last executing test programs: 38m5.337305331s ago: executing program 2 (id=1811): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='dctcp', 0x5) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000001c0)=0xa3, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 38m4.427480635s ago: executing program 2 (id=1821): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x36}}, 0x6}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYRESOCT=0x0], 0x4a}, 0x1, 0x0, 0x0, 0x200000d1}, 0x40081) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1) 38m3.610990632s ago: executing program 2 (id=1826): socket$kcm(0xa, 0x3, 0x87) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x503, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x15615, 0xef}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @private=0xa010102}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e22}]}}}]}, 0x40}}, 0x28048810) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd120011000000140000006000000003088700fe88a43de1a400000000000000007d01ff0200"/53], 0xfdef) 38m3.467821398s ago: executing program 2 (id=1827): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) close(r1) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) mount$fuseblk(&(0x7f0000000080), &(0x7f00000003c0)='./file0\x00', 0x0, 0x911008, 0x0) 38m3.467621595s ago: executing program 2 (id=1828): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000200)=0x1b) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x3) ioctl$TCXONC(r1, 0x540a, 0x2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x7, 0xfffffffffffffffd, 0x9}, 0x0, &(0x7f00000002c0)={0x9, 0x0, 0x0, 0x9, 0x2, 0x663, 0x7fffffff}, 0x0, 0x0) 38m3.335603359s ago: executing program 2 (id=1829): unshare(0x66000080) r0 = socket$netlink(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'vlan1\x00', 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0) r2 = gettid() sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r1, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}}, 0x0) 38m3.201488111s ago: executing program 32 (id=1829): unshare(0x66000080) r0 = socket$netlink(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'vlan1\x00', 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0) r2 = gettid() sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r1, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}}, 0x0) 1.492496981s ago: executing program 0 (id=10275): r0 = syz_open_dev$loop(&(0x7f00000005c0), 0x5, 0x2002) ioctl$LOOP_SET_STATUS(r0, 0x4c02, 0x0) 1.410024422s ago: executing program 0 (id=10277): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x4e24, 0x5, @remote, 0x80000001}}, 0x0, 0x0, 0x2a, 0x0, "b25dd300350731437df94f0a338977934d6951cdd6c61e71cc7172c856b141e3f5e87e6ab615ea37c452b4043f3c0bbf0138f5f33e33eae79f3e12b1380800c30a1c48cdff0300f64800"}, 0xd8) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) syz_emit_ethernet(0x42, &(0x7f0000000100)={@local, @random="e462e98700", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x23, 0x34, 0x64, 0x0, 0x3, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x10, 0x7, 0x0, 0xe7, {[@sack={0x5, 0xa, [0x7, 0x40]}]}}}}}}}, 0x0) 1.335367604s ago: executing program 0 (id=10281): r0 = syz_open_dev$sg(&(0x7f0000000280), 0x5dc, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0) capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffd}) ioctl$SG_IO(r0, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffa, 0x6, 0xc0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000300)="0d939c514a7d", 0x0, 0x200005, 0x10, 0x2, 0x0}) 1.1971502s ago: executing program 0 (id=10286): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x40000003, 0x0) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 1.078266791s ago: executing program 5 (id=10289): fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/udp6\x00') r1 = socket(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback={0xff00000000000000}}, 0x59) preadv(r0, &(0x7f0000000100)=[{&(0x7f00000004c0)=""/171, 0xab}], 0x1, 0x400005, 0xffffffff) 979.742752ms ago: executing program 5 (id=10291): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0xe46b}, 0x1c) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x7, @loopback, 0xfffffffe}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee0000000000000000", 0x53}], 0x1) 918.750008ms ago: executing program 1 (id=10293): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @broadcast}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x6) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x201, 0x0, 0x0) shutdown(r0, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x9, 0xe}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c1}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 889.684548ms ago: executing program 5 (id=10294): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_X86_SET_MSR_FILTER(r1, 0x4188aec6, &(0x7f0000000e80)={0x0, [{0x1, 0x8, 0x3, &(0x7f0000000300)='Y'}, {0x3, 0x0, 0xb, 0x0}, {0x3, 0x0, 0x401, 0x0}, {0x2, 0x0, 0xfffffff1, 0x0}, {0x3, 0x0, 0x8, 0x0}, {0x3, 0x0, 0x427, 0x0}, {0x1, 0x0, 0x1, 0x0}, {0x2, 0x57, 0xa, 0x0}, {0x1, 0x0, 0xd9d, 0x0}, {0x3, 0x0, 0x7, 0x0}, {0x2, 0x0, 0x5, 0x0}, {0x1, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x2, 0x0, 0x3, 0x0}, {0x1, 0x0, 0x9, 0x0}, {0x2, 0x0, 0x8, 0x0}]}) 775.033209ms ago: executing program 1 (id=10295): setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)={0xa, 0x4e22, 0x3, @remote, 0x1}, 0x1c, &(0x7f0000000600)}, 0x44044) sendto$inet6(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x20000040, 0x0, 0x0) socket$unix(0x1, 0x1, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_POWER_SAVE(0xffffffffffffffff, 0x0, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x11, 0x0, 0x2}}}}}}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x1100, 0x0, 0x3, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) 774.801324ms ago: executing program 3 (id=10296): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="48000000100005"], 0x48}}, 0x0) unshare(0x22020600) r0 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x8042, 0xe0) pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000040)='9', 0x1}], 0x21e, 0xffffff01, 0x2) 773.245534ms ago: executing program 0 (id=10297): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x80b42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"cfc8752a08b459c22211981d67fc3b1822b3b0da6a04654e1c351e111c62f087a30886e37771683102e190e7605effbae324dfce22c050b5cb06caa01193d6b4779c57bd49948b71ca7865efa8c93c807b92fa676fe763264f8a770dab16bd15f32369481f34a1fcf93787dd0f642c98b6dace47fe64538c4706257ad770ed973a878d59b1271c71730e4d0dc3298543efe507f2154472e53679644c09b57639c01e59dabdfade2ad385ecc6cb75ca1100b3f883bb092b769433e8cba7eac7bd350202f357773cce8e7c788bd250d2a5faad9da3e9ee9d5a0c052a0f82e45734c708148b45cffcb208622dbd0b5a18605f453ebd20770a9f3d0839df63b477d50a94ab0023d8f52223fc700ad74e8c9512b745ae82d952e635776da6c4264ab43f6c5198e460281d17aa23a27a97fb82f0073248aa7c3df76bde448af6ab8d22e7fa1f3a8e6cbec2deacdcf12f76891c60a9448ef50c6e06e8dc791d6b34f42a31defbaca876be47111d055497c9f039a3de690885d2c4a098277e356c9eb458a31fda780b82778cc32f1f5d62ab9afd9352e174b9b420bb55399f93a5310eb93bca35e34ec1a4c7ba28bfd8a0fb5fd879d4264709216679b9fe852329c35a912e25cac60756a452824fce4fba63754a0e24026ffd7a23037f8eec9ca3e670aa3332da4d6514c64d1013dfda55b7fa071db419811f172e907a1c1fa2f34efb4ded276246b3140f5d61b7d1003b376fd0ea470c24c286327d528dd5110e5cc8826a1e2228f669b3e477eef1bde1ee76fb9afc5cb971faa0dbe4dff449541654640c198e2dc10fb5b79824c13b8e55919aa641a7297b92d09dae29d4429858e5d6d34d424fce911780f9e11aa74c17dde2b965b00ec5da7c302e21b7875093412ac2e17aed03c781280fde946c59977d82edfd385c3742928dcf31f1395f1199eb0f2b094425ea33bb29475ce2b18a4b3532a5cab2e7f35131356aee5d1052fbe31c457bab1d5fb140dc9488555c116bfd6cc82b5be3eb59a7caa5c0a8fbb0d19b7db4146de07088701042b772e093cc779c49764d329c8e2b9a1ac8551415d554e2dbaff7acf29c1b574592eab4f301f3d1a9318dbc4847f72908a199bd703a72c441be48f25103ab0925dea8b608096625530cc082026eddf3f9d349f2a8f68b86dfcc586c795dce98ef390da9b35b93212d9099cdff18ee96fcd8391098e93d9aca1a9d4b9f8e40a7867761d7aa0f2a845627953503098527bd07645b8c842e7a9dc6d92bdd85a0d2a8b9b209409a74736c5eb8e46fa5c6b3068a218f41919cbd7c69f71e15ee6e7effa87a56bfbbde790437774b0ec7add8947c510ce26947e2db1c89f9f9115785cd34df97b43165eca1183f4cb587307648333cae00304575784ba2e7a61b79052d505ba68f02b3103768352936aa2704b673c62b1b00"}) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000bc0)) 747.731626ms ago: executing program 1 (id=10298): socket(0x2, 0x3, 0xff) syz_emit_ethernet(0xb6, &(0x7f0000000100)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0xa8, 0x65, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010101, @remote}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0xf7, 0x801f, {0x23, 0x4, 0x3, 0x14, 0x7ff, 0x64, 0x1ce1, 0xd9, 0xff, 0xe5c, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, {[@timestamp={0x44, 0xc, 0x37, 0x0, 0x2, [0xfff, 0x801]}, @timestamp_addr={0x44, 0x6c, 0x89, 0x1, 0x0, [{@multicast2, 0x5}, {@loopback, 0x5}, {@loopback, 0x20005}, {@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x329}, {@multicast2, 0x5}, {@broadcast, 0xd47}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x4}, {@private=0xa010100, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4800}, {@multicast1, 0x3}, {@multicast2, 0x9}, {@remote}]}]}}}}}}}, 0x0) 722.61107ms ago: executing program 4 (id=10299): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x10001, 0x7fbc, 0x5, 0x4, 0xc3f, 0x6}}]}}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x60b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0xd}, {0x6, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) r6 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r6, 0x0, 0x0, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0xd8, 0x6, @multicast}, 0x14) 621.401664ms ago: executing program 5 (id=10300): fsmount(0xffffffffffffffff, 0x1, 0x70) syz_emit_ethernet(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e23, 0x5, @ipv4={'\x00', '\xff\xff', @loopback}, 0x4}, 0x1c) listen(r1, 0x50) 621.062457ms ago: executing program 3 (id=10301): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0) preadv2(r1, &(0x7f0000000180)=[{&(0x7f0000000200)=""/162, 0xa2}, {0x0}], 0x2, 0x9, 0x0, 0x0) 619.947522ms ago: executing program 1 (id=10302): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x122}}, 0x4008090) 538.536484ms ago: executing program 3 (id=10303): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0x0) r1 = socket(0x10, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48) socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r2, &(0x7f0000000540), &(0x7f0000000000)=""/7, 0x2}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r2, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0) 537.087033ms ago: executing program 1 (id=10304): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0xe46b}, 0x1c) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x7, @loopback, 0xfffffffe}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee0000000000000000", 0x53}], 0x1) 491.171548ms ago: executing program 0 (id=10305): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) ioctl$TIOCPKT(r0, 0x5420, 0x0) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0xff2e) readv(r0, &(0x7f00000000c0)=[{&(0x7f00000003c0)=""/4096, 0x1000}], 0x1) 490.857644ms ago: executing program 5 (id=10306): openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) io_setup(0x8, &(0x7f0000004200)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) pwritev(r1, &(0x7f0000000280)=[{&(0x7f0000000200)="5a8482b35976984be7fad71e919a0d5bef699db2493c1f436b17957af24aefc693ba9db1cd17d368d66414591089b21fb77efba939c47b935b3adebb1861177841f5e6", 0x43}], 0x1, 0x4, 0xff) 454.076024ms ago: executing program 1 (id=10307): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c) recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x40000003, 0x0) sendmmsg$inet6(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)='3', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000004c0)="b4", 0x1}], 0x1}}], 0x2, 0x20e8086) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 348.058722ms ago: executing program 4 (id=10308): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0xfffffffd, @local, 0x2}, 0x1c) listen(r3, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000400)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00\x00\b', 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x4}}}}}}}, 0x0) 247.16858ms ago: executing program 5 (id=10309): futex(&(0x7f000000cffc)=0x4, 0x109, 0x4, 0x0, 0x0, 0x1) r0 = socket$netlink(0x10, 0x3, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) read$FUSE(r2, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000002300)={0x50, 0x0, r3, {0x7, 0x9, 0x0, 0xffffffff90809082, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2}}, 0x50) syz_fuse_handle_req(r2, &(0x7f0000007080)="f5201a6b6542be6cbad26e239346ffe3dbc7125e4eb0daba2e9ba73337e45b1a2c2828afbe1d99c856f2d7c9b91364a83e3c477d5e9569cf8787de2fd830003be5c3bbb4a246c4e13764c6e255ef511c263c70adb80380cc2b3247fb61ebddd2b945820fc646375953f1322be813b875bf64256ac7a8debe881f8352dc9fd70b9473bf07932110a5d1a94144b2ab0b4cd92458041eef085b29b5c115df0d7db2bea67006c66b64015fc980343e5ff451373afc63f2ae21d63cddeb3b0c53bbb4e0e31663f5b1b53de22517869df6114ac9047ee98a692b4f0e3e7cfc4e42368f217cc705f2bc5d10454ab30eda651c6ee29f0cc5a6ca7b384949955785844742121b5734a8cf3f3fe1d3e5c2085da26a028ba6c84d5cbce6afbe13cbb179d4c251e1d2d68e8c7d9c34eee698ceeb6e40aed55c62c45d8c7fcb2cfe95ce261238ca5c4458647ed7a001788e991e3d2ecfc77bedec164efda9e4a5d5f03043628fd8b5f906371c52e7de2e760b820dce5c3629610a48a036cd54f23ec3ef274f8da724f45c482505864c87359d4411cad79d7434c9a9d79323410b671880a344b933a47d735abd0e63308cf7f6e15790a50ccbcce072526952c763775066125af0fcde57ba3c514301aef17391c76adfc2419829a88e0d91b947d278cd03d94ce98ec639a6163eaa9755b1813685080ce588251fbd4240a7f65cdc1074503b0fe49b24996e52c6899ac90014d9a58566e841bcac357ed59f7e727475be4f7a526a5b420c5d6ababab7e7f8ba6ef6f3455a5aed80f4aaadb58fb38f725d524b4fd63238e07936d62e81ef46bb7346d7f55c4fdbe7606b1053f6faf6d80612311823efe1e6522fd5bbb77c52c868362f263e56ea1447b612d681828561adefdd28fb855fd81f27e2698cc02bbcf7d653cf8dc9eea252f2b1f48c0d2ab70ece454daf9b5829d7106eb8ca8807eebd07d1bf6af6a4523577db893995778759e1be294aea8edb9226a9acbd44f98f60641f87195521491e621b10cc2032434f319e76743601a0bcc99fb3636389172a790e25260de7cb58961f9ad44d16c7604402bbca8cf82be528a64107c0dd114fd3458c471e97888c1c739dc678b43b202c603946cb5720a1e7331282a48afb12b461c41b6fd92b97c6960ac9f664f509b02c8267d722f372b007befada669d4cc36fb931763ffd8744b10e78cb849d40f88d190778a70f902faa4f34cae0b9e163b59b1bae96a933afecbc6a768f1d7ae20bf2771f28c1a3d333ae0b6f691d2f985e1ed6d0e1c29d7db36234b9bec18a1ee98b9ae90e4706d1c952f6059cc4d64bfc14152a88443f260d179c705df71e006a60981fefaa8a51c9c368680b830967b01b60734b9924335d7700b083bd7e87b3ad2f3d497e914368a15c5456d08861fb7513e96acb49935dc3f46fcaa297cdbdc759cb8a5a2515a482ca60440da8b7d5a8c79659d99e3892f9086b372d78622d3689267652c4dd60754cb8eb45028b0c237adff5ffaeaf78ed5a541c57feeb014a53e2a98042d5712d5f7a779b7a12bc120b8cf6df35b258fe1ad7ebdbee88d25355560fad504dce4bd878df5e43c55e765ac324dd8d65ce29c2a93f9e085bb51ff75dbbf314ed6aa3a36330fd146d28654c659f1c6c5089c3619be1c7707be835500fb15bf873ab35517b743207621346db75d16fb21624c04ceddda2d607642004f611db7414e1c593ef38c62e4d27a8b7833436609c284a46edc9b973e790aba0bf4c6bc0069ce9372c6c7b93d15740771ddf9c704338f4af870c649ecdaeab106b1242dbb74c284bfb5d87aa688d27befe1dc0d1019fde1842e89eee67e11f925672ebff47e4503e02fa989297e9468baa6f94b5e0ed2d957efc3b77a10181597c7fb2c94e62db50e46c46d10c1127573bae01166170467b7641d7e07dcd879f04b8dc08dcf460bef8e83aae33151a72eddf9ccac4eb95c48cb4008ba3fea542b2e3c6c4c07850cd4ca551536a20d18ed18852baaaf7339908583aae41f08f3c6f5811cd730e849dc8382e8bdf3519ab900d38a0a9822400d619b52a957b1bbe8384619e5d65588a2ca6bf068ca27fce9aa0448a60d04b3b230db3a939409ec7df45d70a944b34baaf0bf951d205667c8281e9e87468d1a2f6edf79a7d5df12a8564e56d3a952efa4c4be2b09be2c3d699b05268e8cfe998a9f37b8714c92647ada8a8129bc4084624c6f1059f834193deef961f5dbfe500c1bf781f45441984d52800d81d814a82ec4f859c7217146ac447c8462612574a1a8603148ed46bf3e195d417bbe43aa6bf83ea8fb525941ef8dd56149bd6fdcbf626609ddb699e40e83fa4792b39384eb0d1b78c97c6798537b192753caed3a5eaa4a33d54b473b43851cb282cd857ae11a4d34c6b53fc1c334f8ec42672295b88a326b65d338a70bb3d5d866ff55a9ce0345c7a890cd6dee36012c76d862802c9cbaf1abbab99dc898eb432f50474ae6c202121d19f8d0467fcb1279457accf9b777c75390756762dde795d94aaba4c1729f559adc33966fbf517fc91fae21bd8ef22e914bbe6bae774246749ad63d8d16f21c9aebc80a97be408443ae60af610dd3ad9964b2401e049b09dbb46f6126d3d534a7786bb3663719943111231d18e51ed534b1e28807c062280924e5d53a8a1316ca2b5936911a267d5b799fd7d8e5e725271d5b8eb90e3dd9ef9eb1400c68eb8f88622f548af7df4846758cfb74aeb48588d1820f504e97ae1d818feb7113175b04e7c0bae6239672c987253cdf0e9845119f3f200d40f586ab986312144c3525acb78a5784f5707217105bae651e0c000792f4e88c1a924d33fbe5474a71b1e193a8d3a6a65dc485f2a299e7d07a6cf621260dcfc5d79c9243618f57507ca025baa53b3e684667f23dfb8ab9065cc548ad5c881bceb5d937462ea850fc197f5ae8c9489815b2cff853895e987e684195a094d8460ee52ef9d8f6fa0ba01092f0cdffcc7a682ca3125058ce9ed0064d7d0a868b0419b49ded3d93f0c7e1d700288350ff4c130cf6e0b507ce6064623294536c8fc4011b9b40299bfe02144806411d5b36997db26033a5ddeecd6bf3faefd3ca0a6cb70b0561106b2dabb06cf88bb6fa283e43dcd2fa1f33063183e15450385ba6fed4436502211d3181351db793a76ae11ebde2b23f340b7522748a4602ec469b88eb7f3d1325baa536ab8096c58c6f2b4863a541f618112643e194a5873cdae4172bb3005743782d8af22dbf23ab60e7d0f4ceb3ef0975f747d192e80608f35c46e23e1ecee1839558bc5c146dd97aba7651dfd2401fb8aec4eda71b1b15a2570130f0f5ff489ad4355a708a6eafa9752eb5c9f7a83f43c3e3b317e7e68133573f585fc27c5cfc0d90016f5be8594e1cfac36b24570cebb5be46d3f5917441ccadc355536b8b9b455b87667edd802b77178251afdefe9a4b5f0ff7e59fa5cf9b449e18bc4bf8154f15913128a2584f7d60a3c09f467233783690df422d3d9982200eb604ec2ef50830bba6f82e8b91823808fac0b07bc0e51a671c32dea0f2f9aa2cfbbc91cdf54b719b6009ce750bab1680cac77398b2a619d550161fa70e7e8b86fb535f8797fca75708efba7f0d95da4ac235d9de68a50c998a72c0c2da90f511ea456f776c881b8416b894cd835ad13c62b035ef4d220a66c86c1c00de534690e42d064bf4fff946af98aec3f9490d6f0586e891d272a4bfb776ab84bd693af6526c4b09beab2460634d929bcc61cf75b041f067e7b503ecd6a80934e169ebb0ac926a85b53cb1d7b63eee6abcd9e250834da6e4da23b3b3d90c2f726861760ca14b78d5e895eb7fa2e8b39f724a0371412b1c94c6a42f1beeae2328e353971531bddcda730b6a0d90f7c58e3ce5953cf5a6c9e3fd657c92fe4b5b8b0b659353944afa5c69c309527d6d4039e78c675c8d2f527fbcb2b765864fed987f785221862bd7deb66e6676ddebdd19cf4cb26869f562928dc98088bb69281615fc6a2dafc466e70ff9ea1a411e1a3ba3f94ed7d429796afc9f0c95da19a4db691c36407985e5f08473dd8afd9de88b2c26b6ebd2ea35177238e18dfc36d579a80074c06f5cca60cf6d64d27eeb121c6c8e5e09aa3165c101068cb748694695e803540d947f33740d30616001448173ef57bbcb82fcb213348a2a58e2d14480b1ce1ad346729631b91f7e343e37abd8e787274ff4598acc99cc58f3578979e6e6a1926333bd8818a256b58e67c6f77145ee26f24998cab89021423e03326c175adaa8ea905122553948ece311cbcb770222e7f4f373398497c8c301480d031fc53c2a7018d91777cec253e89e28a82d15e01c12c0ccae1b56ecff35b90b19769bff4b786d4624679abe852780e9e4b9985e0564ee604027dc2a60f65d2fcf1d354e163a8465f77eb67e2a6c9fa89ea0768f9cf117fd1ea8969e592da11d34f6f9b7adb24f3261dd14199fea6da6b5d31f825b3706492b3305cbf6ef553fadfcad51a0484f09a8d2491c8a937fdd36d9e0b94fb6bdca6e80a6079739cc1d455fd735e89fe89938a7132dc0c9f181953dd9cf2d106a3f1478b46ddf35aae9bc6932227d79ac4f534967be2cbc30fa254658b61752b534257fcda6338c36710bd8db219ec394b41e7fe541f9086ce19d28e13d2b3c384745fc88ed0cb5ef414e23e8782f99307c49121a733875e9fb9c8559d8ad6bab256dde2bfdee4286c1419b80acf55dd09da71116c0fa902d8e89465c313c311f272a11cd17417372dc74e01f3ba1a9afd8bcb9fad57cde63ad59a6999caaa359e6e5b4216dd3b0bc8d310e28c8a1232cefcbd5070d0537097e370433bc1017b7b1c4efa694a25b4385bccbdf79affb0b6d203b3cefe637fd6f7b51f5ec297471c874a57145b254bd14b89fe62709c94ca3cae304739294c7b4a871768e11cb7a2db0aaeff4abbd00c70b4d4e5e8f8c6d34afe3d619404e20ccf628f7902c17ab1200644fe465751587800d59acb3abd1f8a832a03f1634c0b7e4fb3086fd21c046d7430a1faadbd9b1625ee70c1071bede890f1c07113aed9b1a35ab0fb823e2cb38d2ee6376800f63d28326ec3be129333e1024d17c46198e329779a79f4ee69b56374268fefdd29995e411052bcc92318c636aa9fa634f3e537712f720a52cd95d5472cdd6b4eb66bd1ed2c41cb37c615eb486855671d964ba46ee44eb61ffcb0b22b20632ce3222e4c3037f348d5dec196f9e2bcc2335284f5529e4de9e6b4b84fc559de63357bc8ca0a00c16bdea79372b13abb251fd4bc52f1f732811b65b4c51715da133b20caba229244060fdec0ad4c47fdf1963b6aa1acf998585c59867b5afcd08958dceb9937a97e87b2153f45970ca77e5524c5160c69963717630795e3a4768e2521617bc211926e5cb08edea70cae99c6d7eff4c1e041c7ab0d3473d6ceb3cbc24a9f45c5818896463360490911b1fb77a24aa3b394e3ee1155ea2fbc6686db2c715670dc9187b33f3051b4b894b616bdf7fb287113c315413d83e0540676fe9a48d523bef3280611165fb77c7bb33c0a087fc06e7702fc7d8ea4f7aa264c7ed332af03ae3e392bc0f96ec11e3bca6604ccb7941043fb043b4880de676efaf3f0fba185e90db8e8e6718058fd1d26c49d0a163264d4aaf7094d02d6898f75c6edf2e49edf7b0a645018220535e8694baa1e910df6e493c0812c2cbb16966cb22af208279947f9490f2f5d3a49596050604f920af8fa41c5a339609659f331f24fa0aec3787d052a02541137dd1ccdc30970a879e4a42e491137bb3cddf2c87ea6368bc4d9aad9089af50b71d56bd296d891ac2fbec84303486739a44850680353efa2203d7fcfa00d9cd81433adcad3e6aac009784b63a3b7aca58155b24274b2d41de998321bdf0229ce74a0c61a24d74ceb30d4ba766632c4a48d9db4e3b3334830b12f3136158fb16fa745c2ebad16b65b279d28332894755de3e7ae2aa88f9e2af8a46200c427540eb68907152ee7d53212b55c170ab67c47c884db89757b09dc035ea59fe2be1f384b3edef6925c399753832d32296100ca4e2699154d6ed86bc145e92d699e43c2269ed359a004aee75ac5e730dffec87f239328bc95cc281a9c0bba661f6d36ac11d1151851c70cf39fbbabff2190b619294db73008e3d32acb0b29aa3d28d1e50784dbe35eb911d838bd710336612170666ea5f42b72c32be4d83c4ff61987acd1b1f0cebe281806af8ad4b6e7041431bcb8a93cf0f44826821b0bb9c053468b4d8d034c084ba1c8dfcad9fac6ec379da5425492dc6f7791b1b25d50bd9a930ead9e4faf5b557eebe4461320476a7ae12b0dcc9d171f6d2737b824db7259e62915779dc5e8a08bc69c0c68784202aa3462bdff06af76bdf9f106dd6228211534c4433717947dfaca4b7b61a21d706217e3718b5ccac40c3c4692bd59f222d0c2e98af1ff1919256d7b0540ed69b11f212a9598c7499ba634d1677ecf17517e207d40baed5aa0e25b7e70b6b16f6d6f0c36a146db0644ababd31bc50f5039b3bc4f12b603da2675e121b09fe92c69548dfb9df18d0e50c1387280b7bb1366bf5bbabfcef5557a05ce24df1a02f22f791e06c5e3e21e5fd6db7f2c90ffb83b154b0fd9866c46609dc10b274954caf80e83693f5581f23fd765a18aa4e294bbf7a8721015ea6a6e1ba64f79f6609924d43757fd0752024af79e296415b42de3428f14d9d89f84c2e076a0821cc8921fff677ec7b91178bcbd755ece28477a6bd01fd429d824ddfb62edcdab7c4495edc5a3d27826ea4bddaeacfa7cb17632cee0095ca55d3973812033d96ec5e5ed6880b3a998b4998fb7441e11dd060515bdbfd5aa32aac6ae1fceb8e92d7e8985949946a458ca2f69637de6b92410986f8fa5ba4b1598d8383fdbff2e004dee71500302e3e9270371b39237260bde0888702c7b2bcff69192bd381cfe59b197b9dbe5e2eee27b64c17e95a1dade453a6f29dc8bef1bdd34a92a5275972a2cb18f6f553f99c6098f50198b68cd35d2877d9cdd15074422b43b03170f23138dda44b62b5e161705405d2e9a007f8cc9ec7920d1a6e947ccc57b1a51a728fe1afcb84115fe48be15c894cce96391ab3cdc1bd9aa4cf58213c15d1a849c3f38c8ee34b208766129bbb493558c139f2bfc39df29fc73422127823fc9c993f20d9df9e0acaf0b1729437458e0a857ebfe4a373fd491952a475e9c391b7ee02b79554807c0f12293aa385a3c6b18bfbfc690a7aa9bc85d8adb705eac642ec8611ac62d09d2a6892cd671629d457c2191eb5940114113ed8cd4e8411d96200d3d66f947baa7915610c396402d38f109837d29c8e937fb6223a9d0d605a3d91312908fb5a7df36122c35f7e47855d526915c3a7cea432ca4524fcae3b5c6fbad196c1efef0d129d9b3f9d23104fc3c8a90dbcea0400311e51de50c5abb62fcbedf998ebc1cf23fd76bcc2aea2451f6d0d3b8fdd337ce8d24d7ce2a5b29318df58adb0006d4295c138b4b03060134802626e31a5da92b5a7a8677132523affbdc8d958b955eb4615370497429cd3767f2f708c2cadc233bc3e5efc8c837385749da08c6dd573e3b105ce459d659f790dcaf53c1d0b4d8e0c64b6bce15559e59e66b3b0b2695703e9bd5b1c5bb3c5b1028441391f8fbeadc032e890fe5e3be78569056d147a891f4bc85406e78f962b532eb436b0e047a7d3c88bb89455ffbf1da360207af5d827e9fbbedd8393a828a92382329ff444d9a8128c40e302453550426de4babcdee45108e79533b9747fd21b8f775a76e1d4d54a8a98a65ee3c183be34172877c26e600c89949ced85004d69c24d4fee6f87d2ff24900d41577c78dfbff698d438c0e26ebe15d7b75b49a5b2a5c627da3b13f6458aeff3f0a1944a339b4be5e13d58a71928bb77053beaf7b68568205b62f5a4a9b3c0fef441ede90f012047b0cf2228481fab85d94219ce9f417e4e2b6018b319270a6b6f0de93d0147842f582bd4e41f00720626be2b2f9116875ea4f92e380bcfc33058505ee0336e10c71a5abf6f32c72fe68c68c166454db8e101b3a271f04e4dda8947743e0ac408c73cff69c10e7c015c6b078bab0a1c7aab14a26df087b2b4c859e684aebadff5033d1ebd6c6589a27ac75a075e6ef801f5dece0dbd1e477bb70d2b8553a88b13e304e00735e183feab89edf469cb90c0a5bbf778809a9996f4e72b16417672cd97bdd1c0baa64ea2d782aea9d58ea357b54d06f316076b5c413417061b3c7485b534fcc8bf25d2adf043b47a3d47f0755fe6225bba7569fe672d3507c8e15f7139ef7f606c616c52733413befb248eee53c4a9a16f952ac56e18e221626c4f51eb90c1314167c9677a7eb7004b9b42fd6ec21dd38d5b9032c441166be3f8e9dfed39fb0e654ca3126003decf8e50bf8ace994e16fdbe3f53a36a11ed6f06d1bb8e54f574a83035eba379f2453f2346d11414cafbde87cb5d66b650a5e25ebaced402188c1b4b941e788e1af908fff3ef84c1dadef0550687f0b6aeef6063dc1c8c8efe09d611253efb4d288ea407ef3c043aacc3dfc19a18449b38fb97d9fc0bb67de3e1744f782d3a9d1fc449c3a902b1ec8789e336f731a51cc7fefc43736e04942167fbfdac9f15c5b3f921aaa3df0c9709c21339ce890cd4054828615f18fd12548258440a06dbec3d72719b3e9f5f9967525f90f16993cab09c9eab2b27b29c959c002dbb028cc96297d40822772c16b4b786cc57cd581c02f143d6e728eeac1ab4eca6170748002c0e2269611a2b402f9fa8190d9216b1e1b7de8f81074b8dbb665f0d69c52cf573d07ca0752fd6fe7da88dcf4a915ab1533f5686b766393fe9bf1aeef9d17414d1803708e61973dd205097eb1ed466c8dcfb2c7710caf9df713a11c774fd0469880534ae2ccd1e40216ffa145f0fc832b166896810a678f3a47dd24bc2e6835c16e405a444971068dbd47926f430871121be8f19c8ac4fd0a9e3ff7cd961f90f24265de455694cc291de76437953ac314b1791acbe96d3fcae4fa397287a02eac86f13c931f4d4f49ad52cf1db0efdf7027ee8e468d64d316a2208ae33d8fc3274861b41f2e064c99fbba37b7a0c46a3df8dc4589de7ac28df63ed697a48011c863049345c371f10f7d53a56947e348d07e4ff71eaaaf9aaa09bf1147b80d62a60dcec6d7dd4cbf52f2b0b89d2c7de1f16d63ccc0260b0982fcf105736b50001c19eda998426284713670aab21ce128a80b57920d8c3436edb859d4afd7ed835985b5bec01df5447e66ee8511b28671646e71c0669ab2203c4c9a020000279ba87f089d04924cb33ff82f59da9399ce3f20932c073289938e4e7101d357cce920a2aae72f94d6e1aaf9a3905f4da18a7ee849a39f0d1e83adc67ffab826490d4bfff1f80e8c2c180b08e013daf6d054be660390fc4f872b8d60f14951f05ac0dcb4c4281f71ac2d4cb4d68ffdfe8f5c43160d99ea0077486219bb9400a8fc1faacf12878379a7ea5eae2adbbe2871c1664bea1985d594963935019446d605a61ff79802e114a34610d002cf27e0f4b96c6ff880785307161813f48b68c6f9130a6faee6f332e77755fb68b68248ec113030575b1c262c2430c000d11b269ce4e98a32eea3af403630e83aeaaed1420c9fd66eadcf34d6d1fbe457c5216481ddaf6b397912630999fbc5298eab15ab3cce9de7741367264a4e30a61ff7f1d5e7e64290218d9f6f5c9898cd23ee1ac35ab8d3691bf3df31cef54c161bdf3093390ad2322b6f71f22199ac68c5eab4aa7523b4957202751b675fe82c9d42432c92c2fec148da6e5514e9d5f2618d5a616cdbc4a560b3e36eb6cb8baca3251d8e819ea8f552f07ecca0664a7ef22a3a6c11d023eade70f1b872cf58e89c625f561e4858877e39d324dd448b041e4435b676ce0e86de9045e8b9e8305ae60cb7a41c01ce2318af7f9fa011d24aac2b2d31360ce7b437c46df5756d94d1005a0359b57534c49d1e8e173ba183666a19ff6e6c63388250985249eb40f0f981a2bc34e8196e9c468b1bf329c4ac9cf5f19e46734b1238f99f1e6d8c95ecca9cfafc15c756bb4780b675ec9781bfdb583bd91a7df33ed49daec1d65d14f26d7cfadb9e1de06e922939e924b034e4d128cd66a2f7a87c9399c622922e6e33af68c5115053f42c519a054e295b5f8e420630dc116bb2562ac87a6402e4635bd6c6b95943820f86acd5f48ac519b06f1b0bf1c7a70d69e84c95600e017a67e64536197447b810c21cf86a9d09c37aaf6cc39333b414844ce883cec0ffb23e36d5560e9ff6922a9237a6503c72346ebebf57e59c13e7320f670e1826c802b9cc674b55284ddb061e6e38b16c58532497709028ccc4c000604d4a72b3255170a217ac411ea68e64fb3b63653b985abc42bf21629775a05812ef159992320c3cb93805bbebb250e2f9f92b2c8795c388fea24de5e70d45f8ad1764a6e39a1d588191f77fd7bd0408252c784deef806464edc1b4d3de83df34f1b615e10ba20948ca9f28c4f435163e1f5a6fdd0bc8ef397c25b7d704e1ff1dca065022b99778c05ad39f806c3f7ae4278b768eac09b7d317ec5e07db3fc5579a29fb42658ba66c68afb3b8401b2e09c13bc0652309b26cfab2febc3e96a6da6341e6e860468aca74caf06bfc576124594c3f123d5e987319862b0700bd257cff3ea8abff23ebf1a62e575741db2902761578de5c72f4d37bf9186c2391dfff0fcdf2969df27ac0c34d3f07feb0d1887de871e96916add75c15ce2f795749ceadacca94df5808a1629ccd906b3776e7c2a9e94393243de87656432ec21be389731be9821fc035859fffd503f9c8279bd4a36f3be1e3ba0beecaaf6ee44203d8b76c4ca97da38f63fd07ed7812601ab9095a77d52397ecc31819b91d3c28f639bda94c46a5d527abe34bc579338a4db395c57dbeec31a37685ee8121284b63583e026783e47d58deaad78a17e9a946ae7a3db89d8d78d9f37ee5861de7ca92e7335dade99819ecfd63770413b17de97bf403a6d97e163f7eead7d8c182b77cc3d0e0f28f30839445ef751bcf4f21b5803a4e8754fd9a3addb2553ad1d81879addbdc2668e5f2e15926ed805ce7b4ae01be9677c322d59d619cfc806a4946f59010aac481e49d0a0b2ccd0fbd88abf07d4912a081c81633f4a6e0e68eceee686d58a43c45d3bec1046d3bb8d7fc727dda7cfe22af174219bc8e928ca15ff9ce2c707bcea190f8fdeb86a2dc99d7ca81b78efdb0062f1967bb66132164d227e149aa52f39af5e763705373c864323a5885dc6061b5a2ee5501d0b1aa465d93052f29d033a750b1b9cc85fddc0cf168ddc62fb2d1570458d246906fbb689bc8ee3864901eb43f96c19482a7ba7a52fe08b241a32aa9a2774359132b5e1905a08ba37244265070f6d69a428a5834f10d9ba45f476f9e88e856ac223d8cf6ff04894faa2590ecd0a3f6938d661d8aecf6223ae99c414962a86fdc1c2599cee39e9f0153a57ed809bd90023c8d688cc1aa7b5eec5fcd01d07d001", 0x2000, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000002240)={0x10, 0xffffffffffffffda}, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x28, r4, 0x5, 0xfffffffd, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) 246.738021ms ago: executing program 4 (id=10310): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x4498bda7e2139f51, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000240)={[{0x2, 0x5, 0x9b, 0x1, 0x0, 0x5f, 0x3, 0x20, 0xa6, 0x2, 0x5, 0x9, 0x3}, {0xfffffff9, 0xfffa, 0x0, 0x0, 0x0, 0xf6, 0xce, 0x0, 0x4, 0xff, 0x4, 0x0, 0x800000000000000}, {0xffffff01, 0x35, 0x0, 0x0, 0x4, 0x1, 0x7, 0xfe, 0x7, 0x8, 0xfe, 0x4, 0x1000000000000004}], 0xcc78}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x5, 0x7fff, 0x1000200004, 0x4, 0x2, 0x0, 0x1], 0x8080000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000002400)={[{0x7, 0xce, 0xfa, 0x5, 0x8, 0x96, 0x9, 0x6, 0x75, 0x0, 0x2, 0x6, 0xffffffff}, {0x15, 0x1, 0x6, 0x6, 0x1, 0x80, 0x2, 0x6, 0xb, 0x2, 0x4, 0x9, 0x1000000000001}, {0xfffffffe, 0x1000, 0x8, 0x52, 0x1, 0x2a, 0xff, 0x8, 0xb, 0x40, 0xf4, 0x4, 0x200}], 0x9}) 246.411265ms ago: executing program 3 (id=10311): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xab, @loopback, 0x10001}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @loopback, 0x23}, 0x1c) r1 = dup(r0) setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000040)=0x7, 0x4) write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000000c0)={0x7, 0xffffffffffffffa0, 0xfa00, {0xffffffffffffffff, 0x10c}}, 0xfffffd88) 213.504333ms ago: executing program 3 (id=10312): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x23}, 0x94) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="c00000000001010400000000000000000a0000000400018008000740000004004c000e8014000180080001000a010101080002006401"], 0xc0}}, 0x200000b0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="8304"], 0xa0}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)={0x24, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x7, 0x0, 0x2, 0xffffffffffffffff]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x7fff, 0x2, 0x4, 0xefffffffffffffff, 0x400000, 0x0, 0x2000000, 0x0, 0x1d, 0x0, 0xffffffffffffffff, 0xfffffffffffffff8], 0x0, 0x302000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 99.296754ms ago: executing program 4 (id=10313): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001500), 0x80800, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x24) 19.328232ms ago: executing program 3 (id=10314): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x40, 0x1c0862) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x0, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000003c0)={r1, 0x1000, {0x0, 0x0, 0x0, 0x6, 0x4000000000000ffe, 0x0, 0x0, 0x1c, 0xc, "faf98317e5a1149989fc8dbe53ea6abad0099cebdc25f5ab60c9e6d680f985881a8a0f3500000000000000000e0000000000000000000000000000000000ffff", "32d8cc26f7061a74df2cfc06c89f3d9a234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce6, 0xa]}}) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) 19.04662ms ago: executing program 4 (id=10315): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1b32, 0x4) sendto$inet(r0, 0x0, 0x0, 0x4040, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}, 0x1e0d}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000001f40)=""/4096, 0x1000}], 0x1}, 0x1}], 0x2, 0x120a0, 0x0) 0s ago: executing program 4 (id=10316): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000001a80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/133, 0x85}, 0x49dc}], 0x1, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) kernel console output (not intermixed with test programs): ver after parsing attributes in process `syz.1.7856'. [ 2590.134182][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 2590.148303][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 2594.719122][T10469] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7867'. [ 2600.114384][T10536] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7877'. [ 2600.130749][T10536] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7877'. [ 2601.998321][T10570] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7880'. [ 2603.961661][T10591] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7884'. [ 2604.527998][T10593] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7887'. [ 2604.542379][T10593] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7887'. [ 2606.689326][T10630] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7892'. [ 2609.405179][T10675] binder: 10665:10675 ioctl c018620c 80000380 returned -22 [ 2614.368543][T10749] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7911'. [ 2614.431153][T10749] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7911'. [ 2617.166194][T10798] binder: 10781:10798 ioctl c018620c 80000380 returned -22 [ 2617.195367][T10800] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7918'. [ 2620.257793][ T8348] usb 5-1: new high-speed USB device number 111 using dummy_hcd [ 2620.411777][ T8348] usb 5-1: Using ep0 maxpacket: 16 [ 2620.419335][T10844] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7927'. [ 2620.429084][ T8348] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2620.440546][ T8348] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 2620.451144][ T8348] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2620.467859][ T8348] usb 5-1: config 0 descriptor?? [ 2620.576126][T10847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7926'. [ 2620.895151][ T8348] mcp2221 0003:04D8:00DD.005B: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 2621.097709][T10833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2621.126822][T10833] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2621.163669][T24770] usb 5-1: USB disconnect, device number 111 [ 2621.454248][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7923'. [ 2622.485228][T10872] binder: BINDER_SET_CONTEXT_MGR already set [ 2622.516033][T10872] binder: 10864:10872 ioctl 4018620d 80000080 returned -16 [ 2622.604268][T10877] binder: 10864:10877 ioctl c018620c 80000380 returned -1 [ 2623.531579][ T8348] usb 5-1: new high-speed USB device number 112 using dummy_hcd [ 2623.741718][ T8348] usb 5-1: Using ep0 maxpacket: 8 [ 2623.749073][ T8348] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2623.760821][ T8348] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2623.772161][ T8348] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 2623.826142][ T8348] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 2623.836615][ T8348] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2623.846908][ T8348] usb 5-1: Product: syz [ 2623.855398][ T8348] usb 5-1: Manufacturer: syz [ 2623.861061][ T8348] usb 5-1: SerialNumber: syz [ 2623.880231][ T8348] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 2623.925494][ T8348] usbtest 5-1:1.0: couldn't get endpoints, -22 [ 2623.935337][T10897] binder: 10884:10897 ioctl c018620c 80000380 returned -22 [ 2623.945295][ T8348] usbtest 5-1:1.0: probe with driver usbtest failed with error -22 [ 2624.041368][T10896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7934'. [ 2624.715804][ T8348] usb 5-1: USB disconnect, device number 112 [ 2625.309854][T10913] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7937'. [ 2626.307297][T10930] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7939'. [ 2627.098507][T10944] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7941'. [ 2628.890660][T10968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7944'. [ 2632.368004][T11034] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7951'. [ 2633.648587][T11043] binder: 11037:11043 ioctl c018620c 80000380 returned -22 [ 2635.433552][T11066] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7959'. [ 2636.690250][T11083] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7963'. [ 2636.766811][T11083] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7963'. [ 2636.783271][T11081] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7960'. [ 2636.827759][T11087] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7964'. [ 2638.130369][T11106] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7966'. [ 2638.467513][T11110] binder: 11103:11110 ioctl c018620c 80000380 returned -22 [ 2638.800831][T11122] binder: 11116:11122 ioctl c018620c 80000380 returned -22 [ 2639.035680][T11127] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7969'. [ 2639.682642][T11134] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7971'. [ 2639.728097][T11134] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7971'. [ 2639.788525][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 2639.788536][ T30] audit: type=1326 audit(1766622666.964:4597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11133 comm="syz.3.7971" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 2639.895490][ T30] audit: type=1326 audit(1766622667.004:4598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11133 comm="syz.3.7971" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 2640.230551][T11149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7973'. [ 2640.271586][T11150] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7974'. [ 2640.289261][T11150] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7974'. [ 2642.863047][ T8348] usb 2-1: new high-speed USB device number 74 using dummy_hcd [ 2643.032427][ T8348] usb 2-1: Using ep0 maxpacket: 16 [ 2643.045576][ T8348] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2643.060572][ T8348] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 2643.082277][ T8348] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2643.109524][ T8348] usb 2-1: config 0 descriptor?? [ 2643.568245][ T8348] mcp2221 0003:04D8:00DD.005C: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 2643.783428][T11175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2643.855104][T11175] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2643.955967][T24770] usb 2-1: USB disconnect, device number 74 [ 2644.047885][T11190] binder: 11182:11190 ioctl c018620c 80000380 returned -22 [ 2645.235526][T11211] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7983'. [ 2651.540691][T11288] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7994'. [ 2651.575801][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 2651.602946][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 2651.719445][T11292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7995'. [ 2652.042070][T31186] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 2652.194767][T11288] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7994'. [ 2652.331541][T31186] usb 6-1: Using ep0 maxpacket: 8 [ 2652.660321][T31186] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2652.685107][T31186] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2652.755446][T31186] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 2653.080588][T31186] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 2653.174454][T31186] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2653.399453][T31186] usb 6-1: Product: syz [ 2653.402270][T11304] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7997'. [ 2653.506596][T31186] usb 6-1: Manufacturer: syz [ 2653.511191][T31186] usb 6-1: SerialNumber: syz [ 2653.940351][T31186] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22 [ 2654.001550][T11309] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2654.012225][T31186] usbtest 6-1:1.0: couldn't get endpoints, -22 [ 2654.018419][T31186] usbtest 6-1:1.0: probe with driver usbtest failed with error -22 [ 2654.032087][T11309] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2654.052203][T11309] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2654.091998][T11309] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2654.141859][T11309] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2654.605097][T11310] chnl_net:caif_netlink_parms(): no params data found [ 2654.788851][T11310] bridge0: port 1(bridge_slave_0) entered blocking state [ 2654.798896][T11310] bridge0: port 1(bridge_slave_0) entered disabled state [ 2654.809351][T11310] bridge_slave_0: entered allmulticast mode [ 2654.818048][T11310] bridge_slave_0: entered promiscuous mode [ 2654.826800][T11310] bridge0: port 2(bridge_slave_1) entered blocking state [ 2654.834989][T11310] bridge0: port 2(bridge_slave_1) entered disabled state [ 2654.844558][T11310] bridge_slave_1: entered allmulticast mode [ 2654.853533][T11310] bridge_slave_1: entered promiscuous mode [ 2654.887999][T11310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2654.901077][T11310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2654.927208][T11310] team0: Port device team_slave_0 added [ 2654.944263][T11327] binder: 11315:11327 ioctl c018620c 80000380 returned -22 [ 2654.964890][T11310] team0: Port device team_slave_1 added [ 2655.055388][T11310] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2655.063094][T11310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2655.091326][T11310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2655.111303][T11310] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2655.126255][T11310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2655.167610][T11310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2655.212498][T11320] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7998'. [ 2655.988615][T11310] hsr_slave_0: entered promiscuous mode [ 2655.995094][T11310] hsr_slave_1: entered promiscuous mode [ 2656.001269][T11310] debugfs: 'hsr0' already exists in 'hsr' [ 2656.010967][T11310] Cannot create hsr debugfs directory [ 2656.302549][T11309] Bluetooth: hci4: command tx timeout [ 2656.743096][ T8348] usb 6-1: USB disconnect, device number 38 [ 2657.476898][T11310] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2657.731257][T11354] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8003'. [ 2657.970911][T11310] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2658.372016][T11309] Bluetooth: hci4: command tx timeout [ 2658.528214][T11310] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2658.746587][T11310] tipc: Resetting bearer [ 2658.826170][T11310] bond0: (slave netdevsim0): Releasing backup interface [ 2658.834503][T11310] tipc: Resetting bearer [ 2658.841276][T11310] tipc: Disabling bearer [ 2658.847922][T11310] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2658.918682][T11366] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8004'. [ 2659.256685][T11380] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8007'. [ 2659.334866][T11380] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8007'. [ 2659.624689][T11310] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2659.767420][T11310] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2659.811813][T11310] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2659.930821][T11310] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2660.452527][T11309] Bluetooth: hci4: command tx timeout [ 2660.663123][T11310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2660.670915][T11398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8008'. [ 2660.723227][T11310] 8021q: adding VLAN 0 to HW filter on device team0 [ 2660.757247][ T3441] bridge0: port 1(bridge_slave_0) entered blocking state [ 2660.764369][ T3441] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2660.804924][ T3441] bridge0: port 2(bridge_slave_1) entered blocking state [ 2660.812023][ T3441] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2660.929667][T11310] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2661.017648][T11310] veth0_vlan: entered promiscuous mode [ 2661.048112][T11310] veth1_vlan: entered promiscuous mode [ 2661.118452][T11310] veth0_macvtap: entered promiscuous mode [ 2661.145381][T11310] veth1_macvtap: entered promiscuous mode [ 2661.189313][T11310] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2661.226290][T11310] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2661.266576][ T3441] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2661.317151][ T3441] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2661.351831][ T3441] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2661.394179][ T3441] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2661.543337][T26055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2661.557886][T26055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2661.612440][ T4463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2661.626754][ T4463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2661.953003][T11407] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7996'. [ 2662.117325][ T5836] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 2662.129664][ T5836] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 2662.140010][ T5836] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 2662.147805][ T5836] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 2662.155359][ T5836] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 2662.533169][T11309] Bluetooth: hci4: command tx timeout [ 2662.984868][T16345] syz_tun (unregistering): left allmulticast mode [ 2663.369472][ T4463] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2663.650103][T11437] binder: BINDER_SET_CONTEXT_MGR already set [ 2663.658109][T11437] binder: 11422:11437 ioctl 4018620d 80000080 returned -16 [ 2663.715402][T11437] binder: 11422:11437 ioctl c018620c 80000380 returned -1 [ 2663.816171][ T4463] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2664.023893][ T4463] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2664.180914][T22411] tipc: Resetting bearer [ 2664.222071][T11309] Bluetooth: hci5: command tx timeout [ 2664.406092][ T4463] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2664.632587][T11414] chnl_net:caif_netlink_parms(): no params data found [ 2665.046468][T11414] bridge0: port 1(bridge_slave_0) entered blocking state [ 2665.074888][T11414] bridge0: port 1(bridge_slave_0) entered disabled state [ 2665.109884][T11414] bridge_slave_0: entered allmulticast mode [ 2665.139098][T11414] bridge_slave_0: entered promiscuous mode [ 2665.162313][T11414] bridge0: port 2(bridge_slave_1) entered blocking state [ 2665.192595][T11414] bridge0: port 2(bridge_slave_1) entered disabled state [ 2665.216791][T11414] bridge_slave_1: entered allmulticast mode [ 2665.248824][T11414] bridge_slave_1: entered promiscuous mode [ 2666.293478][T11309] Bluetooth: hci5: command tx timeout [ 2666.341353][T11414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2666.357933][T11414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2666.439077][T11414] team0: Port device team_slave_0 added [ 2667.815009][ T4463] dvmrp6 (unregistering): left allmulticast mode [ 2668.379685][T11309] Bluetooth: hci5: command tx timeout [ 2668.610635][ T4463] @ (unregistering): Released all slaves [ 2668.646682][ T4463] bond0 (unregistering): Released all slaves [ 2668.938979][ T4463] bond1 (unregistering): Released all slaves [ 2669.278699][ T4463] bond2 (unregistering): Released all slaves [ 2669.394356][ T4463] bond3 (unregistering): Released all slaves [ 2669.518388][ T4463] bond4 (unregistering): Released all slaves [ 2669.639408][ T4463] bond5 (unregistering): Released all slaves [ 2669.759021][ T4463] bond6 (unregistering): Released all slaves [ 2669.881025][ T4463] bond7 (unregistering): Released all slaves [ 2669.996978][ T4463] bond8 (unregistering): Released all slaves [ 2670.110022][ T4463] bond9 (unregistering): Released all slaves [ 2670.226664][ T4463] bond10 (unregistering): Released all slaves [ 2670.352598][ T4463] bond11 (unregistering): Released all slaves [ 2670.461764][T11309] Bluetooth: hci5: command tx timeout [ 2670.493047][ T4463] bond12 (unregistering): Released all slaves [ 2670.627715][ T4463] bond13 (unregistering): Released all slaves [ 2670.775428][ T4463] bond14 (unregistering): Released all slaves [ 2670.907841][ T4463] bond15 (unregistering): Released all slaves [ 2670.938164][T11414] team0: Port device team_slave_1 added [ 2671.156897][T11414] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2671.167530][T11414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2671.193989][T11414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2671.235448][ T4463] tipc: Disabling bearer [ 2671.280979][ T4463] tipc: Disabling bearer [ 2671.329706][ T4463] tipc: Disabling bearer [ 2671.365711][ T4463] tipc: Left network mode [ 2671.366391][T11414] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2671.448136][T11516] binder: 11501:11516 ioctl c018620c 80000380 returned -22 [ 2671.455664][T11414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2671.600113][T11414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2672.236770][T11414] hsr_slave_0: entered promiscuous mode [ 2672.282695][T11414] hsr_slave_1: entered promiscuous mode [ 2672.322204][T11414] debugfs: 'hsr0' already exists in 'hsr' [ 2672.347057][T11414] Cannot create hsr debugfs directory [ 2673.443989][ T4463] hsr_slave_0: left promiscuous mode [ 2673.492438][ T4463] hsr_slave_1: left promiscuous mode [ 2673.539992][ T4463] veth1_macvtap: left promiscuous mode [ 2673.558360][ T4463] veth0_macvtap: left promiscuous mode [ 2673.586980][ T4463] veth1_vlan: left promiscuous mode [ 2673.603449][ T4463] veth0_vlan: left promiscuous mode [ 2674.408162][T11570] binder: BINDER_SET_CONTEXT_MGR already set [ 2674.445574][T11570] binder: 11564:11570 ioctl 4018620d 80000080 returned -16 [ 2674.635670][T11571] binder: 11564:11571 ioctl c018620c 80000380 returned -1 [ 2675.595998][ T4463] vcan0 (unregistering): left allmulticast mode [ 2678.039535][ T4463] IPVS: stop unused estimator thread 0... [ 2678.535184][T11414] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2678.654688][T11414] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2678.743656][T11414] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2678.848509][T11414] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2679.109661][T11666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8029'. [ 2679.163668][T11414] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2679.220521][T11414] 8021q: adding VLAN 0 to HW filter on device team0 [ 2679.250945][ T402] bridge0: port 1(bridge_slave_0) entered blocking state [ 2679.258067][ T402] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2680.769047][ T402] bridge0: port 2(bridge_slave_1) entered blocking state [ 2680.776226][ T402] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2680.944328][T11414] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2681.018611][T11414] veth0_vlan: entered promiscuous mode [ 2681.046129][T11414] veth1_vlan: entered promiscuous mode [ 2681.098690][T11414] veth0_macvtap: entered promiscuous mode [ 2681.139984][T11709] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8031'. [ 2681.173985][T11414] veth1_macvtap: entered promiscuous mode [ 2681.235405][T11414] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2681.294710][T11414] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2681.325521][T24142] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2681.374731][T24142] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2681.447575][T24142] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2681.535132][T24142] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2681.645921][T22991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2681.683435][T22991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2681.733531][T24142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2681.761536][T24142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2682.147450][T11723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8009'. [ 2683.362223][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 2683.392232][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 2683.423356][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 2683.441609][ T5836] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 2683.452364][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 2683.488080][T11734] binder: 11725:11734 ioctl c018620c 80000380 returned -22 [ 2684.040887][T11736] chnl_net:caif_netlink_parms(): no params data found [ 2684.473296][T11736] bridge0: port 1(bridge_slave_0) entered blocking state [ 2684.504012][T11736] bridge0: port 1(bridge_slave_0) entered disabled state [ 2684.537838][T11736] bridge_slave_0: entered allmulticast mode [ 2684.555651][T11736] bridge_slave_0: entered promiscuous mode [ 2684.580125][T11736] bridge0: port 2(bridge_slave_1) entered blocking state [ 2684.602978][T11736] bridge0: port 2(bridge_slave_1) entered disabled state [ 2684.630577][T11736] bridge_slave_1: entered allmulticast mode [ 2684.643620][T11736] bridge_slave_1: entered promiscuous mode [ 2685.501813][T11309] Bluetooth: hci3: command tx timeout [ 2685.521558][T11762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8038'. [ 2686.543301][T11736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2686.578166][T11736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2686.663864][T11736] team0: Port device team_slave_0 added [ 2686.674208][T11736] team0: Port device team_slave_1 added [ 2686.711838][T11736] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2686.722705][T11736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2686.757925][T11770] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8040'. [ 2686.790216][T11736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2686.905320][T21098] bond0: (slave netdevsim0): Releasing backup interface [ 2687.069444][T11736] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2687.090853][T11736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2687.179112][T11736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2687.345983][T11778] binder: 11773:11778 ioctl c018620c 80000380 returned -22 [ 2687.592744][T11309] Bluetooth: hci3: command tx timeout [ 2687.632783][T11736] hsr_slave_0: entered promiscuous mode [ 2687.642271][T11736] hsr_slave_1: entered promiscuous mode [ 2687.648765][T11736] debugfs: 'hsr0' already exists in 'hsr' [ 2687.655380][T11736] Cannot create hsr debugfs directory [ 2688.365413][T21098] bond2 (unregistering): (slave ip6gretap2): Releasing active interface [ 2688.743601][T21098] dvmrp6 (unregistering): left allmulticast mode [ 2689.662722][T11309] Bluetooth: hci3: command tx timeout [ 2689.808247][T21098] bond0 (unregistering): Released all slaves [ 2689.827361][T21098] bond1 (unregistering): Released all slaves [ 2690.096227][T21098] bond2 (unregistering): Released all slaves [ 2690.357388][T21098] bond3 (unregistering): Released all slaves [ 2690.542872][T21098] bond4 (unregistering): Released all slaves [ 2690.714396][T21098] bond5 (unregistering): Released all slaves [ 2690.842230][T21098] bond6 (unregistering): Released all slaves [ 2691.028995][T21098] tipc: Disabling bearer [ 2691.043857][T21098] tipc: Disabling bearer [ 2691.057903][T21098] tipc: Left network mode [ 2691.603130][T21098] hsr_slave_0: left promiscuous mode [ 2691.625917][T21098] hsr_slave_1: left promiscuous mode [ 2691.716617][T11839] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8046'. [ 2691.732875][T11309] Bluetooth: hci3: command tx timeout [ 2691.889342][T21098] pim6reg (unregistering): left allmulticast mode [ 2693.108899][T11853] binder: 11842:11853 ioctl c018620c 80000380 returned -22 [ 2694.459717][T11865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8049'. [ 2694.755108][T11736] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2694.873865][T11736] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2694.919140][T11736] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2694.954554][T11736] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2695.088294][T11883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8050'. [ 2695.620889][T11736] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2695.698016][T11736] 8021q: adding VLAN 0 to HW filter on device team0 [ 2695.777724][ T5829] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 2695.786966][T24160] bridge0: port 1(bridge_slave_0) entered blocking state [ 2695.794134][T24160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2695.909869][T21098] IPVS: stop unused estimator thread 0... [ 2695.929296][T24160] bridge0: port 2(bridge_slave_1) entered blocking state [ 2695.936410][T24160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2696.005511][ T5829] usb 4-1: Using ep0 maxpacket: 8 [ 2696.058750][ T5829] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2696.103654][ T5829] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2696.125978][T11912] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8052'. [ 2696.150873][ T5829] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 2696.240265][ T5829] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 2696.269930][ T5829] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2696.285845][T11736] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2696.299204][ T5829] usb 4-1: Product: syz [ 2696.320322][ T5829] usb 4-1: Manufacturer: syz [ 2696.357188][ T5829] usb 4-1: SerialNumber: syz [ 2696.512974][ T5829] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22 [ 2696.528673][T11736] veth0_vlan: entered promiscuous mode [ 2696.557948][ T5829] usbtest 4-1:1.0: couldn't get endpoints, -22 [ 2696.587041][T11736] veth1_vlan: entered promiscuous mode [ 2696.601014][ T5829] usbtest 4-1:1.0: probe with driver usbtest failed with error -22 [ 2696.699444][T11736] veth0_macvtap: entered promiscuous mode [ 2696.732502][T11736] veth1_macvtap: entered promiscuous mode [ 2696.791282][T11736] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2696.833939][T11736] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2696.891985][T26055] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2696.932707][T26055] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2696.941409][T26055] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2697.209190][T26055] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2697.531781][T22991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2697.542955][T22991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2697.584038][ T8348] usb 4-1: USB disconnect, device number 85 [ 2697.649552][T22991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2697.706414][T22991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2698.865018][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2698.884582][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2698.893129][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2698.900775][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2698.908681][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2699.965072][T11957] chnl_net:caif_netlink_parms(): no params data found [ 2700.518512][T11957] bridge0: port 1(bridge_slave_0) entered blocking state [ 2700.544469][T11957] bridge0: port 1(bridge_slave_0) entered disabled state [ 2700.584475][T11957] bridge_slave_0: entered allmulticast mode [ 2700.624323][T11957] bridge_slave_0: entered promiscuous mode [ 2700.644510][T11957] bridge0: port 2(bridge_slave_1) entered blocking state [ 2700.664894][T11957] bridge0: port 2(bridge_slave_1) entered disabled state [ 2700.694629][T11957] bridge_slave_1: entered allmulticast mode [ 2700.740460][T11957] bridge_slave_1: entered promiscuous mode [ 2700.825847][T11957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2700.880764][T11957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2701.011534][ T5836] Bluetooth: hci2: command tx timeout [ 2701.030966][T11957] team0: Port device team_slave_0 added [ 2701.038732][T11957] team0: Port device team_slave_1 added [ 2701.075978][T11957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2701.092820][T11957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2701.119394][T11957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2701.180531][T11957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2701.212726][T11957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2701.344103][T11957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2701.924093][T11957] hsr_slave_0: entered promiscuous mode [ 2701.943071][T11957] hsr_slave_1: entered promiscuous mode [ 2701.979017][T11957] debugfs: 'hsr0' already exists in 'hsr' [ 2702.002276][T11957] Cannot create hsr debugfs directory [ 2702.461304][T11957] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2702.753206][T11957] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2702.935168][T11957] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2703.009277][T12090] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8100'. [ 2703.067090][T11957] netdevsim netdevsim1  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2703.092055][ T5836] Bluetooth: hci2: command tx timeout [ 2703.145811][T12090] ip6gre2: entered promiscuous mode [ 2703.159868][T12090] ip6gre2: entered allmulticast mode [ 2703.184703][T21019] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 2703.231853][T11401] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 2703.243636][T21019] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 2703.279812][T12099] netlink: 'syz.0.8103': attribute type 10 has an invalid length. [ 2703.306637][T12101] netlink: 212328 bytes leftover after parsing attributes in process `syz.3.8104'. [ 2703.324710][T12099] syz_tun: entered promiscuous mode [ 2703.342343][T12101] netlink: Conntrack attr has 4 unknown bytes [ 2703.371593][T12099] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 2703.492052][ T8348] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 2703.567921][T11957] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2703.639480][T11957] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2703.726106][T11957] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2703.757912][T12116] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2703.784895][T11957] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2703.988777][T11957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2704.032955][T11957] 8021q: adding VLAN 0 to HW filter on device team0 [ 2704.064144][ T9554] bridge0: port 1(bridge_slave_0) entered blocking state [ 2704.071220][ T9554] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2704.126771][ T9554] bridge0: port 2(bridge_slave_1) entered blocking state [ 2704.133920][ T9554] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2704.211761][ T8348] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 2704.320317][T11957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2704.414799][T11957] veth0_vlan: entered promiscuous mode [ 2704.436977][T11957] veth1_vlan: entered promiscuous mode [ 2704.502550][T31186] usb 5-1: new high-speed USB device number 113 using dummy_hcd [ 2704.520954][T11957] veth0_macvtap: entered promiscuous mode [ 2704.553558][T12153] bridge0: port 2(bridge_slave_1) entered disabled state [ 2704.597356][T11957] veth1_macvtap: entered promiscuous mode [ 2704.637723][T11957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2704.661694][T31186] usb 5-1: Using ep0 maxpacket: 16 [ 2704.670819][T11957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2704.682527][T31186] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 2704.707357][T31186] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 2704.718323][ T5956] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2704.741724][T31186] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2704.755480][ T5956] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2704.790793][T31186] usb 5-1: config 1 interface 0 has no altsetting 0 [ 2704.804672][ T5956] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2704.823530][T31186] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 2704.824237][ T402] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2704.853461][T31186] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2704.874332][T31186] usb 5-1: Product: syz [ 2704.894630][T31186] usb 5-1: Manufacturer: syz [ 2704.906137][T31186] usb 5-1: SerialNumber: syz [ 2704.942936][T12163] binfmt_misc: register: failed to install interpreter file ./file0 [ 2705.044587][ T444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2705.067156][ T444] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2705.158401][T31186] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 113 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 2705.170108][T23775] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2705.185235][ T5836] Bluetooth: hci2: command tx timeout [ 2705.204108][T23775] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2705.226579][T12174] netlink: 388 bytes leftover after parsing attributes in process `syz.3.8133'. [ 2705.682895][T12197] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8141'. [ 2706.385055][T12215] ipip0: entered promiscuous mode [ 2706.407645][T12215] ipip0: entered allmulticast mode [ 2706.428840][T12220] syz_tun: entered allmulticast mode [ 2707.021936][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 2707.252758][ T5836] Bluetooth: hci2: command tx timeout [ 2707.278516][T31186] usb 5-1: USB disconnect, device number 113 [ 2707.295953][T31186] usblp0: removed [ 2707.644026][T11309] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 2707.657164][T11309] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 2707.671903][T11309] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 2707.685467][T11309] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 2707.694298][T11309] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 2707.872382][T12261] netlink: 'syz.0.8170': attribute type 4 has an invalid length. [ 2708.256257][T12265] chnl_net:caif_netlink_parms(): no params data found [ 2708.442340][T12265] bridge0: port 1(bridge_slave_0) entered blocking state [ 2708.461663][T12265] bridge0: port 1(bridge_slave_0) entered disabled state [ 2708.468936][T12265] bridge_slave_0: entered allmulticast mode [ 2708.478069][T12265] bridge_slave_0: entered promiscuous mode [ 2708.492342][T12265] bridge0: port 2(bridge_slave_1) entered blocking state [ 2708.499579][T12265] bridge0: port 2(bridge_slave_1) entered disabled state [ 2708.509210][T12265] bridge_slave_1: entered allmulticast mode [ 2708.517187][T12265] bridge_slave_1: entered promiscuous mode [ 2708.672786][T12265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2708.730184][T12265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2708.815762][T12265] team0: Port device team_slave_0 added [ 2708.962797][T11906] usb 1-1: new high-speed USB device number 90 using dummy_hcd [ 2709.136027][T11906] usb 1-1: Using ep0 maxpacket: 16 [ 2709.150621][T11906] usb 1-1: config 1 has an invalid interface number: 105 but max is 0 [ 2709.164133][T11906] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2709.200173][T11906] usb 1-1: config 1 has no interface number 0 [ 2709.212426][T11906] usb 1-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 2709.240192][T11906] usb 1-1: config 1 interface 105 has no altsetting 0 [ 2709.251153][T11906] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 2709.263826][T11906] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2709.274234][T11906] usb 1-1: Product: syz [ 2709.278404][T11906] usb 1-1: Manufacturer: syz [ 2709.284950][T11906] usb 1-1: SerialNumber: syz [ 2709.413671][ T402] bond1 (unregistering): (slave gretap1): Releasing active interface [ 2709.464802][ T402] dvmrp0 (unregistering): left allmulticast mode [ 2709.516682][T11906] aqc111 1-1:1.105: probe with driver aqc111 failed with error -22 [ 2709.548416][T11906] usb 1-1: USB disconnect, device number 90 [ 2709.732132][T11309] Bluetooth: hci0: command tx timeout [ 2710.065873][ T402] bond0 (unregistering): Released all slaves [ 2710.080445][ T402] bond1 (unregistering): Released all slaves [ 2710.276553][ T402] bond2 (unregistering): Released all slaves [ 2710.437584][ T402] bond3 (unregistering): Released all slaves [ 2710.633315][ T402] bond4 (unregistering): Released all slaves [ 2710.756463][ T402] bond5 (unregistering): Released all slaves [ 2710.880690][ T402] bond6 (unregistering): Released all slaves [ 2711.015655][ T402] bond7 (unregistering): Released all slaves [ 2711.148540][ T402] bond8 (unregistering): Released all slaves [ 2711.260380][ T402] bond9 (unregistering): Released all slaves [ 2711.384433][ T402] bond10 (unregistering): Released all slaves [ 2711.516395][ T402] bond11 (unregistering): Released all slaves [ 2711.653452][ T402] bond12 (unregistering): Released all slaves [ 2711.791993][ T402] bond13 (unregistering): Released all slaves [ 2711.811743][T11309] Bluetooth: hci0: command tx timeout [ 2711.925993][ T402] bond14 (unregistering): Released all slaves [ 2712.045094][ T402] bond15 (unregistering): Released all slaves [ 2712.168669][ T402] bond16 (unregistering): Released all slaves [ 2712.289325][ T402] bond17 (unregistering): Released all slaves [ 2712.406288][ T402] bond18 (unregistering): Released all slaves [ 2712.521084][ T402] bond19 (unregistering): Released all slaves [ 2712.533525][T12265] team0: Port device team_slave_1 added [ 2712.721924][T12265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2712.760772][T12265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2712.792953][T12265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2712.805016][ T402] tipc: Disabling bearer [ 2712.811354][ T402] tipc: Disabling bearer [ 2712.841699][ T402] tipc: Left network mode [ 2712.849638][T12265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2712.891096][T12265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2712.966828][T12265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2713.015346][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 2713.021919][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 2713.201405][T12265] hsr_slave_0: entered promiscuous mode [ 2713.208004][T12265] hsr_slave_1: entered promiscuous mode [ 2713.215366][T12265] debugfs: 'hsr0' already exists in 'hsr' [ 2713.221099][T12265] Cannot create hsr debugfs directory [ 2713.579758][ T402] hsr_slave_0: left promiscuous mode [ 2713.598365][ T402] hsr_slave_1: left promiscuous mode [ 2713.666869][ T402] pim6reg (unregistering): left allmulticast mode [ 2713.896575][T11309] Bluetooth: hci0: command tx timeout [ 2714.718075][ T402] vcan0 (unregistering): left allmulticast mode [ 2714.893263][T12459] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8246'. [ 2714.904032][T12459] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8246'. [ 2714.920415][T12463] netlink: 'syz.5.8249': attribute type 1 has an invalid length. [ 2715.240894][T12479] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8255'. [ 2715.532656][ T402] IPVS: stop unused estimator thread 0... [ 2715.904482][ T30] audit: type=1326 audit(1766622743.084:4599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2715.973059][T11309] Bluetooth: hci0: command tx timeout [ 2715.994314][ T30] audit: type=1326 audit(1766622743.124:4600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.018100][ T30] audit: type=1326 audit(1766622743.124:4601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.040631][ T30] audit: type=1326 audit(1766622743.134:4602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.099092][ T30] audit: type=1326 audit(1766622743.134:4603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.126763][ T30] audit: type=1326 audit(1766622743.134:4604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=399 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.170943][ T30] audit: type=1326 audit(1766622743.134:4605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.274480][ T30] audit: type=1326 audit(1766622743.134:4606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.311085][T12265] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2716.332843][ T30] audit: type=1326 audit(1766622743.134:4607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=400 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.374228][T12265] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2716.387071][ T30] audit: type=1326 audit(1766622743.134:4608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12513 comm="syz.3.8267" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d539 code=0x7ffc0000 [ 2716.421377][T12532] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8272'. [ 2716.432358][T12265] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2716.466043][T12265] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2716.919516][T12265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2716.993344][T12265] 8021q: adding VLAN 0 to HW filter on device team0 [ 2717.014576][T20992] bridge0: port 1(bridge_slave_0) entered blocking state [ 2717.021766][T20992] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2717.108804][ T402] bridge0: port 2(bridge_slave_1) entered blocking state [ 2717.115988][ T402] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2717.307050][T12265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2717.445391][T12265] veth0_vlan: entered promiscuous mode [ 2717.521371][T12265] veth1_vlan: entered promiscuous mode [ 2717.553855][T12573] dvmrp1: entered allmulticast mode [ 2717.571982][T12572] dvmrp1: left allmulticast mode [ 2717.773105][T12265] veth0_macvtap: entered promiscuous mode [ 2717.807282][T12265] veth1_macvtap: entered promiscuous mode [ 2717.856373][T12265] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2718.010771][T12265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2718.064969][ T2976] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2718.100431][ T2976] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2718.128132][ T2976] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2718.195683][ T2976] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2718.281249][T12630] batman_adv: batadv0: Adding interface: dummy0 [ 2718.311606][T12630] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2718.381477][T12630] batman_adv: batadv0: Interface activated: dummy0 [ 2718.434645][T12632] batadv0: mtu less than device minimum [ 2718.455742][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.468134][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.479647][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.491228][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.502724][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.514279][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.525778][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.537297][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.548749][T12632] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2718.874804][ T3441] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2718.905867][ T3441] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2719.045790][ T3441] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2719.085759][ T3441] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2720.129697][T12732] ip6gre1: entered promiscuous mode [ 2720.145325][T12732] ip6gre1: entered allmulticast mode [ 2720.164793][T21019] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2720.167816][T12732] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2720.193911][T12737] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8342'. [ 2720.207714][T10880] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2720.216763][T21019] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2720.634244][ T8348] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2720.769362][T12776] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8361'. [ 2721.175822][ T8348] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2721.317336][T12800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8362'. [ 2721.445232][T12806] ipip0: entered promiscuous mode [ 2721.641508][T10880] usb 2-1: new high-speed USB device number 75 using dummy_hcd [ 2721.702370][T12812] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8378'. [ 2721.791589][T10880] usb 2-1: device descriptor read/64, error -71 [ 2722.042389][T10880] usb 2-1: new high-speed USB device number 76 using dummy_hcd [ 2722.202010][T10880] usb 2-1: device descriptor read/64, error -71 [ 2722.312038][T10880] usb usb2-port1: attempt power cycle [ 2722.399244][ T9803] hid_parser_main: 318 callbacks suppressed [ 2722.399263][ T9803] hid-generic 0000:3000000:0000.005D: unknown main item tag 0x4 [ 2722.455334][ T9803] hid-generic 0000:3000000:0000.005D: unknown main item tag 0x2 [ 2722.460204][T12851] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8395'. [ 2722.471766][ T9803] hid-generic 0000:3000000:0000.005D: unknown main item tag 0x3 [ 2722.481759][T12850] macvlan1: entered allmulticast mode [ 2722.519997][ T9803] hid-generic 0000:3000000:0000.005D: hidraw0: HID v0.00 Device [sy] on syz0 [ 2722.671865][T10880] usb 2-1: new high-speed USB device number 77 using dummy_hcd [ 2722.683758][T12852] fido_id[12852]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 2722.732487][T10880] usb 2-1: device descriptor read/8, error -71 [ 2722.983322][T10880] usb 2-1: new high-speed USB device number 78 using dummy_hcd [ 2723.022139][T10880] usb 2-1: device descriptor read/8, error -71 [ 2723.077134][T12872] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8403'. [ 2723.136808][T10880] usb usb2-port1: unable to enumerate USB device [ 2723.161552][ T30] kauditd_printk_skb: 113 callbacks suppressed [ 2723.161566][ T30] audit: type=1326 audit(1766622750.334:4722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12873 comm="syz.0.8405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2723.195610][ T30] audit: type=1326 audit(1766622750.374:4723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12873 comm="syz.0.8405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2723.231347][ T30] audit: type=1326 audit(1766622750.414:4724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12873 comm="syz.0.8405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2723.289093][ T30] audit: type=1326 audit(1766622750.414:4725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12873 comm="syz.0.8405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2723.320292][ T30] audit: type=1326 audit(1766622750.414:4726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12873 comm="syz.0.8405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2723.346762][ T30] audit: type=1326 audit(1766622750.414:4727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.5.8406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2723.373572][ T30] audit: type=1326 audit(1766622750.414:4728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.5.8406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2723.419917][T12883] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8409'. [ 2723.436987][ T30] audit: type=1326 audit(1766622750.414:4729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.5.8406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2723.460383][ T30] audit: type=1326 audit(1766622750.414:4730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.5.8406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2723.489966][ T30] audit: type=1326 audit(1766622750.414:4731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.5.8406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2723.627887][T12893] ALSA: seq fatal error: cannot create timer (-19) [ 2723.929556][T12908] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 2724.451574][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2724.715603][T12958] net_ratelimit: 10 callbacks suppressed [ 2724.715626][T12958] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 2724.927094][T12972] tipc: Started in network mode [ 2724.933318][T12972] tipc: Node identity fe800000000000000000000000000012, cluster identity 4711 [ 2724.945268][T12972] tipc: Enabled bearer , priority 10 [ 2725.179181][ C1] vcan0: j1939_tp_rxtimer: 0xffff88803d3eec00: rx timeout, send abort [ 2725.687456][ C1] vcan0: j1939_tp_rxtimer: 0xffff88803d3eec00: abort rx timeout. Force session deactivation [ 2726.063035][ T8348] tipc: Node number set to 4269801490 [ 2726.124747][T13035] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 2726.242745][T13040] syzkaller0: entered promiscuous mode [ 2726.262158][T13040] syzkaller0: entered allmulticast mode [ 2727.591808][ T9803] usb 2-1: new high-speed USB device number 79 using dummy_hcd [ 2727.734056][ T9803] usb 2-1: device descriptor read/64, error -71 [ 2727.868996][T13130] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8519'. [ 2727.941334][T13143] netlink: 17279 bytes leftover after parsing attributes in process `syz.0.8526'. [ 2727.981513][ T9803] usb 2-1: new high-speed USB device number 80 using dummy_hcd [ 2728.131544][ T9803] usb 2-1: device descriptor read/64, error -71 [ 2728.252180][ T9803] usb usb2-port1: attempt power cycle [ 2728.318325][T13171] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8540'. [ 2728.436224][ T30] kauditd_printk_skb: 706 callbacks suppressed [ 2728.436240][ T30] audit: type=1326 audit(1766622755.614:5438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.473402][ T30] audit: type=1326 audit(1766622755.614:5439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.509081][ T30] audit: type=1326 audit(1766622755.634:5440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.549506][ T30] audit: type=1326 audit(1766622755.634:5441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.576494][ T30] audit: type=1326 audit(1766622755.634:5442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.600741][ T30] audit: type=1326 audit(1766622755.634:5443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.626919][ T30] audit: type=1326 audit(1766622755.634:5444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.634042][ T9803] usb 2-1: new high-speed USB device number 81 using dummy_hcd [ 2728.649723][ T30] audit: type=1326 audit(1766622755.634:5445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.706671][ T30] audit: type=1326 audit(1766622755.634:5446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=63 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.734974][ T9803] usb 2-1: device descriptor read/8, error -71 [ 2728.738377][ T30] audit: type=1326 audit(1766622755.634:5447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.4.8544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2728.971557][ T9803] usb 2-1: new high-speed USB device number 82 using dummy_hcd [ 2729.001996][ T9803] usb 2-1: device descriptor read/8, error -71 [ 2729.111863][ T9803] usb usb2-port1: unable to enumerate USB device [ 2729.250679][T13214] $H: renamed from bond0 (while UP) [ 2729.266373][T13214] $H: entered promiscuous mode [ 2729.275068][T13214] bond_slave_0: entered promiscuous mode [ 2729.290388][T13214] bond_slave_1: entered promiscuous mode [ 2730.711771][T13275] program syz.3.8588 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2731.140388][T13313] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8605'. [ 2731.167760][T13314] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8606'. [ 2731.191590][T13314] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8606'. [ 2731.296971][T13324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8610'. [ 2731.308730][T13314] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8606'. [ 2731.327570][T13324] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8610'. [ 2731.337202][T13314] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8606'. [ 2731.453773][T13339] vlan2: entered allmulticast mode [ 2731.604732][T13347] batman_adv: batadv0: Adding interface: dummy0 [ 2731.610995][T13347] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2731.661703][T13347] batman_adv: batadv0: Interface activated: dummy0 [ 2731.716897][T13350] batadv0: mtu less than device minimum [ 2731.731808][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.743352][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.754811][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.766321][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.777859][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.789348][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.800746][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.811914][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2731.823344][T13350] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 2732.239358][T13388] ipip0: entered promiscuous mode [ 2732.271494][T13388] ipip0: entered allmulticast mode [ 2733.356779][T13459] __nla_validate_parse: 5 callbacks suppressed [ 2733.356795][T13459] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8669'. [ 2733.435753][T13459] ipip1: entered promiscuous mode [ 2733.447559][T13459] ipip1: entered allmulticast mode [ 2733.491796][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2733.845862][T13476] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8676'. [ 2733.866551][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 2733.866566][ T30] audit: type=1326 audit(1766622761.044:5476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.5.8678" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2733.901999][T13476] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8676'. [ 2733.957477][ T30] audit: type=1326 audit(1766622761.044:5477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.5.8678" exe="/root/syz-executor" sig=0 arch=40000003 syscall=402 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2734.006106][T13476] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8676'. [ 2734.026169][T13476] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8676'. [ 2734.041353][ T30] audit: type=1326 audit(1766622761.044:5478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.5.8678" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2734.101486][ T30] audit: type=1326 audit(1766622761.044:5479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.5.8678" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 2734.275696][T13476] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8676'. [ 2734.296339][T13476] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8676'. [ 2735.119771][ T30] audit: type=1326 audit(1766622762.294:5480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.0.8704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2735.172761][ T30] audit: type=1326 audit(1766622762.294:5481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.0.8704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2735.269239][ T30] audit: type=1326 audit(1766622762.294:5482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.0.8704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2735.364159][ T30] audit: type=1326 audit(1766622762.294:5483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.0.8704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2735.471504][ T30] audit: type=1326 audit(1766622762.294:5484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.0.8704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2735.533649][ T30] audit: type=1326 audit(1766622762.294:5485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.0.8704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2735.953118][T13580] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8724'. [ 2736.059620][T13587] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8728'. [ 2736.428432][T13615] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8740'. [ 2736.947867][T13657] ipip0: entered promiscuous mode [ 2736.955261][T13657] ipip0: entered allmulticast mode [ 2737.079719][T13669] veth1_to_bond: entered allmulticast mode [ 2737.114249][T13668] veth1_to_bond: left allmulticast mode [ 2737.126937][T13672] $H: renamed from bond0 (while UP) [ 2737.157143][T13672] $H: entered promiscuous mode [ 2737.168598][T13672] bond_slave_0: entered promiscuous mode [ 2737.180789][T13672] bond_slave_1: entered promiscuous mode [ 2737.524418][T13692] wg2: entered promiscuous mode [ 2737.529312][T13692] wg2: entered allmulticast mode [ 2737.760170][T13708] ip6gre2: entered promiscuous mode [ 2737.790062][T13708] ip6gre2: entered allmulticast mode [ 2737.837374][T24770] IPVS: starting estimator thread 0... [ 2737.942758][T13715] IPVS: using max 46 ests per chain, 110400 per kthread [ 2738.038233][T13723] ipip0: entered promiscuous mode [ 2738.052891][T13723] ipip0: entered allmulticast mode [ 2739.879526][T13860] syzkaller0: entered promiscuous mode [ 2739.891302][T13860] syzkaller0: entered allmulticast mode [ 2740.148107][ T30] kauditd_printk_skb: 47 callbacks suppressed [ 2740.148125][ T30] audit: type=1326 audit(1766622767.324:5533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.253678][ T30] audit: type=1326 audit(1766622767.324:5534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.287343][ T30] audit: type=1326 audit(1766622767.324:5535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.332761][ T30] audit: type=1326 audit(1766622767.324:5536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.362175][ T30] audit: type=1326 audit(1766622767.324:5537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.384675][ T30] audit: type=1326 audit(1766622767.324:5538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.407164][ T30] audit: type=1326 audit(1766622767.324:5539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.451509][ T30] audit: type=1326 audit(1766622767.324:5540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.480960][ T30] audit: type=1326 audit(1766622767.324:5541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.503557][ T30] audit: type=1326 audit(1766622767.324:5542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13876 comm="syz.4.8852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2740.542005][T11715] usb 2-1: new high-speed USB device number 83 using dummy_hcd [ 2740.701477][T11715] usb 2-1: Using ep0 maxpacket: 8 [ 2740.708199][T11715] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 2740.716814][T11715] usb 2-1: config 179 has no interface number 0 [ 2740.723525][T11715] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 2740.734770][T11715] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 2740.746622][T11715] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 2740.756899][T11715] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 2740.771077][T11715] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 2740.781385][T11715] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2740.793605][T13886] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2740.970805][T13905] syzkaller0: entered promiscuous mode [ 2740.976647][T13905] syzkaller0: entered allmulticast mode [ 2741.021044][T11715] hid-generic 0000:3000000:0000.005E: unknown main item tag 0x4 [ 2741.032324][T11715] hid-generic 0000:3000000:0000.005E: unknown main item tag 0x2 [ 2741.040165][T11715] hid-generic 0000:3000000:0000.005E: unknown main item tag 0x0 [ 2741.068964][T11715] hid-generic 0000:3000000:0000.005E: unknown main item tag 0x0 [ 2741.081109][T11715] hid-generic 0000:3000000:0000.005E: unknown main item tag 0x0 [ 2741.116454][T11715] hid-generic 0000:3000000:0000.005E: unknown main item tag 0x0 [ 2741.148568][T11715] hid-generic 0000:3000000:0000.005E: unknown main item tag 0x0 [ 2741.187394][T11715] hid-generic 0000:3000000:0000.005E: hidraw0: HID v0.00 Device [sy] on syz0 [ 2741.228243][T13922] __nla_validate_parse: 14 callbacks suppressed [ 2741.228259][T13922] netlink: 9 bytes leftover after parsing attributes in process `syz.4.8872'. [ 2741.235069][T11715] usb 2-1: USB disconnect, device number 83 [ 2741.294357][T13922] netlink: 9 bytes leftover after parsing attributes in process `syz.4.8872'. [ 2741.353198][T13923] fido_id[13923]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 2742.212358][T13959] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 2742.831536][T13978] netlink: 'syz.4.8894': attribute type 39 has an invalid length. [ 2745.713534][T14019] $H: renamed from bond0 (while UP) [ 2745.740408][ T30] kauditd_printk_skb: 75 callbacks suppressed [ 2745.740422][ T30] audit: type=1326 audit(1766622772.914:5618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2745.740454][T14019] $H: entered promiscuous mode [ 2745.777561][ T30] audit: type=1326 audit(1766622772.914:5619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2745.794311][T14019] bond_slave_0: entered promiscuous mode [ 2745.805825][T14019] bond_slave_1: entered promiscuous mode [ 2745.854829][ T30] audit: type=1326 audit(1766622772.924:5620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2745.930240][ T30] audit: type=1326 audit(1766622772.924:5621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2745.998423][ T30] audit: type=1326 audit(1766622772.924:5622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2746.071641][ T30] audit: type=1326 audit(1766622772.924:5623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2746.132059][ T30] audit: type=1326 audit(1766622772.924:5624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2746.218452][ T30] audit: type=1326 audit(1766622772.924:5625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2746.284750][ T30] audit: type=1326 audit(1766622772.924:5626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2746.369028][ T30] audit: type=1326 audit(1766622772.924:5627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14017 comm="syz.4.8911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7ffc0000 [ 2746.647538][T14061] lo: entered promiscuous mode [ 2746.670174][T14061] lo: entered allmulticast mode [ 2746.687938][T14061] lo: left allmulticast mode [ 2746.711491][T14061] lo: left promiscuous mode [ 2747.546676][T14103] random: crng reseeded on system resumption [ 2748.417357][T14133] syzkaller0: entered promiscuous mode [ 2748.434109][T14133] syzkaller0: entered allmulticast mode [ 2749.013032][T14147] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8970'. [ 2750.387469][T14195] $H: renamed from bond0 (while UP) [ 2750.495136][T14195] $H: entered promiscuous mode [ 2750.500187][T14195] bond_slave_0: entered promiscuous mode [ 2750.507422][T14195] bond_slave_1: entered promiscuous mode [ 2750.670363][T14204] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8996'. [ 2751.205228][T14225] lo: entered allmulticast mode [ 2751.244144][T14225] lo: left allmulticast mode [ 2751.493060][T14236] netlink: 132 bytes leftover after parsing attributes in process `syz.0.9010'. [ 2751.680447][T14243] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9014'. [ 2751.887892][T14252] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9018'. [ 2752.051614][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2752.160265][T14266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9024'. [ 2752.343288][T14276] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 2752.822475][T11715] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 2753.024249][T11715] usb 6-1: Using ep0 maxpacket: 32 [ 2753.035190][ T30] kauditd_printk_skb: 48 callbacks suppressed [ 2753.035205][ T30] audit: type=1326 audit(1766622780.214:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.072522][T11715] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2753.084323][T11715] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2753.094648][T11715] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 2753.103825][T11715] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2753.147163][T11401] usb 5-1: new high-speed USB device number 114 using dummy_hcd [ 2753.158679][T11715] usb 6-1: config 0 descriptor?? [ 2753.162400][ T30] audit: type=1326 audit(1766622780.244:5677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.172833][T11715] hub 6-1:0.0: USB hub found [ 2753.260118][ T30] audit: type=1326 audit(1766622780.244:5678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.311947][T11401] usb 5-1: Using ep0 maxpacket: 8 [ 2753.318589][T11401] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 2753.323046][ T30] audit: type=1326 audit(1766622780.244:5679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=75 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.332585][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 2753.389039][ T30] audit: type=1326 audit(1766622780.244:5680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.400372][T11401] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2753.423716][T11715] hub 6-1:0.0: 1 port detected [ 2753.443016][T14306] netlink: 132 bytes leftover after parsing attributes in process `syz.0.9043'. [ 2753.451454][ T30] audit: type=1326 audit(1766622780.244:5681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.471682][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2753.504600][ T30] audit: type=1326 audit(1766622780.244:5682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.515849][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2753.572660][T11401] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 2753.581686][ T30] audit: type=1326 audit(1766622780.244:5683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.594427][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 2753.668578][ T30] audit: type=1326 audit(1766622780.244:5684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.676244][T11401] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2753.738983][ T30] audit: type=1326 audit(1766622780.244:5685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14301 comm="syz.0.9041" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2753.774290][T11715] hub 6-1:0.0: hub_hub_status failed (err = -71) [ 2753.780663][T11715] hub 6-1:0.0: config failed, can't get hub status (err -71) [ 2753.800507][T11715] usbhid 6-1:0.0: can't add hid device: -71 [ 2753.809848][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2753.834620][T11715] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 2753.851496][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2753.883370][T11401] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 2753.890800][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 2753.903815][T11715] usb 6-1: USB disconnect, device number 39 [ 2753.921126][T11401] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2753.946664][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 2753.978252][T11401] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2753.995581][T14310] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9045'. [ 2754.004203][T11401] usb 5-1: string descriptor 0 read error: -22 [ 2754.010969][T11401] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 2754.031644][T11401] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2754.073024][T11401] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 2754.302525][T11401] usb 5-1: USB disconnect, device number 114 [ 2754.350315][T14315] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9047'. [ 2754.435493][T14315] bridge0: port 2(bridge_slave_1) entered disabled state [ 2754.461645][T31186] usb 1-1: new high-speed USB device number 91 using dummy_hcd [ 2754.667418][T31186] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2754.683227][T31186] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 2754.711492][T31186] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2754.726896][T31186] usb 1-1: config 0 descriptor?? [ 2754.802851][T14329] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2754.818939][T11401] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 2754.923551][T14332] netlink: 132 bytes leftover after parsing attributes in process `syz.1.9054'. [ 2754.963666][T31186] usbhid 1-1:0.0: can't add hid device: -71 [ 2754.984395][T31186] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 2755.027080][T31186] usb 1-1: USB disconnect, device number 91 [ 2755.061880][T14336] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9056'. [ 2755.131460][T11401] usb 6-1: Using ep0 maxpacket: 8 [ 2755.173278][T11401] usb 6-1: config index 0 descriptor too short (expected 74, got 45) [ 2755.194749][T11401] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 2755.205925][T11401] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 2755.215970][T11401] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 2755.236080][T11401] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 2755.247396][T11401] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 2755.265924][T11401] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 2755.279559][T11401] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2755.491969][T31186] usb 1-1: new high-speed USB device number 92 using dummy_hcd [ 2755.513500][T11401] usb 6-1: GET_CAPABILITIES returned 0 [ 2755.522909][T11401] usbtmc 6-1:16.0: can't read capabilities [ 2755.587148][T14350] tipc: Enabling of bearer rejected, failed to enable media [ 2755.641465][T31186] usb 1-1: Using ep0 maxpacket: 32 [ 2755.652183][T31186] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2755.671288][T14186] net_ratelimit: 10 callbacks suppressed [ 2755.671300][T14186] Set syz1 is full, maxelem 65536 reached [ 2755.684781][T31186] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 2755.696146][T31186] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2755.729849][ C0] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 2755.733428][T31186] usb 1-1: config 0 descriptor?? [ 2755.740026][ C0] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 2755.756288][T14321] usbtmc 6-1:16.0: Unable to send data, error -71 [ 2755.782384][T14319] usb 6-1: USB disconnect, device number 40 [ 2755.794185][T31186] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 2755.813026][T14354] netlink: 132 bytes leftover after parsing attributes in process `syz.1.9066'. [ 2755.847346][T31186] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 2755.958918][T14363] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2755.989820][T14313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2756.011511][T14313] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2756.036577][T14363] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2756.063438][T14363] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2756.284072][T14375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9074'. [ 2756.554046][T14313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2756.567094][T14313] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2756.584259][T14313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2756.597791][T14313] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2756.631754][T14319] usb 1-1: USB disconnect, device number 92 [ 2756.658727][T14319] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 2756.816128][T14399] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9085'. [ 2757.051373][T14410] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 2757.455761][T14425] syzkaller0: entered promiscuous mode [ 2757.472008][T14425] syzkaller0: entered allmulticast mode [ 2757.479955][T14429] netlink: 60 bytes leftover after parsing attributes in process `syz.4.9097'. [ 2757.500198][T14429] netlink: 60 bytes leftover after parsing attributes in process `syz.4.9097'. [ 2757.565415][T14429] netlink: 60 bytes leftover after parsing attributes in process `syz.4.9097'. [ 2757.580312][T14429] netlink: 60 bytes leftover after parsing attributes in process `syz.4.9097'. [ 2757.855051][T14440] bridge0: port 2(bridge_slave_1) entered disabled state [ 2758.389839][T14461] syzkaller0: entered promiscuous mode [ 2758.401081][T14461] syzkaller0: entered allmulticast mode [ 2758.849584][T14482] bridge0: port 3(syz_tun) entered blocking state [ 2758.877621][T14482] bridge0: port 3(syz_tun) entered disabled state [ 2758.896166][T14482] syz_tun: entered allmulticast mode [ 2758.909214][T14482] syz_tun: entered promiscuous mode [ 2758.921201][T14482] bridge0: port 3(syz_tun) entered blocking state [ 2758.928782][T14482] bridge0: port 3(syz_tun) entered forwarding state [ 2759.026094][T14493] syzkaller0: entered promiscuous mode [ 2759.032052][T14493] syzkaller0: entered allmulticast mode [ 2759.310221][T14508] bridge0: port 2(bridge_slave_1) entered disabled state [ 2759.415593][T14523] __nla_validate_parse: 12 callbacks suppressed [ 2759.415609][T14523] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9137'. [ 2759.436882][T14523] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9137'. [ 2759.602510][T14531] syzkaller0: entered promiscuous mode [ 2759.608139][T14531] syzkaller0: entered allmulticast mode [ 2760.356448][T14556] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:1) [ 2760.449131][T14561] syzkaller0: entered promiscuous mode [ 2760.470663][T14561] syzkaller0: entered allmulticast mode [ 2760.552414][T14319] usb 5-1: new high-speed USB device number 115 using dummy_hcd [ 2760.721485][T14319] usb 5-1: Using ep0 maxpacket: 16 [ 2760.740252][T14319] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 2760.749570][T14319] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2760.790684][T14319] usb 5-1: Product: syz [ 2760.799481][T14319] usb 5-1: Manufacturer: syz [ 2760.811436][T14319] usb 5-1: SerialNumber: syz [ 2760.830192][T14319] usb 5-1: config 0 descriptor?? [ 2760.865439][T14319] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 2760.898885][T14319] usb 5-1: Detected FT232H [ 2761.063436][T14319] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 2761.542545][T14319] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 2761.578353][T14579] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9161'. [ 2761.748859][ T5829] usb 5-1: USB disconnect, device number 115 [ 2761.759165][ T5829] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 2761.771262][ T5829] ftdi_sio 5-1:0.0: device disconnected [ 2763.370191][T14622] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9179'. [ 2763.392278][T14622] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9179'. [ 2763.472449][T14622] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9179'. [ 2763.497707][T14622] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9179'. [ 2763.661922][T14622] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9179'. [ 2763.678246][T14622] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9179'. [ 2763.862685][T14628] syzkaller0: entered promiscuous mode [ 2763.881455][T14628] syzkaller0: entered allmulticast mode [ 2764.813773][T14663] binder: BC_ATTEMPT_ACQUIRE not supported [ 2764.819607][T14663] binder: 14662:14663 ioctl c0306201 80003100 returned -22 [ 2765.120598][T14677] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9202'. [ 2765.154567][T14677] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9202'. [ 2765.233812][T14677] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9202'. [ 2765.242965][T14677] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9202'. [ 2765.309218][T14519] Set syz1 is full, maxelem 65536 reached [ 2765.382763][T14677] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9202'. [ 2765.394513][T14677] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9202'. [ 2765.411716][T14319] usb 6-1: new full-speed USB device number 41 using dummy_hcd [ 2765.501174][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9208'. [ 2765.595693][T14319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 2765.625982][T14319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2765.655009][T14319] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 2765.682847][T14319] usb 6-1: New USB device found, idVendor=045e, idProduct=001d, bcdDevice= 0.00 [ 2765.703850][T14319] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2765.739270][T14319] usb 6-1: config 0 descriptor?? [ 2766.175603][T14319] hid-generic 0003:045E:001D.005F: unknown main item tag 0x6 [ 2766.194384][T14319] hid-generic 0003:045E:001D.005F: unbalanced collection at end of report description [ 2766.217592][T14319] hid-generic 0003:045E:001D.005F: probe with driver hid-generic failed with error -22 [ 2766.374037][T11715] usb 6-1: USB disconnect, device number 41 [ 2766.539522][T14712] syzkaller1: entered promiscuous mode [ 2766.547113][T14712] syzkaller1: entered allmulticast mode [ 2766.605022][T14714] lo: entered promiscuous mode [ 2766.610465][T14714] lo: left promiscuous mode [ 2767.251648][T11715] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 2767.258539][T14756] hub 9-0:1.0: USB hub found [ 2767.286706][T14756] hub 9-0:1.0: 1 port detected [ 2767.310607][T14758] netlink: 72 bytes leftover after parsing attributes in process `syz.5.9236'. [ 2767.323274][T14756] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9222'. [ 2767.424964][T11715] usb 4-1: Using ep0 maxpacket: 8 [ 2767.436495][T11715] usb 4-1: config index 0 descriptor too short (expected 74, got 45) [ 2767.454596][T11715] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 2767.491222][T11715] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 2767.536660][T11715] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 2767.561351][T11715] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 2767.591456][T11715] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 2767.616024][T11715] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 2767.626865][T11715] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2767.749812][T14766] input: syz0 as /devices/virtual/input/input44 [ 2767.851554][T11715] usb 4-1: GET_CAPABILITIES returned 0 [ 2767.868541][T11715] usbtmc 4-1:16.0: can't read capabilities [ 2768.095627][T14319] usb 4-1: USB disconnect, device number 86 [ 2769.137182][T14809] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9258'. [ 2769.513435][T11715] usb 1-1: new high-speed USB device number 93 using dummy_hcd [ 2769.566517][T14828] bridge0: port 1(bridge_slave_0) entered disabled state [ 2769.701624][T11715] usb 1-1: Using ep0 maxpacket: 32 [ 2769.709284][T11715] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2769.750405][T11715] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2769.802053][T11715] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 2769.811114][T11715] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2769.885439][T11715] usb 1-1: config 0 descriptor?? [ 2769.908476][T11715] hub 1-1:0.0: USB hub found [ 2770.113831][T11715] hub 1-1:0.0: config failed, can't read hub descriptor (err -22) [ 2770.367690][T11715] hid-generic 0003:046D:C31C.0060: item fetching failed at offset 0/1 [ 2770.404223][T11715] hid-generic 0003:046D:C31C.0060: probe with driver hid-generic failed with error -22 [ 2770.638505][T14851] __nla_validate_parse: 1 callbacks suppressed [ 2770.638521][T14851] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9277'. [ 2770.727108][ T9803] usb 1-1: USB disconnect, device number 93 [ 2771.052844][T14866] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 2771.060111][T14866] IPv6: NLM_F_CREATE should be set when creating new route [ 2771.419845][T14877] "syz.3.9290" (14877) uses obsolete ecb(arc4) skcipher [ 2771.834618][T11715] usb 5-1: new high-speed USB device number 116 using dummy_hcd [ 2771.849312][T14906] syzkaller1: entered promiscuous mode [ 2771.856495][T14906] syzkaller1: entered allmulticast mode [ 2772.004471][T11715] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2772.023173][T11715] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 2772.042008][T11715] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 2772.064761][T11715] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2772.078294][T11715] usb 5-1: config 0 descriptor?? [ 2772.234625][T14923] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9310'. [ 2772.244159][T14923] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9310'. [ 2772.701120][T11715] Bluetooth: Can't get version to change to load ram patch err [ 2772.710524][T11715] Bluetooth: Loading sysconfig file failed [ 2772.719542][T11715] ath3k 5-1:0.0: probe with driver ath3k failed with error -71 [ 2772.750814][T11715] usb 5-1: USB disconnect, device number 116 [ 2772.954338][T10880] usb 1-1: new high-speed USB device number 94 using dummy_hcd [ 2773.116861][T10880] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2773.132195][T10880] usb 1-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 2773.141750][T10880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2773.154125][T10880] usb 1-1: config 0 descriptor?? [ 2773.302801][T14954] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9321'. [ 2773.403038][T14961] netlink: 36 bytes leftover after parsing attributes in process `syz.5.9326'. [ 2773.580457][T10880] usb 1-1: USB disconnect, device number 94 [ 2773.930804][T14999] netlink: 'syz.4.9338': attribute type 7 has an invalid length. [ 2773.949099][T14999] netlink: 'syz.4.9338': attribute type 8 has an invalid length. [ 2774.464324][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 2774.470733][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 2775.842662][T15064] syz_tun: left allmulticast mode [ 2775.852960][T15064] syz_tun: left promiscuous mode [ 2775.868393][T15064] bridge0: port 3(syz_tun) entered disabled state [ 2775.910697][T15064] bridge_slave_0: left promiscuous mode [ 2775.935998][T15064] bridge0: port 1(bridge_slave_0) entered disabled state [ 2775.969775][T15064] bridge_slave_1: left allmulticast mode [ 2775.987532][T15064] bridge_slave_1: left promiscuous mode [ 2776.002572][T15064] bridge0: port 2(bridge_slave_1) entered disabled state [ 2776.024003][T15064] $H: (slave bond_slave_0): Releasing backup interface [ 2776.040563][T15064] bond_slave_0: left promiscuous mode [ 2776.062354][T15064] $H: (slave bond_slave_1): Releasing backup interface [ 2776.079281][T15064] bond_slave_1: left promiscuous mode [ 2776.111896][T15064] team0: Port device team_slave_0 removed [ 2776.137591][T15064] team0: Port device team_slave_1 removed [ 2776.163128][T15064] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2776.177806][T15064] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2776.197406][T15064] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2776.214312][T15064] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2776.228795][T15064] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 2776.425042][T15076] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9370'. [ 2776.501770][T15079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9373'. [ 2776.531103][T15079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9373'. [ 2776.544562][T11309] Bluetooth: hci4: command 0x0406 tx timeout [ 2776.589207][T15079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9373'. [ 2776.600428][T15079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9373'. [ 2776.725879][T15079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9373'. [ 2776.735191][T15079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9373'. [ 2776.808276][T15094] netlink: 76 bytes leftover after parsing attributes in process `syz.4.9378'. [ 2777.241936][ T9803] usb 5-1: new high-speed USB device number 117 using dummy_hcd [ 2777.403508][ T9803] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2777.415855][ T9803] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2777.428931][ T9803] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 2777.442943][ T9803] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 2777.452554][ T9803] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2777.463658][ T9803] usb 5-1: config 0 descriptor?? [ 2777.635496][T15112] netlink: 'syz.1.9386': attribute type 4 has an invalid length. [ 2777.672617][T15112] netlink: 'syz.1.9386': attribute type 4 has an invalid length. [ 2777.731506][T15116] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2777.863457][T15121] netlink: 76 bytes leftover after parsing attributes in process `syz.1.9390'. [ 2777.902146][ T9803] plantronics 0003:047F:FFFF.0061: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 2778.359195][T15140] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9398'. [ 2778.453097][ T9803] usb 2-1: new high-speed USB device number 84 using dummy_hcd [ 2778.611665][ T9803] usb 2-1: Using ep0 maxpacket: 16 [ 2778.622946][ T9803] usb 2-1: config 0 has an invalid interface number: 29 but max is 0 [ 2778.649354][ T9803] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2778.682861][ T9803] usb 2-1: config 0 has no interface number 0 [ 2778.703669][ T9803] usb 2-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0 [ 2778.713571][ T9803] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2778.723518][ T9803] usb 2-1: Product: syz [ 2778.728726][ T9803] usb 2-1: Manufacturer: syz [ 2778.736781][ T9803] usb 2-1: SerialNumber: syz [ 2778.752355][ T9803] usb 2-1: config 0 descriptor?? [ 2778.948985][ T5836] Bluetooth: hci3: SCO packet too small [ 2778.971947][T11715] usb 2-1: USB disconnect, device number 84 [ 2780.333544][T10880] usb 5-1: USB disconnect, device number 117 [ 2782.116289][T15287] __nla_validate_parse: 11 callbacks suppressed [ 2782.116304][T15287] netlink: 132 bytes leftover after parsing attributes in process `syz.5.9457'. [ 2782.343559][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 2782.343574][ T30] audit: type=1800 audit(1766622809.524:5724): pid=15297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.9461" name="bus" dev="tmpfs" ino=1331 res=0 errno=0 [ 2782.904739][ T30] audit: type=1326 audit(1766622810.084:5725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2782.987088][ T30] audit: type=1326 audit(1766622810.084:5726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.017449][ T30] audit: type=1326 audit(1766622810.084:5727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.058893][ T30] audit: type=1326 audit(1766622810.084:5728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.146235][ T30] audit: type=1326 audit(1766622810.084:5729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.215021][ T30] audit: type=1326 audit(1766622810.084:5730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.242476][ T30] audit: type=1326 audit(1766622810.084:5731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.266540][ T30] audit: type=1326 audit(1766622810.084:5732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.292439][ T30] audit: type=1326 audit(1766622810.084:5733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15321 comm="syz.1.9473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ff00000 [ 2783.607476][T15344] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9483'. [ 2785.852570][T15396] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9504'. [ 2785.865062][T15396] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9504'. [ 2785.907592][T15400] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9505'. [ 2785.929644][T15396] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9504'. [ 2785.939057][T15396] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9504'. [ 2786.076971][T15396] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9504'. [ 2786.086598][T15396] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9504'. [ 2786.771547][ T5840] Bluetooth: hci5: command 0x0406 tx timeout [ 2786.978925][T15448] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9523'. [ 2787.194000][T15448] __nla_validate_parse: 3 callbacks suppressed [ 2787.194019][T15448] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9523'. [ 2787.227001][T15448] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9523'. [ 2788.084271][T15483] netlink: 132 bytes leftover after parsing attributes in process `syz.3.9536'. [ 2788.942513][T15506] netlink: 132 bytes leftover after parsing attributes in process `syz.1.9548'. [ 2789.588178][T15531] netlink: 132 bytes leftover after parsing attributes in process `syz.0.9559'. [ 2790.451589][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 2790.758447][T15568] netlink: 132 bytes leftover after parsing attributes in process `syz.0.9573'. [ 2791.105117][T15580] syz.1.9579 (15580): /proc/15579/oom_adj is deprecated, please use /proc/15579/oom_score_adj instead. [ 2791.150855][T15582] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9580'. [ 2791.192003][T15582] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9580'. [ 2791.315056][T15582] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9580'. [ 2791.377993][T15582] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9580'. [ 2796.298588][T15749] syzkaller0: entered promiscuous mode [ 2796.309684][T15749] syzkaller0: entered allmulticast mode [ 2796.555607][T15752] __nla_validate_parse: 2 callbacks suppressed [ 2796.555625][T15752] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9649'. [ 2796.659153][T15754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9650'. [ 2796.670428][T15754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9650'. [ 2796.762895][T15754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9650'. [ 2796.789469][T15754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9650'. [ 2796.950605][T15754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9650'. [ 2796.971122][T15754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9650'. [ 2798.002990][T15794] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9666'. [ 2798.716102][T15833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9683'. [ 2798.954529][T15841] netlink: 32 bytes leftover after parsing attributes in process `syz.1.9687'. [ 2799.238241][T15856] TCP: TCP_TX_DELAY enabled [ 2803.964110][T15985] __nla_validate_parse: 3 callbacks suppressed [ 2803.964127][T15985] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9744'. [ 2804.083830][T15989] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9745'. [ 2804.101612][T15989] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9745'. [ 2804.258809][T15989] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9745'. [ 2804.312197][T15989] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9745'. [ 2804.500733][T15989] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9745'. [ 2804.526794][T15989] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9745'. [ 2804.856983][T16020] netlink: 32 bytes leftover after parsing attributes in process `syz.3.9756'. [ 2806.378657][T16047] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2806.421756][T16055] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9769'. [ 2807.254147][ T5836] Bluetooth: hci3: command 0x0406 tx timeout [ 2810.434497][T16219] syzkaller0: entered promiscuous mode [ 2810.439992][T16219] syzkaller0: entered allmulticast mode [ 2810.942241][ T30] kauditd_printk_skb: 59 callbacks suppressed [ 2810.942256][ T30] audit: type=1326 audit(1766622838.124:5793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.064996][ T30] audit: type=1326 audit(1766622838.144:5794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.158361][ T30] audit: type=1326 audit(1766622838.154:5796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.215527][ T30] audit: type=1326 audit(1766622838.154:5797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.240962][T16252] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9856'. [ 2811.255339][T16250] kvm: user requested TSC rate below hardware speed [ 2811.282476][ T30] audit: type=1326 audit(1766622838.154:5798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.365937][ T30] audit: type=1326 audit(1766622838.144:5795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.410539][T16257] syzkaller0: entered promiscuous mode [ 2811.431639][T16257] syzkaller0: entered allmulticast mode [ 2811.444349][ T30] audit: type=1326 audit(1766622838.174:5799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.495016][ T30] audit: type=1326 audit(1766622838.174:5800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=317 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.567915][ T30] audit: type=1326 audit(1766622838.174:5801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2811.670417][ T30] audit: type=1326 audit(1766622838.174:5802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16242 comm="syz.0.9852" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000 [ 2812.733061][T16293] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9873'. [ 2814.086102][T16350] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9896'. [ 2814.110734][T16350] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9896'. [ 2814.228442][T16350] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9896'. [ 2814.247577][T16350] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9896'. [ 2814.414761][T16350] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9896'. [ 2814.446325][T16350] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9896'. [ 2814.841516][T16386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9910'. [ 2817.036308][T16466] mmap: syz.3.9940 (16466): VmData 20873216 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 2817.676000][T16474] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9943'. [ 2819.046543][T16517] netlink: 132 bytes leftover after parsing attributes in process `syz.5.9961'. [ 2819.373014][T16532] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 2819.422834][T16532] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 2819.431843][T16532] kvm: requested 41904 ns i8254 timer period limited to 200000 ns [ 2819.440051][T16532] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 2819.448643][T16532] kvm: requested 2514 ns i8254 timer period limited to 200000 ns [ 2819.456923][T16532] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 2819.465488][T16532] kvm: requested 100571 ns i8254 timer period limited to 200000 ns [ 2819.474449][T16532] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 2819.485484][T16532] kvm: requested 121523 ns i8254 timer period limited to 200000 ns [ 2819.494792][T16532] kvm: requested 2514 ns i8254 timer period limited to 200000 ns [ 2819.781147][T16551] netlink: 132 bytes leftover after parsing attributes in process `syz.5.9974'. [ 2819.958946][T16560] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9977'. [ 2819.968348][T16560] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9977'. [ 2820.029725][T16560] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9977'. [ 2820.056565][T16560] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9977'. [ 2820.250052][T16560] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9977'. [ 2820.280345][T16560] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9977'. [ 2820.487210][T16581] netlink: 132 bytes leftover after parsing attributes in process `syz.3.9986'. [ 2822.289415][T16644] syzkaller0: entered promiscuous mode [ 2822.296764][T16644] syzkaller0: entered allmulticast mode [ 2822.618517][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 2823.296281][T16680] __nla_validate_parse: 2 callbacks suppressed [ 2823.296291][T16680] netlink: 132 bytes leftover after parsing attributes in process `syz.5.10025'. [ 2823.468054][T16691] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2823.480067][T16691] trusted_key: encrypted_key: key user:siz not found [ 2827.807008][T16799] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10071'. [ 2828.126086][T16807] netlink: 132 bytes leftover after parsing attributes in process `syz.5.10073'. [ 2828.721672][T16828] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10082'. [ 2828.856151][T16833] netlink: 132 bytes leftover after parsing attributes in process `syz.4.10084'. [ 2829.338379][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 2829.338395][ T30] audit: type=1326 audit(1766622856.514:5818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16850 comm="syz.4.10090" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x0 [ 2830.316266][T16869] netlink: 132 bytes leftover after parsing attributes in process `syz.4.10096'. [ 2831.413320][T16892] create_pit_timer: 78 callbacks suppressed [ 2831.413335][T16892] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 2831.516958][T16893] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 2832.258306][T16917] syzkaller0: entered promiscuous mode [ 2832.264707][T16917] syzkaller0: entered allmulticast mode [ 2832.853041][ T5836] Bluetooth: hci0: command 0x0406 tx timeout [ 2833.836739][T16954] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10127'. [ 2834.359325][T16976] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10137'. [ 2834.369190][T16976] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10137'. [ 2834.394562][T16979] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10139'. [ 2834.491586][T16976] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10137'. [ 2834.512048][T16976] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10137'. [ 2834.662382][T16976] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10137'. [ 2834.692306][T16976] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10137'. [ 2835.704124][T17040] syzkaller0: entered promiscuous mode [ 2835.709692][T17040] syzkaller0: entered allmulticast mode [ 2835.749235][T17042] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10166'. [ 2835.896506][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 2835.904283][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 2836.030954][T17058] netlink: 60 bytes leftover after parsing attributes in process `syz.0.10174'. [ 2836.522313][T17075] 8021q: adding VLAN 0 to HW filter on device $H [ 2836.541776][T17075] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 2836.558885][T17078] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 2837.746093][T17115] syzkaller0: entered promiscuous mode [ 2837.759500][T17115] syzkaller0: entered allmulticast mode [ 2838.674814][T17139] program syz.3.10206 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2838.704342][T17139] program syz.3.10206 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2838.730388][T17139] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 2838.749756][T17139] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 2838.757323][T17139] IPv6: NLM_F_CREATE should be set when creating new route [ 2838.774080][T17143] syzkaller0: entered promiscuous mode [ 2838.789869][T17143] syzkaller0: entered allmulticast mode [ 2838.798862][T17139] lo: entered allmulticast mode [ 2838.813640][T17139] tunl0: entered allmulticast mode [ 2838.827531][T17139] gre0: entered allmulticast mode [ 2838.855368][T17139] gretap0: entered allmulticast mode [ 2838.872240][T17139] erspan0: entered allmulticast mode [ 2838.890605][T17139] ip_vti0: entered allmulticast mode [ 2838.905453][T17139] ip6_vti0: entered allmulticast mode [ 2838.934663][T17139] sit0: entered allmulticast mode [ 2838.975676][T17139] ip6tnl0: entered allmulticast mode [ 2839.000111][T17139] ip6gre0: entered allmulticast mode [ 2839.026861][T17139] ip6gretap0: entered allmulticast mode [ 2839.047790][T17139] bridge0: port 1(bridge_slave_0) entered disabled state [ 2839.059560][T17139] bridge0: entered allmulticast mode [ 2839.102967][T17139] vcan0: entered allmulticast mode [ 2839.130335][T17159] __nla_validate_parse: 21 callbacks suppressed [ 2839.130351][T17159] netlink: 132 bytes leftover after parsing attributes in process `syz.5.10213'. [ 2839.139919][T17139] bond0: entered allmulticast mode [ 2839.154205][T17139] bond_slave_0: entered allmulticast mode [ 2839.164982][T17139] bond_slave_1: entered allmulticast mode [ 2839.185109][T17139] team0: entered allmulticast mode [ 2839.190261][T17139] team_slave_0: entered allmulticast mode [ 2839.214168][T17139] team_slave_1: entered allmulticast mode [ 2839.227922][T17139] batman_adv: batadv0: Interface deactivated: dummy0 [ 2839.243512][T17139] dummy0: entered allmulticast mode [ 2839.255704][T17139] nlmon0: entered allmulticast mode [ 2839.266901][T17139] caif0: entered allmulticast mode [ 2839.273310][T17139] batadv0: entered allmulticast mode [ 2839.281899][T17139] vxcan0: entered allmulticast mode [ 2839.288644][T17139] vxcan1: entered allmulticast mode [ 2839.298965][T17139] veth0: entered allmulticast mode [ 2839.309471][T17139] veth1: entered allmulticast mode [ 2839.320683][T17139] wg0: entered allmulticast mode [ 2839.329410][T17139] wg1: entered allmulticast mode [ 2839.337545][T17139] wg2: entered allmulticast mode [ 2839.345492][T17139] veth0_to_bridge: entered allmulticast mode [ 2839.356312][T17139] veth1_to_bridge: entered allmulticast mode [ 2839.369771][T17139] veth0_to_bond: entered allmulticast mode [ 2839.380497][T17139] veth1_to_bond: entered allmulticast mode [ 2839.390465][T17139] veth0_to_team: entered allmulticast mode [ 2839.401834][T17139] veth1_to_team: entered allmulticast mode [ 2839.415262][T17139] veth0_to_batadv: entered allmulticast mode [ 2839.424254][T17139] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2839.433635][T17139] batadv_slave_0: entered allmulticast mode [ 2839.443523][T17139] veth1_to_batadv: entered allmulticast mode [ 2839.453005][T17139] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2839.461167][T17139] batadv_slave_1: entered allmulticast mode [ 2839.470827][T17139] xfrm0: entered allmulticast mode [ 2839.480868][T17139] veth0_to_hsr: entered allmulticast mode [ 2839.489936][T17139] hsr_slave_0: entered allmulticast mode [ 2839.502239][T17139] veth1_to_hsr: entered allmulticast mode [ 2839.510608][T17139] hsr_slave_1: entered allmulticast mode [ 2839.520930][T17139] hsr0: entered allmulticast mode [ 2839.531344][T17139] veth1_virt_wifi: entered allmulticast mode [ 2839.543306][T17139] veth0_virt_wifi: entered allmulticast mode [ 2839.553197][T17139] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 2839.561846][T17139] veth1_vlan: entered allmulticast mode [ 2839.570298][T17139] veth0_vlan: entered allmulticast mode [ 2839.588917][T17139] vlan0: entered allmulticast mode [ 2839.594742][T17139] vlan1: entered allmulticast mode [ 2839.600726][T17139] macvlan0: entered allmulticast mode [ 2839.617463][T17139] macvlan1: entered allmulticast mode [ 2839.626577][T17139] ipvlan0: entered allmulticast mode [ 2839.633027][T17139] ipvlan1: entered allmulticast mode [ 2839.639418][T17139] veth1_macvtap: entered allmulticast mode [ 2839.650140][T17139] veth0_macvtap: entered allmulticast mode [ 2839.668154][T17139] macvtap0: entered allmulticast mode [ 2839.676767][T17139] macsec0: entered allmulticast mode [ 2839.686990][T17139] geneve0: entered allmulticast mode [ 2839.696188][T17139] geneve1: entered allmulticast mode [ 2839.712854][T17139] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 2839.727833][T17139] netdevsim netdevsim3 netdevsim1: entered allmulticast mode [ 2839.739835][T17139] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 2839.753290][T17139] netdevsim netdevsim3 netdevsim3: entered allmulticast mode [ 2839.776163][T17139] mac80211_hwsim hwsim19 wlan0: entered allmulticast mode [ 2839.794962][T17139] mac80211_hwsim hwsim20 wlan1: entered allmulticast mode [ 2839.805045][T17139] ipip0: left promiscuous mode [ 2839.927039][ T79] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2839.960444][ T79] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2840.054938][ T79] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2840.087009][ T79] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 2840.968555][T17206] netlink: 132 bytes leftover after parsing attributes in process `syz.0.10230'. [ 2840.972166][T17207] syzkaller0: entered promiscuous mode [ 2841.006026][T17207] syzkaller0: entered allmulticast mode [ 2841.094231][T17211] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 2841.749543][T17251] syzkaller0: entered promiscuous mode [ 2841.758964][T17251] syzkaller0: entered allmulticast mode [ 2842.341952][T17278] syzkaller0: entered promiscuous mode [ 2842.347451][T17278] syzkaller0: entered allmulticast mode [ 2843.058566][T17316] syzkaller0: entered promiscuous mode [ 2843.081577][T17316] syzkaller0: entered allmulticast mode [ 2843.115643][T17318] program syz.0.10281 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2843.739728][T17356] syzkaller0: entered promiscuous mode [ 2843.771597][T17356] syzkaller0: entered allmulticast mode [ 2843.887514][T17366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10303'. [ 2843.939026][T17366] bridge_slave_1: left promiscuous mode [ 2843.951789][T17366] bridge0: port 2(bridge_slave_1) entered disabled state [ 2843.967187][T17366] bridge_slave_0: left promiscuous mode [ 2843.977291][T17366] bridge0: port 1(bridge_slave_0) entered disabled state [ 2844.354291][T17393] loop4: detected capacity change from 0 to 7 [ 2844.365850][T16535] buffer_io_error: 11 callbacks suppressed [ 2844.365864][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2844.380803][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2844.389556][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2844.398108][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2844.406447][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2844.452693][T17394] [ 2844.455069][T17394] ====================================================== [ 2844.462059][T17394] WARNING: possible circular locking dependency detected [ 2844.469090][T17394] syzkaller #0 Tainted: G L [ 2844.475045][T17394] ------------------------------------------------------ [ 2844.482041][T17394] syz.3.10314/17394 is trying to acquire lock: [ 2844.488168][T17394] ffff88801bef0220 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9e/0x450 [ 2844.498466][T17394] [ 2844.498466][T17394] but task is already holding lock: [ 2844.505812][T17394] ffff8881482ac318 (&q->q_usage_counter(io)#21){++++}-{0:0}, at: lo_ioctl+0x1604/0x1c50 [ 2844.515602][T17394] [ 2844.515602][T17394] which lock already depends on the new lock. [ 2844.515602][T17394] [ 2844.525980][T17394] [ 2844.525980][T17394] the existing dependency chain (in reverse order) is: [ 2844.534976][T17394] [ 2844.534976][T17394] -> #2 (&q->q_usage_counter(io)#21){++++}-{0:0}: [ 2844.543555][T17394] blk_alloc_queue+0x52f/0x610 [ 2844.548893][T17394] __blk_mq_alloc_disk+0x15c/0x340 [ 2844.554564][T17394] loop_add+0x411/0xad0 [ 2844.559227][T17394] loop_init+0xd9/0x170 [ 2844.563894][T17394] do_one_initcall+0x1f1/0x800 [ 2844.569163][T17394] do_initcall_level+0x104/0x190 [ 2844.574600][T17394] do_initcalls+0x59/0xa0 [ 2844.579432][T17394] kernel_init_freeable+0x2a7/0x3d0 [ 2844.585133][T17394] kernel_init+0x1d/0x1d0 [ 2844.589964][T17394] ret_from_fork+0x510/0xa50 [ 2844.595050][T17394] ret_from_fork_asm+0x1a/0x30 [ 2844.600316][T17394] [ 2844.600316][T17394] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 2844.607505][T17394] fs_reclaim_acquire+0x72/0x100 [ 2844.613008][T17394] kmem_cache_alloc_noprof+0x45/0x710 [ 2844.618930][T17394] __kernfs_iattrs+0xd9/0x320 [ 2844.624110][T17394] kernfs_iop_setattr+0xea/0x3f0 [ 2844.629544][T17394] notify_change+0xc1a/0xf40 [ 2844.634669][T17394] do_truncate+0x1a4/0x220 [ 2844.639617][T17394] path_openat+0x359d/0x3dd0 [ 2844.644727][T17394] do_filp_open+0x1fa/0x410 [ 2844.649737][T17394] do_sys_openat2+0x121/0x200 [ 2844.654935][T17394] __x64_sys_openat+0x138/0x170 [ 2844.660305][T17394] do_syscall_64+0xec/0xf80 [ 2844.665316][T17394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2844.671717][T17394] [ 2844.671717][T17394] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}: [ 2844.680220][T17394] __lock_acquire+0x15a6/0x2cf0 [ 2844.685577][T17394] lock_acquire+0x107/0x340 [ 2844.690583][T17394] down_read+0x47/0x2e0 [ 2844.695236][T17394] kernfs_iop_getattr+0x9e/0x450 [ 2844.700672][T17394] vfs_getattr_nosec+0x2e1/0x430 [ 2844.706192][T17394] loop_assign_backing_file+0x222/0x400 [ 2844.712329][T17394] lo_ioctl+0x167f/0x1c50 [ 2844.717161][T17394] lo_compat_ioctl+0x298/0x330 [ 2844.722425][T17394] compat_blkdev_ioctl+0x5d8/0x770 [ 2844.728090][T17394] __ia32_compat_sys_ioctl+0x543/0x840 [ 2844.734054][T17394] __do_fast_syscall_32+0x1dc/0x560 [ 2844.739751][T17394] do_fast_syscall_32+0x34/0x80 [ 2844.745104][T17394] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2844.751931][T17394] [ 2844.751931][T17394] other info that might help us debug this: [ 2844.751931][T17394] [ 2844.762133][T17394] Chain exists of: [ 2844.762133][T17394] &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#21 [ 2844.762133][T17394] [ 2844.776542][T17394] Possible unsafe locking scenario: [ 2844.776542][T17394] [ 2844.783967][T17394] CPU0 CPU1 [ 2844.789307][T17394] ---- ---- [ 2844.794646][T17394] lock(&q->q_usage_counter(io)#21); [ 2844.800000][T17394] lock(fs_reclaim); [ 2844.806481][T17394] lock(&q->q_usage_counter(io)#21); [ 2844.814357][T17394] rlock(&root->kernfs_iattr_rwsem); [ 2844.819704][T17394] [ 2844.819704][T17394] *** DEADLOCK *** [ 2844.819704][T17394] [ 2844.827820][T17394] 3 locks held by syz.3.10314/17394: [ 2844.833078][T17394] #0: ffff888024ec4448 (&lo->lo_mutex){+.+.}-{4:4}, at: lo_ioctl+0x11e4/0x1c50 [ 2844.842114][T17394] #1: ffff8881482ac318 (&q->q_usage_counter(io)#21){++++}-{0:0}, at: lo_ioctl+0x1604/0x1c50 [ 2844.852296][T17394] #2: ffff8881482ac350 (&q->q_usage_counter(queue)#5){+.+.}-{0:0}, at: lo_ioctl+0x1604/0x1c50 [ 2844.862640][T17394] [ 2844.862640][T17394] stack backtrace: [ 2844.868515][T17394] CPU: 1 UID: 0 PID: 17394 Comm: syz.3.10314 Tainted: G L syzkaller #0 PREEMPT(full) [ 2844.868535][T17394] Tainted: [L]=SOFTLOCKUP [ 2844.868540][T17394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2844.868552][T17394] Call Trace: [ 2844.868558][T17394] [ 2844.868565][T17394] dump_stack_lvl+0xe8/0x150 [ 2844.868585][T17394] print_circular_bug+0x2e2/0x300 [ 2844.868604][T17394] check_noncircular+0x12e/0x150 [ 2844.868622][T17394] __lock_acquire+0x15a6/0x2cf0 [ 2844.868637][T17394] ? tomoyo_path_perm+0x1e3/0x4b0 [ 2844.868713][T17394] ? kernfs_iop_getattr+0x9e/0x450 [ 2844.868727][T17394] lock_acquire+0x107/0x340 [ 2844.868740][T17394] ? kernfs_iop_getattr+0x9e/0x450 [ 2844.868757][T17394] down_read+0x47/0x2e0 [ 2844.868773][T17394] ? kernfs_iop_getattr+0x9e/0x450 [ 2844.868787][T17394] kernfs_iop_getattr+0x9e/0x450 [ 2844.868802][T17394] vfs_getattr_nosec+0x2e1/0x430 [ 2844.868820][T17394] loop_assign_backing_file+0x222/0x400 [ 2844.868840][T17394] ? __pfx_loop_assign_backing_file+0x10/0x10 [ 2844.868866][T17394] lo_ioctl+0x167f/0x1c50 [ 2844.868884][T17394] ? __pfx_lo_ioctl+0x10/0x10 [ 2844.868926][T17394] ? __lock_acquire+0x6b6/0x2cf0 [ 2844.868940][T17394] ? __lock_acquire+0x6b6/0x2cf0 [ 2844.868955][T17394] ? __lock_acquire+0x6b6/0x2cf0 [ 2844.868968][T17394] ? __lock_acquire+0x6b6/0x2cf0 [ 2844.868983][T17394] ? __lock_acquire+0x6b6/0x2cf0 [ 2844.869000][T17394] ? __lock_acquire+0x6b6/0x2cf0 [ 2844.869015][T17394] ? unwind_next_frame+0xa5/0x23d0 [ 2844.869033][T17394] ? unwind_next_frame+0xa5/0x23d0 [ 2844.869048][T17394] ? is_bpf_text_address+0x26/0x2b0 [ 2844.869073][T17394] ? is_bpf_text_address+0x26/0x2b0 [ 2844.869094][T17394] ? is_bpf_text_address+0x292/0x2b0 [ 2844.869114][T17394] ? is_bpf_text_address+0x26/0x2b0 [ 2844.869134][T17394] ? kernel_text_address+0xa5/0xe0 [ 2844.869154][T17394] ? __kernel_text_address+0xd/0x40 [ 2844.869172][T17394] ? unwind_get_return_address+0x4d/0x90 [ 2844.869188][T17394] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 2844.869209][T17394] ? arch_stack_walk+0xfc/0x150 [ 2844.869228][T17394] ? stack_trace_save+0x9c/0xe0 [ 2844.869247][T17394] ? __pfx_stack_trace_save+0x10/0x10 [ 2844.869267][T17394] ? stack_depot_save_flags+0x33/0x810 [ 2844.869332][T17394] ? kasan_save_track+0x4f/0x80 [ 2844.869369][T17394] ? kasan_save_track+0x3e/0x80 [ 2844.869382][T17394] ? kasan_save_free_info+0x46/0x50 [ 2844.869418][T17394] ? __kasan_slab_free+0x5c/0x80 [ 2844.869431][T17394] ? kfree+0x1c0/0x660 [ 2844.869450][T17394] ? tomoyo_path_number_perm+0x47a/0x5a0 [ 2844.869463][T17394] ? security_file_ioctl_compat+0xcb/0x2d0 [ 2844.869495][T17394] ? __ia32_compat_sys_ioctl+0x128/0x840 [ 2844.869507][T17394] ? __do_fast_syscall_32+0x1dc/0x560 [ 2844.869522][T17394] ? do_fast_syscall_32+0x34/0x80 [ 2844.869536][T17394] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2844.869557][T17394] ? __asan_memset+0x22/0x50 [ 2844.869577][T17394] ? blk_get_meta_cap+0x18c/0x750 [ 2844.869613][T17394] ? __pfx_blk_get_meta_cap+0x10/0x10 [ 2844.869631][T17394] lo_compat_ioctl+0x298/0x330 [ 2844.869647][T17394] ? __pfx_lo_compat_ioctl+0x10/0x10 [ 2844.869663][T17394] ? blkdev_common_ioctl+0x11d9/0x2c70 [ 2844.869683][T17394] ? kasan_quarantine_put+0xbb/0x1f0 [ 2844.869697][T17394] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 2844.869716][T17394] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 2844.869731][T17394] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 2844.869746][T17394] ? do_vfs_ioctl+0xbe8/0x1430 [ 2844.869758][T17394] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 2844.869779][T17394] ? __pfx_lo_compat_ioctl+0x10/0x10 [ 2844.869795][T17394] compat_blkdev_ioctl+0x5d8/0x770 [ 2844.869815][T17394] ? __fget_files+0x2a/0x420 [ 2844.869832][T17394] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 2844.869851][T17394] ? __fget_files+0x2a/0x420 [ 2844.869868][T17394] ? bpf_lsm_file_ioctl_compat+0x9/0x20 [ 2844.869902][T17394] __ia32_compat_sys_ioctl+0x543/0x840 [ 2844.869916][T17394] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 2844.869929][T17394] ? _raw_spin_unlock_irq+0x23/0x50 [ 2844.869949][T17394] ? lockdep_hardirqs_on+0x7b/0x110 [ 2844.869963][T17394] ? _raw_spin_unlock_irq+0x2e/0x50 [ 2844.869982][T17394] ? __ia32_compat_sys_rt_sigprocmask+0x25b/0x390 [ 2844.870004][T17394] ? __pfx___ia32_compat_sys_rt_sigprocmask+0x10/0x10 [ 2844.870019][T17394] ? rcu_is_watching+0x15/0xb0 [ 2844.870037][T17394] ? ret_from_fork_asm+0x1a/0x30 [ 2844.870059][T17394] __do_fast_syscall_32+0x1dc/0x560 [ 2844.870074][T17394] ? do_fast_syscall_32+0x34/0x80 [ 2844.870090][T17394] do_fast_syscall_32+0x34/0x80 [ 2844.870105][T17394] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2844.870124][T17394] RIP: 0023:0xf700d539 [ 2844.870137][T17394] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 2844.870150][T17394] RSP: 002b:00000000f53dc55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 2844.870165][T17394] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004c06 [ 2844.870175][T17394] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000 [ 2844.870184][T17394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2844.870192][T17394] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 2844.870200][T17394] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 2844.870214][T17394] [ 2845.412520][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2845.425963][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2845.434034][T16535] ldm_validate_partition_table(): Disk read failed. [ 2845.440648][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2845.448558][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2845.456504][T16535] Buffer I/O error on dev loop4, logical block 0, async page read [ 2845.464768][T16535] Dev loop4: unable to read RDB block 0 [ 2845.470336][T16535] loop4: unable to read partition table [ 2845.476213][T16535] loop4: partition table beyond EOD, truncated [ 2845.483466][T12265] ldm_validate_partition_table(): Disk read failed. [ 2845.490205][T12265] Dev loop4: unable to read RDB block 0 [ 2845.496265][T12265] loop4: unable to read partition table [ 2845.502748][T12265] loop4: partition table beyond EOD, truncated [ 2845.509306][T17393] ldm_validate_partition_table(): Disk read failed. [ 2845.516112][T17393] Dev loop4: unable to read RDB block 0 [ 2845.521735][T17393] loop4: unable to read partition table [ 2845.527488][T17393] loop4: partition table beyond EOD, truncated [ 2845.533750][T17393] loop_reread_partitions: partition scan of loop4 (Sj %`ր5) failed (rc=-5) [ 2845.534049][T17394] ldm_validate_partition_table(): Disk read failed. [ 2845.551988][T17394] Dev loop4: unable to read RDB block 0 [ 2845.557551][T17394] loop4: unable to read partition table [ 2845.563283][T17394] loop4: partition table beyond EOD, truncated [ 2845.569419][T17394] loop_reread_partitions: partition scan of loop4 (Sj %`ր5) failed (rc=-5)