexpected systemstate: 00 [ 710.705750][ T5934] usb 3-1: USB disconnect, device number 20 [ 711.287447][ T5910] usb 2-1: f81604_read: reg: 100f failed: -EPROTO [ 711.415519][T24999] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8279'. [ 711.429486][ T5910] usb 2-1: f81604_read: reg: 200f failed: -EPROTO [ 711.439656][ T5910] usb 2-1: USB disconnect, device number 69 [ 711.440136][T24922] chnl_net:caif_netlink_parms(): no params data found [ 711.558389][ T5910] usb 2-1: f81604_read: reg: 100f failed: -ENODEV [ 711.758257][ T5910] usb 2-1: f81604_read: reg: 200f failed: -ENODEV [ 711.789489][T25012] tipc: Cannot configure node identity twice [ 711.796078][T25012] tipc: Cannot configure node identity twice [ 712.107470][T24922] bridge0: port 1(bridge_slave_0) entered blocking state [ 712.124320][T24922] bridge0: port 1(bridge_slave_0) entered disabled state [ 712.141182][T24922] bridge_slave_0: entered allmulticast mode [ 712.149565][T24922] bridge_slave_0: entered promiscuous mode [ 712.187221][T24922] bridge0: port 2(bridge_slave_1) entered blocking state [ 712.196794][T24922] bridge0: port 2(bridge_slave_1) entered disabled state [ 712.204173][ T5835] Bluetooth: hci1: command tx timeout [ 712.209942][T24922] bridge_slave_1: entered allmulticast mode [ 712.217927][T24922] bridge_slave_1: entered promiscuous mode [ 712.305115][ T59] IPVS: stop unused estimator thread 0... [ 712.311361][T24922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 712.332195][T24922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 712.716410][T24922] team0: Port device team_slave_0 added [ 712.737195][T24922] team0: Port device team_slave_1 added [ 712.885510][T24922] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 712.898590][T24922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 712.939107][T24922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 712.977753][T24922] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 712.993218][T24922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 713.020379][T24922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 713.166452][T24922] hsr_slave_0: entered promiscuous mode [ 713.177850][T24922] hsr_slave_1: entered promiscuous mode [ 713.216064][T24922] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 713.236184][T24922] Cannot create hsr debugfs directory [ 713.762186][T25076] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 713.928102][T25086] sctp: [Deprecated]: syz.3.8316 (pid 25086) Use of struct sctp_assoc_value in delayed_ack socket option. [ 713.928102][T25086] Use struct sctp_sack_info instead [ 714.280891][ T5835] Bluetooth: hci1: command tx timeout [ 714.320968][ T5934] usb 2-1: new high-speed USB device number 70 using dummy_hcd [ 714.481019][ T5934] usb 2-1: Using ep0 maxpacket: 32 [ 714.505095][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 714.532028][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 714.554834][T24922] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 714.561752][ T5934] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 714.572279][ T5934] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.584982][T24922] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 714.592050][ T5881] usb 9-1: new high-speed USB device number 44 using dummy_hcd [ 714.615775][ T5934] usb 2-1: config 0 descriptor?? [ 714.639703][T24922] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 714.667538][T24922] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 714.772131][ T5881] usb 9-1: Using ep0 maxpacket: 32 [ 714.785928][ T5881] usb 9-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 714.812012][ T5881] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.822880][T24922] 8021q: adding VLAN 0 to HW filter on device bond0 [ 714.833407][ T5881] usb 9-1: config 0 descriptor?? [ 714.865421][T24922] 8021q: adding VLAN 0 to HW filter on device team0 [ 714.890434][ T2956] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.897725][ T2956] bridge0: port 1(bridge_slave_0) entered forwarding state [ 714.922061][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 714.929286][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 714.960973][ T5910] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 715.054343][ T5881] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware [ 715.079023][ T5934] savu 0003:1E7D:2D5A.005D: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 715.101173][ T5881] usb 9-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2 [ 715.118058][ T5881] usb 9-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw [ 715.150092][ T5910] usb 3-1: Using ep0 maxpacket: 16 [ 715.160136][ T5910] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 715.185204][ T5910] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 715.201423][ T5910] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 715.223711][ T5910] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 715.243196][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.261143][ T5910] usb 3-1: Product: syz [ 715.276236][ T5910] usb 3-1: Manufacturer: syz [ 715.287593][ T5910] usb 3-1: SerialNumber: syz [ 715.333800][T17717] usb 2-1: USB disconnect, device number 70 [ 715.404902][T24922] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 715.492506][T24922] veth0_vlan: entered promiscuous mode [ 715.512346][T24922] veth1_vlan: entered promiscuous mode [ 715.520663][ T5910] usb 3-1: 0:2 : does not exist [ 715.557759][ T5910] usb 3-1: USB disconnect, device number 21 [ 715.592106][T24922] veth0_macvtap: entered promiscuous mode [ 715.617212][T24922] veth1_macvtap: entered promiscuous mode [ 715.657293][T24922] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 715.682694][T24922] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 715.706667][T24922] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.726340][T24922] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.738906][T24922] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.750664][T24922] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.917491][T25126] program syz.8.8333 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 715.971733][ T3456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 716.000253][ T3456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 716.100061][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 716.120317][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 716.347659][T25139] input: syz0 as /devices/virtual/input/input102 [ 716.360995][ T5835] Bluetooth: hci1: command tx timeout [ 717.600503][T25187] netlink: 71 bytes leftover after parsing attributes in process `syz.3.8358'. [ 718.756083][T25219] program syz.0.8373 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 718.982302][T25228] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 718.991376][T25228] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 719.000279][T25228] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 719.009504][T25228] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 719.050094][T25228] macvlan2: left promiscuous mode [ 719.062842][T25228] bond0: left promiscuous mode [ 719.068332][T25228] bond_slave_0: left promiscuous mode [ 719.074658][T25228] bond_slave_1: left promiscuous mode [ 719.081078][T25228] batadv_slave_0: left promiscuous mode [ 719.091209][T25228] macvlan3: left promiscuous mode [ 719.105279][T25230] bond0: (slave bond_slave_0): Releasing backup interface [ 719.115198][T25230] bond_slave_0: left allmulticast mode [ 719.141470][T25230] bond_slave_0: left promiscuous mode [ 719.470283][T25248] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8387'. [ 719.870972][ T10] usb 2-1: new high-speed USB device number 71 using dummy_hcd [ 720.078761][ T10] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 720.088340][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 720.101495][ T10] usb 2-1: Product: syz [ 720.105915][ T10] usb 2-1: Manufacturer: syz [ 720.111255][ T10] usb 2-1: SerialNumber: syz [ 720.131097][ T10] usb 2-1: config 0 descriptor?? [ 720.559858][ T10] usb 2-1: Firmware: major: 0, minor: 168, hardware type: UNKNOWN (136) [ 720.767787][ T10] usb 2-1: failed to fetch extended address, random address set [ 720.780838][ T10] usb 2-1: atusb_probe: initialization failed, error = -524 [ 720.809178][ T10] atusb 2-1:0.0: probe with driver atusb failed with error -524 [ 720.839811][ T10] usb 2-1: USB disconnect, device number 71 [ 723.552264][T25346] netlink: 'syz.8.8429': attribute type 2 has an invalid length. [ 724.337934][ T30] audit: type=1400 audit(1749016234.275:421): lsm=SMACK fn=smack_inode_set_acl action=denied subject="w" object="_" requested=w pid=25381 comm="syz.0.8446" name="20" dev="tmpfs" ino=113 [ 724.406425][T25386] loop8: detected capacity change from 0 to 7 [ 724.420448][T25386] Dev loop8: unable to read RDB block 7 [ 724.431090][T25386] loop8: unable to read partition table [ 724.477052][T25386] loop8: partition table beyond EOD, truncated [ 724.499746][T25386] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 724.646761][T25396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8452'. [ 725.443464][ T30] audit: type=1326 audit(1749016235.385:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.496435][ T30] audit: type=1326 audit(1749016235.425:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.547320][ T30] audit: type=1326 audit(1749016235.425:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.593448][ T30] audit: type=1326 audit(1749016235.425:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.620017][ T30] audit: type=1326 audit(1749016235.425:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.667410][ T30] audit: type=1326 audit(1749016235.425:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.760105][ T30] audit: type=1326 audit(1749016235.425:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.781963][T25436] tracefs: Invalid uid '0x00000000ffffffff' [ 725.821848][ T30] audit: type=1326 audit(1749016235.425:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.843442][ C1] vkms_vblank_simulate: vblank timer overrun [ 725.855051][ T30] audit: type=1326 audit(1749016235.445:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25425 comm="syz.2.8465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f662bf8e969 code=0x7ffc0000 [ 725.876663][ C1] vkms_vblank_simulate: vblank timer overrun [ 726.704891][T25455] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8478'. [ 726.731011][T25455] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8478'. [ 726.750891][T17715] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 726.924684][T25455] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8478'. [ 726.942675][T17715] usb 3-1: config 0 interface 0 has no altsetting 0 [ 726.959713][T17715] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 726.969539][T25455] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8478'. [ 727.001669][T17715] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 727.028808][T17715] usb 3-1: config 0 descriptor?? [ 727.296114][T25455] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8478'. [ 727.313180][T25455] netlink: 60 bytes leftover after parsing attributes in process `syz.8.8478'. [ 728.089051][T17715] video4linux radio48: keene_cmd_set failed (-71) [ 728.109226][T17715] radio-keene 3-1:0.0: V4L2 device registered as radio48 [ 728.124987][T17715] usb 3-1: USB disconnect, device number 22 [ 728.257815][T25499] netlink: 'syz.0.8494': attribute type 10 has an invalid length. [ 728.267170][T25499] netlink: 55 bytes leftover after parsing attributes in process `syz.0.8494'. [ 728.300415][T25501] overlayfs: invalid origin (0000) [ 729.340346][T25545] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8516'. [ 729.530640][T25550] team0: Device gre1 is of different type [ 729.734327][T25561] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8523'. [ 729.844588][T17717] usb 2-1: new high-speed USB device number 72 using dummy_hcd [ 729.993501][ T10] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 730.006595][T17717] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 730.018100][T17717] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 730.047035][T17717] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 730.066576][T17717] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 730.076892][T17717] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 730.088048][T17717] usb 2-1: config 0 descriptor?? [ 730.172639][ T10] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 730.215347][ T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 730.230895][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 730.238957][ T10] usb 3-1: Product: syz [ 730.247332][ T10] usb 3-1: Manufacturer: syz [ 730.252244][ T10] usb 3-1: SerialNumber: syz [ 730.503708][T17717] plantronics 0003:047F:FFFF.005E: No inputs registered, leaving [ 730.526800][T17717] plantronics 0003:047F:FFFF.005E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 730.763180][T17717] usb 2-1: USB disconnect, device number 72 [ 731.296479][ T10] cdc_ncm 3-1:1.0: bind() failure [ 731.308948][ T10] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71 [ 731.318816][ T10] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71 [ 731.328767][ T10] usbtest 3-1:1.1: probe with driver usbtest failed with error -71 [ 731.341195][ T10] usb 3-1: USB disconnect, device number 23 [ 733.041140][ T10] usb 2-1: new full-speed USB device number 73 using dummy_hcd [ 733.215545][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 733.236452][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 733.250903][ T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 733.264626][ T10] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 733.274969][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 733.287862][ T10] usb 2-1: config 0 descriptor?? [ 733.647863][T25696] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8585'. [ 733.707256][ T10] plantronics 0003:047F:FFFF.005F: reserved main item tag 0xd [ 733.721353][T25698] netlink: 'syz.2.8586': attribute type 1 has an invalid length. [ 733.741068][T25698] netlink: 'syz.2.8586': attribute type 10 has an invalid length. [ 733.746259][ T10] plantronics 0003:047F:FFFF.005F: No inputs registered, leaving [ 733.765415][ T10] plantronics 0003:047F:FFFF.005F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 733.768932][T25698] netlink: 'syz.2.8586': attribute type 4 has an invalid length. [ 733.799597][T25698] netlink: 136 bytes leftover after parsing attributes in process `syz.2.8586'. [ 734.003249][ T10] usb 2-1: USB disconnect, device number 73 [ 734.086621][T25715] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8594'. [ 735.384099][T17715] IPVS: starting estimator thread 0... [ 735.491751][T25769] IPVS: using max 25 ests per chain, 60000 per kthread [ 736.288508][ T30] kauditd_printk_skb: 298 callbacks suppressed [ 736.288528][ T30] audit: type=1800 audit(1749016246.235:729): pid=25813 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.8638" name="nullb0" dev="tmpfs" ino=416 res=0 errno=0 [ 737.316753][T25846] syz_tun: entered allmulticast mode [ 737.333164][T25845] syz_tun: left allmulticast mode [ 737.595374][ T30] audit: type=1326 audit(1749016247.545:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 737.639279][ T30] audit: type=1326 audit(1749016247.545:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 737.747700][ T30] audit: type=1326 audit(1749016247.545:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 737.809267][ T30] audit: type=1326 audit(1749016247.545:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 737.835693][ T30] audit: type=1326 audit(1749016247.565:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 737.896024][ T30] audit: type=1326 audit(1749016247.565:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 737.959059][ T30] audit: type=1326 audit(1749016247.565:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 738.013542][ T30] audit: type=1326 audit(1749016247.565:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22a4b2ab39 code=0x7ffc0000 [ 738.060984][ T30] audit: type=1326 audit(1749016247.565:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25849 comm="syz.8.8656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a4b8e969 code=0x7ffc0000 [ 738.131277][T17717] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 738.244469][ T2992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 738.258327][ T2992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 738.320823][T17717] usb 3-1: Using ep0 maxpacket: 32 [ 738.328814][T17717] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 738.345827][T17717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 738.358741][T17717] usb 3-1: config 0 descriptor?? [ 738.578854][T17717] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 738.594018][T17717] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 738.608702][T17717] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 738.617951][T17717] usb 3-1: media controller created [ 738.623664][T25896] netlink: 44 bytes leftover after parsing attributes in process `syz.8.8678'. [ 738.623705][T25896] netlink: 43 bytes leftover after parsing attributes in process `syz.8.8678'. [ 738.623725][T25896] netlink: 'syz.8.8678': attribute type 6 has an invalid length. [ 738.653244][T25896] netlink: 'syz.8.8678': attribute type 5 has an invalid length. [ 738.665505][T25896] netlink: 43 bytes leftover after parsing attributes in process `syz.8.8678'. [ 738.667978][T17717] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 738.796561][T17717] az6027: usb out operation failed. (-71) [ 738.807166][T17717] az6027: usb out operation failed. (-71) [ 738.813413][T17717] stb0899_attach: Driver disabled by Kconfig [ 738.820550][T17717] az6027: no front-end attached [ 738.820550][T17717] [ 738.830297][T17717] az6027: usb out operation failed. (-71) [ 738.836433][T17717] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 738.847510][T17717] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input105 [ 738.868998][T17717] dvb-usb: schedule remote query interval to 400 msecs. [ 738.878812][T17717] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 738.889831][T17717] usb 3-1: USB disconnect, device number 24 [ 738.980227][T17717] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 739.329056][T25920] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 742.211009][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 844.460680][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 844.467709][ C0] rcu: 1-...!: (1 GPs behind) idle=14ec/1/0x4000000000000000 softirq=136383/136384 fqs=0 [ 844.479061][ C0] rcu: (detected by 0, t=10502 jiffies, g=131453, q=235 ncpus=2) [ 844.486929][ C0] Sending NMI from CPU 0 to CPUs 1: [ 844.486971][ C1] NMI backtrace for cpu 1 [ 844.486991][ C1] CPU: 1 UID: 0 PID: 25924 Comm: syz.1.8691 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 844.487013][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 844.487026][ C1] RIP: 0010:lock_release+0x46/0x3e0 [ 844.487056][ C1] Code: 30 cb fa 10 48 89 44 24 28 0f 1f 44 00 00 65 8b 05 33 cb fa 10 83 f8 08 0f 83 9a 02 00 00 89 c0 48 0f a3 05 dc 96 01 0e 73 16 d5 e0 08 00 84 c0 75 0d f6 05 ae 8a eb 0d 01 0f 84 ad 02 00 00 [ 844.487073][ C1] RSP: 0018:ffffc90000a08bf8 EFLAGS: 00000097 [ 844.487091][ C1] RAX: 0000000000000001 RBX: ffff88807b2092e8 RCX: 1ffff1100f641265 [ 844.487104][ C1] RDX: 0000000000010000 RSI: ffffffff897d49cf RDI: ffff88807b209300 [ 844.487117][ C1] RBP: ffff888030f8a950 R08: 0000000000000003 R09: 0000000000000004 [ 844.487129][ C1] R10: dffffc0000000000 R11: fffff5200014117c R12: ffff88807b209340 [ 844.487143][ C1] R13: ffffffff897d49cf R14: ffff88807b209300 R15: ffff888030f88000 [ 844.487157][ C1] FS: 0000000000000000(0000) GS:ffff888125d90000(0000) knlGS:0000000000000000 [ 844.487171][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 844.487184][ C1] CR2: 000000110c2fee3c CR3: 000000000df38000 CR4: 00000000003526f0 [ 844.487200][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 844.487211][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 844.487222][ C1] Call Trace: [ 844.487231][ C1] [ 844.487239][ C1] ? taprio_set_budgets+0x37c/0x3b0 [ 844.487271][ C1] _raw_spin_unlock+0x16/0x50 [ 844.487294][ C1] advance_sched+0x99f/0xc90 [ 844.487325][ C1] ? __pfx_advance_sched+0x10/0x10 [ 844.487347][ C1] __hrtimer_run_queues+0x529/0xc60 [ 844.487386][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 844.487412][ C1] ? read_tsc+0x9/0x20 [ 844.487438][ C1] hrtimer_interrupt+0x45b/0xaa0 [ 844.487481][ C1] __sysvec_apic_timer_interrupt+0x108/0x410 [ 844.487511][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 844.487536][ C1] [ 844.487543][ C1] [ 844.487551][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 844.487571][ C1] RIP: 0010:rcu_is_watching+0x55/0xb0 [ 844.487598][ C1] Code: ac b8 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 4c 7c 7a 00 48 c7 c3 58 2f 9a 92 49 03 1e 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 34 8b 03 65 ff 0d d9 e9 f1 10 74 11 83 e0 [ 844.487614][ C1] RSP: 0018:ffffc90004b8f4d0 EFLAGS: 00000a06 [ 844.487630][ C1] RAX: 1ffff110170e65eb RBX: ffff8880b8732f58 RCX: be182645fe7bd800 [ 844.487644][ C1] RDX: 0000000000000000 RSI: ffffffff8be19e60 RDI: ffffffff8be19e20 [ 844.487657][ C1] RBP: ffffffff822cacd7 R08: 0000000000000000 R09: 0000000000000000 [ 844.487669][ C1] R10: dffffc0000000000 R11: fffff9400027b9e1 R12: 0000000000000002 [ 844.487681][ C1] R13: ffffffff8e13f060 R14: ffffffff8db8ac68 R15: dffffc0000000000 [ 844.487697][ C1] ? page_table_check_clear+0x187/0x700 [ 844.487731][ C1] lock_acquire+0x5f/0x360 [ 844.487755][ C1] ? pfn_valid+0xba/0x490 [ 844.487778][ C1] ? pfn_valid+0xba/0x490 [ 844.487809][ C1] ? pfn_valid+0xba/0x490 [ 844.487832][ C1] ? page_table_check_clear+0x187/0x700 [ 844.487856][ C1] page_table_check_clear+0x1a4/0x700 [ 844.487879][ C1] ? page_table_check_clear+0x187/0x700 [ 844.487903][ C1] ? vm_normal_page+0xb7/0x230 [ 844.487931][ C1] unmap_page_range+0x3249/0x41c0 [ 844.487988][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 844.488021][ C1] ? unmap_vmas+0x144/0x580 [ 844.488050][ C1] unmap_vmas+0x399/0x580 [ 844.488082][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 844.488125][ C1] exit_mmap+0x248/0xb50 [ 844.488148][ C1] ? uprobe_clear_state+0x20f/0x290 [ 844.488174][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 844.488195][ C1] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 844.488230][ C1] ? __pfx_exit_aio+0x10/0x10 [ 844.488258][ C1] ? uprobe_clear_state+0x274/0x290 [ 844.488279][ C1] ? mm_update_next_owner+0xa7/0x870 [ 844.488303][ C1] __mmput+0x118/0x420 [ 844.488330][ C1] exit_mm+0x1da/0x2c0 [ 844.488350][ C1] ? __pfx_exit_mm+0x10/0x10 [ 844.488372][ C1] ? rcu_is_watching+0x15/0xb0 [ 844.488400][ C1] do_exit+0x640/0x22e0 [ 844.488424][ C1] ? preempt_schedule_common+0x83/0xd0 [ 844.488448][ C1] ? preempt_schedule+0xae/0xc0 [ 844.488471][ C1] ? __pfx_do_exit+0x10/0x10 [ 844.488494][ C1] ? preempt_schedule_thunk+0x16/0x30 [ 844.488520][ C1] do_group_exit+0x21c/0x2d0 [ 844.488546][ C1] __x64_sys_exit_group+0x3f/0x40 [ 844.488567][ C1] x64_sys_call+0x21ba/0x21c0 [ 844.488585][ C1] do_syscall_64+0xfa/0x3b0 [ 844.488611][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 844.488636][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 844.488654][ C1] ? clear_bhb_loop+0x60/0xb0 [ 844.488674][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 844.488692][ C1] RIP: 0033:0x7fef4a38e969 [ 844.488708][ C1] Code: Unable to access opcode bytes at 0x7fef4a38e93f. [ 844.488717][ C1] RSP: 002b:00007ffcbfcb7468 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 844.488735][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fef4a38e969 [ 844.488747][ C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 844.488757][ C1] RBP: 00007ffcbfcb74cc R08: 00000005bfcb755f R09: 00000000000927c0 [ 844.488770][ C1] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000735 [ 844.488781][ C1] R13: 00000000000927c0 R14: 00000000000b4742 R15: 00007ffcbfcb7520 [ 844.488810][ C1] [ 844.488958][ C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g131453 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 845.030836][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 845.040831][ C0] rcu: RCU grace-period kthread stack dump: [ 845.046742][ C0] task:rcu_preempt state:R running task stack:27320 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 845.060282][ C0] Call Trace: [ 845.063586][ C0] [ 845.066574][ C0] __schedule+0x16a2/0x4cb0 [ 845.071137][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 845.076378][ C0] ? schedule+0x165/0x360 [ 845.080747][ C0] ? __lock_acquire+0xab9/0xd20 [ 845.085643][ C0] ? __pfx___schedule+0x10/0x10 [ 845.090553][ C0] ? schedule+0x91/0x360 [ 845.094842][ C0] schedule+0x165/0x360 [ 845.099040][ C0] schedule_timeout+0x12b/0x270 [ 845.103930][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 845.109337][ C0] ? __pfx_process_timeout+0x10/0x10 [ 845.114671][ C0] ? prepare_to_swait_event+0x341/0x380 [ 845.120257][ C0] rcu_gp_fqs_loop+0x301/0x1540 [ 845.125157][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 845.130133][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 845.135420][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 845.140745][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 845.145986][ C0] ? finish_swait+0xcd/0x1f0 [ 845.150616][ C0] rcu_gp_kthread+0x99/0x390 [ 845.155250][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 845.160529][ C0] ? __kthread_parkme+0x7b/0x200 [ 845.165513][ C0] ? __kthread_parkme+0x1a1/0x200 [ 845.170589][ C0] kthread+0x711/0x8a0 [ 845.174840][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 845.180076][ C0] ? __pfx_kthread+0x10/0x10 [ 845.184704][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 845.189937][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 845.195174][ C0] ? __pfx_kthread+0x10/0x10 [ 845.199884][ C0] ret_from_fork+0x3f9/0x770 [ 845.204524][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 845.209686][ C0] ? __switch_to_asm+0x39/0x70 [ 845.214491][ C0] ? __switch_to_asm+0x33/0x70 [ 845.219284][ C0] ? __pfx_kthread+0x10/0x10 [ 845.223909][ C0] ret_from_fork_asm+0x1a/0x30 [ 845.228725][ C0] [ 845.231775][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 845.238124][ C0] CPU: 0 UID: 0 PID: 25923 Comm: syz.8.8690 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 845.249868][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 845.259956][ C0] RIP: 0010:smp_call_function_many_cond+0xf69/0x12d0 [ 845.266675][ C0] Code: 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 50 78 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 fb 73 0b 00 eb 37 f3 90 <43> 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 e0 73 0b [ 845.286319][ C0] RSP: 0018:ffffc90003a5f6e0 EFLAGS: 00000293 [ 845.292420][ C0] RAX: ffffffff81b4d790 RBX: ffff8880b863c9c0 RCX: ffff88802eca1e00 [ 845.300431][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 845.308437][ C0] RBP: ffffc90003a5f840 R08: ffffffff8f9fcbf7 R09: 1ffffffff1f3f97e [ 845.316452][ C0] R10: dffffc0000000000 R11: ffffffff81702400 R12: 1ffff110170e825d [ 845.324457][ C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff8880b87412e8 [ 845.332463][ C0] FS: 0000000000000000(0000) GS:ffff888125c90000(0000) knlGS:0000000000000000 [ 845.341420][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 845.348039][ C0] CR2: 00007f662c182338 CR3: 000000006c506000 CR4: 00000000003526f0 [ 845.356045][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 845.364050][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 845.372055][ C0] Call Trace: [ 845.375368][ C0] [ 845.378342][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 845.384714][ C0] ? free_pgd_range+0x144b/0x14c0 [ 845.389792][ C0] ? rcu_is_watching+0x15/0xb0 [ 845.394622][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 845.399855][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 845.405016][ C0] flush_tlb_mm_range+0x6b1/0x12c0 [ 845.410175][ C0] ? free_pgtables+0xa12/0xaf0 [ 845.414988][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 845.420578][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 845.425734][ C0] tlb_flush_mmu+0x1a7/0x680 [ 845.430366][ C0] ? __pfx_down_write+0x10/0x10 [ 845.435260][ C0] tlb_finish_mmu+0xc3/0x1d0 [ 845.439900][ C0] exit_mmap+0x44c/0xb50 [ 845.444183][ C0] ? uprobe_clear_state+0x20f/0x290 [ 845.449428][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 845.454319][ C0] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 845.460102][ C0] ? __pfx_exit_aio+0x10/0x10 [ 845.464833][ C0] ? uprobe_clear_state+0x274/0x290 [ 845.470072][ C0] ? mm_update_next_owner+0xa7/0x870 [ 845.475399][ C0] __mmput+0x118/0x420 [ 845.479523][ C0] exit_mm+0x1da/0x2c0 [ 845.483629][ C0] ? __pfx_exit_mm+0x10/0x10 [ 845.488253][ C0] ? rcu_is_watching+0x15/0xb0 [ 845.493062][ C0] do_exit+0x640/0x22e0 [ 845.497258][ C0] ? preempt_schedule_common+0x83/0xd0 [ 845.502758][ C0] ? preempt_schedule+0xae/0xc0 [ 845.507649][ C0] ? __pfx_do_exit+0x10/0x10 [ 845.512285][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 845.517700][ C0] do_group_exit+0x21c/0x2d0 [ 845.522342][ C0] __x64_sys_exit_group+0x3f/0x40 [ 845.527402][ C0] x64_sys_call+0x21ba/0x21c0 [ 845.532114][ C0] do_syscall_64+0xfa/0x3b0 [ 845.536655][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 845.541889][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 845.547986][ C0] ? clear_bhb_loop+0x60/0xb0 [ 845.552696][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 845.558635][ C0] RIP: 0033:0x7f22a4b8e969 [ 845.563082][ C0] Code: Unable to access opcode bytes at 0x7f22a4b8e93f. [ 845.570125][ C0] RSP: 002b:00007fffacc27c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 845.578596][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f22a4b8e969 [ 845.586606][ C0] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 845.594612][ C0] RBP: 00007fffacc27cbc R08: 00000005acc27d4f R09: 00000000000927c0 [ 845.602619][ C0] R10: 0000000000000001 R11: 0000000000000246 R12: 00000000000003ae [ 845.610619][ C0] R13: 00000000000927c0 R14: 00000000000b477f R15: 00007fffacc27d10 [ 845.618641][ C0]