last executing test programs: 7m30.154982264s ago: executing program 2 (id=1391): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000240)={0xc0, 0x0, 0x8000}) 7m30.042234106s ago: executing program 2 (id=1394): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x101804, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000001c0)=0x3c) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f) 7m30.037184404s ago: executing program 2 (id=1396): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000003540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000000a40)={0x4c, r1, 0x1, 0x470bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_FRAME={0x2a, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x6}, @device_a, @device_a, @initial, {0x2, 0xfff}}, 0x600, 0x8b1, {0x0, 0x6, @default_ibss_ssid}, @val, @void}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20040040}, 0x8800) 7m29.971647134s ago: executing program 2 (id=1398): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 7m29.875338795s ago: executing program 2 (id=1399): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840)={r1}, 0xc) 7m29.606334618s ago: executing program 2 (id=1404): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, r1, 0x26, 0x0, @void}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={r2, 0x0, 0x0}, 0x10) 7m29.599932318s ago: executing program 32 (id=1404): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, r1, 0x26, 0x0, @void}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={r2, 0x0, 0x0}, 0x10) 5m56.094832148s ago: executing program 0 (id=3032): setresgid(0xee01, 0x0, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) socket$nl_route(0x10, 0x3, 0x0) setresgid(0x0, 0xee00, 0x0) 5m56.044887671s ago: executing program 0 (id=3033): r0 = epoll_create1(0x80000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x20000004}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) epoll_pwait(r0, &(0x7f0000000340)=[{}], 0x1, 0x12, 0x0, 0x0) 5m55.995026196s ago: executing program 0 (id=3034): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/mem_sleep', 0x80802, 0xcd) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x7, 0x4010000000000ffd, 0x0, 0x0, 0x19, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0x6]}}) sendfile(r0, r1, 0x0, 0x7fffffff) writev(r0, &(0x7f0000000640)=[{&(0x7f00000004c0)='0', 0x1}], 0x1) 5m55.861621801s ago: executing program 0 (id=3035): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000001900)='.\x00', &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x2a05004, 0x0) mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0) 5m55.755968294s ago: executing program 0 (id=3036): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2400}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r2}]}, 0x44}}, 0x4000000) 5m55.624991744s ago: executing program 0 (id=3037): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$TCFLSH(r0, 0x400455c8, 0x9) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x2) 5m55.569010519s ago: executing program 33 (id=3037): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$TCFLSH(r0, 0x400455c8, 0x9) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x2) 4m55.719705927s ago: executing program 5 (id=3809): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100)={0x3ff8, 0x0, 0x0, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_buf(r0, 0x6, 0xd, 0x0, 0x0) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876) 4m55.633732594s ago: executing program 5 (id=3810): r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) setxattr$incfs_metadata(&(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0), 0x0, 0x0, 0x0) lremovexattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@known='user.incfs.metadata\x00') 4m55.582467349s ago: executing program 5 (id=3811): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x204a) 4m55.526147751s ago: executing program 5 (id=3812): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x103011, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0) 4m55.252989131s ago: executing program 5 (id=3813): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000280)={0x1, 0x0, [{0x3, 0x5, 0x0, 0x0, @adapter={0x5, 0x7fffffffffffffff, 0x8000000000000001, 0x80, 0x5}}]}) 4m54.993613762s ago: executing program 5 (id=3814): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x0, 0x2007, 0x1f9}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001040)='fdinfo/3\x00') read$FUSE(r1, &(0x7f0000001080)={0x2020}, 0x2020) 4m54.929225763s ago: executing program 34 (id=3814): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x0, 0x2007, 0x1f9}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001040)='fdinfo/3\x00') read$FUSE(r1, &(0x7f0000001080)={0x2020}, 0x2020) 4m37.064130917s ago: executing program 6 (id=4045): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 4m36.76511063s ago: executing program 6 (id=4050): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x40, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @action={{{}, {}, @device_a, @device_b, @from_mac=@broadcast, {0x0, 0xff}}, @ext_ch_sw={0x4, 0x4, {{0x1, 0x3, 0x8}, @void}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 4m36.710080538s ago: executing program 6 (id=4052): mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2) write$sysctl(r0, &(0x7f00000000c0)='2\x00', 0x2) 4m36.634493085s ago: executing program 6 (id=4053): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 4m36.627791707s ago: executing program 6 (id=4055): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0c02, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x8) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f00000006c0)=[{&(0x7f00000002c0)='\x00!G', 0x3}], 0x1, 0x2, 0x1) 4m36.333976323s ago: executing program 6 (id=4060): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000015c0)={0x1, 0x0, [{0x1, 0x9, 0x7, 0x1, 0x8}]}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000002c0)) 4m36.275708341s ago: executing program 35 (id=4060): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000015c0)={0x1, 0x0, [{0x1, 0x9, 0x7, 0x1, 0x8}]}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000002c0)) 2m25.581944308s ago: executing program 1 (id=5851): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x80000) syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r1) writev(r1, &(0x7f0000000040)=[{&(0x7f00000012c0)="a4eac90f8e3ae7580e2e693731ef6b447fc2057d9a84e61f40c79e10218d131f865d68b23cd7c3f2b681e2205f67f140252abcc3b8015e176881d81a9e61b6a2c92a9d8e1f51861b64e7b61bf9a131e197f5a6c6d4d887d86c79836e81c69e211d2bf4c595b01c94de464ff9aa72b6058fe774c81142bbce9bd0d83f6239362c3347e3daadb292cf3fee4766a2d43cf006a476ce0e4dd221acdcdefcf67733ed2978c2cd564772844077920cf54543db03688079168e36709dbbf84933a2415a32617f7de4336d89967c2cbcd76a973d88a3c440862bc11e51df6f1cd25f1aa711b721c33703645bcf93b775f1eb28c7640d1b7cbe44b9fc0e55d1a4d8f83b8fd537a231fe75ebb7255387d089ae7924c86b36f11d4c09d27626fd8cd62dbee1662558322e3dffdb4c4816e8ee2501b8e73eda5a8caf70487ea6edede6b8337d5ff348bd874de5b9a5058b85c0659031d237abfcdc40bd6b45d4845b08adc7bdaefa8099bef8d5f6cae07abc605dc651a21b04ae53f6d89d9fac3ec696ca9508a681ca65a4524242fae4d79e40840ce54330107125a916b03459f58e4e6c3215a97e391c069926a24d9486909ef1f0c210514e2cd81cbaa6352a2de4f5829eb670a6500c83eb8c8bd5edbe4005bfb524fce3d4796d028acf27fb9df67851db5d59b2f88d97aa591d607d602dbb9bb4211abbc8641610aae237e8d47f8381dced8001", 0x202}], 0x1) 2m24.689199588s ago: executing program 1 (id=5855): r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) ftruncate(r0, 0x8800000) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x53) close(r1) socket(0x2d, 0x2, 0x0) sendfile(r1, r0, 0x0, 0x578410ed) 2m24.68602557s ago: executing program 1 (id=5856): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000004c0)="d7aa0008000000000000000000000000e36490813fd113323b55e666c14f95dc343a46120f37bf33678cf3b781b3a2680ef6d228f5b0ebfcab7db96892cacef769dae5962a98", 0x46}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f0000000600)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b938d76d49a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af22066a990e78792625e721193af05a56194c5ef993d08f3dbad19d3e66eebda2e63f3f46ef4511cee2ff99000000000000343ef4674c45e2a085060f112b1cb0943ad978111768888a3e606c36bdbcc1672ea7b718fd44f47cd8cbd93dfea13e78fcfd3101d86d783d20afbd6bec734e21c47c563340bb712d5a78ed2f4c32983b016d64d1e7ba5eef6b56502220b71f5b1b2448debfc34542dcd62afc9c9a1f22b63a9d82e8472cf9fff384a330cb48e050b2eecdf9c40198571964e1a20524b85696c1b948001ffa0028fc2ecb1d564f8eb7ef42afe6c52d30d7171e4bdbbcf124fa3d040b1bdfaf1b00fe8b5b2a6611d2dd9b06618a3626467749e5339a304cc54cad57e91348e5a87db5b3efe2fe78f0af30b8ea389697b86a423a4055e05a5a1ecccfed2201b7391fe4eff551ce9be49c662885", 0x1c8}, {&(0x7f0000000280)="ad7819e403068856bc8ead459fd6fae9a612f74c36f68b7be5a7c3701c0cea5c79cf8576d255f5d2ea0527af47f03cfbae06dc47800061e626fce8e717b02f82505ae5142ce53ee7ce960a465a5fe8d2649170738b", 0x55}], 0x4, &(0x7f0000000380)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 2m24.571668122s ago: executing program 1 (id=5858): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$bind(&(0x7f0000000280)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f00000002c0)='./file0/../file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) chroot(&(0x7f0000000580)='./file0/../file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00') 2m24.571419543s ago: executing program 1 (id=5859): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d491009b3426c8928f3d97cb", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg$qrtr(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/161, 0xa1}], 0x1, 0x0, 0x0, 0x2000}, 0x1c, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=@deltaction={0x14, 0x31, 0x100, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1) 2m24.321968789s ago: executing program 1 (id=5860): write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) write$vga_arbiter(0xffffffffffffffff, 0x0, 0xc) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x3214, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x36, &(0x7f00000002c0)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x5501, &(0x7f0000000100)=0xb) 2m24.271911044s ago: executing program 36 (id=5860): write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) write$vga_arbiter(0xffffffffffffffff, 0x0, 0xc) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x3214, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x36, &(0x7f00000002c0)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x5501, &(0x7f0000000100)=0xb) 2m16.721431241s ago: executing program 7 (id=5935): r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x1) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x3342, 0x3}, 0x18, 0x0) landlock_restrict_self(r1, 0x5) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 2m16.721191362s ago: executing program 7 (id=5936): openat(0xffffffffffffff9c, 0x0, 0x103042, 0x0) llistxattr(0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setrlimit(0xa, &(0x7f0000000240)={0x1, 0xffffffffffffffff}) 2m16.408715639s ago: executing program 7 (id=5940): timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000000)={0x0, 0x2710}, 0x10) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x20086}], 0x1}}], 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f00000071c0)=[{{&(0x7f00000001c0)={0xa, 0x1, 0x0, @local, 0x7}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000240)="8f", 0x1}], 0x1}}], 0x1, 0x4004) 2m16.253209809s ago: executing program 7 (id=5942): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$bind(&(0x7f0000000280)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f00000002c0)='./file0/../file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) chroot(&(0x7f0000000580)='./file0/../file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00') 2m16.112780225s ago: executing program 7 (id=5946): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x50) close(r0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x2, &(0x7f0000000040)={0x3, 0x3, &(0x7f00000002c0)=ANY=[@ANYRES64=r0], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1}, 0xc) 2m15.852008506s ago: executing program 7 (id=5949): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="b0000000", @ANYRES16, @ANYBLOB="01"], 0xb0}}, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0105b08, &(0x7f0000000040)) 2m15.78486848s ago: executing program 37 (id=5949): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="b0000000", @ANYRES16, @ANYBLOB="01"], 0xb0}}, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0105b08, &(0x7f0000000040)) 2.443184606s ago: executing program 9 (id=8085): r0 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x402) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x7, 0xfffffffffffffffd, 0x0, 0xffff, 0x1, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, 0xfffffffffffffffd], 0x30000, 0x2011c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x25000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 2.187502655s ago: executing program 3 (id=8087): r0 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x21e, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xfe, 0x40, 0x3}}]}}, 0x0) mount(0x0, &(0x7f00000010c0)='.\x00', &(0x7f0000000000)='proc\x00', 0x80, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000400)='ns\x00') readlinkat(r2, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3) 2.187142653s ago: executing program 4 (id=8088): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) socket$inet6(0xa, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00') writev(r1, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3) 2.161627264s ago: executing program 4 (id=8089): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x800, 0x0, 0x0, 0x41000, 0x5a, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x63) write$P9_RLERRORu(r0, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x5a, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94) write$9p(r0, &(0x7f0000000480)="82bd1a6e", 0x4) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r0, 0x0) 2.140747509s ago: executing program 9 (id=8090): socket$inet_smc(0x2b, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r0, r2, 0x25, 0x4, @void}, 0x10) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044fe0000a8001600050003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084) 2.090776033s ago: executing program 4 (id=8091): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]}) chdir(&(0x7f00000003c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1c0) 2.066267484s ago: executing program 9 (id=8092): openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0600000004000000400000000500000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0], 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r0, 0x0, 0xa0028000}, 0x38) 2.046173638s ago: executing program 4 (id=8093): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x400000b2, 0x0, 0xfffffffffffffffd}]}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 1.123039951s ago: executing program 4 (id=8098): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value=r3}}, 0x1c) 1.121103509s ago: executing program 9 (id=8099): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) splice(r2, 0x0, r4, 0x0, 0x6, 0xc) vmsplice(r3, &(0x7f0000000200)=[{&(0x7f0000001740)='\x00', 0x1}], 0x1, 0x6) write(r0, &(0x7f0000000080)="a593", 0x2) 1.114107591s ago: executing program 3 (id=8100): ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) r0 = socket(0x2, 0x2, 0x1) bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e) r1 = socket(0x2, 0x2, 0x1) bind$unix(r1, &(0x7f0000000000)=@abs, 0x6e) r2 = socket(0x2, 0x2, 0x1) bind$unix(r2, &(0x7f0000000000)=@abs, 0x6e) 1.088919132s ago: executing program 4 (id=8101): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000600)=""/152, 0x98}], 0x1) recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4004004}}], 0x1, 0xc000) 1.024475186s ago: executing program 3 (id=8102): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r0, r0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r2 = fanotify_init(0x200, 0x0) fanotify_mark(r2, 0x21, 0x4800003e, r1, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, r0, 0x0) 939.876164ms ago: executing program 3 (id=8104): r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10) sendmmsg$inet(r0, &(0x7f0000000bc0)=[{{&(0x7f0000000180)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x20004840) sendto(r0, &(0x7f0000000040)=' ', 0x1, 0x0, 0x0, 0x0) shutdown(r0, 0x1) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) splice(r0, 0x0, r1, 0x0, 0x7ffff000, 0x0) 882.983167ms ago: executing program 9 (id=8105): prlimit64(0x0, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r0, &(0x7f00000001c0)=ANY=[], 0x200002e6) fcntl$setpipe(r0, 0x407, 0x7000000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 882.199888ms ago: executing program 3 (id=8106): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) syz_fuse_handle_req(r0, &(0x7f0000006300), 0x2000, &(0x7f00000041c0)={&(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x22110039, 0x1000, 0x0, 0x7ff, 0x58, 0x0, 0x0, 0x6, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004300)="d5c2280baf4e05cfa1d1112770cf43a123827586f0f2675b130041ff58ba6533ea7947f2f65b1d458fe88a96133ea3927f41fa6976fad8c967c88679769ee674b80debcd1ec6ce1eb490888bd66a52141fa82f51882b22a8e36ff462b51560307cd0048156800ad137f359719a9c5d6ad6a8c999984f22461c4ca6614ca4cbbd5e9103a3459228e3bd35e3c1cd5f2a83fbefafe7c5a39617ba1d856f37977da077ffcf4d52f5bb3feffa9e100b0279cb635a61ae9f5f4491bb1c9f04c041818a1ae9a25cbca38c4b4754a8be4f52db20ca464b3b4faf0ea8ff193b414e7b7a4ec8aec2e77adc43d09c62d37fc0aa6296a56a9445f264a245d41e77de43c2694cc5885ebd454a3b78b60172e3e6a2fd79efa8b5fbbe827512aa0656920858da51616244ad32e53ed039a270c042662bc966a8fa05e23a51c76585a6f753e57c63b5a1dd11c4ce8773702c5c759471b79ee9bed600d99853afda9b675f071bdf6ff4eb99cb1ae0128ac1f8132f9b7bef82221276395e59f1323c9f9f6bb937a9db0bc2088670ffc3e6233ba73d4e324df7bc866e84e82ab707ab8aadd593913dd3533cddb396e804a63155ad6911962bc49bad21faba90b5570b62d98eb5328214a7198b36ea6df9a72dc248311040e01539112e1d6bcb4ed9d7fb70d22768ec6603e4727b6ed2616eb9108524985ccd70f1361f68b1fb7088829acdd59ec5af9e84409737f0d852a3c55993cb7398b5640c458bc036115b86de7b8e68f1cff882ee5707040571c3e5c9602c773459cfecad4917d8ba2902bd64a676e2c6e507d06dbc806c13c0fd18175087440ce7d7300dfe745b8e98ac63b400e449a3f2518c6112c9864fde68f580ebc2d72e4bbd03f16a7289be813c258b02f76ce901afdafc69046c947c9e801ac635b2a95cca291c052c7f8149c92aaeaab41edb34a70604a7538c4bb6486b983416843fe6a65d7b828d66deb991e71526b7627e71c6a795a02e787bc561ec4b65d4742a129c59bc71b323850cb416f3d32494d6dbfe3ea73cb473b093ae0b0ebbbd3e3251ece756b3cc381f05ea1b8c3f7fbcbb16fc446fc084725e6c3a608221aad8d8179112f9e5ee3697346a0dc0645e530df523cf4daea14764c25da2da863adebaccefc2c83a9257b3131ac2fe04a27bf3aea8979b6f3091b4fef99e203725368d297bad3b020273d0b606d2368e2ecb0776349cb86bbcbaa5c910636527e3cbeca06b4135170d8808c5f113fcd77ecb2f099d1e663617a46ffc5275c8fcc339d315ca1583f66fe7a7e6430405c0be889826c07fcafa17f04e08bc39570a1f499092d390c5dba82d259f652307ff941e9f1f569a48144da846f14452df295553de6ef4e9ba0cd98dd16cf89d8bead08eacd4eea71cc5f8232349f2d8519b1172c724d3bbc415c19c9e679b5a96bc9051cf6f243f243366622023ab1b7039a89152e7db97f291bb3f0213c445c25caf5f0a5a2b382c841cd8a490dc97d008966e94ed0b5ce07bcc0c13b39c349e4b596147a633f3a73ab6012a1582d3d283293bd7c01f99cdbad8e18d24867c39ed0dc3fc3cc800edd23af24b225acb2cca5aa264bcda40e1432cf2cc0050efdff48fd49ae4225a983d1b12facbaaba73294eb225fff64a677d0ed2cd71bab61b3fde8a1fdae638d2036283a8a4ff5a548d05cb706f56ce7e3f55a688fa6c70393c53c33be11f34a38f61f80c8e94e50fc9d7c3695d234705bb9e0b2a8316cf54d7963f548d49f153bf796d0970ed1264c19d79eb77fd0aad4844796cec73a08206b9eca76f2ad76318a20d52e7d3338eac40d03775cca0c2b29a451cb10bc141289c2703198e7137200a360463000fab97d0da72a7b4e8aadfa8a2e559a7d06bf49d6d4a932cb29994ef7ca0c1beabf05b898bb2338e89a67373d50614300f13523fe451d4058e5a522d364ec884099ee3c6e6db8d4ec1e5dc08d127b6301a308a1d6798878c28ef828b91b529a22b7519d249a189a7eb942b94ce26148ea8bf16a44261cd9691ba980ec2d0c710dbee41756cb39b88213ad5763239ae7636e983580c41a40b0f3a3af9fa6f995ed1981d073f63a623554bb01869bdfda190bc8d9507cc067b897e1c5f0d087cf8dfcb171169541fa3cce7c3a620544c74f2d3234935a0acf6c804c43992812925cbaaa24f497e7a00efb20c45c7acb80adb3322cbe0f08d1015b40f5ae1366003ebea977b7b95f803487d10aedca3fd018cfa7b267dae604ed0ada202cbebd731f86b7c6764911d4ff0c75a318ee43b1b556781ac58fbd773b2bd0dd693f9b12fa149bbe392cb2d6bf72015912f4a120e47654d42d14107c67b4502b5ad62044d0022c7f8b255a3e46da4bb8f9e44515e4076ce7b1aefd57c4e264b2cbee4a9e8612ce8517b028067644c927a9ce7564449c8fb0471a87b9b76f374c7c2559379a3004326bdc91be5ec52672dc5fac0883ec527f2a1248601bb9267c3123568b815b90b40ba06c250e3068dee2d7fc232141eaaa130443a5775d049464ec454a7c980d9eebaa4f67a75075a6bc28ded9a5f07fe658a2b9eafa37f14055155409d1aa50be6343d13d515d0531b84644d2f58c280d6d008dee95607f67eb74c900f664d97f411f4ac6afc18f11b6fb75e78b3ff25680ed3bbf5b20969678475b86faa02a751e4cec87735645753f245047371c9e6e2e7ab5a9ea3182b4c96934a21b9df3628b478f5ef705aeda49a0609d4b8f5bf34424581557d029438306002fd4e9cff5a2d4e7d5e23c2992032d314b8fbb46ccda250070fc1b679c9c8646c5fe22d8fe2e0fff73d8153fc46ef7885aeaa2d1eabbe455544d46fdef8e3ef9debfe589870942bcc7196e62736e927c311782b5e4da2889d530a7c1550bff4909d2055941655cbcc5c924a477c80fc3b8a904cd9e62f5fb005b5b00154db5becbe327c0f3ec8314ef3fb53977ec24ff7d15aa83a13b23ab99c5332306023005d2dfb70d3ea2aefababd019ae16d304c083e38997cc94bdeb746fc151849c98dc2a23554e6fe789d3aba8bf4e31133c7f93a3cdcd884271dfdd2c45be398a5349ef5d08456178dfafa31cb4c607f09394d71b3405b3d615c7c59c125db88f72380140345d24c56094711dd833221d6b7c5864d049585605c1301c31982d19e403b601b797fe99d0bbfe30d647a913da72b4c5306f6123e7c572828308a9a8f4c686d07125d0006229c2e890ff7d3c354dde61ccd3b26069a81a98e112e61a930f253d607cda5023f002a09df6b1371638d9661c5a06bed166434f07120ad21476de8ad47296af4b449d581cddc74f9be42a84596fb0634f330a856216a9b32b080c8b66e9f51a758b9ca2e1215ddfe633714ca512032f6547217b1a60fcdb27ac8a04bc7851718b38607bc92c13118a323c3221bad99a8639762abcc4a08654da9938aeb301c55546f5ae7f61439dd883a1b2dede156a57c805ab12337d5381a2fb25b32916a8827fc4de8e2ecc70eeebeb01659d6bf88055477b863fb897d5db275a0c222d261e7df79474858b721e57747fe8997faaf36f5f175b23dd3c5efb2b93fb5824da18d635cd7027a3b0b1c87e7c90a5681682b8a7c47dc82fdd3f329c7b60270100dec8ccdd310245b92f4b0bd9a92e1f2a5733b1b91966be15a4761b06f6fe3b05b60ee7964b4d028257c2210ca88031db0590190d3714c1b6ec86e2821dca03db2fc0c9f0ad9800d1773c8037e9b38c7eb7c99618b731e0526f8453c7e1bb67cffcc2d96cc297e1f917b13dd7dda2a8b12191ed107c1e076ffd4965b9415f830be97935cac23a87f07e26354273c2663c7ef19a27dfe08543fa057e1285c909051602981f5929078214058684bc80bed493f6ef853012cb654d180e414fd484f5cb2cfd06c9b753f417697ff42794649e05fcaa3d53ad0fdfbb0db57dc549115e59978b14dd621370d136176098af2f39a2de72482a29b616e8b308b3d9b46ac9abf3d57ff89fe59b5a97966cc4b97d06c20ee4fd765e1c2abce54dc271a7c7efe656648800c27a9988583b4b76572222cb28916b9ff5f6f649de93923179809405c879a90cb450f604cbe8af55cf2a6d844a59ab0393b394e09c79e1b3c403af6eba69330f6969f78a49eb7022e77a39363f11e07fcc69f670f63c11497352f3f5bfea0aee446da35428cebe28f1c2d23ef3ff97e16ceeb2f88ab19b2b69dcdcc81b947b483cc06c776c52232489f86f4c377eb38056042e2e9e0943fc0ef1490df472b9b244235598894a2ffc296f0a2e4257baca6a3ea8cfb1a22ea8295ab9e5faaa2a9e964ae7625dbf945cdbb369265f429d475ab69413cc5bcb89af57b1b966bd0076f799a401d4b46e5045aceb1ef36e5bbfb037bb7681f2a38ef1df9b84baa3598201d13a813165355bf052bb5e456dc0abdefed995b4eb37a39b313af800f6029243a6a7bec75a23389a90034cac8df6713b919028a14649d756d0093550278aad494de2dfeb76220fd3ee5be31f73839ace7f0d6da650e26f5ded30471ed55d2e814fc1b89102e5917b4e58840ecc211eaffa5a2937abeb882ccdf29308e3ac30e23d66ee79c29b4fb7e793a55e344cac298e30f1ca3333df8b58f43126a3404a61501ce06b75e6e6a4bf13dbfb05efd7b9b4219efd428c8f7f345884640d19f5515abcce05f315f00e65d9aa8022890a23da45ede06f455d66e0c96bbf7e9cc74eddca999a51174b4784eba8a9ebed13415de6bd0f160443d43b78181cfa381313a54e25f6751a38f290e5972ff7f70692e18c4737af2a7f6d4eac52ea594a22be4fd00fac1484e6d2d4d3196b49212b49598f5bc77b34d8a3633cf7212c869557d6eb27bf0d0a02555d9318194e9de9c9730ac72daee7cad6c2d4b248a8744515670766a8f1c739917fb859d98974532477989f4c24345f120f5320fdb8d8d56fa6ff2511e701bab399513cecb3e740e3761d02685a765f5267554d0f9243b51620197adc3b561b59c58f334307220db357c1121d7dbf593898b5d2c505f333445c084a6cbc6a7e5252724c83fcee85e304534780a01e7ecceb2ef53ffb6bc6cb9051b1400493ce55d62c01e972fff3cc7d0b68a2dd4d263c9191df1b629e323797f570083f122db3df6abb6fd6c4a351bb7500c7241e4392ac76e04259968e517a43e907cb0b0533d6750b9587a1a5d852639c6b789d333e848e3ad66cbf19c5ee5a641036cb7a858f822f657dec36cc134d6c1a629cfce1f1e24dbb73d09fba04f53b2c6309d71d92211a1f08535244eefcbb52e095626bcc78b950db1cb8facc3660fa705dceef155b00aef3291367ffcea06b5abe588bbdcea2637761308dc65509798b6a494dae4a75c1922c1234248dbfcabfaab3088a0dad09a135a45d75105314020f3ba8901dc39ee624a32e9f863ff55844974b44e57b30302cd0c349f3cc091befd5665f918c298ba89454fb811ce573e41f27490853a52abd6144e85d77de88c3f2e5506c8de40a3957e65936f3b294ce92610b63cec888cb16fe0e8a7af3dd142da96b57f602cc64ba69966724584c2872e5fc42348a324ff082a3ecfded82c3e5b7292d3726c4800176acab6a7a1479a0b5fea79f299e90ffdb1b3843e2349b8f8dc7881145b3796380474c2ceb57e27726c9e50b746a2b12a214fea9cfd6c668363fe6e402710665118928fedb2f4900322b0c7d2c348881ea52278dae765c14b51fd5e8f000602aa3978d83b76056410c2260931e35d841793c8a36b191f93c33c0e4e6367ef45a1cf5145d774861224afbb11a7b77bb94492ec49827f713f8309d80d22e17701046e04c5b277f7b423cbbada01e6d40beb56e755e583b8f3de4b67c4b5ac83771b805fa7af49de2fc8b9a223293d83e7eb4eea3a3af1d1221e5d458e7cab60eaf1b51550a1b125ce018d76096f16d922f4aba48a728ec1b7d4812fe2ca789261b6d8e0c8edb3ba9007649084899c4f6b7986c1cb4a98d412c801fb91675ee42e2bb511bff6700772d3c03a7cb6adb41cbddc33053f8f65c164e9bd47b931510046506b169216d0a04edc479bc51c28acc536ced3834a7a9ce8fb55b72fa186a559437bf41f04b733e05986c915bc19f1b2f99d3bae6c13873d32e3c809b71881c3075f8dd1746f36409ac7934c25236ee2752560fcdd5175037a6fc5f0da58a229418ce30f3e64f9eb6ff3fe4498f47fdd69ceac5e792c8c9f087316f334b7f75e3432d3f1d03ee97c8f16485ec906c94e6c9580f7d03d98a8da85ec118b77c6c1d3b2e99fbf4b45e66cb4f8817f786d1f90e1e5e250be8c240a9648a219a02e62acbd72d1b0c0b42c75065a35664ea6a03cb05ea179f2e8e50e3d7ed53d31cdc10cf5fce48781fa338e3ee819f410540f045cb0edd7b2d219993faaa97cf95aa6144e889a02069421291d05eade30693a751039fece452c22d1afba081d1c40178fed7684cae475fcc365484118a184670cd7aa2758bdb01058ea9b244d5241f627bc5be11c9395e3cb839b0eac7842a312e1fc8b4ddae2aa4ef907ca5c9b847785051323e16d5497c4424289496277475bba67da750fa05bd8be730e4aabaeb94641fa2263dd3d4eb511b4fa40b8cf8b16d7aded1163f2258add79b04e1eb888afa27d057de2523863fc2da38d44cc69ae2d455900eede5fce69d7e9f8707cdb2456a45dda14d257eee4982f86259b855a0293068aa4aeff9439bc06c8ed5a370fe46fa88fa9bb92872166ac69152d1cbb4720eec5b9a057890cbb838aef12091454fe721395b46f9fa29ec1829fedf65aaec1176bb9eb15511bd77e7d4fe7321b3e0dfda95e5c90c3663956477885d6d94b280f58edbc77e864dca73536cd4988bcde2a3edb91704ad59148d85a001e393cebdb56ee088fa1033cdc6fbcbea30e2974035bfe29cee1eace13e30950bb4658886dae7e565ffd7b71e41feecbcac35fd97c81a8fff9d2a1d43f183c6e984671e06645eb0a60228d1b6c12c28bc6eaa4b9125c57b48ced2e199ed3acf12dbe10af4a56f2f5dca829fd07fc3f7e0de6913c73be0ada3e43bcbe70de784de699d0b51d7a56a3eacaf5d7dcd77d73cfb82e04633574213e05dc98850d822bc6dc90dc3fd6184296287342e2243fe6f0cf94e6d02a1b900d0c718e2afbe7fea2fafa375f209fb9cef5d844b861a1029aa3dd7081e81fe6501bbb413dcd23e013f279ef87e082335ade324b7688054992ccc63fbf9153213ab6d07ed0b79945d19639aaa5dd10e53aafe57f1e323300246cb1d6ede1eb1f319ca6fe1b0cc8e733b34818425888110b6eabe2db302310d0a8bcdd5342146b29c535cc9a95a455c8926d77323a31b948d47dc611815a329654a252fd09dbcec5f3cd8bc7e465759eb8e72ff6fd4ef1f375e4e8762a58148622d14480b7bb9aca2eeab3367a7376c9c85e6ba1735e56a2fcc6baf92c8d21942883f318eab7a568fc7ff01885a7089aa7661b15d73799bc0b8f8ce6a3b61adb6949965a223850b6825616c036e099952e04fde7cf086b5e76d45b86ab78b322f9af580173f2e798a39df7cade0d365c9d46d3fb36970f8a99d7b20a1b275afff852126f21ac24ca8c34deb49ba511f4d9edb4f56941aaaa477253f9bfc9a25a2694bbbe3b917074dd4eb6f1be20395ac33dd932a7ccf0604d64257b5af3faf271c145c190a528e471a7f23a53b5f9ea1bd0cc36410e9c538e91dd01d162edde856087b60dcba2042e65b6ae7b81787bd3308db9eb025b6fd930a9eb74a30883b83cfa8be5270dd3ee3408db7f7b136adebb3ee30f0e0b8835a0ded325363e4a2991cafd4a73483954c0f5d3358b25780608fa48f3f527c7e617ec12eb017df33f5088676d8bc476da251e608394e3d8fc0883fd4d1804f8e07f5e12ffa4ee80365a88abf29936bf1b255539fef95f5cf3bebcd26817edb28e7b6adf4851dcfe8aa1aa097f67c51557326ccf9c46ee2780d491e87774324d4dcf26f2e472a5e199b0cdef01094ea72bd5ad5fe1be6c9d545df3dc5de550665d220718a2c0baed2833cfb1428e2d1c2b9ea1e29f4b07fd6c51492643d4000716cd1e8a4f9d58b6b04b805d8962495323fd62949b17348418201664c6f2f651f99d73f8d17bb5e52dba2e6f94fa33f816d74bb6a45bd6cbdbd07f530406227c8fd11f390e805bbc17bc0e81076a27c0be023b64777afec0a7a0c3f53f03bc2ca72ae2873d68217a1a6905f414c2cb1b9561dfd07850a026da5f5775a66f8f3a6bc29b48c8a81b06ba30994ba8e7e233e3a3a5d886767ea6de91fbfc0a594c2375d62e71c7209d87d0f6c7a79a0d80da328e93f08650ec745495c771410913d094e4190075b7225761172eb420c82ab493548f6de38e17d3e687a89ce77c67c58b875c48c8a4d1664cbc6f67df357e040444fcd515d92d5823fc3ef6485208b6f3eda8cd09ea3b004f7eb06ac268ae8c3bf571aa3f619222a47540f9af340c80c587f7226e3d715b18c3ee41f64777d3a0a09f32190ad67922f6ecc63c956a715c3c42a6aaaf5e588d119210083ceaa414820b62fef87a678cd3f24f8fa3cdb6629b041cd7555974313f56d1b0e117ea925dc95e18b5d3f4ba9812f1067022945c3f5d547370d45853c4db3c9ca4436d7e649e1ac3ec02f9c1e9139849b46027d4b276cb0eb4b09848999f466f528290e47ba9540ceca89390db3fcbacb1d566e22e917f01f4442bd4dd0d350d057ffdf5b3549ca559901e6ff5147bdc25c11b23f1678f02c20e4e2e6f339b262e2b82eae0b15b4227f1d514f99ec78fbcf80c8f6f243536f2d7a809de05ae5e1d676fe950ad3513f801bbe4d16737def4b5ec4b62f8562cd5432bd372645202edeb286662d7e8d0dadac5b91c903c2756bdc4f5a7c931f2c3f7feace2b83f5459a196000e2ed1e1b2accaa9d637d5e408340161331c4b0047bf2ab31d317bb1c8f6e1b3d52f9f240bd971a447942dd4b73301781656aad9ce9b01aed907b7eb3a78397b97e601b04a4cb028d327ef32cf20c34e8dad9c9b1f981ab5c06a2b0271852e2a1016ee460d8568391c9ece5a2b8f29cbc6f2d6cc2e66c30c96df548e67dd6ad8c1ff09dfa22b2e8b2c52a3948c4febb09e3c2d34c0604a5ef930cd53be69a4bed9c9ee057178ece02a6b4df4624191590952888bdfafd2dbeca128d500872a8b236fba9623672c4dc15f56a761ee0c54026112fc464f72d3039587f009b94930dac0dbe444a939b38c0f5bce7aa366bfc2bb909db231178228846f71a56ab219e28cef1b102c1bfadbe8f0916d10a573b8cb38cc2cc2ec496a410a4e82847006d2ed4bac927a63a00416d0bfce59cc69aaf78ddc9566f23582999a655c8ad3b217486fb5a037ce089baf344d55bbd475be4e90b10e92c9c1bae3202c2d63355549f0ac95058724fea81ff9cec027e7b93e2cee43af81c6978fee5faf6216118785251b8ca023115b2f87d5d4b10c29aa3616628ab40a8ef36668ef57d7f9be505eabc01947ca222362818a71b3d63e5725a4d8a2c619b1867f70daa07703360d026d6f65247330be1ba84ddaaa7779591ca261beda4f4c094af65c5c276fe3bfb89f067c8c54af67e78f61bdc114ed4aa869c3adf282d7a8e7272579e9fd9e47611e0dc89f97561110e0141c69b1fa114e27b3d1e2c825ea008a370e08cd0a0610edef20cdd8a7cda0922fff046edfd2ff391a10ffce5dd6045619ce9af6b03f4193d858a76b201ed5beb0f11321707b7b593b23adaee4a0c0caf39dfeebcbd2948030435dc94ca00990c728502ec4686194f0f454304a422023c1b2c5b1ebbcd8cd50fa2d11361e3bbdc306e2739e27de300eda27b1c1ea62d773104cea77c18037c6bcc76423621b45abbe789b384bfdfb46efa1627ff29d9d840bf6e1f05e7e13fae6383e42ce153dcb062fa0cefd0fe9298ddbe77fd78d7036b5a815504b48267203da08ca685bfe8ae89c031074bbe5d3d6dcc6a3a8a8a4d3102765c3b714867f4516df62f214351b97bb8b5697a9f9a9dd78627342b239c524a3943d1d70f8cdd7391f05e7395731a8fc05210c6733ea256040bbbb53389229b84dafaaa3db1d5eca2971d9e550149461f1a672eae2319a99beed48934520666bc54b63085a744b5fc9a9b089b16c50ae945f74adcd4c5d064a12a6e103ef59bcc035a755ad31836eb7d04e5900d3800c822b96b466a9f6611f46b8a7d6131f91c625a5604de5bf01e5ca5d99a714c8dc1160260010f8d55f9125ee453b61c911bdf0824caa804c76d6512802875c5433de9b2e8b6c579a67fec5d2bc64ed3d1c313854221b75c9a0ed42af6f5354e7b1d1bf8661baa1261e68fc20d14b5652d25a536f208bff2b90fefa163a232696e655bcf95bed39355ec865e272fed582aae18858f5096ece40b9108efb00147f9c2ced59bfe2a79826851850ed95b35908dfb4d9ab7da0668a1fa8933ac4f6534e9598481477791fd1a1c269011ac9fe81f0491790e8aac121ffc00e38a7619a1855e6899abc2c670375a3ba4ac0cf652da89a70628cee1a35ae17b3490102e3c88ca324d06fce2151bc9de49472cf6e76ccb16d2a9cbf4161812e2c7758d73631024190fe9b71935de6968b289d3503b497f3f4b6306446ae9c312f8f1c63c1f7e62652173d9ed48cb128815bd44a12061f9b73fbdc6674ab9e0d01807f7bcfa0aa59168420e5ad8b72d7b576e273a1d229934fce2867689a41cb17767cf9defe1a96515a677ba08e10e187a3ce2f1d78e6b43b0d46c36163a1967b203df4f53379ee98422e973ab5c090adff21b5cc84fc78358021f681a0f0fd744f687e4f6c295470bf8f548d2d3dc841481dd51db9124cacde83bc9fef44a3e69e1cb28579d897f3013ac6133395328247fdcc152e5563678258936576196ced017c79bb6a4ea501a44cb25e5af1697afbdb3abb316837470ffdbe985ac3967334a90731602d3fac4f5c2758f04ec9c161a7cf330b7c7549fb62e6c15d07a7203c94edd3a8141c91b2029d6a90b14322337e6610822d9d7bff58c10d9c6cff71822f6456a421a65fdaa5d2c793f256a4e7a39f0d85d65fb95479eff79345c0615c9bbb4fb3324f9360b70dc709b0200042e8461b8cee9ce30beab3e276df48f41f001262fc14153f9764e13b50397442e00d7b11266bde10a3b7f83818086ff0015409679e4472d9e0215804fa9d21cebfa5cb5099cf88750cbeaaf58c2743f2746ea4cb73760ba88a07b91b68553716d563af5d7702219d0c600916dc54242d825c6d68320baf234a39f0b9ea9e6a4a72c4d5829b2f28508f54b33c7e0394a43fe23e7940d9b04bbe790d903a2d2c979e0ea79931b934d094fa2d5948c05cf278c341d788f2061ff617c9fa4700b1e1f0fbfa1b8c42848f2ea01cd318a8748c3336622ead25527ddbcd8a12ba3a5183f4419deb13558ed0ec99e73448c21ede0dbee9c01fc7675e54c60d4dee29c0f8fe81af6fe7b726f5d3c50dac634aefbf1ca6aa4df1b340a4109acf30939f6094c8591218729788111bfde98cd96d4b04b25bcd1bcb7f826241995573bae", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x78, 0x0, 0x100000000, {0x20000, 0x5, 0x0, {0x5, 0x0, 0x48b, 0x7, 0x400000000000007, 0xd, 0xfff7ffff, 0x6, 0x4101, 0x4000, 0xffff1854, 0xffffffffffffffff, 0x0, 0x3, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={{0x77359400}, {0x0, 0x3fffffff}}, 0x0) mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x20000, 0x0) 496.01562ms ago: executing program 8 (id=8109): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x6c6882, 0x13d) r2 = landlock_create_ruleset(&(0x7f00000001c0)={0x2fbd, 0x1}, 0x18, 0x0) landlock_restrict_self(r2, 0xf) renameat2(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', r1, &(0x7f0000000280)='./file0\x00', 0x5) 389.725229ms ago: executing program 9 (id=8110): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x100, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {0x0, 0x7}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_LIMIT={0x8, 0x2, 0x4}, @TCA_CODEL_TARGET={0x8, 0x1, 0x7fff}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) mount(0x0, 0x0, &(0x7f0000000040)='qnx6\x00', 0x221000d, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}, 0x1, 0x0, 0x0, 0x20008801}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 389.552312ms ago: executing program 8 (id=8111): r0 = syz_open_procfs(0x0, &(0x7f0000000200)='wchan\x00') preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000340)=""/228, 0x132}], 0x1, 0xfffffff6, 0x9) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a000000850000007100000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r3, r2, 0x25, 0x0, @val=@netkit={@void, @value=r3}}, 0x1c) syz_emit_ethernet(0xd81, &(0x7f0000002080)=ANY=[], 0x0) 309.421453ms ago: executing program 8 (id=8112): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x20) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x78, 0xfff, 0x3fffc, 0x800000180, 0x2, 0x522, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x4005, 0x8, 0xfffffffffffffffc, 0x45, 0xfffffffffffffffd, 0xbd7], 0xd5dd0000, 0x1c6017}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 309.036156ms ago: executing program 8 (id=8113): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000884) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfeffbddc, {0x0, 0x0, 0x0, r3, {0x10}, {}, {0xe, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x4040098}, 0x0) 149.682181ms ago: executing program 8 (id=8114): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000001c0)) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f) r2 = dup2(r1, r1) read$FUSE(r2, &(0x7f00000063c0)={0x2020}, 0x2020) write$dsp(r0, &(0x7f0000000380)="8f02b1145e6308d98e553f07835f9de2b8389279a5becfcec34a3d806185be01242abe00d48cc72f5609a070748b29eb2f75f44e93bda8a5efda9fdb8d81de5c", 0x40) 149.466935ms ago: executing program 8 (id=8115): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000002c0)=ANY=[@ANYRES32=r2, @ANYBLOB="02"], 0x9) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000400)='`', 0x1}], 0x1}, 0x20000000) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000100)={r2, 0x2}, 0x8) 0s ago: executing program 3 (id=8116): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01030003000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010001ffffcfffffffdffffff00000000", @ANYRES32=0x0, @ANYBLOB="0002010000000000240012800b00010065727370616e000014000280050016000000000008000700ac1414bb08000a00", @ANYRES32=r3], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x0) kernel console output (not intermixed with test programs): 86.234047][ T40] audit: type=1326 audit(1778485380.125:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 386.241331][ T40] audit: type=1326 audit(1778485380.125:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 386.253812][ T40] audit: type=1326 audit(1778485380.125:2377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 386.262041][ T40] audit: type=1326 audit(1778485380.125:2378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 386.268818][ T40] audit: type=1326 audit(1778485380.125:2379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 386.275893][ T40] audit: type=1326 audit(1778485380.125:2380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7fe8 code=0x7ffc0000 [ 386.282826][ T40] audit: type=1326 audit(1778485380.125:2381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7fe8 code=0x7ffc0000 [ 386.289842][ T40] audit: type=1326 audit(1778485380.125:2382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.3.5526" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7fe8 code=0x7ffc0000 [ 386.377751][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 386.505241][ T24] usb 8-1: new high-speed USB device number 58 using dummy_hcd [ 386.596727][T19050] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 386.675236][ T24] usb 8-1: Using ep0 maxpacket: 16 [ 386.680567][ T24] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 386.684984][ T24] usb 8-1: config 0 has no interface number 0 [ 386.691382][ T24] usb 8-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 386.695803][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.698833][ T24] usb 8-1: Product: syz [ 386.700475][ T24] usb 8-1: Manufacturer: syz [ 386.702135][ T24] usb 8-1: SerialNumber: syz [ 386.705599][ T24] usb 8-1: config 0 descriptor?? [ 386.709237][ T24] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 386.894616][ T857] libceph: connect (1)[c::]:6789 error -101 [ 386.896833][ T857] libceph: mon0 (1)[c::]:6789 connect error [ 386.949998][ T50] libceph: connect (1)[b::]:6789 error -101 [ 386.952108][ T50] libceph: mon0 (1)[b::]:6789 connect error [ 386.989548][ T24] gspca_spca1528: reg_w err -71 [ 387.005211][ T24] spca1528 8-1:0.1: probe with driver spca1528 failed with error -71 [ 387.009768][ T24] usb 8-1: USB disconnect, device number 58 [ 387.153968][T19097] macvtap1: entered promiscuous mode [ 387.157075][T19097] macvtap1: entered allmulticast mode [ 387.159438][T19097] veth1_vlan: entered allmulticast mode [ 387.170813][T19097] macvtap2: entered promiscuous mode [ 387.173475][T19097] macvtap2: entered allmulticast mode [ 387.175220][ T857] libceph: connect (1)[c::]:6789 error -101 [ 387.177880][ T857] libceph: mon0 (1)[c::]:6789 connect error [ 387.225712][ T24] libceph: connect (1)[b::]:6789 error -101 [ 387.227873][ T24] libceph: mon0 (1)[b::]:6789 connect error [ 387.416937][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 387.685249][ T857] libceph: connect (1)[c::]:6789 error -101 [ 387.687094][ T857] libceph: mon0 (1)[c::]:6789 connect error [ 387.721735][T19070] ceph: No mds server is up or the cluster is laggy [ 387.723752][T19082] ceph: No mds server is up or the cluster is laggy [ 387.746030][ T24] libceph: connect (1)[b::]:6789 error -101 [ 387.748173][ T24] libceph: mon0 (1)[b::]:6789 connect error [ 387.905902][ T34] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 388.071421][ T34] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 388.076588][ T34] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 388.079540][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 388.082061][ T34] usb 6-1: SerialNumber: syz [ 388.285928][ T40] kauditd_printk_skb: 32 callbacks suppressed [ 388.285940][ T40] audit: type=1326 audit(1778485382.185:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19125 comm="syz.4.5561" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 388.456059][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 388.715561][ T34] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 389.122498][ T1340] usb 6-1: USB disconnect, device number 50 [ 389.125632][ T1340] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device [ 389.248812][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 389.398370][T19169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5569'. [ 389.485124][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 389.904335][T19215] input: syz0 as /devices/virtual/input/input71 [ 390.346984][T19244] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5599'. [ 390.485129][ T5826] usb 12-1: new high-speed USB device number 18 using dummy_hcd [ 390.525339][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 390.553538][T19254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5604'. [ 390.635433][ T5826] usb 12-1: Using ep0 maxpacket: 16 [ 390.638441][ T5826] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 390.641675][ T5826] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 390.645057][ T5826] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 390.648451][ T5826] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 390.652514][ T5826] usb 12-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 390.660855][ T5826] usb 12-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 390.664731][ T5826] usb 12-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 390.668456][ T5826] usb 12-1: Manufacturer: syz [ 390.672863][ T5826] usb 12-1: config 0 descriptor?? [ 390.808866][ T40] audit: type=1326 audit(1778485384.705:2416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19263 comm="syz.4.5607" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 390.845307][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 390.935060][ T5826] rc_core: IR keymap rc-hauppauge not found [ 390.937222][ T5826] Registered IR keymap rc-empty [ 390.939201][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 390.955188][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 390.977938][ T5826] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0 [ 390.987904][ T5826] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0/input72 [ 391.001384][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.015025][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.035891][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.065839][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.085176][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.105182][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.125862][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.145115][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.165122][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.185081][ T5826] mceusb 12-1:0.0: Error: mce write submit urb error = -90 [ 391.206214][ T5826] mceusb 12-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 391.209594][ T5826] mceusb 12-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 391.216471][ T5826] usb 12-1: USB disconnect, device number 18 [ 391.304171][T19290] netlink: 'syz.1.5617': attribute type 1 has an invalid length. [ 391.318825][T19290] bond1: entered promiscuous mode [ 391.320862][T19290] 8021q: adding VLAN 0 to HW filter on device bond1 [ 391.345132][T19290] bond1: (slave bridge1): making interface the new active one [ 391.347654][T19290] bridge1: entered promiscuous mode [ 391.349958][T19290] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 391.565629][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 392.116821][T19326] tipc: Started in network mode [ 392.118437][T19326] tipc: Node identity ac14140f, cluster identity 4711 [ 392.120755][T19326] tipc: New replicast peer: 255.255.255.255 [ 392.123083][T19326] tipc: Enabled bearer , priority 10 [ 392.128119][T19326] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5639'. [ 392.131087][T19326] tipc: Disabling bearer [ 392.285405][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 392.304738][T19331] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5633'. [ 392.605244][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 393.054793][T19353] tipc: New replicast peer: 255.255.255.255 [ 393.062552][T19353] tipc: Enabled bearer , priority 10 [ 393.067133][T19353] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5644'. [ 393.070877][T19353] tipc: Disabling bearer [ 393.265101][ T9] usb 12-1: new high-speed USB device number 19 using dummy_hcd [ 393.407794][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 393.415130][ T9] usb 12-1: Using ep0 maxpacket: 8 [ 393.427103][ T9] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 393.433993][ T9] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 393.445641][ T9] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 393.453723][ T9] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 393.457600][ T9] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 393.463074][ T9] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 393.467060][ T9] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.503179][ T226] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.656001][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 393.661973][ T226] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.779208][ T226] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.957025][ T226] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.176200][ T226] bridge_slave_1: left allmulticast mode [ 394.178242][ T226] bridge_slave_1: left promiscuous mode [ 394.180254][ T226] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.184224][ T226] bridge_slave_0: left allmulticast mode [ 394.186677][ T226] bridge_slave_0: left promiscuous mode [ 394.188664][ T226] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.236963][T19376] usbtmc 12-1:16.0: simple control status returned 0 [ 394.383947][ T226] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 394.397313][ T226] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 394.404545][ T226] bond0 (unregistering): Released all slaves [ 394.438470][ T24] usb 12-1: USB disconnect, device number 19 [ 394.567074][ T5452] 8021q: adding VLAN 0 to HW filter on device eth6 [ 394.685213][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 394.741013][ T5452] 8021q: adding VLAN 0 to HW filter on device eth7 [ 394.770519][ T226] hsr_slave_0: left promiscuous mode [ 394.773685][ T226] hsr_slave_1: left promiscuous mode [ 394.778061][ T226] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 394.781385][ T226] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 394.785330][ T226] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.788453][ T226] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 394.807390][ T226] veth1_macvtap: left promiscuous mode [ 394.809734][ T226] veth0_macvtap: left promiscuous mode [ 394.812183][ T226] veth1_vlan: left promiscuous mode [ 394.814601][ T226] veth0_vlan: left promiscuous mode [ 395.150565][ T226] team0 (unregistering): Port device team_slave_1 removed [ 395.178233][ T226] team0 (unregistering): Port device team_slave_0 removed [ 395.326229][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 395.532424][ T5452] 8021q: adding VLAN 0 to HW filter on device eth8 [ 395.706343][ T5452] 8021q: adding VLAN 0 to HW filter on device eth9 [ 395.735193][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 395.848645][T19427] tipc: Enabling of bearer rejected, already enabled [ 395.852356][T19427] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5657'. [ 395.855856][T19427] tipc: Disabling bearer [ 395.948241][ T40] audit: type=1326 audit(1778485389.845:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000 [ 395.958176][ T40] audit: type=1326 audit(1778485389.845:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000 [ 395.969514][ T40] audit: type=1326 audit(1778485389.845:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f76fcc code=0x7ffc0000 [ 395.978741][ T40] audit: type=1326 audit(1778485389.845:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000 [ 395.989008][ T40] audit: type=1326 audit(1778485389.845:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000 [ 395.998190][ T40] audit: type=1326 audit(1778485389.845:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f76fcc code=0x7ffc0000 [ 396.008406][ T40] audit: type=1326 audit(1778485389.845:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f76fe8 code=0x7ffc0000 [ 396.017901][ T40] audit: type=1326 audit(1778485389.845:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f76fe8 code=0x7ffc0000 [ 396.027368][ T40] audit: type=1326 audit(1778485389.845:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f76fe8 code=0x7ffc0000 [ 396.036650][ T40] audit: type=1326 audit(1778485389.845:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19435 comm="syz.7.5661" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f76fe8 code=0x7ffc0000 [ 396.425379][T19443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5664'. [ 396.765878][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 397.412465][T19469] Bluetooth: hci0: unsupported parameter 255 [ 397.415212][T19469] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 397.418645][T19468] netlink: 'syz.4.5674': attribute type 2 has an invalid length. [ 397.458675][T19471] netlink: 'syz.1.5676': attribute type 1 has an invalid length. [ 397.469921][T19471] bond2: entered promiscuous mode [ 397.471846][T19471] 8021q: adding VLAN 0 to HW filter on device bond2 [ 397.499361][T19471] 8021q: adding VLAN 0 to HW filter on device bond2 [ 397.502762][T19471] bond2: (slave vcan1): The slave device specified does not support setting the MAC address [ 397.507182][T19471] bond2: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 397.514758][T19471] bond2: (slave vcan1): making interface the new active one [ 397.517859][T19471] vcan1: entered promiscuous mode [ 397.522836][T19471] bond2: (slave vcan1): Enslaving as an active interface with an up link [ 397.631223][T19486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5679'. [ 397.659758][T19486] vxlan3: entered promiscuous mode [ 397.668282][ T60] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 397.671459][ T60] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 397.674632][ T60] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 397.679400][ T60] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 397.805198][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 398.365288][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 398.845263][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.118214][T19519] A link change request failed with some changes committed already. Interface sit1 may have been left with an inconsistent configuration, please check. [ 399.580073][T19521] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5697'. [ 399.895528][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.178149][T19543] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.182854][T19543] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.187373][T19543] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.190602][T19543] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.193706][T19543] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.593471][T19550] syz.7.5708 (19550): drop_caches: 2 [ 401.181460][T19575] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 401.410277][T19581] syz.3.5720 (19581): drop_caches: 2 [ 402.223985][T19596] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5733'. [ 402.573038][T19611] netlink: 212348 bytes leftover after parsing attributes in process `syz.7.5730'. [ 402.656880][T19616] syz.4.5731 (19616): drop_caches: 2 [ 403.046737][ T58] net_ratelimit: 744 callbacks suppressed [ 403.046761][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 403.097142][ T40] kauditd_printk_skb: 590 callbacks suppressed [ 403.097158][ T40] audit: type=1800 audit(1778485396.995:3017): pid=19629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.5738" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0 [ 404.135941][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 404.455783][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 405.091194][T19637] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.5743'. [ 405.155765][T19643] syz.3.5749 (19643): drop_caches: 2 [ 405.165346][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 405.354059][T19653] syz.1.5755 (19653): drop_caches: 2 [ 405.365139][ T24] usb 9-1: new full-speed USB device number 43 using dummy_hcd [ 405.683460][T19664] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 405.965952][T19677] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5754'. [ 406.207131][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 407.255588][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 407.485197][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 407.536778][T19717] netlink: 'syz.7.5770': attribute type 2 has an invalid length. [ 408.152736][ T24] usb 9-1: unable to get BOS descriptor or descriptor too short [ 408.157734][ T24] usb 9-1: unable to read config index 0 descriptor/start: -71 [ 408.165230][ T24] usb 9-1: can't read configurations, error -71 [ 408.201166][T19722] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 408.248457][T19725] syz.7.5773 (19725): drop_caches: 2 [ 408.285287][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.335466][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.620948][T19755] syz.7.5778 (19755): drop_caches: 2 [ 410.033913][T19781] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 410.057396][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 410.365455][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 410.373234][T19792] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5794'. [ 410.461807][T19803] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5798'. [ 410.871357][T19815] syzkaller1: entered promiscuous mode [ 410.873680][T19815] syzkaller1: entered allmulticast mode [ 411.405295][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 412.335911][T19864] tipc: Cannot configure node identity twice [ 412.452564][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 412.755137][ T857] usb 12-1: new high-speed USB device number 20 using dummy_hcd [ 412.915154][ T857] usb 12-1: Using ep0 maxpacket: 8 [ 412.923480][ T857] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 412.931075][ T857] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 412.936548][ T857] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 412.940682][ T857] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 412.945860][ T857] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 412.949203][ T857] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 412.953670][ T857] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 412.958646][ T857] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.960482][ T40] audit: type=1326 audit(1778485406.855:3018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19883 comm="syz.1.5830" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa6fcc code=0x0 [ 413.171819][ T857] usb 12-1: usb_control_msg returned -32 [ 413.173719][ T857] usbtmc 12-1:16.0: can't read capabilities [ 413.486656][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 413.565285][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 413.889273][T19895] usbtmc 12-1:16.0: usb_control_msg returned -71 [ 413.897341][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 413.901299][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 414.090699][ T1340] usb 12-1: USB disconnect, device number 20 [ 414.525417][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 414.757418][T19926] bridge0: port 3(syz_tun) entered blocking state [ 414.761913][T19926] bridge0: port 3(syz_tun) entered disabled state [ 414.764410][T19926] syz_tun: entered allmulticast mode [ 414.770666][T19926] syz_tun: entered promiscuous mode [ 414.915419][ T9] usb 12-1: new high-speed USB device number 21 using dummy_hcd [ 415.076491][ T9] usb 12-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 415.081432][ T9] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.087705][ T9] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.091981][ T9] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 415.099993][ T9] usb 12-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 415.103919][ T9] usb 12-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 415.107506][ T9] usb 12-1: Manufacturer: syz [ 415.112184][ T9] usb 12-1: config 0 descriptor?? [ 415.528448][ T9] appleir 0003:05AC:8243.0036: unknown main item tag 0x0 [ 415.535171][ T9] appleir 0003:05AC:8243.0036: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0 [ 415.567599][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 416.039495][ T24] usb 12-1: USB disconnect, device number 21 [ 416.428791][T16857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 416.438387][T16857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 416.446232][T16857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 416.452825][T16857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 416.458958][T16857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 416.477992][T16829] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 416.482241][T16829] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 416.485126][T16829] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 416.491869][T16829] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 416.494880][T16829] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 416.605145][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 416.878654][T19966] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.881823][T19966] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.885757][T19966] bridge_slave_0: entered allmulticast mode [ 416.890350][T19966] bridge_slave_0: entered promiscuous mode [ 416.898259][T19966] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.901326][T19966] bridge0: port 2(bridge_slave_1) entered disabled state [ 416.904680][T19966] bridge_slave_1: entered allmulticast mode [ 416.912679][T19966] bridge_slave_1: entered promiscuous mode [ 416.925900][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 416.939308][T19966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 416.945375][T19966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 416.963545][T19966] team0: Port device team_slave_0 added [ 416.967526][T19966] team0: Port device team_slave_1 added [ 416.990136][T19966] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 416.993019][T19966] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 417.002481][T19966] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 417.007675][T19966] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 417.010474][T19966] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 417.019661][T19966] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 417.044475][T19966] hsr_slave_0: entered promiscuous mode [ 417.047425][T19966] hsr_slave_1: entered promiscuous mode [ 417.050128][T19966] debugfs: 'hsr0' already exists in 'hsr' [ 417.052049][T19966] Cannot create hsr debugfs directory [ 417.182873][T19966] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 417.185630][T20007] 9pnet: p9_errstr2errno: server reported unknown error ÿÿ [ 417.189988][T19966] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 417.193205][T19966] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 417.202383][T19966] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 417.205664][T19966] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 417.209690][T19966] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 417.213312][T19966] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 417.227797][T19966] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 417.245973][T20010] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 417.251054][T20010] batman_adv: batadv0: Adding interface: ip6gretap1 [ 417.253531][T20010] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1568 would solve the problem. [ 417.254637][T20016] netlink: 'syz.7.5871': attribute type 30 has an invalid length. [ 417.263635][T20010] batman_adv: batadv0: Interface activated: ip6gretap1 [ 417.295786][T19966] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.298113][T19966] bridge0: port 2(bridge_slave_1) entered forwarding state [ 417.300539][T19966] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.302813][T19966] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.317295][T20019] netlink: 'syz.7.5871': attribute type 30 has an invalid length. [ 417.366989][T19966] 8021q: adding VLAN 0 to HW filter on device bond0 [ 417.377359][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 417.380871][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.393137][T19966] 8021q: adding VLAN 0 to HW filter on device team0 [ 417.414189][ T226] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.417393][ T226] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.430155][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.432962][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 417.645300][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 417.727728][T19966] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 417.889069][T19966] veth0_vlan: entered promiscuous mode [ 417.895737][T19966] veth1_vlan: entered promiscuous mode [ 417.917668][T19966] veth0_macvtap: entered promiscuous mode [ 417.923428][T19966] veth1_macvtap: entered promiscuous mode [ 417.934417][T19966] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 417.941326][T19966] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 417.951648][ T13] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.954812][ T183] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.958419][ T183] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.961083][ T183] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.026823][ T183] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.030792][ T183] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.061963][ T226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.065848][ T226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.385470][ T58] usb 8-1: new high-speed USB device number 59 using dummy_hcd [ 418.525478][T16829] Bluetooth: hci1: command tx timeout [ 418.555101][ T58] usb 8-1: Using ep0 maxpacket: 16 [ 418.558518][ T58] usb 8-1: too many configurations: 123, using maximum allowed: 8 [ 418.563031][ T58] usb 8-1: config 0 has no interfaces? [ 418.566794][ T58] usb 8-1: config 0 has no interfaces? [ 418.570222][ T58] usb 8-1: config 0 has no interfaces? [ 418.573629][ T58] usb 8-1: config 0 has no interfaces? [ 418.577602][ T58] usb 8-1: config 0 has no interfaces? [ 418.581519][ T58] usb 8-1: config 0 has no interfaces? [ 418.584833][ T58] usb 8-1: config 0 has no interfaces? [ 418.588489][ T58] usb 8-1: config 0 has no interfaces? [ 418.592052][ T58] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 418.596126][ T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 418.599745][ T58] usb 8-1: SerialNumber: syz [ 418.604456][ T58] usb 8-1: config 0 descriptor?? [ 418.685693][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 419.064275][ T50] usb 8-1: USB disconnect, device number 59 [ 419.725565][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 419.965292][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 420.615412][T16829] Bluetooth: hci1: command tx timeout [ 420.765213][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 420.823189][ T40] audit: type=1326 audit(1778485414.715:3019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20058 comm="syz.7.5887" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f76fcc code=0x0 [ 420.910202][T20063] kernel read not supported for file /cpuacct.usage_percpu (pid: 20063 comm: syz.4.5879) [ 420.915238][ T40] audit: type=1800 audit(1778485414.805:3020): pid=20063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5879" name="cpuacct.usage_percpu" dev="mqueue" ino=93824 res=0 errno=0 [ 421.806446][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.084765][T20099] input: syz0 as /devices/virtual/input/input73 [ 422.535468][T20117] netlink: 'syz.8.5901': attribute type 1 has an invalid length. [ 422.539059][T20117] netlink: 224 bytes leftover after parsing attributes in process `syz.8.5901'. [ 422.632947][T20128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.638309][T20128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.642094][T20128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.649129][T20128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.652169][T20128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.695636][T16829] Bluetooth: hci1: command tx timeout [ 423.063544][T20155] netlink: 80 bytes leftover after parsing attributes in process `syz.3.5916'. [ 423.158699][T20167] netlink: 'syz.8.5921': attribute type 2 has an invalid length. [ 423.162075][T20167] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5921'. [ 423.411917][ T40] audit: type=1326 audit(1778485417.305:3021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.420914][ T40] audit: type=1326 audit(1778485417.305:3022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.428368][ T40] audit: type=1326 audit(1778485417.315:3023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.438063][ T40] audit: type=1326 audit(1778485417.315:3024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.447214][ T40] audit: type=1326 audit(1778485417.315:3025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.459806][ T40] audit: type=1326 audit(1778485417.315:3026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.469216][ T40] audit: type=1326 audit(1778485417.315:3027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.477296][ T40] audit: type=1326 audit(1778485417.315:3028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20184 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7fe7fcc code=0x7ffc0000 [ 423.885799][ T5826] net_ratelimit: 195 callbacks suppressed [ 423.885813][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.125879][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.130478][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.720907][ T183] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.765254][T16829] Bluetooth: hci1: command tx timeout [ 424.929974][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.931287][T16857] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 424.949003][T16857] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 424.952099][T16857] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 424.956196][T16857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 424.961085][T16857] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 424.974055][ T183] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.131183][ T183] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.236710][ T183] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.730096][T20210] Set syz1 is full, maxelem 65536 reached [ 425.830397][ T183] bond1 (unregistering): (slave bridge1): Releasing backup interface [ 425.833113][ T183] bridge1 (unregistering): left promiscuous mode [ 425.880935][T20283] 9pnet: p9_errstr2errno: server reported unknown error  [ 425.899865][ T183] bond0 (unregistering): Released all slaves [ 425.908434][ T183] bond1 (unregistering): Released all slaves [ 425.920510][T20239] bridge0: port 1(bridge_slave_0) entered blocking state [ 425.924711][T20239] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.928713][T20239] bridge_slave_0: entered allmulticast mode [ 425.932768][T20239] bridge_slave_0: entered promiscuous mode [ 425.938772][ T5452] 8021q: adding VLAN 0 to HW filter on device eth10 [ 425.951992][T20239] bridge0: port 2(bridge_slave_1) entered blocking state [ 425.965176][T20239] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.968728][T20239] bridge_slave_1: entered allmulticast mode [ 425.973046][T20239] bridge_slave_1: entered promiscuous mode [ 426.001184][T20239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 426.008139][T20239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 426.030141][ T183] tipc: Left network mode [ 426.052115][T20239] team0: Port device team_slave_0 added [ 426.074281][T20239] team0: Port device team_slave_1 added [ 426.100584][T20239] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 426.102900][T20239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 426.113012][T20239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 426.119295][T20239] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 426.122628][T20239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 426.135400][T20239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 426.172647][T20239] hsr_slave_0: entered promiscuous mode [ 426.175154][T20239] hsr_slave_1: entered promiscuous mode [ 426.177530][T20239] debugfs: 'hsr0' already exists in 'hsr' [ 426.179420][T20239] Cannot create hsr debugfs directory [ 426.241138][ T5452] 8021q: adding VLAN 0 to HW filter on device eth11 [ 426.319795][ T183] hsr_slave_0: left promiscuous mode [ 426.327439][ T183] hsr_slave_1: left promiscuous mode [ 426.340370][ T183] veth1_macvtap: left promiscuous mode [ 426.342265][ T183] veth0_macvtap: left promiscuous mode [ 426.344276][ T183] veth1_vlan: left promiscuous mode [ 426.346482][ T183] veth0_vlan: left promiscuous mode [ 426.385049][ T843] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 426.535135][ T843] usb 13-1: Using ep0 maxpacket: 16 [ 426.538260][ T843] usb 13-1: too many configurations: 123, using maximum allowed: 8 [ 426.542509][ T843] usb 13-1: config 0 has no interfaces? [ 426.546050][ T843] usb 13-1: config 0 has no interfaces? [ 426.549553][ T843] usb 13-1: config 0 has no interfaces? [ 426.553035][ T843] usb 13-1: config 0 has no interfaces? [ 426.559513][ T843] usb 13-1: config 0 has no interfaces? [ 426.563778][ T843] usb 13-1: config 0 has no interfaces? [ 426.569747][ T843] usb 13-1: config 0 has no interfaces? [ 426.573184][ T843] usb 13-1: config 0 has no interfaces? [ 426.577007][ T843] usb 13-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 426.581097][ T843] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 426.584541][ T843] usb 13-1: SerialNumber: syz [ 426.590549][ T843] usb 13-1: config 0 descriptor?? [ 426.730781][T20301] netlink: 'syz.3.5965': attribute type 6 has an invalid length. [ 426.820324][ T5452] 8021q: adding VLAN 0 to HW filter on device eth12 [ 426.831374][T20239] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 426.864644][T20239] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 426.869100][T20239] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 426.891583][T20239] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 426.896317][T20239] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 426.902798][T20239] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 426.907681][T20239] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 426.925382][T20239] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 427.016508][T16829] Bluetooth: hci2: command tx timeout [ 427.066885][ T34] usb 13-1: USB disconnect, device number 2 [ 427.118408][T20239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 427.128293][T20239] 8021q: adding VLAN 0 to HW filter on device team0 [ 427.135182][ T92] bridge0: port 1(bridge_slave_0) entered blocking state [ 427.137550][ T92] bridge0: port 1(bridge_slave_0) entered forwarding state [ 427.146254][ T92] bridge0: port 2(bridge_slave_1) entered blocking state [ 427.148605][ T92] bridge0: port 2(bridge_slave_1) entered forwarding state [ 427.171116][ T5452] 8021q: adding VLAN 0 to HW filter on device eth13 [ 427.426575][T20239] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 427.505037][ T843] usb 8-1: new high-speed USB device number 60 using dummy_hcd [ 427.577756][T20239] veth0_vlan: entered promiscuous mode [ 427.583030][T20239] veth1_vlan: entered promiscuous mode [ 427.599897][T20239] veth0_macvtap: entered promiscuous mode [ 427.604558][T20239] veth1_macvtap: entered promiscuous mode [ 427.619477][T20239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 427.629487][T20239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 427.638309][ T92] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.641748][ T92] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.659052][ T92] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.662809][ T92] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.674640][ T843] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 427.680849][ T843] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 427.691006][ T843] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 427.697571][ T843] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.722943][T20335] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 427.750726][ T92] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.755734][ T92] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 427.770186][ T843] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 427.805620][ T92] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.808666][ T92] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 428.009347][ T843] usb 8-1: USB disconnect, device number 60 [ 428.036336][T20383] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5983'. [ 428.040296][T20383] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5983'. [ 428.275157][ T9168] usb 14-1: new high-speed USB device number 2 using dummy_hcd [ 428.436657][ T9168] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 428.440358][ T9168] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 428.443634][ T9168] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 428.448006][ T9168] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 428.451024][ T9168] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.454988][ T9168] usb 14-1: config 0 descriptor?? [ 428.866153][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.868581][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.870917][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.873249][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.876576][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.878997][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.881352][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.883687][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.886172][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.888619][ T9168] plantronics 0003:047F:FFFF.0037: unknown main item tag 0x0 [ 428.893497][ T9168] plantronics 0003:047F:FFFF.0037: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 429.095120][T16829] Bluetooth: hci2: command tx timeout [ 429.128089][ T5826] usb 14-1: USB disconnect, device number 2 [ 429.717396][T20399] input: syz0 as /devices/virtual/input/input74 [ 431.066413][T20445] input: syz1 as /devices/virtual/input/input75 [ 431.075080][T20445] input: failed to attach handler leds to device input75, error: -6 [ 431.158028][T20451] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6018'. [ 431.178028][T16829] Bluetooth: hci2: command tx timeout [ 431.525505][ T857] usb 8-1: new high-speed USB device number 61 using dummy_hcd [ 431.675062][ T857] usb 8-1: Using ep0 maxpacket: 8 [ 431.680572][ T857] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 431.685260][ T857] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 431.689898][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 431.695197][ T857] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 431.700615][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 431.705618][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 431.710471][ T857] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 431.716114][ T857] usb 8-1: config 168 interface 0 has no altsetting 0 [ 431.722046][ T857] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 431.725248][ T857] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 431.730153][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 431.735043][ T857] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 431.740071][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 431.745086][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 431.749332][ T857] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 431.754779][ T857] usb 8-1: config 168 interface 0 has no altsetting 0 [ 431.759726][ T857] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 431.763011][ T857] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 431.767828][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 431.772953][ T857] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 431.780603][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 431.787026][ T857] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 431.793089][ T857] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 431.798126][ T857] usb 8-1: config 168 interface 0 has no altsetting 0 [ 431.802719][ T857] usb 8-1: string descriptor 0 read error: -22 [ 431.804807][ T857] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 431.808621][ T857] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.817510][ T857] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 432.071468][ T857] usb 8-1: USB disconnect, device number 61 [ 433.248425][T16829] Bluetooth: hci2: command tx timeout [ 433.804332][ T40] kauditd_printk_skb: 23 callbacks suppressed [ 433.804349][ T40] audit: type=1800 audit(1778485427.695:3052): pid=20523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.6037" name=06 dev="tmpfs" ino=81 res=0 errno=0 [ 434.192995][T20533] netlink: 40 bytes leftover after parsing attributes in process `syz.9.6041'. [ 434.248069][T20537] input: syz0 as /devices/virtual/input/input76 [ 435.042617][T20559] netlink: 'syz.4.6052': attribute type 1 has an invalid length. [ 435.046653][T20559] netlink: 16150 bytes leftover after parsing attributes in process `syz.4.6052'. [ 435.691716][T20535] Set syz1 is full, maxelem 65536 reached [ 435.714724][T20577] netlink: set zone limit has 4 unknown bytes [ 435.816611][T20583] netlink: 876 bytes leftover after parsing attributes in process `syz.8.6063'. [ 435.823352][T20583] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6063'. [ 436.949329][T20574] Set syz1 is full, maxelem 65536 reached [ 439.211141][T20730] kvm: Disabled LAPIC found during irq injection [ 440.976798][T20741] Set syz1 is full, maxelem 65536 reached [ 442.319319][T20849] netlink: 'syz.8.6168': attribute type 1 has an invalid length. [ 442.349773][T20849] bond1: entered promiscuous mode [ 442.352581][T20849] 8021q: adding VLAN 0 to HW filter on device bond1 [ 442.577667][ T24] usb 14-1: new full-speed USB device number 3 using dummy_hcd [ 442.693350][T20864] veth0: entered promiscuous mode [ 442.697724][T20864] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6174'. [ 442.748146][ T24] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 442.752466][ T24] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 442.760145][ T24] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 442.766749][ T24] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.856940][T20868] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.6176'. [ 442.986043][ T24] usb 14-1: usb_control_msg returned -32 [ 442.988696][ T24] usbtmc 14-1:16.0: can't read capabilities [ 443.079209][T20889] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6185'. [ 443.540054][ T58] usb 14-1: USB disconnect, device number 3 [ 444.617108][ T1432] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.114909][T20926] veth0: entered promiscuous mode [ 445.120171][T20926] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6196'. [ 445.992524][T20959] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6213'. [ 445.995632][T20959] netlink: 'syz.3.6213': attribute type 3 has an invalid length. [ 445.998257][T20959] netlink: 'syz.3.6213': attribute type 2 has an invalid length. [ 446.001250][T20959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6213'. [ 447.009933][T20998] netlink: 88 bytes leftover after parsing attributes in process `syz.3.6228'. [ 447.233296][T20928] Set syz1 is full, maxelem 65536 reached [ 447.378728][T21033] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6242'. [ 447.382795][T21033] bridge0: Device is already in use. [ 447.387201][T21033] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6242'. [ 447.391492][T21033] bridge0: Device is already in use. [ 447.649956][T21061] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 447.662949][T21066] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6255'. [ 448.045288][T21101] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6273'. [ 448.156741][T21106] netlink: 'syz.9.6275': attribute type 1 has an invalid length. [ 448.170168][T21106] 8021q: adding VLAN 0 to HW filter on device bond1 [ 448.210882][T21106] bond1: (slave geneve2): making interface the new active one [ 448.214449][T21106] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 448.300637][T21112] netlink: 212328 bytes leftover after parsing attributes in process `syz.9.6277'. [ 448.305333][T21113] input: syz0 as /devices/virtual/input/input77 [ 448.308496][T21112] netlink: Unknown conntrack attr (type=2304, max=9) [ 449.080607][T21129] ip6gre1: entered promiscuous mode [ 449.082746][T21129] ip6gre1: entered allmulticast mode [ 449.495052][ T843] usb 9-1: new high-speed USB device number 45 using dummy_hcd [ 449.568517][T21159] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6297'. [ 449.655418][ T843] usb 9-1: Using ep0 maxpacket: 16 [ 449.660841][ T843] usb 9-1: config 0 has no interfaces? [ 449.663462][ T843] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 449.667149][ T843] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 449.670131][ T843] usb 9-1: Manufacturer: syz [ 449.673080][ T843] usb 9-1: config 0 descriptor?? [ 449.685259][ T9] usb 8-1: new high-speed USB device number 62 using dummy_hcd [ 449.845064][ T9] usb 8-1: Using ep0 maxpacket: 16 [ 449.850543][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 449.854853][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 449.859539][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 449.864865][ T9] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 449.870344][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.876011][ T9] usb 8-1: config 0 descriptor?? [ 450.057254][T21133] Set syz1 is full, maxelem 6117 reached [ 450.098964][ T857] usb 9-1: USB disconnect, device number 45 [ 450.296814][ T9] hid_parser_main: 5 callbacks suppressed [ 450.296830][ T9] microsoft 0003:045E:07DA.0038: unknown main item tag 0x0 [ 450.301345][ T9] microsoft 0003:045E:07DA.0038: ignoring exceeding usage max [ 450.313127][ T9] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:045E:07DA.0038/input/input78 [ 450.386297][ T9] microsoft 0003:045E:07DA.0038: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 450.503649][ T857] usb 8-1: USB disconnect, device number 62 [ 450.722864][T21185] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6306'. [ 450.728331][T21185] netlink: 'syz.4.6306': attribute type 6 has an invalid length. [ 450.744770][T21185] vxlan1: entered promiscuous mode [ 450.803500][T21191] fuse: Bad value for 'fd' [ 450.920294][T21197] fuse: fd is not a fuse device [ 451.035949][T21203] fuse: fd is not a fuse device [ 451.909183][T21254] netlink: 'syz.9.6337': attribute type 1 has an invalid length. [ 451.927223][T21254] bond2: entered promiscuous mode [ 451.931787][T21254] 8021q: adding VLAN 0 to HW filter on device bond2 [ 452.625386][ T857] usb 8-1: new full-speed USB device number 63 using dummy_hcd [ 452.787027][ T857] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 452.790272][ T857] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 452.794324][ T857] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 452.798165][ T857] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.009846][T21292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 453.015733][ T857] usb 8-1: usb_control_msg returned -32 [ 453.016212][T21292] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 453.018234][ T857] usbtmc 8-1:16.0: can't read capabilities [ 453.724648][T21334] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6370'. [ 454.385107][ T843] usb 9-1: new high-speed USB device number 46 using dummy_hcd [ 454.545165][ T843] usb 9-1: Using ep0 maxpacket: 8 [ 454.548777][ T843] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 454.552618][ T843] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 454.556619][ T843] usb 9-1: config 0 interface 0 has no altsetting 0 [ 454.559381][ T843] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 454.562603][ T843] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.567028][ T843] usb 9-1: config 0 descriptor?? [ 454.986802][ T843] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0 [ 454.989860][ T843] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0 [ 454.993051][ T843] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0 [ 454.996312][ T843] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0 [ 454.999733][ T843] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0 [ 455.002985][ T843] mcp2221 0003:04D8:00DD.0039: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 455.184393][ T3385] usb 9-1: USB disconnect, device number 46 [ 455.411620][ T3385] usb 8-1: USB disconnect, device number 63 [ 455.768849][T21398] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6396'. [ 456.107648][T21423] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6408'. [ 456.327850][T21431] 9pnet: p9_errstr2errno: server reported unknown error ÿÿÿ [ 456.376669][T21434] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.6413'. [ 456.419776][T21439] netlink: 9 bytes leftover after parsing attributes in process `syz.4.6415'. [ 456.425998][T21439] netlink: 9 bytes leftover after parsing attributes in process `syz.4.6415'. [ 457.437546][T21489] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6436'. [ 457.442843][T21489] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6436'. [ 457.459548][T21491] A link change request failed with some changes committed already. Interface gre2 may have been left with an inconsistent configuration, please check. [ 457.571046][ T40] audit: type=1326 audit(1778485451.465:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.578771][ T40] audit: type=1326 audit(1778485451.465:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.586816][ T40] audit: type=1326 audit(1778485451.465:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.594237][ T40] audit: type=1326 audit(1778485451.465:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.603681][ T40] audit: type=1326 audit(1778485451.465:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.621952][ T40] audit: type=1326 audit(1778485451.465:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.630242][ T40] audit: type=1326 audit(1778485451.475:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=61 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.638676][ T40] audit: type=1326 audit(1778485451.475:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.645957][ T40] audit: type=1326 audit(1778485451.475:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 457.653628][ T40] audit: type=1326 audit(1778485451.475:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21497 comm="syz.8.6440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 459.559990][T16857] Bluetooth: hci4: sending frame failed (-49) [ 459.565252][T16829] Bluetooth: hci4: Entering manufacturer mode failed (-49) [ 459.786066][T21590] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.6477'. [ 462.148430][T21655] 9pnet: p9_errstr2errno: server reported unknown error ./file0 [ 462.536001][T21676] overlayfs: failed to verify upper (1201/file1, ino=6319, err=-116) [ 462.540244][T21676] overlayfs: failed to verify index dir 'upper' xattr [ 462.542580][T21676] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 462.872427][T21688] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.6519'. [ 462.879454][T21688] netlink: Unknown conntrack attr (0) [ 463.252437][T21701] netlink: 164 bytes leftover after parsing attributes in process `syz.8.6523'. [ 463.274616][T21701] netlink: 36 bytes leftover after parsing attributes in process `syz.8.6523'. [ 463.668027][T21717] overlayfs: failed to verify upper (141/file1, ino=777, err=-116) [ 463.671469][T21717] overlayfs: failed to verify index dir 'upper' xattr [ 463.673792][T21717] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 463.730075][T21720] input: syz0 as /devices/virtual/input/input79 [ 463.918866][T21731] fuse: fd is not a fuse device [ 464.069641][T21741] netlink: 'syz.9.6542': attribute type 4 has an invalid length. [ 464.100600][T21744] kvm: user requested TSC rate below hardware speed [ 466.905105][ T24] usb 14-1: new high-speed USB device number 4 using dummy_hcd [ 467.055068][ T24] usb 14-1: Using ep0 maxpacket: 32 [ 467.065246][ T24] usb 14-1: config 0 has no interfaces? [ 467.072560][ T24] usb 14-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 467.077424][ T24] usb 14-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 467.080838][ T24] usb 14-1: Product: syz [ 467.082620][ T24] usb 14-1: Manufacturer: syz [ 467.084584][ T24] usb 14-1: SerialNumber: syz [ 467.089773][ T24] usb 14-1: config 0 descriptor?? [ 467.123910][T21860] overlayfs: failed to clone upperpath [ 467.300425][ T24] usb 14-1: USB disconnect, device number 4 [ 467.605135][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 467.605148][ T40] audit: type=1326 audit(1778485461.495:3081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21898 comm="syz.3.6607" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7fcc code=0x0 [ 467.883607][T21911] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6612'. [ 467.887767][T21911] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6612'. [ 468.000748][T21922] fuse: Bad value for 'fd' [ 468.086241][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 468.646152][ T1340] usb 14-1: new high-speed USB device number 5 using dummy_hcd [ 468.796613][ T1340] usb 14-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 468.800011][ T1340] usb 14-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 468.802928][ T1340] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 468.805994][ T1340] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.809999][ T1340] usb 14-1: config 0 descriptor?? [ 468.925991][ T857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 469.607300][T21963] netlink: 52 bytes leftover after parsing attributes in process `syz.8.6633'. [ 469.633608][T21963] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6633'. [ 469.757324][T21972] loop2: detected capacity change from 0 to 7 [ 469.767906][T21972] loop2: [CUMANA/ADFS] p1 [ADFS] p1 [ 469.770226][T21972] loop2: partition table partially beyond EOD, truncated [ 469.773701][T21972] loop2: p1 size 1898597519 extends beyond EOD, truncated [ 469.807832][T13904] udevd[13904]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 470.037478][T21986] overlayfs: failed to clone lowerpath [ 470.048717][T21986] overlayfs: failed to clone upperpath [ 470.155555][T21995] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6647'. [ 470.162840][T21995] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6647'. [ 470.267738][T22000] netlink: 'syz.4.6649': attribute type 1 has an invalid length. [ 470.314103][T22000] 8021q: adding VLAN 0 to HW filter on device bond0 [ 470.349362][T22000] bond0: (slave geneve2): making interface the new active one [ 470.355699][T22000] bond0: (slave geneve2): Enslaving as an active interface with an up link [ 470.446949][T22015] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6654'. [ 470.490826][T22017] overlayfs: failed to clone upperpath [ 471.047713][T22052] syzkaller1: entered promiscuous mode [ 471.050131][T22052] syzkaller1: entered allmulticast mode [ 471.630988][T22087] overlayfs: failed to clone upperpath [ 471.696832][T22094] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6693'. [ 471.795268][ T24] usb 8-1: new high-speed USB device number 64 using dummy_hcd [ 471.965109][ T24] usb 8-1: Using ep0 maxpacket: 32 [ 471.969353][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 471.973017][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 471.983841][ T24] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 471.991379][ T24] usb 8-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 471.994437][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.001059][ T24] usb 8-1: config 0 descriptor?? [ 472.429504][ T24] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5011.003A/input/input80 [ 472.501780][ T24] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5011.003A/input/input81 [ 472.548844][ T24] kye 0003:0458:5011.003A: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.3-1/input0 [ 472.626911][ T24] usb 8-1: USB disconnect, device number 64 [ 473.169757][ T40] audit: type=1326 audit(1778485467.065:3082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22134 comm="syz.4.6720" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 473.550868][ T24] libceph: connect (1)[c::]:6789 error -101 [ 473.553725][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 473.595020][ T843] libceph: connect (1)[c::]:6789 error -101 [ 473.597231][ T843] libceph: mon0 (1)[c::]:6789 connect error [ 473.599594][ T843] libceph: connect (1)[c::]:6789 error -101 [ 473.601645][ T843] libceph: mon0 (1)[c::]:6789 connect error [ 473.817413][ T24] libceph: connect (1)[c::]:6789 error -101 [ 473.819708][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 473.865558][ T843] libceph: connect (1)[c::]:6789 error -101 [ 473.875171][ T843] libceph: mon0 (1)[c::]:6789 connect error [ 474.079942][T22170] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6724'. [ 474.101950][T22170] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6724'. [ 474.326263][ T24] libceph: connect (1)[c::]:6789 error -101 [ 474.328552][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 474.363930][T22162] ceph: No mds server is up or the cluster is laggy [ 474.365503][T22159] ceph: No mds server is up or the cluster is laggy [ 474.393534][ T843] libceph: connect (1)[c::]:6789 error -101 [ 474.396155][ T843] libceph: mon0 (1)[c::]:6789 connect error [ 474.529615][ T40] audit: type=1326 audit(1778485468.425:3083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22177 comm="syz.9.6729" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708efcc code=0x0 [ 474.756330][T22203] veth1: entered allmulticast mode [ 475.370877][T22224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 475.374119][T22224] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 475.521219][T22228] netlink: 'syz.3.6749': attribute type 1 has an invalid length. [ 475.524659][T22228] netlink: 'syz.3.6749': attribute type 2 has an invalid length. [ 475.528625][T22228] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6749'. [ 475.592948][T22233] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 475.606340][T22233] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 475.634162][T22233] overlayfs: d_ino too big (., ino=4611686018427387905, xinobits=3) [ 475.637413][T22233] overlayfs: d_ino too big (.., ino=4611686018427387905, xinobits=3) [ 475.640601][T22233] overlayfs: d_ino too big (1737, ino=9223372036854784846, xinobits=3) [ 475.648116][T22233] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=3) [ 475.652216][T22233] overlayfs: d_ino too big (syz-inputs, ino=9223372036854775815, xinobits=3) [ 475.656687][T22233] overlayfs: d_ino too big (sys, ino=9223372036854775814, xinobits=3) [ 475.659843][T22233] overlayfs: d_ino too big (selinux, ino=9223372036854775813, xinobits=3) [ 475.662866][T22233] overlayfs: d_ino too big (proc, ino=9223372036854775812, xinobits=3) [ 475.667265][T22233] overlayfs: d_ino too big (dev, ino=9223372036854775811, xinobits=3) [ 475.671087][T22233] overlayfs: d_ino too big (instances, ino=4611686018427388095, xinobits=3) [ 475.969463][T22247] sit1: entered allmulticast mode [ 476.159047][T22256] netlink: 212348 bytes leftover after parsing attributes in process `syz.9.6760'. [ 476.365441][ T9] usb 8-1: new low-speed USB device number 65 using dummy_hcd [ 476.517453][ T9] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 476.520693][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 476.525535][ T9] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 476.530452][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 476.534873][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 476.545752][ T9] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 476.548896][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 476.552420][ T9] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 476.558480][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 476.562029][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 476.566608][ T9] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 476.569220][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 476.572733][ T9] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 476.577374][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 476.581028][ T9] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 476.586890][ T9] usb 8-1: string descriptor 0 read error: -22 [ 476.588945][ T9] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 476.592679][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 476.603483][ T9] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 476.771892][T22270] netlink: 52 bytes leftover after parsing attributes in process `syz.9.6765'. [ 476.793357][T22270] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6765'. [ 476.896597][T22272] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 476.906950][T22272] bond1: (slave lo): Enslaving as an active interface with an up link [ 476.914214][ T24] usb 8-1: USB disconnect, device number 65 [ 476.916051][T22272] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 477.068811][T22285] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6771'. [ 477.728187][T22319] fuse: fd is not a fuse device [ 478.233099][T22335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 478.250129][T22335] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 479.336620][ T40] audit: type=1326 audit(1778485473.235:3084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22381 comm="syz.4.6812" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 479.867068][T22432] input: syz1 as /devices/virtual/input/input82 [ 479.904153][T13904] udevd[13904]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 480.270842][T22455] overlayfs: failed to clone lowerpath [ 480.674319][T22470] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 480.686517][T22470] bond2: (slave lo): Enslaving as an active interface with an up link [ 480.693937][T22470] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 481.097983][T22501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 481.103352][T22501] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 481.136882][T22504] fuse: fd is not a fuse device [ 481.176297][ T40] audit: type=1326 audit(1778485475.075:3085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22503 comm="syz.4.6870" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 481.639923][T22510] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6864'. [ 481.646048][T22510] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6864'. [ 481.651889][T22510] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6864'. [ 481.677029][T22512] bond3: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 481.688049][T22512] bond3: (slave lo): Enslaving as an active interface with an up link [ 481.694728][T22512] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 481.793995][T22519] fuse: fd is not a fuse device [ 482.085108][ T24] usb 8-1: new high-speed USB device number 66 using dummy_hcd [ 482.235059][ T24] usb 8-1: Using ep0 maxpacket: 32 [ 482.239361][ T24] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 482.246360][ T24] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 482.249520][ T24] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 482.252257][ T24] usb 8-1: Product: syz [ 482.253707][ T24] usb 8-1: Manufacturer: syz [ 482.255438][ T24] usb 8-1: SerialNumber: syz [ 482.258531][ T24] usb 8-1: config 0 descriptor?? [ 482.261524][T22523] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 482.530362][ T5817] usb 8-1: USB disconnect, device number 66 [ 483.089718][T22536] bond1: (slave 26±ÿÿÿÿa–ïD): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 483.097044][T22536] bond1: (slave 26±ÿÿÿÿa–ïD): Enslaving as an active interface with an up link [ 483.100163][T22536] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 483.377664][T22563] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6888'. [ 483.531879][T22570] netlink: 'syz.3.6889': attribute type 3 has an invalid length. [ 483.629194][T22581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 483.638879][T22581] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 484.285106][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 484.428489][T22620] fuse: fd is not a fuse device [ 484.511542][T22624] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6913'. [ 484.539602][T22624] hsr_slave_1 (unregistering): left promiscuous mode [ 484.671148][T22630] block nbd9: shutting down sockets [ 484.844504][T22646] netlink: 212328 bytes leftover after parsing attributes in process `syz.9.6923'. [ 484.854674][T22646] netlink: Conntrack attr has 4 unknown bytes [ 485.362046][ T183] tipc: Subscription rejected, illegal request [ 485.431416][T22684] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6940'. [ 485.583614][ T40] audit: type=1326 audit(1778485991.477:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22694 comm="syz.4.6945" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 485.825303][ T5826] usb 8-1: new high-speed USB device number 67 using dummy_hcd [ 485.997224][ T5826] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 486.005247][ T5826] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 486.015378][ T5826] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 486.019566][ T5826] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 486.022536][ T5826] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.028444][ T5826] usb 8-1: config 0 descriptor?? [ 486.602901][T22715] netlink: 'syz.8.6954': attribute type 4 has an invalid length. [ 486.615744][T22715] netlink: 'syz.8.6954': attribute type 4 has an invalid length. [ 486.651083][ T5826] plantronics 0003:047F:FFFF.003B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 487.088498][T22721] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 487.094680][T22721] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 487.253038][ T5826] usb 8-1: USB disconnect, device number 67 [ 487.324894][T22719] fido_id[22719]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb8/report_descriptor': No such file or directory [ 487.440679][T22734] netlink: 212344 bytes leftover after parsing attributes in process `syz.8.6961'. [ 488.003599][T22680] syz.3.6932 (22680) used greatest stack depth: 19520 bytes left [ 488.940962][T22772] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.6977'. [ 489.004900][T22776] netlink: 'syz.3.6979': attribute type 4 has an invalid length. [ 489.018614][T22776] netlink: 'syz.3.6979': attribute type 4 has an invalid length. [ 489.330767][T22797] macvlan2: entered promiscuous mode [ 489.332985][T22797] dummy0: entered promiscuous mode [ 489.337127][T22797] macvlan2: entered allmulticast mode [ 489.340738][T22797] dummy0: entered allmulticast mode [ 489.378409][T22803] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6990'. [ 489.473045][T22813] hsr0: entered promiscuous mode [ 489.676823][T22829] macvlan2: entered promiscuous mode [ 489.679212][T22829] dummy0: entered promiscuous mode [ 489.681473][T22829] macvlan2: entered allmulticast mode [ 489.683510][T22829] dummy0: entered allmulticast mode [ 489.764477][T22840] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 490.351680][T22867] overlayfs: failed to clone upperpath [ 490.473425][T22873] netlink: 60 bytes leftover after parsing attributes in process `syz.8.7022'. [ 491.159915][T22903] macvlan4: entered promiscuous mode [ 491.161686][T22903] dummy0: entered promiscuous mode [ 491.163668][T22903] macvlan4: entered allmulticast mode [ 491.165640][T22903] dummy0: entered allmulticast mode [ 491.232503][ T40] audit: type=1326 audit(1778485997.127:3087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22906 comm="syz.8.7037" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0 [ 491.767768][T22938] netlink: 'syz.4.7050': attribute type 1 has an invalid length. [ 491.770921][T22938] netlink: 'syz.4.7050': attribute type 4 has an invalid length. [ 491.774096][T22938] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.7050'. [ 493.010286][ T9] hid-generic 0005:0005:5508.003C: item fetching failed at offset 0/1 [ 493.016973][ T9] hid-generic 0005:0005:5508.003C: probe with driver hid-generic failed with error -22 [ 493.104050][T23002] 9pnet: p9_errstr2errno: server reported unknown error 0x0000 [ 493.263125][T23008] overlayfs: failed to clone upperpath [ 493.594110][T23016] overlayfs: failed to clone upperpath [ 493.644525][T23019] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7081'. [ 493.661312][T23019] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7081'. [ 493.668280][T23019] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7081'. [ 494.642384][T23081] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7110'. [ 495.433386][T23139] overlayfs: failed to clone upperpath [ 495.534056][T23147] netlink: 'syz.4.7140': attribute type 3 has an invalid length. [ 495.641765][T23156] netlink: 84 bytes leftover after parsing attributes in process `syz.3.7144'. [ 495.708320][T23160] ip6tnl1: entered allmulticast mode [ 495.960478][T23169] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 497.294545][T23250] team0: Port device syz_tun added [ 497.588569][T23265] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7178'. [ 497.624887][T23267] netlink: 'syz.4.7180': attribute type 1 has an invalid length. [ 497.699937][T23267] 8021q: adding VLAN 0 to HW filter on device bond3 [ 497.703144][T23267] bond2: (slave bond3): making interface the new active one [ 497.706302][T23267] bond2: (slave bond3): Enslaving as an active interface with an up link [ 498.810049][T23312] IPv6: sit3: Disabled Multicast RS [ 499.696877][ T58] libceph: connect (1)[c::]:6789 error -101 [ 499.699599][ T58] libceph: mon0 (1)[c::]:6789 connect error [ 499.747469][T23346] ceph: No mds server is up or the cluster is laggy [ 499.813231][T23354] kernel read not supported for file /file0 (pid: 23354 comm: syz.3.7217) [ 499.816802][ T40] audit: type=1800 audit(1778486005.707:3088): pid=23354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.7217" name="file0" dev="mqueue" ino=107973 res=0 errno=0 [ 500.516623][T23397] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7236'. [ 500.521264][T23397] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7236'. [ 500.812792][T23459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 500.821111][T23459] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 501.731751][ T40] audit: type=1800 audit(1778486007.627:3089): pid=23499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.7256" name="nullb0" dev="tmpfs" ino=7459 res=0 errno=0 [ 501.788485][T23503] overlayfs: failed to clone upperpath [ 501.851860][T23505] syz.4.7259: vmalloc error: size 2147479872, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 501.857063][T23505] CPU: 3 UID: 0 PID: 23505 Comm: syz.4.7259 Tainted: G L syzkaller #0 PREEMPT(full) [ 501.857082][T23505] Tainted: [L]=SOFTLOCKUP [ 501.857087][T23505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 501.857094][T23505] Call Trace: [ 501.857099][T23505] [ 501.857104][T23505] dump_stack_lvl+0x100/0x190 [ 501.857134][T23505] warn_alloc.cold+0x95/0x1c1 [ 501.857147][T23505] ? __pfx_warn_alloc+0x10/0x10 [ 501.857171][T23505] ? __lock_acquire+0x4a5/0x2630 [ 501.857183][T23505] ? __lock_acquire+0x4a5/0x2630 [ 501.857198][T23505] __vmalloc_node_range_noprof+0x136c/0x1630 [ 501.857214][T23505] ? reacquire_held_locks+0xce/0x1e0 [ 501.857225][T23505] ? release_sock+0x21/0x280 [ 501.857242][T23505] ? do_raw_spin_lock+0x128/0x260 [ 501.857257][T23505] ? netlink_alloc_large_skb+0x9b/0x150 [ 501.857275][T23505] ? alloc_pages_mpol+0x25a/0x540 [ 501.857292][T23505] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 501.857312][T23505] ? rcu_is_watching+0x12/0xc0 [ 501.857329][T23505] __kvmalloc_node_noprof+0x3de/0xa00 [ 501.857341][T23505] ? netlink_alloc_large_skb+0x9b/0x150 [ 501.857357][T23505] ? netlink_alloc_large_skb+0x9b/0x150 [ 501.857376][T23505] netlink_alloc_large_skb+0x9b/0x150 [ 501.857392][T23505] netlink_sendmsg+0x680/0xda0 [ 501.857410][T23505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 501.857428][T23505] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 501.857453][T23505] sock_write_iter+0x524/0x5a0 [ 501.857501][T23505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 501.857518][T23505] ? __pfx_sock_write_iter+0x10/0x10 [ 501.857540][T23505] ? bpf_lsm_file_permission+0x9/0x10 [ 501.857552][T23505] ? security_file_permission+0x76/0x210 [ 501.857566][T23505] ? rw_verify_area+0xce/0x6d0 [ 501.857580][T23505] vfs_write+0x6ac/0x1070 [ 501.857594][T23505] ? __pfx_sock_write_iter+0x10/0x10 [ 501.857612][T23505] ? __pfx_vfs_write+0x10/0x10 [ 501.857623][T23505] ? find_held_lock+0x2b/0x80 [ 501.857646][T23505] ksys_write+0x1f8/0x250 [ 501.857658][T23505] ? __pfx_ksys_write+0x10/0x10 [ 501.857671][T23505] ? rcu_is_watching+0x12/0xc0 [ 501.857689][T23505] __do_fast_syscall_32+0xe7/0x950 [ 501.857715][T23505] do_fast_syscall_32+0x32/0x70 [ 501.857734][T23505] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 501.857749][T23505] RIP: 0023:0xf70aefcc [ 501.857760][T23505] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 501.857772][T23505] RSP: 002b:00000000f489750c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 501.857782][T23505] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280 [ 501.857790][T23505] RDX: 00000000ffffff03 RSI: 0000000000000000 RDI: 0000000000000000 [ 501.857796][T23505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 501.857802][T23505] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 501.857809][T23505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 501.857822][T23505] [ 501.857827][T23505] Mem-Info: [ 501.958550][T23505] active_anon:23626 inactive_anon:4195 isolated_anon:0 [ 501.958550][T23505] active_file:5110 inactive_file:19054 isolated_file:0 [ 501.958550][T23505] unevictable:1768 dirty:380 writeback:0 [ 501.958550][T23505] slab_reclaimable:7107 slab_unreclaimable:74195 [ 501.958550][T23505] mapped:35243 shmem:24507 pagetables:2194 [ 501.958550][T23505] sec_pagetables:315 bounce:0 [ 501.958550][T23505] kernel_misc_reclaimable:0 [ 501.958550][T23505] free:32603 free_pcp:6786 free_cma:0 [ 501.975508][T23505] Node 0 active_anon:3432kB inactive_anon:152kB active_file:16kB inactive_file:120kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:6960kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8620kB pagetables:1236kB sec_pagetables:1116kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 501.987899][T23505] Node 1 active_anon:90912kB inactive_anon:16628kB active_file:20424kB inactive_file:76096kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:140868kB dirty:1564kB writeback:0kB shmem:91152kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB kernel_stack:10084kB pagetables:7520kB sec_pagetables:144kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 502.000516][T23505] Node 0 DMA free:3424kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 502.012237][T23505] lowmem_reserve[]: 0 285 285 285 285 [ 502.014270][T23505] Node 0 DMA32 free:17892kB boost:2048kB min:15136kB low:18408kB high:21680kB reserved_highatomic:2048KB free_highatomic:396KB active_anon:3432kB inactive_anon:148kB active_file:16kB inactive_file:120kB unevictable:3536kB writepending:0kB zspages:1468kB present:1032196kB managed:292572kB mlocked:0kB bounce:0kB free_pcp:2048kB local_pcp:1980kB free_cma:0kB [ 502.025127][T23505] lowmem_reserve[]: 0 0 0 0 0 [ 502.026702][T23505] Node 1 DMA32 free:121500kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:76012kB inactive_anon:16628kB active_file:20424kB inactive_file:76096kB unevictable:3536kB writepending:1564kB zspages:4820kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:27560kB local_pcp:7992kB free_cma:0kB [ 502.037562][T23505] lowmem_reserve[]: 0 0 0 0 0 [ 502.039276][T23505] Node 0 DMA: 108*4kB (U) 46*8kB (U) 42*16kB (U) 27*32kB (U) 5*64kB (U) 2*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 3424kB [ 502.043858][T23505] Node 0 DMA32: 505*4kB (UMEH) 198*8kB (UEH) 59*16kB (UE) 95*32kB (UEH) 39*64kB (UMEH) 17*128kB (UME) 10*256kB (UM) 4*512kB (M) 1*1024kB (U) 0*2048kB 0*4096kB = 17892kB [ 502.051338][T23505] Node 1 DMA32: 320*4kB (M) 2896*8kB (UM) 3545*16kB (UME) 257*32kB (UME) 200*64kB (UME) 72*128kB (UME) 25*256kB (UME) 11*512kB (UM) 2*1024kB (M) 2*2048kB (M) 0*4096kB = 129584kB [ 502.057401][T23505] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 502.060708][T23505] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 502.063630][T23505] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 502.066848][T23505] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 502.069687][T23505] 41970 total pagecache pages [ 502.071159][T23505] 1087 pages in swap cache [ 502.072570][T23505] Free swap = 70692kB [ 502.074283][T23505] Total swap = 124996kB [ 502.076214][T23505] 524155 pages RAM [ 502.077536][T23505] 0 pages HighMem/MovableOnly [ 502.079092][T23505] 210119 pages reserved [ 502.080464][T23505] 0 pages cma reserved [ 502.143765][T23509] fuse: fd is not a fuse device [ 502.177485][T23513] batadv_slave_1: entered promiscuous mode [ 502.180416][T23512] batadv_slave_1: left promiscuous mode [ 502.225882][T23518] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7261'. [ 502.315985][T23525] fuse: fd is not a fuse device [ 502.357258][T23527] netlink: 32 bytes leftover after parsing attributes in process `syz.8.7269'. [ 502.410525][T23529] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.7270'. [ 503.681641][T23566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7286'. [ 503.704715][T23566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7286'. [ 503.983413][T23580] "syz.9.7292" (23580) uses obsolete ecb(arc4) skcipher [ 504.415672][T23594] dvmrp1: entered allmulticast mode [ 504.419367][T23594] netlink: 'syz.8.7297': attribute type 39 has an invalid length. [ 504.551031][T23610] netlink: 20 bytes leftover after parsing attributes in process `syz.9.7303'. [ 505.371764][T23665] fuse: fd is not a fuse device [ 506.049064][ T1432] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.945123][ T843] usb 8-1: new high-speed USB device number 68 using dummy_hcd [ 507.095128][ T843] usb 8-1: Using ep0 maxpacket: 8 [ 507.099373][ T843] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 507.103174][ T843] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 507.107245][ T843] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 507.110882][ T843] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 507.116269][ T843] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 507.120321][ T843] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 507.328582][ T843] usb 8-1: GET_CAPABILITIES returned 0 [ 507.330800][ T843] usbtmc 8-1:16.0: can't read capabilities [ 507.530208][ T3385] usb 8-1: USB disconnect, device number 68 [ 507.953091][T23692] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7331'. [ 508.099087][ T40] audit: type=1326 audit(1778486013.997:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 508.108616][ T40] audit: type=1326 audit(1778486013.997:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 508.117824][ T40] audit: type=1326 audit(1778486013.997:3092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70aeff7 code=0x7ffc0000 [ 508.124622][ T40] audit: type=1326 audit(1778486013.997:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70aeff7 code=0x7ffc0000 [ 508.132766][ T40] audit: type=1326 audit(1778486013.997:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 508.140134][ T40] audit: type=1326 audit(1778486013.997:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70aeff7 code=0x7ffc0000 [ 508.148485][ T40] audit: type=1326 audit(1778486013.997:3096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 508.157185][ T40] audit: type=1326 audit(1778486013.997:3097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 508.165644][ T40] audit: type=1326 audit(1778486013.997:3099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70aeff7 code=0x7ffc0000 [ 508.173843][ T40] audit: type=1326 audit(1778486013.997:3098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23703 comm="syz.4.7335" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70aeff7 code=0x7ffc0000 [ 508.541312][T23726] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7346'. [ 510.490371][T23815] 9p: Bad value for 'wfdno' [ 510.596871][T23812] dvmrp1: entered allmulticast mode [ 510.603985][T23812] netlink: 'syz.3.7377': attribute type 39 has an invalid length. [ 511.489212][T23840] netlink: 'syz.9.7388': attribute type 8 has an invalid length. [ 511.492170][T23840] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7388'. [ 511.498767][T23840] bond0: entered promiscuous mode [ 511.500469][T23840] bond_slave_0: entered promiscuous mode [ 511.502410][T23840] bond_slave_1: entered promiscuous mode [ 511.506406][T23840] gretap0: entered promiscuous mode [ 511.509253][T23840] debugfs: 'hsr1' already exists in 'hsr' [ 511.511305][T23840] Cannot create hsr debugfs directory [ 511.513024][T23840] hsr1: entered promiscuous mode [ 511.532063][T23840] netlink: 'syz.9.7388': attribute type 8 has an invalid length. [ 511.535448][T23840] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7388'. [ 512.579224][T23884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 512.586688][T23884] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 512.619153][T23886] overlayfs: failed to clone lowerpath [ 513.184067][T23897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 513.199131][T23897] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 513.217293][T23897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 513.225420][T23897] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 514.753153][T23917] dvmrp0: left allmulticast mode [ 517.119365][T24000] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 517.203144][T24012] netlink: 'syz.8.7451': attribute type 1 has an invalid length. [ 517.221502][T24012] 8021q: adding VLAN 0 to HW filter on device bond3 [ 519.373693][ T40] kauditd_printk_skb: 3230 callbacks suppressed [ 519.373707][ T40] audit: type=1326 audit(1778486025.267:6330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24085 comm="syz.4.7466" exe="/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf70aefcc code=0x0 [ 519.459343][T24088] loop2: detected capacity change from 0 to 7 [ 519.467083][T24088] Dev loop2: unable to read RDB block 7 [ 519.470130][T24088] loop2: unable to read partition table [ 519.472218][T24088] loop2: partition table beyond EOD, truncated [ 519.474572][T24088] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 519.696010][T24096] tipc: Started in network mode [ 519.697510][T24096] tipc: Node identity 7f000001, cluster identity 4711 [ 519.700022][T24096] tipc: Enabling of bearer rejected, failed to enable media [ 519.714719][T24096] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 519.717814][T24096] tipc: Enabled bearer , priority 10 [ 519.951947][T24108] netlink: 'syz.8.7476': attribute type 1 has an invalid length. [ 519.974668][T24108] 8021q: adding VLAN 0 to HW filter on device bond4 [ 520.012400][T24108] bond4: (slave gretap1): making interface the new active one [ 520.019588][T24108] bond4: (slave gretap1): Enslaving as an active interface with an up link [ 520.213921][ C3] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 520.296663][T24123] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7485'. [ 520.725310][ T58] tipc: Node number set to 2130706433 [ 520.887619][T24133] netlink: 'syz.3.7488': attribute type 1 has an invalid length. [ 520.904662][T24133] 8021q: adding VLAN 0 to HW filter on device bond2 [ 520.915616][T24136] tipc: Started in network mode [ 520.917764][T24136] tipc: Node identity 7f000001, cluster identity 4711 [ 520.921129][T24136] tipc: Enabling of bearer rejected, failed to enable media [ 520.940288][T24133] bond2: (slave gretap2): making interface the new active one [ 520.949681][T24133] bond2: (slave gretap2): Enslaving as an active interface with an up link [ 520.953901][T24136] tipc: Enabling of bearer rejected, failed to enable media [ 521.163896][T24146] overlayfs: failed to clone upperpath [ 521.257642][ T40] audit: type=1326 audit(1778486027.157:6331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24147 comm="syz.8.7492" exe="/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf709efcc code=0x0 [ 521.839984][ T58] libceph: connect (1)[c::]:6789 error -101 [ 521.843249][ T58] libceph: mon0 (1)[c::]:6789 connect error [ 521.934570][T24172] netlink: 'syz.9.7501': attribute type 1 has an invalid length. [ 521.937497][T24167] ceph: No mds server is up or the cluster is laggy [ 521.984382][T24172] 8021q: adding VLAN 0 to HW filter on device bond4 [ 522.008574][T24175] bond4: (slave gretap1): making interface the new active one [ 522.012406][T24175] bond4: (slave gretap1): Enslaving as an active interface with an up link [ 522.623930][T24197] netlink: 'syz.4.7510': attribute type 11 has an invalid length. [ 522.626699][T24197] netlink: 56 bytes leftover after parsing attributes in process `syz.4.7510'. [ 522.631194][T24197] netlink: 'syz.4.7510': attribute type 11 has an invalid length. [ 522.634722][T24197] netlink: 56 bytes leftover after parsing attributes in process `syz.4.7510'. [ 522.680263][T24203] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 522.751188][T24204] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 523.069695][ T40] audit: type=1326 audit(1778486028.927:6332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24206 comm="syz.9.7512" exe="/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf708efcc code=0x0 [ 524.064329][T24211] netlink: 'syz.4.7513': attribute type 1 has an invalid length. [ 524.080477][T24211] 8021q: adding VLAN 0 to HW filter on device bond4 [ 524.116331][T24211] bond4: (slave gretap0): making interface the new active one [ 524.124778][T24211] bond4: (slave gretap0): Enslaving as an active interface with an up link [ 524.237554][T24226] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7527'. [ 524.577235][T24247] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7525'. [ 524.957963][ T843] usb 8-1: new high-speed USB device number 69 using dummy_hcd [ 525.119545][ T843] usb 8-1: config index 0 descriptor too short (expected 1572, got 36) [ 525.125095][ T843] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 525.135344][ T843] usb 8-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40 [ 525.139236][ T843] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.142793][ T843] usb 8-1: Product: syz [ 525.144598][ T843] usb 8-1: Manufacturer: syz [ 525.147480][ T843] usb 8-1: SerialNumber: syz [ 525.158975][ T843] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input84 [ 525.234757][T24268] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7536'. [ 525.294677][T24271] fuse: fd is not a fuse device [ 525.363844][ T843] bcm5974 8-1:1.0: could not read from device [ 525.366374][T24273] overlayfs: failed to clone upperpath [ 525.400828][ T843] input: failed to attach handler mousedev to device input84, error: -5 [ 525.431605][ T5134] bcm5974 8-1:1.0: could not read from device [ 525.438572][ T843] usb 8-1: USB disconnect, device number 69 [ 525.468664][T24276] overlayfs: failed to clone upperpath [ 525.640869][T24292] netlink: 'syz.8.7546': attribute type 1 has an invalid length. [ 525.670985][T24292] 8021q: adding VLAN 0 to HW filter on device bond5 [ 525.690847][T24292] erspan0: entered allmulticast mode [ 525.713796][T24292] bond5: (slave erspan0): making interface the new active one [ 525.718800][T24292] bond5: (slave erspan0): Enslaving as an active interface with an up link [ 525.723902][T24297] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7548'. [ 525.880047][T24303] overlayfs: failed to clone upperpath [ 525.888494][T24303] overlayfs: failed to clone lowerpath [ 526.771613][T24350] netlink: 88 bytes leftover after parsing attributes in process `syz.8.7567'. [ 527.169387][T24361] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input85 [ 527.259363][T24361] IPv6: sit4: Disabled Multicast RS [ 527.268419][T24361] sit4: entered allmulticast mode [ 528.205521][ T3385] usb 8-1: new high-speed USB device number 70 using dummy_hcd [ 528.375111][ T3385] usb 8-1: Using ep0 maxpacket: 8 [ 528.378793][ T3385] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 528.383594][ T3385] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 528.391316][ T3385] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 111, changing to 10 [ 528.401244][ T3385] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26476, setting to 1024 [ 528.404286][T24383] netlink: 'syz.9.7581': attribute type 1 has an invalid length. [ 528.411111][ T3385] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 528.414801][ T3385] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 528.421505][T24373] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 528.430906][ T3385] hub 8-1:1.0: bad descriptor, ignoring hub [ 528.434827][ T3385] hub 8-1:1.0: probe with driver hub failed with error -5 [ 528.439938][T24383] 8021q: adding VLAN 0 to HW filter on device bond5 [ 528.444334][ T3385] cdc_wdm 8-1:1.0: skipping garbage [ 528.452862][ T3385] cdc_wdm 8-1:1.0: skipping garbage [ 528.460124][ T3385] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 528.471451][ T3385] cdc_wdm 8-1:1.0: Unknown control protocol [ 528.499487][T24383] erspan0: entered allmulticast mode [ 528.509323][T24331] syz.4.7562 (24331) used greatest stack depth: 19472 bytes left [ 528.512826][T24383] bond5: (slave erspan0): making interface the new active one [ 528.516999][T24383] bond5: (slave erspan0): Enslaving as an active interface with an up link [ 528.745269][ T3385] usb 8-1: USB disconnect, device number 70 [ 529.089028][T24417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7594'. [ 529.507203][T24439] fuse: fd is not a fuse device [ 529.547308][T24438] kvm: Disabled LAPIC found during irq injection [ 530.152499][T24454] netlink: 'syz.3.7609': attribute type 1 has an invalid length. [ 530.173714][T24454] 8021q: adding VLAN 0 to HW filter on device bond3 [ 530.190769][T24454] erspan0: entered allmulticast mode [ 530.198098][T24454] bond3: (slave erspan0): making interface the new active one [ 530.202320][T24454] bond3: (slave erspan0): Enslaving as an active interface with an up link [ 531.009175][T24482] netlink: 208240 bytes leftover after parsing attributes in process `syz.9.7614'. [ 531.147515][T24494] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7622'. [ 531.251619][T24498] netlink: 212344 bytes leftover after parsing attributes in process `syz.9.7624'. [ 531.403957][T24506] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 531.408608][T24506] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 532.243695][T24533] bridge1: entered promiscuous mode [ 532.245825][T24533] bridge1: entered allmulticast mode [ 532.719092][ T40] audit: type=1804 audit(1778486038.617:6333): pid=24541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.7639" name="/newroot/1940/file0" dev="tmpfs" ino=10101 res=1 errno=0 [ 533.592297][T24575] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7651'. [ 534.596884][T24620] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 534.713722][T24624] all: renamed from bridge_slave_0 (while UP) [ 536.171859][T24661] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7689'. [ 536.372937][T24674] gtp3: entered promiscuous mode [ 536.396467][T24674] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7694'. [ 536.476859][T24678] fuse: fd is not a fuse device [ 537.149002][T24701] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7702'. [ 537.229897][T24705] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7702'. [ 537.245273][T24705] nbd: nbd64 already in use [ 537.615643][T24650] syz.3.7685 (24650) used greatest stack depth: 19160 bytes left [ 537.643737][T24725] netlink: 'syz.9.7711': attribute type 1 has an invalid length. [ 537.662308][T24725] bond6: entered promiscuous mode [ 537.664897][T24725] 8021q: adding VLAN 0 to HW filter on device bond6 [ 537.701005][T24725] 8021q: adding VLAN 0 to HW filter on device bond6 [ 537.704125][T24725] bond6: (slave vti0): The slave device specified does not support setting the MAC address [ 537.708393][T24725] bond6: (slave vti0): Setting fail_over_mac to active for active-backup mode [ 537.715692][T24725] bond6: (slave vti0): making interface the new active one [ 537.718735][T24725] vti0: entered promiscuous mode [ 537.722622][T24725] bond6: (slave vti0): Enslaving as an active interface with an up link [ 537.862436][T24739] netlink: 212360 bytes leftover after parsing attributes in process `syz.9.7716'. [ 537.928876][ T40] audit: type=1326 audit(1778486043.827:6334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 537.945105][ T40] audit: type=1326 audit(1778486043.827:6335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 537.959402][ T40] audit: type=1326 audit(1778486043.827:6336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 537.975616][ T40] audit: type=1326 audit(1778486043.827:6337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 537.985113][ T40] audit: type=1326 audit(1778486043.827:6338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 537.995458][ T40] audit: type=1326 audit(1778486043.827:6339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=45 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 538.009090][ T40] audit: type=1326 audit(1778486043.827:6340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 538.018450][ T40] audit: type=1326 audit(1778486043.827:6341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 538.028737][ T40] audit: type=1326 audit(1778486043.827:6342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 538.039141][ T40] audit: type=1326 audit(1778486043.827:6343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24741 comm="syz.9.7717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x7ffc0000 [ 538.400506][T24759] tipc: Enabled bearer , priority 10 [ 538.845709][T16829] Bluetooth: hci1: command 0x0406 tx timeout [ 539.262505][ C0] Unknown status report in ack skb [ 540.099038][T24885] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7775'. [ 540.406017][T24896] ip6erspan1: entered allmulticast mode [ 540.441631][T24902] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7781'. [ 540.913959][T24939] overlayfs: failed to clone upperpath [ 541.133208][T24943] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7799'. [ 541.136401][T24943] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7799'. [ 541.688681][T24979] netlink: 16 bytes leftover after parsing attributes in process `syz.9.7815'. [ 541.707067][T24983] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7816'. [ 541.885193][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 541.940087][T25010] netlink: 76 bytes leftover after parsing attributes in process `syz.8.7823'. [ 542.037486][T25018] overlayfs: failed to clone upperpath [ 542.329766][T25040] netlink: 'syz.9.7830': attribute type 10 has an invalid length. [ 542.340169][T25040] team0: Device dummy0 failed to register rx_handler [ 542.368146][T25040] netlink: 'syz.9.7830': attribute type 10 has an invalid length. [ 543.128822][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 543.128834][ T40] audit: type=1326 audit(1778486049.027:6351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.140558][ T40] audit: type=1326 audit(1778486049.027:6352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.148805][ T40] audit: type=1326 audit(1778486049.027:6353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=186 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.157024][ T40] audit: type=1326 audit(1778486049.027:6354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.166112][ T40] audit: type=1326 audit(1778486049.027:6355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.174343][ T40] audit: type=1326 audit(1778486049.027:6356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.182839][ T40] audit: type=1326 audit(1778486049.027:6357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.193070][ T40] audit: type=1326 audit(1778486049.027:6358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.202572][ T40] audit: type=1326 audit(1778486049.027:6359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 543.212437][ T40] audit: type=1326 audit(1778486049.027:6360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25066 comm="syz.4.7842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 544.298812][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804c273800: rx timeout, send abort [ 544.306134][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88804c273800: 0x20000: (3) A timeout occurred and this is the connection abort to close the session. [ 544.751794][T25095] policy can only be matched on NF_INET_PRE_ROUTING [ 544.751812][T25095] unable to load match [ 545.041209][T25112] netlink: 'syz.8.7859': attribute type 8 has an invalid length. [ 545.044100][T25112] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7859'. [ 545.050294][T25112] bond0: entered promiscuous mode [ 545.052123][T25112] bond_slave_0: entered promiscuous mode [ 545.054224][T25112] bond_slave_1: entered promiscuous mode [ 545.057570][T25112] gretap0: entered promiscuous mode [ 545.060043][T25112] team0: entered promiscuous mode [ 545.061722][T25112] team_slave_0: entered promiscuous mode [ 545.063685][T25112] team_slave_1: entered promiscuous mode [ 545.067742][T25112] syz_tun: entered promiscuous mode [ 545.076453][T25112] debugfs: 'hsr1' already exists in 'hsr' [ 545.078472][T25112] Cannot create hsr debugfs directory [ 545.080372][T25112] hsr1: entered promiscuous mode [ 545.313031][T25126] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7864'. [ 545.340148][T25126] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7864'. [ 545.524144][T25132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 545.529577][T25132] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 546.143060][T25141] netlink: 'syz.9.7871': attribute type 4 has an invalid length. [ 546.590396][T25151] kvm: user requested TSC rate below hardware speed [ 546.602270][T25151] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 546.606582][T25151] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 548.072300][T25212] netlink: 212348 bytes leftover after parsing attributes in process `syz.9.7898'. [ 548.360153][T25216] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7900'. [ 549.854247][T25283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7926'. [ 550.194250][T25309] netlink: 9 bytes leftover after parsing attributes in process `syz.9.7937'. [ 550.197961][T25309] netlink: 9 bytes leftover after parsing attributes in process `syz.9.7937'. [ 550.385507][T25315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 550.389321][T25315] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 550.891568][T25317] overlayfs: failed to clone upperpath [ 551.015392][T25327] netlink: 'syz.9.7945': attribute type 5 has an invalid length. [ 551.062750][T25333] vxcan1: entered allmulticast mode [ 551.073145][T25333] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7947'. [ 551.092640][T25333] vxcan1 (unregistering): left allmulticast mode [ 551.229493][T25343] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7951'. [ 551.229887][T25342] netlink: 'syz.9.7950': attribute type 1 has an invalid length. [ 551.255067][T25342] bond7: entered promiscuous mode [ 551.259225][T25342] 8021q: adding VLAN 0 to HW filter on device bond7 [ 551.282780][T25342] 8021q: adding VLAN 0 to HW filter on device bond7 [ 551.287835][T25342] bond7: (slave vcan1): The slave device specified does not support setting the MAC address [ 551.295054][T25342] bond7: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 551.311781][T25342] bond7: (slave vcan1): making interface the new active one [ 551.316649][T25342] vcan1: entered promiscuous mode [ 551.324559][T25342] bond7: (slave vcan1): Enslaving as an active interface with an up link [ 551.371932][T25349] fuse: fd is not a fuse device [ 551.408865][T25353] Bluetooth: hci0: invalid len left 7, exp >= 111 [ 551.839725][T25383] overlayfs: failed to clone lowerpath [ 552.159735][T25406] overlayfs: failed to clone upperpath [ 552.266826][T25412] fuse: fd is not a fuse device [ 552.467605][T25425] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7986'. [ 552.687285][T25435] fuse: fd is not a fuse device [ 554.159262][T25509] netlink: 'syz.4.8016': attribute type 1 has an invalid length. [ 554.161830][T25509] netlink: 'syz.4.8016': attribute type 4 has an invalid length. [ 554.164293][T25509] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.8016'. [ 554.602565][T25521] dvmrp1: left allmulticast mode [ 554.774631][T25525] overlayfs: failed to clone lowerpath [ 554.782584][T25525] overlayfs: failed to clone lowerpath [ 554.968834][T25534] netlink: 212344 bytes leftover after parsing attributes in process `syz.8.8027'. [ 555.154723][T25550] netlink: 7 bytes leftover after parsing attributes in process `syz.4.8033'. [ 555.707541][T25578] netlink: 27 bytes leftover after parsing attributes in process `syz.9.8045'. [ 555.760764][T25582] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8047'. [ 555.763971][T25582] netlink: 'syz.9.8047': attribute type 7 has an invalid length. [ 555.768903][T25582] netlink: 'syz.9.8047': attribute type 8 has an invalid length. [ 555.772186][T25582] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8047'. [ 556.071182][T25595] bond7: entered allmulticast mode [ 556.084020][T25595] vcan1: entered allmulticast mode [ 556.089309][T25594] bond7: left allmulticast mode [ 556.091373][T25594] vcan1: left allmulticast mode [ 556.577810][ T40] kauditd_printk_skb: 4632 callbacks suppressed [ 556.577822][ T40] audit: type=1800 audit(1778486062.477:10993): pid=25621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.8062" name="file1" dev="overlay" ino=10684 res=0 errno=0 [ 557.122748][T25639] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8070'. [ 557.126641][T25639] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8070'. [ 557.223162][T25646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8073'. [ 558.403111][ T40] audit: type=1800 audit(1778486064.297:10994): pid=25685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.8088" name="nullb0" dev="tmpfs" ino=7459 res=0 errno=0 [ 558.461847][T25689] netlink: 'syz.9.8090': attribute type 4 has an invalid length. [ 558.464482][T25689] netlink: 156 bytes leftover after parsing attributes in process `syz.9.8090'. [ 558.469785][T25689] bond_slave_1: mtu greater than device maximum [ 558.508539][T25691] overlayfs: failed to clone upperpath [ 558.558660][ T40] audit: type=1326 audit(1778486064.457:10995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.4.8093" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x0 [ 558.665222][ T9] usb 8-1: new full-speed USB device number 71 using dummy_hcd [ 558.841529][ T9] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 558.843974][ T9] usb 8-1: can't read configurations, error -71 [ 559.049167][T25701] netlink: 'syz.8.8095': attribute type 12 has an invalid length. [ 559.287829][T25704] overlayfs: failed to clone upperpath [ 560.278780][T25746] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8110'. [ 560.626202][T25757] netlink: 'syz.3.8116': attribute type 1 has an invalid length. [ 560.639960][T25757] bond4: entered promiscuous mode [ 560.641717][T25757] bond4: entered allmulticast mode [ 560.643777][T25757] 8021q: adding VLAN 0 to HW filter on device bond4 [ 560.666274][T25757] erspan2: entered allmulticast mode [ 560.673158][T25757] bond4: (slave erspan2): making interface the new active one [ 560.676776][T25757] erspan2: entered promiscuous mode [ 560.682722][T25757] [ 560.683803][T25757] ============================================ [ 560.686430][T25757] WARNING: possible recursive locking detected [ 560.689016][T25757] syzkaller #0 Tainted: G L [ 560.691938][T25757] -------------------------------------------- [ 560.694659][T25757] syz.3.8116/25757 is trying to acquire lock: [ 560.697282][T25757] ffff888013b1e958 (&qdisc_xmit_lock_key#4){+.-.}-{3:3}, at: sch_direct_xmit+0x3b5/0xc60 [ 560.701422][T25757] [ 560.701422][T25757] but task is already holding lock: [ 560.704566][T25757] ffff88805d963158 (&qdisc_xmit_lock_key#4){+.-.}-{3:3}, at: sch_direct_xmit+0x3b5/0xc60 [ 560.708712][T25757] [ 560.708712][T25757] other info that might help us debug this: [ 560.712046][T25757] Possible unsafe locking scenario: [ 560.712046][T25757] [ 560.715239][T25757] CPU0 [ 560.716712][T25757] ---- [ 560.717983][T25757] lock(&qdisc_xmit_lock_key#4); [ 560.719917][T25757] lock(&qdisc_xmit_lock_key#4); [ 560.721858][T25757] [ 560.721858][T25757] *** DEADLOCK *** [ 560.721858][T25757] [ 560.724857][T25757] May be due to missing lock nesting notation [ 560.724857][T25757] [ 560.727928][T25757] 10 locks held by syz.3.8116/25757: [ 560.729807][T25757] #0: ffffffff90d99888 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x113/0x2c0 [ 560.733117][T25757] #1: ffffffff9060f0a0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8bb/0x2380 [ 560.736769][T25757] #2: ffffffff8e7e5280 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x296/0x4950 [ 560.740460][T25757] #3: ffff88802a18a228 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock#5){+...}-{3:3}, at: __dev_queue_xmit+0x24ef/0x4950 [ 560.744702][T25757] #4: ffff88805d963158 (&qdisc_xmit_lock_key#4){+.-.}-{3:3}, at: sch_direct_xmit+0x3b5/0xc60 [ 560.748127][T25757] #5: ffffffff8e7e52e0 (rcu_read_lock){....}-{1:3}, at: ip_output+0xb3/0xc10 [ 560.751166][T25757] #6: ffffffff8e7e52e0 (rcu_read_lock){....}-{1:3}, at: ip_finish_output2+0x356/0x2400 [ 560.754389][T25757] #7: ffffffff8e7e52e0 (rcu_read_lock){....}-{1:3}, at: arp_xmit+0x26/0x2e0 [ 560.757331][T25757] #8: ffffffff8e7e5280 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x296/0x4950 [ 560.760514][T25757] #9: ffff8880699ac228 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock#5){+...}-{3:3}, at: __dev_queue_xmit+0x24ef/0x4950 [ 560.764502][T25757] [ 560.764502][T25757] stack backtrace: [ 560.766546][T25757] CPU: 3 UID: 0 PID: 25757 Comm: syz.3.8116 Tainted: G L syzkaller #0 PREEMPT(full) [ 560.766565][T25757] Tainted: [L]=SOFTLOCKUP [ 560.766570][T25757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 560.766577][T25757] Call Trace: [ 560.766581][T25757] [ 560.766587][T25757] dump_stack_lvl+0x100/0x190 [ 560.766601][T25757] print_deadlock_bug.cold+0xbd/0xca [ 560.766620][T25757] __lock_acquire+0x12bb/0x2630 [ 560.766632][T25757] ? kmalloc_reserve+0x148/0x350 [ 560.766648][T25757] lock_acquire+0x1b1/0x370 [ 560.766658][T25757] ? sch_direct_xmit+0x3b5/0xc60 [ 560.766681][T25757] _raw_spin_lock+0x2e/0x40 [ 560.766701][T25757] ? sch_direct_xmit+0x3b5/0xc60 [ 560.766722][T25757] sch_direct_xmit+0x3b5/0xc60 [ 560.766744][T25757] ? lock_acquire+0x1b1/0x370 [ 560.766762][T25757] ? __pfx_sch_direct_xmit+0x10/0x10 [ 560.766783][T25757] ? __pfx_do_raw_spin_trylock+0x10/0x10 [ 560.766808][T25757] __dev_queue_xmit+0x2794/0x4950 [ 560.766827][T25757] ? __pfx_arpt_do_table+0x10/0x10 [ 560.766842][T25757] ? __pfx___dev_queue_xmit+0x10/0x10 [ 560.766858][T25757] ? lock_acquire+0xc0/0x370 [ 560.766867][T25757] ? find_held_lock+0x2b/0x80 [ 560.766880][T25757] ? nf_hook.constprop.0+0x2f0/0x760 [ 560.766897][T25757] ? nf_hook.constprop.0+0x2f0/0x760 [ 560.766909][T25757] ? nf_hook.constprop.0+0x2fa/0x760 [ 560.766920][T25757] ? __pfx_arp_xmit_finish+0x10/0x10 [ 560.766942][T25757] arp_xmit+0x106/0x2e0 [ 560.766953][T25757] arp_send_dst+0x200/0x280 [ 560.766964][T25757] arp_solicit+0x672/0x1070 [ 560.766976][T25757] ? rcu_is_watching+0x12/0xc0 [ 560.766990][T25757] ? __pfx_arp_solicit+0x10/0x10 [ 560.767002][T25757] ? neigh_probe+0x72/0x110 [ 560.767014][T25757] ? __pfx_arp_solicit+0x10/0x10 [ 560.767025][T25757] neigh_probe+0xce/0x110 [ 560.767036][T25757] __neigh_event_send+0xacf/0x13f0 [ 560.767051][T25757] neigh_resolve_output+0x550/0x8f0 [ 560.767065][T25757] ? __pfx____neigh_create+0x10/0x10 [ 560.767081][T25757] ip_finish_output2+0x851/0x2400 [ 560.767099][T25757] ? __pfx_ip_finish_output2+0x10/0x10 [ 560.767114][T25757] ? __pfx_ip_dst_mtu_maybe_forward+0x10/0x10 [ 560.767129][T25757] ? nf_nat_ipv4_out+0xb2/0x510 [ 560.767143][T25757] ? find_held_lock+0x2b/0x80 [ 560.767157][T25757] __ip_finish_output.part.0+0x444/0x6f0 [ 560.767173][T25757] ip_output+0x39b/0xc10 [ 560.767189][T25757] ? __pfx_ip_output+0x10/0x10 [ 560.767203][T25757] ? __pfx_get_random_u32+0x10/0x10 [ 560.767217][T25757] ? __pfx_ip_finish_output+0x10/0x10 [ 560.767233][T25757] ? __pfx_ip_output+0x10/0x10 [ 560.767249][T25757] ip_local_out+0x193/0x1f0 [ 560.767264][T25757] iptunnel_xmit+0x722/0xd20 [ 560.767277][T25757] ip_tunnel_xmit+0x1b85/0x3200 [ 560.767295][T25757] ? __pfx_ip_tunnel_xmit+0x10/0x10 [ 560.767310][T25757] ? mark_held_locks+0x40/0x70 [ 560.767320][T25757] ? kasan_quarantine_put+0x8f/0x240 [ 560.767331][T25757] ? lockdep_hardirqs_on+0x78/0x100 [ 560.767350][T25757] __gre_xmit+0x820/0xb20 [ 560.767364][T25757] ? __pfx___gre_xmit+0x10/0x10 [ 560.767378][T25757] ? __pfx_pskb_expand_head+0x10/0x10 [ 560.767391][T25757] erspan_xmit+0x55a/0x1ec0 [ 560.767406][T25757] ? __pfx_erspan_xmit+0x10/0x10 [ 560.767421][T25757] ? rcu_lockdep_current_cpu_online+0x30/0x150 [ 560.767437][T25757] dev_hard_start_xmit+0x128/0x7a0 [ 560.767454][T25757] sch_direct_xmit+0x1b2/0xc60 [ 560.767467][T25757] ? lock_acquire+0x1b1/0x370 [ 560.767478][T25757] ? __pfx_sch_direct_xmit+0x10/0x10 [ 560.767492][T25757] ? __pfx_do_raw_spin_trylock+0x10/0x10 [ 560.767506][T25757] __dev_queue_xmit+0x2794/0x4950 [ 560.767525][T25757] ? rcu_is_watching+0x12/0xc0 [ 560.767537][T25757] ? __pfx___dev_queue_xmit+0x10/0x10 [ 560.767553][T25757] ? __kasan_slab_alloc+0x89/0x90 [ 560.767567][T25757] ? kmalloc_reserve+0xf9/0x350 [ 560.767582][T25757] ? __asan_memset+0x23/0x50 [ 560.767597][T25757] ? __alloc_skb+0x4e9/0x710 [ 560.767610][T25757] ? __netdev_alloc_skb+0x10d/0x960 [ 560.767622][T25757] alb_send_lp_vid+0x31e/0x540 [ 560.767635][T25757] ? __pfx_alb_send_lp_vid+0x10/0x10 [ 560.767650][T25757] alb_send_learning_packets+0xe0/0x2f0 [ 560.767663][T25757] ? __pfx_alb_send_learning_packets+0x10/0x10 [ 560.767678][T25757] ? __pfx_alb_swap_mac_addr+0x10/0x10 [ 560.767692][T25757] alb_fasten_mac_swap+0x47f/0xa90 [ 560.767706][T25757] bond_alb_handle_active_change+0x634/0x10b0 [ 560.767722][T25757] ? __pfx_bond_alb_handle_active_change+0x10/0x10 [ 560.767736][T25757] ? __hw_addr_add_ex+0x4df/0x650 [ 560.767753][T25757] ? dev_mc_sync+0x119/0x180 [ 560.767770][T25757] ? __local_bh_enable_ip+0x9e/0x120 [ 560.767786][T25757] bond_change_active_slave+0x160c/0x2ee0 [ 560.767807][T25757] ? static_key_slow_inc_cpuslocked+0xd2/0x120 [ 560.767829][T25757] ? __pfx_bond_change_active_slave+0x10/0x10 [ 560.767857][T25757] bond_select_active_slave+0x3f5/0xca0 [ 560.767885][T25757] ? __pfx_bond_select_active_slave+0x10/0x10 [ 560.767917][T25757] ? find_held_lock+0x2b/0x80 [ 560.767942][T25757] bond_enslave+0x4290/0x5940 [ 560.767961][T25757] ? __pfx_bond_enslave+0x10/0x10 [ 560.767978][T25757] ? nlmsg_notify+0xdc/0x290 [ 560.767994][T25757] ? rtmsg_ifinfo+0x70/0x1b0 [ 560.768011][T25757] ? __pfx___dev_change_flags+0x10/0x10 [ 560.768023][T25757] ? __pfx_bond_enslave+0x10/0x10 [ 560.768039][T25757] do_set_master+0x40f/0x730 [ 560.768050][T25757] ? rtnl_configure_link+0xd0/0x280 [ 560.768068][T25757] rtnl_newlink+0x15c7/0x2380 [ 560.768082][T25757] ? __pfx_rtnl_newlink+0x10/0x10 [ 560.768094][T25757] ? kernel_text_address+0x8d/0x100 [ 560.768105][T25757] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 560.768121][T25757] ? __kernel_text_address+0xd/0x30 [ 560.768136][T25757] ? stack_depot_save_flags+0x27/0x9d0 [ 560.768151][T25757] ? stack_trace_save+0x8e/0xc0 [ 560.768167][T25757] ? find_held_lock+0x2b/0x80 [ 560.768181][T25757] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 560.768193][T25757] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 560.768206][T25757] ? __pfx_rtnl_newlink+0x10/0x10 [ 560.768218][T25757] rtnetlink_rcv_msg+0x95e/0xe90 [ 560.768231][T25757] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 560.768245][T25757] ? __lock_acquire+0x4a5/0x2630 [ 560.768257][T25757] netlink_rcv_skb+0x159/0x420 [ 560.768272][T25757] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 560.768285][T25757] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 560.768303][T25757] ? netlink_deliver_tap+0x1ae/0xcc0 [ 560.768318][T25757] netlink_unicast+0x585/0x850 [ 560.768334][T25757] ? __pfx_netlink_unicast+0x10/0x10 [ 560.768351][T25757] netlink_sendmsg+0x8b0/0xda0 [ 560.768367][T25757] ? __pfx_netlink_sendmsg+0x10/0x10 [ 560.768383][T25757] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 560.768400][T25757] ____sys_sendmsg+0x9e1/0xb70 [ 560.768415][T25757] ? __pfx_netlink_sendmsg+0x10/0x10 [ 560.768430][T25757] ? __pfx_____sys_sendmsg+0x10/0x10 [ 560.768445][T25757] ? __pfx___futex_wait+0x10/0x10 [ 560.768461][T25757] ? __pfx_futex_wake_mark+0x10/0x10 [ 560.768476][T25757] ___sys_sendmsg+0x190/0x1e0 [ 560.768492][T25757] ? __pfx____sys_sendmsg+0x10/0x10 [ 560.768510][T25757] ? find_held_lock+0x2b/0x80 [ 560.768528][T25757] __sys_sendmsg+0x170/0x220 [ 560.768540][T25757] ? __pfx___sys_sendmsg+0x10/0x10 [ 560.768554][T25757] ? rcu_is_watching+0x12/0xc0 [ 560.768568][T25757] __do_fast_syscall_32+0xe7/0x950 [ 560.768586][T25757] do_fast_syscall_32+0x32/0x70 [ 560.768603][T25757] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 560.768648][T25757] RIP: 0023:0xf7fe7fcc [ 560.768658][T25757] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 560.768669][T25757] RSP: 002b:00000000f48a050c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 560.768680][T25757] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0 [ 560.768688][T25757] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 560.768694][T25757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 560.768700][T25757] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 560.768707][T25757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 560.768717][T25757] [ 561.041990][T25757] bond4: (slave erspan2): Enslaving as an active interface with an up link [ 567.496589][ T1432] ieee802154 phy1 wpan1: encryption failed: -22