last executing test programs: 3.432767727s ago: executing program 2 (id=3357): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, 0x0) 3.371333594s ago: executing program 1 (id=3358): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'pcm3724\x00', [0x3, 0x80008000, 0x1, 0x2, 0x0, 0x0, 0x0, 0x13, 0x1000, 0xffffffff, 0x4, 0x7, 0x6, 0x4, 0x3, 0x6, 0xffffffa7, 0x9, 0x0, 0x65c, 0x3ff, 0x11000, 0x800, 0x4e4, 0x9, 0x4e, 0x4, 0x3, 0x3, 0x5, 0x5]}) 3.371184985s ago: executing program 2 (id=3359): mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0) chdir(0x0) syz_open_procfs(0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2}}]}, 0x1c}}, 0x0) 3.109164349s ago: executing program 2 (id=3360): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400ee", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newqdisc={0x54, 0x24, 0xe0b, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x24, 0x2, {{0x1ff, 0x6, 0xfffffffd, 0x0, 0xfffffffd, 0x32d}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x54}}, 0x0) sendto$packet(r0, &(0x7f0000000580)="44c394f305916c4516999da20800", 0xe, 0x0, &(0x7f0000000440)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14) 3.009286764s ago: executing program 2 (id=3361): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x9, 0x100) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000480)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x14, 0x3, 0x1, 0xc5, 0x9, 0xff, 0x2, 0x1, 0x95, 0x5, 0x8, 0x8e, 0x7}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.982291529s ago: executing program 1 (id=3362): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendto$inet(0xffffffffffffffff, &(0x7f0000000500)="88", 0x1, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, 0x0, 0x40) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = dup(r2) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0xc}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x8090) read$FUSE(r1, 0x0, 0x0) 2.794060404s ago: executing program 1 (id=3363): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008001600c053000018000180140002006e657464657673696d30000000"], 0x44}}, 0x0) 2.759032036s ago: executing program 1 (id=3364): syz_open_dev$sndmidi(0x0, 0x2, 0x141102) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="70000000020605a3cfc8647108024e0000000007120003006269746d61703a69702c6d616300000005000400010000000900020073797a3000000000240007800c00028008000140000000020c0001800800014000000004080008400000005c05000500020000000500010006"], 0x70}}, 0x8000) 2.716989489s ago: executing program 1 (id=3365): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELSET={0x2c, 0xb, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 2.716176688s ago: executing program 1 (id=3366): openat$nvram(0xffffffffffffff9c, &(0x7f0000002080), 0x8ac3094c6a9c458c, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) getdents64(0xffffffffffffffff, 0x0, 0x0) sendfile(r2, r2, 0x0, 0x200000) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 2.645244219s ago: executing program 2 (id=3367): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) writev(0xffffffffffffffff, &(0x7f0000000840)=[{0x0}], 0x1) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4c, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r2, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c) 2.139636208s ago: executing program 2 (id=3372): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x100000000, 0x8, 0x0, 0x3}, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r2, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) setsockopt$inet6_int(r2, 0x29, 0x31, &(0x7f00000000c0)=0x6, 0x4) recvmmsg(r2, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0) 2.133223521s ago: executing program 3 (id=3373): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0) pwrite64(r0, &(0x7f00000008c0)='/', 0x1, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) sendfile(r0, r0, &(0x7f00000001c0), 0x7fa) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') open(&(0x7f0000000000)='./file0\x00', 0x3086c0, 0x78e22799f4a46edc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) mq_open(&(0x7f0000000580)='!\x7f\x00\xca\x00\x00\x00\f\x00vt\x00\x01E!\x05\x99\xb7|`', 0x6e93ebbbcc0884f2, 0x61, &(0x7f0000000480)={0xfffffffffffffffe, 0x2, 0x7, 0xffffffff}) r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000080)={0x5, 0x2}) ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0)=0x3) 1.545886615s ago: executing program 0 (id=3380): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x2c}, 0x78, r1}) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8936, &(0x7f0000000000)) 1.45282946s ago: executing program 0 (id=3381): mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0) chdir(0x0) syz_open_procfs(0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2}}]}, 0x1c}}, 0x0) 1.45236983s ago: executing program 4 (id=3382): bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x10400}}, 0x50) syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1) close(r1) close_range(r0, 0xffffffffffffffff, 0x0) 1.449268368s ago: executing program 0 (id=3383): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = userfaultfd(0x80801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749}) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x40000008}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) madvise(&(0x7f0000c0c000/0x1000)=nil, 0x1000, 0x4) readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/163, 0xa3}], 0x1) 1.302666796s ago: executing program 3 (id=3384): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r1, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000500)={0x0, 0x0, r1, r2, 0x3, 0x5, 0x4, 0x5, {0x2, 0x5, 0x5, 0xa, 0xa, 0x9, 0x2, 0x5, 0x800b, 0xd25, 0x7, 0x60b, 0x2, 0x10001, "6f4f1b1330d057b30bd15586b7445443c528a97436419c2cd5ae7297dceeb0be"}}) 1.254315821s ago: executing program 0 (id=3385): syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0), 0x12) openat$vcsu(0xffffff9c, &(0x7f0000000180), 0x288a80, 0x0) add_key$user(&(0x7f00000001c0), 0x0, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) open_tree(0xffffffffffffffff, 0x0, 0x81301) syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="02c830750071000100020204000300f8"], 0x7a) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x5) add_key$user(&(0x7f00000003c0), &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd) keyctl$dh_compute(0x17, 0x0, &(0x7f00000000c0)=""/83, 0x53, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) 1.253808022s ago: executing program 3 (id=3386): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(0xffffffffffffffff, 0x0) accept$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0xff1f, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000010000002800018014000400ff1f0000000000000200ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000) 1.193298603s ago: executing program 4 (id=3387): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000004d040000000000002d"], 0x0}, 0x94) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0x2, '\x00', 0x8001}) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.134420846s ago: executing program 4 (id=3388): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX=r0], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18) syz_open_dev$evdev(&(0x7f0000000040), 0x4ee97ffd, 0x800) timerfd_create(0x0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f00000000c0)={0x28, 0x0, 0x0, @host}, 0x10) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES32=0x0], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r3}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.110976137s ago: executing program 3 (id=3389): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='cubic\x00', 0x6) shutdown(r0, 0x1) 1.041651781s ago: executing program 3 (id=3390): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18}, '\x00'}) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCGFLAGS1(r1, 0x80047453, &(0x7f00000019c0)) 1.015712164s ago: executing program 3 (id=3391): r0 = socket$igmp(0x2, 0x3, 0x2) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) times(0x0) r4 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) r5 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0) ioctl$CEC_DQEVENT(r5, 0xc0506107, 0x0) ioctl$CEC_DQEVENT(r5, 0xc0506107, 0x0) syz_emit_ethernet(0x69, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000030800457d005b00670000f02f907860000001ac1414330421880b000300007032ea08000800080086dd080088be0000000413ff1c090100000000000001080022185b3aa15eb40846eb00000002213cba040284090000000009000017000800655800200004de8670a88536191106a0b510f360dc7fe4a22e8e818f068ec8aa34303b57b3a3197a1ad098dfaf34ff3c8a3776d2688abcdb9fb77cc8b1f81e12170a680733981c8b2096937051590d7a759a9287dd8d3452"], 0x0) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x0, 0x0, 0x0) 337.309121ms ago: executing program 0 (id=3392): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x80280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 292.75277ms ago: executing program 0 (id=3393): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000300)=@pppol2tpv3={0x18, 0x3f, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @local}, 0x1, 0x0, 0x2}}, 0x2e) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x4, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="70000000100003042abd70009da1d2b900000004", @ANYRES32=0x0, @ANYBLOB="0000000000000000500012800b0001006272696467650000400002800800050000000000050029000100000006002700040000000c00220006000000000000000c0021"], 0x70}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_genetlink_get_family_id$nbd(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$NBD_CMD_STATUS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000c80)={0x14, 0x0, 0x4, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) socket(0x1e, 0x2, 0xb5) socket(0x10, 0x3, 0x0) syz_emit_ethernet(0x82, &(0x7f0000000240)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @rand_addr=0x4, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@multicast1=0xe0000089}, {@private}, {@local}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0) 276.153537ms ago: executing program 4 (id=3394): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000) ioctl$SIOCAX25ADDUID(0xffffffffffffffff, 0x89e1, 0x0) ioctl$SIOCAX25GETUID(0xffffffffffffffff, 0x89e0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xa0}}, 0x0) 1.2823ms ago: executing program 4 (id=3395): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 0s ago: executing program 4 (id=3396): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3, @empty, 0x0, 0x3}, 0x20) socket(0x10, 0x803, 0x57b97a23) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000002240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x7, 0x9, 0x8, 0x10008000, 0x120}, 0x0) syz_usb_connect$cdc_ncm(0x4, 0xa0, 0x0, 0x0) connect$l2tp6(r0, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00) kernel console output (not intermixed with test programs): disconnect, device number 70 [ 672.961881][T15803] bond0: (slave macsec1): Error -34 calling dev_set_mtu [ 672.963014][T13780] usb 4-1: Using ep0 maxpacket: 32 [ 673.049187][T13780] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 673.070781][T15806] fuse: Bad value for 'rootmode' [ 673.077928][T13780] usb 4-1: config 0 has no interface number 0 [ 673.164865][T15806] siw: device registration error -23 [ 673.174087][T13780] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 673.231487][T13780] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 673.792595][T13780] usb 4-1: Product: syz [ 673.830206][T13780] usb 4-1: Manufacturer: syz [ 673.977393][T13780] usb 4-1: SerialNumber: syz [ 673.992038][T13780] usb 4-1: config 0 descriptor?? [ 674.007131][T13780] smsc95xx v2.0.0 [ 674.213381][T13779] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 674.503693][T13779] usb 1-1: Using ep0 maxpacket: 32 [ 674.560904][T13779] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 674.627354][T13779] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 674.961080][T13779] usb 1-1: config 0 descriptor?? [ 674.971503][T13779] gspca_main: sunplus-2.14.0 probing 041e:400b [ 675.082011][T15822] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2614'. [ 675.223513][T15838] lo speed is unknown, defaulting to 1000 [ 675.469176][T13794] usb 3-1: new high-speed USB device number 92 using dummy_hcd [ 675.898963][T13780] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 675.917712][T15849] 8021q: adding VLAN 0 to HW filter on device bond11 [ 675.934351][T15853] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 675.939325][T13794] usb 3-1: Using ep0 maxpacket: 8 [ 675.951769][T13780] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 675.952836][T13794] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 675.970416][T13780] usb 4-1: USB disconnect, device number 93 [ 675.976393][T13794] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 675.985105][T13794] usb 3-1: Product: syz [ 675.992138][T13794] usb 3-1: Manufacturer: syz [ 675.996865][T13794] usb 3-1: SerialNumber: syz [ 676.014708][T13794] usb 3-1: config 0 descriptor?? [ 676.023739][T13794] radio-usb-si4713 3-1:0.0: Si4713 development board discovered: (10C4:8244) [ 676.096745][T15821] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 676.105577][T15821] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 676.115973][T13779] gspca_sunplus: reg_w_riv err -71 [ 676.121132][T13779] sunplus 1-1:0.0: probe with driver sunplus failed with error -71 [ 676.130299][T13779] usb 1-1: USB disconnect, device number 71 [ 676.330972][T13794] radio-usb-si4713 3-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 676.348540][T13794] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 676.380549][T13794] usb 3-1: USB disconnect, device number 92 [ 676.413135][T13780] usb 4-1: new full-speed USB device number 94 using dummy_hcd [ 676.575665][T13780] usb 4-1: unable to get BOS descriptor or descriptor too short [ 676.584389][T13780] usb 4-1: not running at top speed; connect to a high speed hub [ 676.592868][T13780] usb 4-1: config 129 has an invalid interface number: 135 but max is 0 [ 676.601281][T13780] usb 4-1: config 129 has an invalid interface number: 5 but max is 0 [ 676.609540][T13780] usb 4-1: config 129 descriptor has 1 excess byte, ignoring [ 676.617002][T13780] usb 4-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 676.626197][T13780] usb 4-1: config 129 has no interface number 0 [ 676.632424][T13780] usb 4-1: config 129 has no interface number 1 [ 676.638718][T13780] usb 4-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 676.652027][T13780] usb 4-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 676.662898][T13780] usb 4-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 676.676199][T13780] usb 4-1: config 129 interface 135 has no altsetting 0 [ 676.690727][T13780] usb 4-1: config 129 interface 5 has no altsetting 0 [ 676.702535][T13780] usb 4-1: string descriptor 0 read error: -22 [ 676.708817][T13780] usb 4-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.62 [ 676.717937][T13780] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 677.623883][T13780] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 677.635525][T13780] usb 4-1: MIDIStreaming interface descriptor not found [ 677.662092][T13780] usb 4-1: USB disconnect, device number 94 [ 677.973013][T13794] usb 1-1: new high-speed USB device number 72 using dummy_hcd [ 678.126350][T13794] usb 1-1: Using ep0 maxpacket: 16 [ 678.151018][T15876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 678.176950][T15876] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 679.199839][T15887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 679.286355][T15876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 679.329567][T15887] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 679.333727][T15876] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 679.348975][T13794] usb 1-1: unable to get BOS descriptor or descriptor too short [ 679.359248][T13794] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 679.367982][T13794] usb 1-1: can't read configurations, error -71 [ 679.456727][T15896] syz.4.2634: attempt to access beyond end of device [ 679.456727][T15896] loop4: rw=0, sector=16, nr_sectors = 2 limit=0 [ 679.603323][T10923] usb 4-1: new high-speed USB device number 95 using dummy_hcd [ 679.803010][T10923] usb 4-1: Using ep0 maxpacket: 8 [ 679.810374][T10923] usb 4-1: unable to get BOS descriptor or descriptor too short [ 679.819299][T10923] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 679.833238][T10923] usb 4-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=cc.70 [ 679.842393][T10923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 679.850651][T10923] usb 4-1: Product: syz [ 679.854877][T10923] usb 4-1: Manufacturer: syz [ 679.859486][T10923] usb 4-1: SerialNumber: syz [ 680.384243][T15892] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2633'. [ 680.920046][T15916] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2641'. [ 680.944715][T15916] 8021q: adding VLAN 0 to HW filter on device bond5 [ 680.976039][T15916] 8021q: adding VLAN 0 to HW filter on device bond5 [ 680.983760][T15916] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address [ 680.996981][T15916] bond5: (slave vxcan3): Error -95 calling set_mac_address [ 681.090615][T10923] kobil_sct 4-1:7.0: required endpoints missing [ 681.109308][T10923] usb 4-1: USB disconnect, device number 95 [ 681.135285][T15924] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 681.141833][T15924] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 681.149367][T15924] vhci_hcd vhci_hcd.0: Device attached [ 681.249870][T15936] fuse: Bad value for 'rootmode' [ 681.632688][T13780] vhci_hcd: vhci_device speed not set [ 681.649459][T15936] siw: device registration error -23 [ 681.696611][T15943] netlink: 666 bytes leftover after parsing attributes in process `syz.1.2650'. [ 681.714284][T13780] usb 37-1: new full-speed USB device number 8 using vhci_hcd [ 681.721802][ T24] usb 3-1: new low-speed USB device number 93 using dummy_hcd [ 681.759138][T15943] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2650'. [ 681.768738][T15943] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2650'. [ 681.915249][ T24] usb 3-1: config 0 has no interfaces? [ 682.091165][T10923] usb 4-1: new high-speed USB device number 96 using dummy_hcd [ 682.119154][ T24] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 682.178566][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 682.440644][T10923] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 682.448484][T10923] usb 4-1: can't read configurations, error -61 [ 682.468872][T15967] dvmrp1: entered allmulticast mode [ 682.488591][ T24] usb 3-1: config 0 descriptor?? [ 682.497446][T15965] dvmrp1: left allmulticast mode [ 682.547298][T15965] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2656'. [ 682.583005][T10923] usb 4-1: new high-speed USB device number 97 using dummy_hcd [ 682.695688][T15928] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 6 [ 682.914074][T15970] 8021q: adding VLAN 0 to HW filter on device bond5 [ 683.067532][T10923] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 683.073056][ T9739] vhci_hcd: stop threads [ 683.079338][ T9739] vhci_hcd: release socket [ 683.083915][ T9739] vhci_hcd: disconnect device [ 683.089845][T10923] usb 4-1: can't read configurations, error -61 [ 683.103460][T10923] usb usb4-port1: attempt power cycle [ 683.197790][T15980] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 683.279146][T15984] infiniband syz0: set down [ 683.283822][T15984] infiniband syz0: added batadv_slave_1 [ 683.297013][T15984] RDS/IB: syz0: added [ 683.301004][T15984] smc: adding ib device syz0 with port count 1 [ 683.307279][T15984] smc: ib device syz0 port 1 has pnetid [ 683.392235][T15989] syz.4.2662: attempt to access beyond end of device [ 683.392235][T15989] loop4: rw=0, sector=16, nr_sectors = 2 limit=0 [ 683.473352][T10923] usb 4-1: new high-speed USB device number 98 using dummy_hcd [ 683.555366][T15991] fuse: Unknown parameter '0x0000000000000008' [ 683.570569][T10923] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 683.588135][T10923] usb 4-1: can't read configurations, error -61 [ 683.813143][T10923] usb 4-1: new high-speed USB device number 99 using dummy_hcd [ 683.883238][ T24] page_pool_release_retry() stalled pool shutdown: id 31, 51 inflight 242 sec [ 683.898896][T10923] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 683.982314][T10923] usb 4-1: can't read configurations, error -61 [ 684.023201][T10923] usb usb4-port1: unable to enumerate USB device [ 684.118006][T13794] usb 3-1: USB disconnect, device number 93 [ 684.339719][T16004] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.2667'. [ 684.405607][T16000] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2666'. [ 684.993330][T13794] usb 3-1: new high-speed USB device number 94 using dummy_hcd [ 685.223299][T13794] usb 3-1: Using ep0 maxpacket: 32 [ 685.228933][T13794] usb 3-1: too many configurations: 241, using maximum allowed: 8 [ 685.329871][T13794] usb 3-1: invalid descriptor for config index 0: type = 0x2, length = 189 [ 685.344572][T13794] usb 3-1: can't read configurations, error -22 [ 685.442367][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.468811][T16028] Process accounting resumed [ 685.493127][T13779] usb 1-1: new high-speed USB device number 74 using dummy_hcd [ 685.513307][T13794] usb 3-1: new high-speed USB device number 95 using dummy_hcd [ 685.544429][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 685.544447][ T30] audit: type=1400 audit(1755497312.955:1782): avc: denied { write } for pid=16032 comm="syz.1.2676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 685.644957][T13779] usb 1-1: Using ep0 maxpacket: 16 [ 685.684479][T13779] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b [ 685.693904][T13779] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 685.702020][T13794] usb 3-1: Using ep0 maxpacket: 32 [ 685.763469][T13794] usb 3-1: too many configurations: 241, using maximum allowed: 8 [ 685.776771][T13794] usb 3-1: invalid descriptor for config index 0: type = 0x2, length = 189 [ 685.788157][T13794] usb 3-1: can't read configurations, error -22 [ 685.795029][T13794] usb usb3-port1: attempt power cycle [ 686.057188][T16042] 8021q: adding VLAN 0 to HW filter on device bond12 [ 686.149816][T13779] usb 1-1: Product: syz [ 686.160178][T13779] usb 1-1: SerialNumber: syz [ 686.173092][T13794] usb 3-1: new high-speed USB device number 96 using dummy_hcd [ 686.184235][T13779] usb 1-1: config 0 descriptor?? [ 686.195076][T13779] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 686.203576][T13779] dvb_usb_af9015 1-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 686.216969][T13794] usb 3-1: Using ep0 maxpacket: 32 [ 686.233226][T13794] usb 3-1: too many configurations: 241, using maximum allowed: 8 [ 686.268759][T13794] usb 3-1: invalid descriptor for config index 0: type = 0x2, length = 189 [ 686.277816][T13794] usb 3-1: can't read configurations, error -22 [ 686.307470][T13779] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 686.322699][T13779] dvb_usb_af9035 1-1:0.0: probe with driver dvb_usb_af9035 failed with error -22 [ 686.413019][T13794] usb 3-1: new high-speed USB device number 97 using dummy_hcd [ 686.433589][T13794] usb 3-1: Using ep0 maxpacket: 32 [ 686.439242][T13794] usb 3-1: too many configurations: 241, using maximum allowed: 8 [ 686.454636][T13794] usb 3-1: invalid descriptor for config index 0: type = 0x2, length = 189 [ 686.463382][T13794] usb 3-1: can't read configurations, error -22 [ 686.729946][T13794] usb usb3-port1: unable to enumerate USB device [ 686.760366][T10923] usb 1-1: USB disconnect, device number 74 [ 686.870835][T13780] vhci_hcd: vhci_device speed not set [ 686.896555][ T30] audit: type=1400 audit(1755497314.305:1783): avc: denied { bind } for pid=16048 comm="syz.4.2679" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 687.343140][ T24] usb 4-1: new full-speed USB device number 100 using dummy_hcd [ 687.350838][ T30] audit: type=1326 audit(1755497314.755:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.410880][ T30] audit: type=1326 audit(1755497314.755:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.574396][ T30] audit: type=1326 audit(1755497314.755:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.615513][T16063] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2683'. [ 687.624739][ T30] audit: type=1326 audit(1755497314.755:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.625676][T16064] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2682'. [ 687.651226][T16048] delete_channel: no stack [ 687.659819][ T30] audit: type=1326 audit(1755497314.755:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.686475][ T30] audit: type=1326 audit(1755497314.755:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.713786][ T24] usb 4-1: config 0 has an invalid interface number: 46 but max is 0 [ 687.724757][ T24] usb 4-1: config 0 has no interface number 0 [ 687.730834][ T24] usb 4-1: config 0 interface 46 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 687.751719][ T30] audit: type=1326 audit(1755497314.755:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.786050][ T30] audit: type=1326 audit(1755497314.755:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16057 comm="syz.2.2681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 687.811984][ T24] usb 4-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01 [ 687.848511][T16064] dummy0 (unregistering): left promiscuous mode [ 687.855057][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.864511][ T24] usb 4-1: Product: syz [ 687.868743][T16072] C: renamed from team_slave_0 (while UP) [ 687.868779][ T24] usb 4-1: Manufacturer: syz [ 687.879196][ T24] usb 4-1: SerialNumber: syz [ 687.879968][T16072] netlink: 'syz.4.2685': attribute type 3 has an invalid length. [ 687.884997][ T24] usb 4-1: config 0 descriptor?? [ 687.891999][T16072] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2685'. [ 687.897767][T16055] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 687.914385][T16072] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 687.915267][T16073] netlink: 'syz.4.2685': attribute type 20 has an invalid length. [ 687.943121][ T24] ums-karma 4-1:0.46: USB Mass Storage device detected [ 687.995201][ T24] ums-karma 4-1:0.46: probe with driver ums-karma failed with error -5 [ 688.107487][T16087] FAULT_INJECTION: forcing a failure. [ 688.107487][T16087] name failslab, interval 1, probability 0, space 0, times 0 [ 688.121687][T16087] CPU: 0 UID: 0 PID: 16087 Comm: syz.2.2690 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 688.121714][T16087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 688.121725][T16087] Call Trace: [ 688.121731][T16087] [ 688.121737][T16087] dump_stack_lvl+0x16c/0x1f0 [ 688.121761][T16087] should_fail_ex+0x512/0x640 [ 688.121782][T16087] should_failslab+0xc2/0x120 [ 688.121803][T16087] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 688.121822][T16087] ? alloc_inode+0xc3/0x240 [ 688.121848][T16087] alloc_inode+0xc3/0x240 [ 688.121872][T16087] iget_locked+0x2e4/0x830 [ 688.121895][T16087] ? lock_acquire+0x2cd/0x350 [ 688.121923][T16087] ? __pfx_iget_locked+0x10/0x10 [ 688.121949][T16087] ? down_read+0x13d/0x480 [ 688.121968][T16087] ? kernfs_name_hash+0xf1/0x120 [ 688.121993][T16087] kernfs_get_inode+0x48/0x460 [ 688.122015][T16087] kernfs_iop_lookup+0x1a7/0x2d0 [ 688.122040][T16087] __lookup_slow+0x24e/0x460 [ 688.122063][T16087] ? __pfx___lookup_slow+0x10/0x10 [ 688.122090][T16087] ? d_lookup+0xe7/0x190 [ 688.122116][T16087] lookup_one_unlocked+0xd4/0x120 [ 688.122146][T16087] ovl_lookup_single+0x2ed/0x1270 [ 688.122170][T16087] ? __pfx_ovl_lookup_single+0x10/0x10 [ 688.122192][T16087] ovl_lookup_layer+0x3d4/0x480 [ 688.122213][T16087] ? __pfx_ovl_lookup_layer+0x10/0x10 [ 688.122231][T16087] ? trace_kmalloc+0x2b/0xd0 [ 688.122251][T16087] ? __memcg_slab_post_alloc_hook+0x4a0/0x960 [ 688.122275][T16087] ovl_lookup+0x13f9/0x21a0 [ 688.122299][T16087] ? __pfx_ovl_lookup+0x10/0x10 [ 688.122319][T16087] ? d_alloc_parallel+0x828/0x1480 [ 688.122345][T16087] ? rcu_is_watching+0x12/0xc0 [ 688.122369][T16087] ? __d_lookup+0x25c/0x4a0 [ 688.122392][T16087] ? rcu_is_watching+0x12/0xc0 [ 688.122415][T16087] ? __d_lookup+0x266/0x4a0 [ 688.122442][T16087] ? __pfx_ovl_lookup+0x10/0x10 [ 688.122461][T16087] lookup_open.isra.0+0x4da/0x1580 [ 688.122491][T16087] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 688.122519][T16087] ? irq_entries_start+0xd0/0xcb0 [ 688.122538][T16087] ? irq_entries_start+0xd0/0xcb0 [ 688.122554][T16087] ? lookup_fast+0x156/0x610 [ 688.122571][T16087] path_openat+0x893/0x2cb0 [ 688.122599][T16087] ? __pfx_path_openat+0x10/0x10 [ 688.122620][T16087] do_filp_open+0x20b/0x470 [ 688.122639][T16087] ? __pfx_do_filp_open+0x10/0x10 [ 688.122666][T16087] ? alloc_fd+0x471/0x7d0 [ 688.122686][T16087] do_sys_openat2+0x11b/0x1d0 [ 688.122708][T16087] ? __pfx_do_sys_openat2+0x10/0x10 [ 688.122730][T16087] ? __fget_files+0x20e/0x3c0 [ 688.122749][T16087] __x64_sys_openat+0x174/0x210 [ 688.122770][T16087] ? __pfx___x64_sys_openat+0x10/0x10 [ 688.122792][T16087] ? ksys_write+0x1ac/0x250 [ 688.122810][T16087] do_syscall_64+0xcd/0x4c0 [ 688.122828][T16087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.122844][T16087] RIP: 0033:0x7f0b64b8ebe9 [ 688.122857][T16087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.122871][T16087] RSP: 002b:00007f0b65add038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 688.122887][T16087] RAX: ffffffffffffffda RBX: 00007f0b64db5fa0 RCX: 00007f0b64b8ebe9 [ 688.122897][T16087] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 688.122907][T16087] RBP: 00007f0b65add090 R08: 0000000000000000 R09: 0000000000000000 [ 688.122916][T16087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 688.122924][T16087] R13: 00007f0b64db6038 R14: 00007f0b64db5fa0 R15: 00007fff4c9f40c8 [ 688.122938][T16087] [ 688.302989][T13780] usb 5-1: new low-speed USB device number 88 using dummy_hcd [ 688.305432][ C0] vkms_vblank_simulate: vblank timer overrun [ 688.464072][T13780] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 688.470779][ C0] vkms_vblank_simulate: vblank timer overrun [ 688.490144][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 688.512246][T13780] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 688.525327][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 688.537001][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 688.555681][T13780] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 688.563246][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 688.574032][T13780] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 688.585707][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 688.590045][ C0] vkms_vblank_simulate: vblank timer overrun [ 688.596832][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 688.619387][T13780] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 688.637215][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 688.648155][T13780] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 688.662966][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 688.674230][T13780] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 688.724476][T13780] usb 5-1: string descriptor 0 read error: -22 [ 688.730844][T13780] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 688.740869][T13780] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 688.787898][T16093] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2692'. [ 688.891760][T13780] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 689.267497][T13780] usb 5-1: USB disconnect, device number 88 [ 689.603399][T10923] usb 1-1: new high-speed USB device number 75 using dummy_hcd [ 689.697785][T16115] vti0: entered promiscuous mode [ 689.793115][T10923] usb 1-1: Using ep0 maxpacket: 16 [ 689.799442][T10923] usb 1-1: config 6 has an invalid interface number: 59 but max is 0 [ 689.807645][T10923] usb 1-1: config 6 has no interface number 0 [ 689.814211][T10923] usb 1-1: config 6 interface 59 has no altsetting 0 [ 689.822823][T10923] usb 1-1: New USB device found, idVendor=0698, idProduct=6b82, bcdDevice=d3.eb [ 689.832109][T10923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 689.840228][T10923] usb 1-1: Product: syz [ 689.844818][T10923] usb 1-1: Manufacturer: syz [ 689.849457][T10923] usb 1-1: SerialNumber: syz [ 689.874768][T13780] usb 4-1: USB disconnect, device number 100 [ 690.086265][T16106] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2695'. [ 690.095435][T16106] openvswitch: netlink: Flow key attr not present in new flow. [ 690.295675][T16129] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 690.302189][T16129] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 690.309634][T16129] vhci_hcd vhci_hcd.0: Device attached [ 690.315368][T13780] usb 5-1: new full-speed USB device number 89 using dummy_hcd [ 690.323217][T16133] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 3 [ 690.330882][ T9739] vhci_hcd: stop threads [ 690.339751][ T9739] vhci_hcd: release socket [ 690.344404][ T9739] vhci_hcd: disconnect device [ 690.453734][T13780] usb 5-1: device descriptor read/64, error -71 [ 690.495763][T16138] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 690.502268][T16138] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 690.509691][T16138] vhci_hcd vhci_hcd.0: Device attached [ 690.635957][T16145] ip6gre2: entered promiscuous mode [ 690.641287][T16145] ip6gre2: entered allmulticast mode [ 691.023046][T10923] usb 4-1: new low-speed USB device number 101 using dummy_hcd [ 691.023080][T13780] usb 5-1: new full-speed USB device number 90 using dummy_hcd [ 691.038834][ T24] vhci_hcd: vhci_device speed not set [ 691.103953][ T24] usb 39-1: new full-speed USB device number 6 using vhci_hcd [ 691.173063][T13780] usb 5-1: device descriptor read/64, error -71 [ 691.185814][T10923] usb 4-1: config 0 has no interfaces? [ 691.191412][T10923] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 691.200785][T10923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.209617][T10923] usb 4-1: config 0 descriptor?? [ 691.283400][T13780] usb usb5-port1: attempt power cycle [ 691.416833][T16139] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 4 [ 691.542655][T16152] 8021q: adding VLAN 0 to HW filter on device bond8 [ 691.739656][ T9752] vhci_hcd: stop threads [ 691.747241][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 691.747255][ T30] audit: type=1326 audit(1755497319.155:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.747445][ T9752] vhci_hcd: release socket [ 691.753359][ T30] audit: type=1326 audit(1755497319.155:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.776768][ C0] vkms_vblank_simulate: vblank timer overrun [ 691.811263][ T30] audit: type=1326 audit(1755497319.195:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.812167][T13780] usb 5-1: new full-speed USB device number 91 using dummy_hcd [ 691.838190][ T30] audit: type=1326 audit(1755497319.195:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.866251][ T9752] vhci_hcd: disconnect device [ 691.879278][ T30] audit: type=1326 audit(1755497319.195:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.904638][ T30] audit: type=1326 audit(1755497319.195:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.928575][ T30] audit: type=1326 audit(1755497319.195:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.928664][T13780] usb 5-1: device descriptor read/8, error -71 [ 691.959016][ T30] audit: type=1326 audit(1755497319.195:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 691.983027][ T30] audit: type=1326 audit(1755497319.195:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 692.006645][ T30] audit: type=1326 audit(1755497319.195:1802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16149 comm="syz.2.2707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b64b8ebe9 code=0x7ffc0000 [ 692.223232][T13780] usb 5-1: new full-speed USB device number 92 using dummy_hcd [ 692.294414][T13780] usb 5-1: device descriptor read/8, error -71 [ 692.413166][T13780] usb usb5-port1: unable to enumerate USB device [ 692.435394][T13794] usb 1-1: USB disconnect, device number 75 [ 693.428785][T13794] usb 4-1: USB disconnect, device number 101 [ 693.867214][T16197] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2720'. [ 693.884671][T16197] bridge_slave_1: left allmulticast mode [ 693.890419][T16197] bridge_slave_1: left promiscuous mode [ 693.913133][T16197] bridge0: port 2(bridge_slave_1) entered disabled state [ 693.956102][T16197] bridge_slave_0: left allmulticast mode [ 693.961884][T16197] bridge_slave_0: left promiscuous mode [ 693.971271][T16197] bridge0: port 1(bridge_slave_0) entered disabled state [ 694.441700][T16215] CIFS: VFS: Malformed UNC in devname [ 694.448054][T16215] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 695.008685][T16232] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 695.015202][T16232] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 695.023029][T16232] vhci_hcd vhci_hcd.0: Device attached [ 695.263888][T13794] usb 4-1: new low-speed USB device number 102 using dummy_hcd [ 695.334134][T13780] usb 3-1: new high-speed USB device number 98 using dummy_hcd [ 696.246981][T16250] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2737'. [ 696.351710][T16252] syz.4.2736: attempt to access beyond end of device [ 696.351710][T16252] loop4: rw=0, sector=16, nr_sectors = 2 limit=0 [ 696.383605][T13794] usb 4-1: config 0 has no interfaces? [ 696.383855][T13780] usb 3-1: Using ep0 maxpacket: 8 [ 696.389178][T13794] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 696.405480][T13794] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 696.437623][T13794] usb 4-1: config 0 descriptor?? [ 696.465863][T13780] usb 3-1: config 0 has an invalid interface number: 38 but max is 0 [ 696.473982][T13780] usb 3-1: config 0 has no interface number 0 [ 696.522666][T13780] usb 3-1: config 0 interface 38 altsetting 0 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 696.602746][T16260] bond0: (slave macvlan0): Releasing backup interface [ 696.632161][T13780] usb 3-1: config 0 interface 38 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 696.971475][T16234] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 5 [ 696.986109][T16261] 8021q: adding VLAN 0 to HW filter on device bond9 [ 696.999247][ T9750] vhci_hcd: stop threads [ 697.003751][ T9750] vhci_hcd: release socket [ 697.008623][ T9750] vhci_hcd: disconnect device [ 697.009942][T13780] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=f8.63 [ 697.023060][T13780] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 697.031129][T13780] usb 3-1: Product: syz [ 697.035443][T13780] usb 3-1: Manufacturer: syz [ 697.057512][T13780] usb 3-1: SerialNumber: syz [ 697.071657][T13780] usb 3-1: config 0 descriptor?? [ 697.076761][ T24] vhci_hcd: vhci_device speed not set [ 697.099625][T13780] xbox_remote_probe: Unexpected endpoint_in [ 697.482600][T13780] usb 3-1: USB disconnect, device number 98 [ 697.520086][T16274] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2744'. [ 697.566594][T16277] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2746'. [ 697.631277][T16280] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2746'. [ 698.064375][ T24] usb 4-1: USB disconnect, device number 102 [ 698.665851][T16293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2749'. [ 699.233010][ T24] usb 3-1: new high-speed USB device number 99 using dummy_hcd [ 699.679839][ T9745] Bluetooth: hci5: Frame reassembly failed (-84) [ 699.813049][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 699.942262][ T24] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 699.951237][ T24] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 699.969586][ T24] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 699.984077][ T24] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 699.995794][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 700.067676][ T24] usbtmc 3-1:16.0: bulk endpoints not found [ 700.224964][T16316] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2756'. [ 700.422072][T13794] usb 4-1: new high-speed USB device number 103 using dummy_hcd [ 700.456779][ T24] usb 3-1: USB disconnect, device number 99 [ 700.589775][T16321] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 700.593231][T13794] usb 4-1: Using ep0 maxpacket: 16 [ 700.596290][T16321] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 700.596405][T16321] vhci_hcd vhci_hcd.0: Device attached [ 700.619842][T13794] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b [ 700.629628][T13794] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 700.637689][T13794] usb 4-1: Product: syz [ 700.641860][T13794] usb 4-1: SerialNumber: syz [ 700.648594][T13794] usb 4-1: config 0 descriptor?? [ 700.655142][T13794] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 700.661674][T13794] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 700.671215][T13794] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 700.677597][T13794] dvb_usb_af9035 4-1:0.0: probe with driver dvb_usb_af9035 failed with error -22 [ 700.793470][T13779] vhci_hcd: vhci_device speed not set [ 700.853082][T13780] usb 1-1: new low-speed USB device number 76 using dummy_hcd [ 700.860624][T13779] usb 33-1: new full-speed USB device number 6 using vhci_hcd [ 700.869215][T16325] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2759'. [ 700.881362][T16325] bridge_slave_1: entered allmulticast mode [ 700.881491][ T24] usb 4-1: USB disconnect, device number 103 [ 701.047278][T13780] usb 1-1: config 0 has no interfaces? [ 701.052780][T13780] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 701.066766][T13780] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 701.086736][T13780] usb 1-1: config 0 descriptor?? [ 701.293636][T16322] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 4 [ 701.622868][ T9754] vhci_hcd: stop threads [ 701.627347][ T9754] vhci_hcd: release socket [ 701.631815][ T9754] vhci_hcd: disconnect device [ 701.641959][T16340] 8021q: adding VLAN 0 to HW filter on device bond6 [ 701.652994][ T51] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 701.682999][ T24] usb 3-1: new full-speed USB device number 100 using dummy_hcd [ 701.908423][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 701.925339][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 701.936588][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 64 [ 701.950015][ T24] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 701.961207][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 701.970987][ T24] usb 3-1: config 0 descriptor?? [ 701.979646][T16339] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 701.993379][T16339] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 702.088818][T16352] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 702.321160][T10923] usb 3-1: USB disconnect, device number 100 [ 702.335642][ T51] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 702.336597][T16359] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2768'. [ 702.370973][T16359] fuse: Bad value for 'user_id' [ 702.376428][T16359] fuse: Bad value for 'user_id' [ 702.603207][T13794] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 702.752985][T13794] usb 5-1: Using ep0 maxpacket: 16 [ 702.788750][T16356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 702.797531][T16356] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 702.999158][T16366] syz.3.2769: attempt to access beyond end of device [ 702.999158][T16366] loop3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 703.041957][T16369] syz.2.2770: attempt to access beyond end of device [ 703.041957][T16369] loop2: rw=0, sector=16, nr_sectors = 2 limit=0 [ 703.543809][T13780] usb 1-1: USB disconnect, device number 76 [ 704.174106][ T24] usb 1-1: new high-speed USB device number 77 using dummy_hcd [ 704.383604][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 704.533391][ T24] usb 1-1: no configurations [ 704.543438][ T24] usb 1-1: can't read configurations, error -22 [ 704.673094][ T24] usb 1-1: new high-speed USB device number 78 using dummy_hcd [ 704.706806][T16397] FAULT_INJECTION: forcing a failure. [ 704.706806][T16397] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 704.720275][T16397] CPU: 1 UID: 0 PID: 16397 Comm: syz.2.2778 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 704.720301][T16397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 704.720311][T16397] Call Trace: [ 704.720316][T16397] [ 704.720320][T16397] dump_stack_lvl+0x16c/0x1f0 [ 704.720335][T16397] should_fail_ex+0x512/0x640 [ 704.720349][T16397] _copy_from_user+0x2e/0xd0 [ 704.720362][T16397] restore_altstack+0x93/0x170 [ 704.720382][T16397] ? __pfx_restore_altstack+0x10/0x10 [ 704.720412][T16397] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 704.720431][T16397] ? _raw_spin_unlock_irq+0x2e/0x50 [ 704.720455][T16397] ? set_current_blocked+0xdd/0x120 [ 704.720467][T16397] __do_sys_rt_sigreturn+0x13c/0x230 [ 704.720482][T16397] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 704.720496][T16397] ? lock_release+0x201/0x2f0 [ 704.720513][T16397] do_syscall_64+0xcd/0x4c0 [ 704.720528][T16397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.720545][T16397] RIP: 0033:0x7f0b64b2add9 [ 704.720559][T16397] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 704.720574][T16397] RSP: 002b:00007f0b65adc340 EFLAGS: 00000206 ORIG_RAX: 000000000000000f [ 704.720589][T16397] RAX: ffffffffffffffda RBX: 00007f0b64db5fa0 RCX: 00007f0b64b2add9 [ 704.720599][T16397] RDX: 00007f0b65adc340 RSI: 00007f0b65adc470 RDI: 0000000000000021 [ 704.720605][T16397] RBP: 00007f0b65add090 R08: 0000200000048000 R09: 0000000000000000 [ 704.720612][T16397] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 704.720618][T16397] R13: 00007f0b64db6038 R14: 00007f0b64db5fa0 R15: 00007fff4c9f40c8 [ 704.720627][T16397] [ 704.763310][T10923] usb 4-1: new high-speed USB device number 104 using dummy_hcd [ 704.863020][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 704.909636][ T24] usb 1-1: no configurations [ 704.914809][ T24] usb 1-1: can't read configurations, error -22 [ 704.922352][ T24] usb usb1-port1: attempt power cycle [ 704.976322][T16400] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2779'. [ 705.023368][T10923] usb 4-1: Using ep0 maxpacket: 16 [ 705.039020][T10923] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b [ 705.048148][T10923] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 705.056562][T10923] usb 4-1: Product: syz [ 705.061178][T10923] usb 4-1: SerialNumber: syz [ 705.073981][T10923] usb 4-1: config 0 descriptor?? [ 705.083699][T13794] usb 5-1: unable to get BOS descriptor or descriptor too short [ 705.089297][T16401] overlayfs: overlapping lowerdir path [ 705.099293][T10923] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 705.131375][T13794] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 705.139065][T10923] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 705.148465][T13794] usb 5-1: can't read configurations, error -71 [ 705.156053][T10923] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 705.162427][T10923] dvb_usb_af9035 4-1:0.0: probe with driver dvb_usb_af9035 failed with error -22 [ 705.263025][ T24] usb 1-1: new high-speed USB device number 79 using dummy_hcd [ 705.285354][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 705.309816][T10923] usb 4-1: USB disconnect, device number 104 [ 705.310338][ T24] usb 1-1: no configurations [ 705.321367][ T24] usb 1-1: can't read configurations, error -22 [ 705.453018][ T24] usb 1-1: new high-speed USB device number 80 using dummy_hcd [ 705.474255][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 705.479824][ T24] usb 1-1: no configurations [ 705.484801][ T24] usb 1-1: can't read configurations, error -22 [ 705.492361][ T24] usb usb1-port1: unable to enumerate USB device [ 705.830920][T16414] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2782'. [ 705.847738][T16414] 9pnet_virtio: no channels available for device 127.0.0.1 [ 705.941890][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 705.941907][ T30] audit: type=1400 audit(1755497333.345:1829): avc: denied { listen } for pid=16415 comm="syz.3.2783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 705.974452][T13779] vhci_hcd: vhci_device speed not set [ 706.122839][T16420] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 706.129567][T16420] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 706.137363][T16420] vhci_hcd vhci_hcd.0: Device attached [ 706.603030][ T43] usb 5-1: new low-speed USB device number 95 using dummy_hcd [ 706.612985][ T24] vhci_hcd: vhci_device speed not set [ 706.673009][ T24] usb 41-1: new full-speed USB device number 12 using vhci_hcd [ 706.771296][ T43] usb 5-1: config 0 has no interfaces? [ 706.796429][ T43] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 706.938701][T16433] bpq0: entered promiscuous mode [ 706.943872][T16433] bpq0: left allmulticast mode [ 707.455036][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 707.573142][T16436] netlink: 'syz.3.2789': attribute type 8 has an invalid length. [ 707.742503][ T43] usb 5-1: config 0 descriptor?? [ 707.895425][T16438] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2790'. [ 707.904731][T16438] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2790'. [ 707.915013][T16438] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2790'. [ 707.937043][T16306] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 707.944773][T16306] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 707.951853][T16306] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 707.959992][T16306] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 707.967754][T16306] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 707.978019][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 707.985790][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 707.992850][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 708.000172][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 708.007865][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 708.017770][ T30] audit: type=1400 audit(1755497335.425:1830): avc: denied { mounton } for pid=16439 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 708.374125][T16423] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 10 [ 708.392589][ T9746] vhci_hcd: stop threads [ 708.408955][T16441] 8021q: adding VLAN 0 to HW filter on device bond10 [ 708.426089][ T9746] vhci_hcd: release socket [ 708.435822][ T9746] vhci_hcd: disconnect device [ 708.436419][T16439] lo speed is unknown, defaulting to 1000 [ 708.447740][T16445] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2791'. [ 708.555368][ T9744] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode [ 708.569765][T16448] overlayfs: overlapping lowerdir path [ 708.660157][ T9744] bridge_slave_0: left allmulticast mode [ 708.670055][ T9744] bridge_slave_0: left promiscuous mode [ 708.675935][ T9744] bridge0: port 1(bridge_slave_0) entered disabled state [ 708.684401][T16451] fuse: Bad value for 'rootmode' [ 708.702169][T16451] siw: device registration error -23 [ 708.711035][ T9744] batman_adv: batadv0: Removing interface: ip6gretap1 [ 708.769663][ T30] audit: type=1400 audit(1755497336.175:1831): avc: denied { bind } for pid=16456 comm="syz.2.2796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 708.774368][T16457] netlink: 'syz.2.2796': attribute type 11 has an invalid length. [ 708.896059][ T9744] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 708.905467][ T9744] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 708.916716][ T9744] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface [ 708.926051][ T9744] bond0 (unregistering): Released all slaves [ 708.935683][ T9744] bond1 (unregistering): Released all slaves [ 708.944829][ T9744] bond2 (unregistering): Released all slaves [ 708.954554][ T9744] bond3 (unregistering): Released all slaves [ 708.965763][ T9744] bond4 (unregistering): Released all slaves [ 708.975160][ T9744] bond5 (unregistering): Released all slaves [ 708.984036][ T9744] bond6 (unregistering): Released all slaves [ 708.992543][ T9744] bond7 (unregistering): Released all slaves [ 709.002200][ T9744] bond8 (unregistering): (slave bond9): Releasing backup interface [ 709.011310][ T9744] bond8 (unregistering): Released all slaves [ 709.021095][ T9744] bond9 (unregistering): Released all slaves [ 709.029998][ T9744] bond10 (unregistering): Released all slaves [ 709.038833][ T9744] bond11 (unregistering): Released all slaves [ 709.047559][ T9744] bond12 (unregistering): Released all slaves [ 709.060162][T16454] bpq0: left promiscuous mode [ 709.064877][T16454] bpq0: entered allmulticast mode [ 709.115177][ T9744] : left promiscuous mode [ 709.204670][ T9744] : left promiscuous mode [ 709.234464][T16469] netlink: 'syz.0.2797': attribute type 1 has an invalid length. [ 709.242264][T16469] netlink: 'syz.0.2797': attribute type 2 has an invalid length. [ 709.250376][T16469] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2797'. [ 709.263365][T16469] netlink: 'syz.0.2797': attribute type 4 has an invalid length. [ 709.652235][T16469] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1011 sclass=netlink_route_socket pid=16469 comm=syz.0.2797 [ 709.665387][T13779] usb 5-1: USB disconnect, device number 95 [ 709.667332][ T9744] tipc: Left network mode [ 709.692372][T16439] chnl_net:caif_netlink_parms(): no params data found [ 709.704384][ T9744] IPVS: stopping master sync thread 13356 ... [ 709.822809][T16439] bridge0: port 1(bridge_slave_0) entered blocking state [ 709.831901][T16439] bridge0: port 1(bridge_slave_0) entered disabled state [ 709.840510][T16439] bridge_slave_0: entered allmulticast mode [ 710.207717][ T51] Bluetooth: hci4: command tx timeout [ 710.445207][T16439] bridge_slave_0: entered promiscuous mode [ 710.454687][T16439] bridge0: port 2(bridge_slave_1) entered blocking state [ 710.461965][T16439] bridge0: port 2(bridge_slave_1) entered disabled state [ 710.469626][T16439] bridge_slave_1: entered allmulticast mode [ 710.478175][T16439] bridge_slave_1: entered promiscuous mode [ 710.518632][T16439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 710.603093][ T43] usb 3-1: new high-speed USB device number 101 using dummy_hcd [ 710.614411][T16439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 710.779383][ T30] audit: type=1326 audit(1755497338.145:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 710.811844][ T43] usb 3-1: config index 0 descriptor too short (expected 39, got 27) [ 710.842497][ T43] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 710.939908][ T43] usb 3-1: config 0 interface 0 has no altsetting 0 [ 710.968738][ T30] audit: type=1326 audit(1755497338.155:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.026355][ T43] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 711.037715][T16492] fuse: Bad value for 'rootmode' [ 711.045528][ T43] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 711.059445][T16492] siw: device registration error -23 [ 711.065183][ T30] audit: type=1326 audit(1755497338.165:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.066754][ T43] usb 3-1: Product: syz [ 711.089207][ T30] audit: type=1326 audit(1755497338.175:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.117228][ T30] audit: type=1326 audit(1755497338.175:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.156606][ T9744] hsr_slave_0: left promiscuous mode [ 711.165902][ T9744] hsr_slave_1: left promiscuous mode [ 711.234072][ T43] usb 3-1: Manufacturer: syz [ 711.235182][ T9744] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 711.238814][ T43] usb 3-1: SerialNumber: syz [ 711.246319][ T30] audit: type=1326 audit(1755497338.185:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.251340][ T43] usb 3-1: config 0 descriptor?? [ 711.277264][T16495] netlink: 'syz.0.2804': attribute type 11 has an invalid length. [ 711.279705][ T43] hub 3-1:0.0: bad descriptor, ignoring hub [ 711.287025][T16495] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2804'. [ 711.292535][ T43] hub 3-1:0.0: probe with driver hub failed with error -5 [ 711.319868][ T43] usb 3-1: selecting invalid altsetting 0 [ 711.525808][ T30] audit: type=1326 audit(1755497338.185:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.571047][ T30] audit: type=1326 audit(1755497338.185:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.594491][ C0] vkms_vblank_simulate: vblank timer overrun [ 711.605969][ T30] audit: type=1326 audit(1755497338.185:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.629397][ C0] vkms_vblank_simulate: vblank timer overrun [ 711.636357][ T9744] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 711.663256][ T30] audit: type=1326 audit(1755497338.185:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.697704][ T30] audit: type=1326 audit(1755497338.185:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16487 comm="syz.4.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x7ffc0000 [ 711.749543][ T9749] smc: removing ib device syz0 [ 711.762202][ T9744] team0 (unregistering): Port device team_slave_1 removed [ 711.777281][ T9744] team0 (unregistering): Port device team_slave_0 removed [ 711.793089][ T24] vhci_hcd: vhci_device speed not set [ 711.862158][T16506] netlink: 'syz.4.2805': attribute type 1 has an invalid length. [ 711.870260][T16506] netlink: 'syz.4.2805': attribute type 2 has an invalid length. [ 711.878029][T16506] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2805'. [ 711.887979][T16506] netlink: 'syz.4.2805': attribute type 4 has an invalid length. [ 711.971624][T16439] team0: Port device team_slave_0 added [ 712.016774][T16503] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1011 sclass=netlink_route_socket pid=16503 comm=syz.4.2805 [ 712.044730][T16439] team0: Port device team_slave_1 added [ 712.081449][T16439] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 712.130309][T16439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 712.262475][T16439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 712.283498][ T51] Bluetooth: hci4: command tx timeout [ 712.317780][T16439] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 712.338176][T16439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 712.364082][ C0] vkms_vblank_simulate: vblank timer overrun [ 712.373050][T16485] usb 3-1: reset high-speed USB device number 101 using dummy_hcd [ 712.475412][T16439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 712.594891][T16485] usb 3-1: device firmware changed [ 712.601486][ T43] usb 3-1: USB disconnect, device number 101 [ 712.615690][T16439] hsr_slave_0: entered promiscuous mode [ 712.622021][T16439] hsr_slave_1: entered promiscuous mode [ 712.630257][T16439] debugfs: 'hsr0' already exists in 'hsr' [ 712.637908][T16439] Cannot create hsr debugfs directory [ 712.644489][T16515] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 712.651003][T16515] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 712.658502][T16515] vhci_hcd vhci_hcd.0: Device attached [ 712.763119][ T43] usb 3-1: new high-speed USB device number 102 using dummy_hcd [ 712.843373][T10923] vhci_hcd: vhci_device speed not set [ 712.903016][T13779] usb 1-1: new low-speed USB device number 81 using dummy_hcd [ 712.903193][T10923] usb 33-1: new full-speed USB device number 7 using vhci_hcd [ 712.997876][ T43] usb 3-1: config index 0 descriptor too short (expected 39, got 27) [ 713.008632][ T43] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 713.052836][ T43] usb 3-1: config 0 interface 0 has no altsetting 0 [ 713.071651][ T43] usb 3-1: string descriptor 0 read error: -22 [ 713.084300][ T43] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 713.125067][T13779] usb 1-1: config 0 has no interfaces? [ 713.130613][T13779] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 713.141557][ T43] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 713.173102][T13779] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.204858][ T43] usb 3-1: config 0 descriptor?? [ 713.212484][ T43] hub 3-1:0.0: bad descriptor, ignoring hub [ 713.219957][T13779] usb 1-1: config 0 descriptor?? [ 713.226493][ T43] hub 3-1:0.0: probe with driver hub failed with error -5 [ 713.311218][T16439] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 713.312058][ T43] usb 3-1: selecting invalid altsetting 0 [ 713.326518][T16439] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 713.335665][T16439] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 713.357785][ T43] usb 3-1: USB disconnect, device number 102 [ 713.364274][T16439] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 713.407874][T16439] 8021q: adding VLAN 0 to HW filter on device bond0 [ 713.421071][T16439] 8021q: adding VLAN 0 to HW filter on device team0 [ 713.432257][ T9745] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.439339][ T9745] bridge0: port 1(bridge_slave_0) entered forwarding state [ 713.452097][ T9750] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.459178][ T9750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.801419][T16516] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 5 [ 713.811274][ T9749] vhci_hcd: stop threads [ 713.818673][ T9749] vhci_hcd: release socket [ 713.827448][ T9749] vhci_hcd: disconnect device [ 713.855710][T16539] 8021q: adding VLAN 0 to HW filter on device bond7 [ 714.177550][T16439] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 714.272547][T16550] mkiss: ax0: crc mode is auto. [ 714.308290][T16439] veth0_vlan: entered promiscuous mode [ 714.317106][T16439] veth1_vlan: entered promiscuous mode [ 714.345887][T16439] veth0_macvtap: entered promiscuous mode [ 714.354491][T16439] veth1_macvtap: entered promiscuous mode [ 714.363123][ T51] Bluetooth: hci4: command tx timeout [ 714.375754][T16439] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 714.397254][T16439] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 714.410420][ T9739] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.422273][ T9739] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.432465][ T9739] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.442505][ T9739] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.547037][T16561] netlink: 'syz.2.2819': attribute type 5 has an invalid length. [ 714.742772][ T9750] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 714.774205][ T9750] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 714.813203][ T9749] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 714.821713][ T9749] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 715.588098][T13779] usb 1-1: USB disconnect, device number 81 [ 715.818853][T16579] Attempt to restore checkpoint with obsolete wellknown handles [ 716.334816][T16586] mkiss: ax0: crc mode is auto. [ 716.374641][T13815] libceph: connect (1)[c::]:6789 error -101 [ 716.403632][T13815] libceph: mon0 (1)[c::]:6789 connect error [ 716.445765][ T51] Bluetooth: hci4: command tx timeout [ 716.494079][T16579] input: syz0 as /devices/virtual/input/input35 [ 716.593457][T16586] ceph: No mds server is up or the cluster is laggy [ 716.912256][T13815] libceph: connect (1)[c::]:6789 error -101 [ 716.918273][T13815] libceph: mon0 (1)[c::]:6789 connect error [ 716.935243][T16599] /dev/nullb0: Can't open blockdev [ 716.943026][T13779] usb 4-1: new high-speed USB device number 105 using dummy_hcd [ 716.993028][T13780] usb 5-1: new full-speed USB device number 96 using dummy_hcd [ 717.103057][T13779] usb 4-1: Using ep0 maxpacket: 8 [ 717.116910][T13779] usb 4-1: unable to get BOS descriptor or descriptor too short [ 717.137005][T13779] usb 4-1: string descriptor 0 read error: -22 [ 717.146041][T13779] usb 4-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=82.fe [ 717.157546][T13780] usb 5-1: config 0 has an invalid interface number: 46 but max is 0 [ 717.165945][T13780] usb 5-1: config 0 has no interface number 0 [ 717.173364][T13779] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 717.189022][T13780] usb 5-1: config 0 interface 46 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 717.277283][T13780] usb 5-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01 [ 717.295173][T13780] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 717.310822][T13780] usb 5-1: Product: syz [ 717.451798][T13780] usb 5-1: Manufacturer: syz [ 717.510541][T13780] usb 5-1: SerialNumber: syz [ 717.646018][T13779] asix 4-1:7.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 717.678723][T13815] usb 2-1: new high-speed USB device number 86 using dummy_hcd [ 717.682776][T13780] usb 5-1: config 0 descriptor?? [ 717.697750][T16603] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 717.706003][T13780] ums-karma 5-1:0.46: USB Mass Storage device detected [ 717.773057][T13794] usb 1-1: new high-speed USB device number 82 using dummy_hcd [ 717.778626][T13780] ums-karma 5-1:0.46: probe with driver ums-karma failed with error -5 [ 717.833148][T13815] usb 2-1: Using ep0 maxpacket: 16 [ 717.840986][T13815] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b [ 717.846695][T13779] asix 4-1:7.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 717.850174][T13815] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 718.144297][T13815] usb 2-1: Product: syz [ 718.148386][T13779] asix 4-1:7.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 718.148538][T13815] usb 2-1: SerialNumber: syz [ 718.158945][T13779] asix 4-1:7.0: probe with driver asix failed with error -71 [ 718.164520][T13794] usb 1-1: Using ep0 maxpacket: 16 [ 718.174201][T13779] usb 4-1: USB disconnect, device number 105 [ 718.183878][T13815] usb 2-1: config 0 descriptor?? [ 718.189454][T13794] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b [ 718.198822][T13794] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 718.208402][T13815] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 718.214795][T13794] usb 1-1: Product: syz [ 718.219259][T10923] vhci_hcd: vhci_device speed not set [ 718.224920][T13794] usb 1-1: SerialNumber: syz [ 718.229748][T13815] dvb_usb_af9015 2-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 718.239366][T13815] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 718.246007][T13794] usb 1-1: config 0 descriptor?? [ 718.259127][T13794] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 718.265686][T13815] dvb_usb_af9035 2-1:0.0: probe with driver dvb_usb_af9035 failed with error -22 [ 718.275242][T13794] dvb_usb_af9015 1-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 718.286736][T13794] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 718.293313][T13794] dvb_usb_af9035 1-1:0.0: probe with driver dvb_usb_af9035 failed with error -22 [ 718.464720][T13794] usb 1-1: USB disconnect, device number 82 [ 718.639326][T16626] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2835'. [ 718.999649][T16633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2838'. [ 719.151548][T16638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2840'. [ 719.196325][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 719.196341][ T30] audit: type=1400 audit(1755497346.608:1849): avc: denied { setopt } for pid=16639 comm="syz.0.2841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 719.661468][ T43] usb 5-1: USB disconnect, device number 96 [ 719.672115][T10923] usb 2-1: USB disconnect, device number 86 [ 719.830422][ T30] audit: type=1400 audit(1755497347.238:1850): avc: denied { bind } for pid=16657 comm="syz.4.2849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 719.877583][ T30] audit: type=1326 audit(1755497347.288:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16661 comm="syz.4.2851" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f892ad8ebe9 code=0x0 [ 719.979667][ T30] audit: type=1400 audit(1755497347.388:1852): avc: denied { unmount } for pid=5855 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 721.752763][ T30] audit: type=1400 audit(1755497349.158:1853): avc: denied { connect } for pid=16746 comm="syz.2.2886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 722.632049][T16813] bridge0: port 2(bridge_slave_1) entered disabled state [ 722.806806][T16832] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2924'. [ 722.833744][T16832] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2924'. [ 722.979721][ T43] IPVS: starting estimator thread 0... [ 723.083044][T16834] IPVS: using max 70 ests per chain, 168000 per kthread [ 723.620978][T16306] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 723.629545][T16306] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 723.649301][T16306] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 723.657763][T16306] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 723.665970][T16306] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 723.724277][T16843] lo speed is unknown, defaulting to 1000 [ 723.885271][ T30] audit: type=1400 audit(1755497351.298:1854): avc: denied { attach_queue } for pid=16869 comm="syz.1.2938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 723.905470][ C0] vkms_vblank_simulate: vblank timer overrun [ 723.929094][T16843] chnl_net:caif_netlink_parms(): no params data found [ 724.072646][T16843] bridge0: port 1(bridge_slave_0) entered blocking state [ 724.079997][T16843] bridge0: port 1(bridge_slave_0) entered disabled state [ 724.088563][T16843] bridge_slave_0: entered allmulticast mode [ 724.107000][T16843] bridge_slave_0: entered promiscuous mode [ 724.129898][T16843] bridge0: port 2(bridge_slave_1) entered blocking state [ 724.132562][T16892] netlink: 4456 bytes leftover after parsing attributes in process `syz.3.2946'. [ 724.139532][T16843] bridge0: port 2(bridge_slave_1) entered disabled state [ 724.154512][T16843] bridge_slave_1: entered allmulticast mode [ 724.161167][T16843] bridge_slave_1: entered promiscuous mode [ 724.241297][T16843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 724.273700][T16843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 724.324268][ T30] audit: type=1400 audit(1755497351.728:1855): avc: denied { write } for pid=16908 comm="syz.4.2955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 724.385557][T16843] team0: Port device team_slave_0 added [ 724.407357][ T9750] bridge_slave_1: left allmulticast mode [ 724.424296][ T9750] bridge_slave_1: left promiscuous mode [ 724.437302][ T9750] bridge0: port 2(bridge_slave_1) entered disabled state [ 724.448557][ T9750] bridge_slave_0: left allmulticast mode [ 724.467665][ T9750] bridge_slave_0: left promiscuous mode [ 724.473390][ T9750] bridge0: port 1(bridge_slave_0) entered disabled state [ 725.063079][ T24] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13) [ 725.099645][ T9750] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 725.275653][ T9750] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 725.287586][ T9750] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 725.301728][ T9750] bond0 (unregistering): Released all slaves [ 725.311803][ T9750] bond1 (unregistering): Released all slaves [ 725.338455][ T9750] bond2 (unregistering): (slave batadv2): Releasing backup interface [ 725.352838][ T9750] bond2 (unregistering): Released all slaves [ 725.364643][ T9750] bond3 (unregistering): Released all slaves [ 725.376745][ T9750] bond4 (unregistering): Released all slaves [ 725.376973][ T30] audit: type=1400 audit(1755497352.788:1856): avc: denied { connect } for pid=16941 comm="syz.2.2967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 725.409065][ T9750] bond5 (unregistering): Released all slaves [ 725.431513][ T9750] bond6 (unregistering): Released all slaves [ 725.443173][ T9750] bond7 (unregistering): Released all slaves [ 725.453128][T16843] team0: Port device team_slave_1 added [ 725.510927][ T9750] _ÐZ`Ô€@ÿÃ: left promiscuous mode [ 725.600176][T16843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 725.607871][ T30] audit: type=1400 audit(1755497353.008:1857): avc: denied { setopt } for pid=16952 comm="syz.3.2971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 725.630221][T16843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 725.730656][ T51] Bluetooth: hci5: command tx timeout [ 725.843649][ T30] audit: type=1400 audit(1755497353.118:1858): avc: denied { read } for pid=16949 comm="syz.4.2970" path="socket:[54271]" dev="sockfs" ino=54271 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 725.944853][T16843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 725.960821][ T9750] tipc: Left network mode [ 725.966511][T16843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 725.973599][T16843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 725.986832][ T30] audit: type=1400 audit(1755497353.378:1859): avc: denied { read } for pid=16957 comm="syz.3.2973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 726.024213][T16843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 726.063555][T16843] hsr_slave_0: entered promiscuous mode [ 726.071747][T16843] hsr_slave_1: entered promiscuous mode [ 726.080093][T16843] debugfs: 'hsr0' already exists in 'hsr' [ 726.089056][T16843] Cannot create hsr debugfs directory [ 726.407043][T16982] block device autoloading is deprecated and will be removed. [ 726.448398][ T30] audit: type=1400 audit(1755497353.858:1860): avc: denied { ioctl } for pid=16985 comm="syz.4.2983" path="socket:[55392]" dev="sockfs" ino=55392 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 726.453144][T13780] usb 2-1: new high-speed USB device number 87 using dummy_hcd [ 726.473384][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.693412][ T9750] hsr_slave_0: left promiscuous mode [ 726.699117][ T9750] hsr_slave_1: left promiscuous mode [ 726.785801][T16998] (syz.4.2987,16998,1):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 726.795078][T16998] (syz.4.2987,16998,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 726.956175][T13780] usb 2-1: Using ep0 maxpacket: 16 [ 726.970102][T13780] usb 2-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 727.041111][T13780] usb 2-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 727.065959][T13780] usb 2-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 727.096575][T13780] usb 2-1: config 1 interface 0 has no altsetting 0 [ 727.125559][T13780] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 727.137261][T13780] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 727.156591][T13780] usb 2-1: Product: syz [ 727.162138][T13780] usb 2-1: Manufacturer: syz [ 727.168110][T13780] usb 2-1: SerialNumber: syz [ 727.186286][ T9750] team0 (unregistering): Port device team_slave_1 removed [ 727.197569][ T9750] team0 (unregistering): Port device team_slave_0 removed [ 727.230812][T17006] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2992'. [ 727.397798][T13780] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 87 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 727.412839][T13780] usb 2-1: USB disconnect, device number 87 [ 727.426406][T13780] usblp0: removed [ 727.666541][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 727.673011][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 727.979089][ T51] Bluetooth: hci5: command tx timeout [ 728.225030][T16843] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 728.234413][T16843] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 728.245060][T16843] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 728.254512][T16843] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 728.690500][T16843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 728.704500][T16843] 8021q: adding VLAN 0 to HW filter on device team0 [ 728.724533][ T9749] bridge0: port 1(bridge_slave_0) entered blocking state [ 728.731640][ T9749] bridge0: port 1(bridge_slave_0) entered forwarding state [ 728.751562][ T9752] bridge0: port 2(bridge_slave_1) entered blocking state [ 728.758681][ T9752] bridge0: port 2(bridge_slave_1) entered forwarding state [ 728.928070][T16843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 729.204371][T16843] veth0_vlan: entered promiscuous mode [ 729.216354][T16843] veth1_vlan: entered promiscuous mode [ 729.240398][T16843] veth0_macvtap: entered promiscuous mode [ 729.253202][T13780] usb 2-1: new high-speed USB device number 88 using dummy_hcd [ 729.257596][T16843] veth1_macvtap: entered promiscuous mode [ 729.290963][T16843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 729.304400][T16843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 729.318045][ T9750] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 729.334426][ T9750] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 729.352861][T17071] netlink: 'syz.4.3011': attribute type 11 has an invalid length. [ 729.359599][ T9750] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 729.379010][ T9750] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 729.413047][T13780] usb 2-1: Using ep0 maxpacket: 8 [ 729.419579][T13780] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 729.435749][ T9750] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 729.445025][T13780] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 729.456454][ T9750] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 729.466441][T13780] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 729.493375][T13780] usb 2-1: Product: syz [ 729.495291][ T9750] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 729.500752][T13780] usb 2-1: Manufacturer: syz [ 729.505676][ T9750] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 729.525021][T13780] usb 2-1: SerialNumber: syz [ 729.532430][T13780] usb 2-1: config 0 descriptor?? [ 730.008352][ T5925] usb 2-1: USB disconnect, device number 88 [ 730.053031][ T51] Bluetooth: hci5: command tx timeout [ 730.288161][T17094] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3018'. [ 730.564219][T16306] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 730.572428][T16306] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 730.580388][T16306] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 730.588182][T16306] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 730.595834][T16306] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 730.634417][T17104] lo speed is unknown, defaulting to 1000 [ 730.732582][ T9754] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.746377][ T9754] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 730.865618][ T9754] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.881278][ T9754] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 730.946684][ T9754] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.978220][ T9754] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 731.000002][T17104] chnl_net:caif_netlink_parms(): no params data found [ 731.060687][ T9754] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 731.072867][ T9754] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 731.089058][T17104] bridge0: port 1(bridge_slave_0) entered blocking state [ 731.099367][T17104] bridge0: port 1(bridge_slave_0) entered disabled state [ 731.109631][T17104] bridge_slave_0: entered allmulticast mode [ 731.120084][T17104] bridge_slave_0: entered promiscuous mode [ 731.127907][T17104] bridge0: port 2(bridge_slave_1) entered blocking state [ 731.135451][T17104] bridge0: port 2(bridge_slave_1) entered disabled state [ 731.142549][T17104] bridge_slave_1: entered allmulticast mode [ 731.148884][T17104] bridge_slave_1: entered promiscuous mode [ 731.167595][T17104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 731.418220][T17129] lo: entered allmulticast mode [ 731.425135][T17104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 731.450460][T17104] team0: Port device team_slave_0 added [ 731.457966][T17104] team0: Port device team_slave_1 added [ 731.506409][ T9754] dvmrp17 (unregistering): left allmulticast mode [ 731.531899][ T9754] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 731.541505][ T9754] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 731.562139][ T9754] bond0 (unregistering): Released all slaves [ 731.573485][ T9754] bond1 (unregistering): Released all slaves [ 731.584067][ T9754] bond2 (unregistering): Released all slaves [ 731.601567][ T9754] bond3 (unregistering): Released all slaves [ 731.615209][ T9754] bond4 (unregistering): Released all slaves [ 731.629379][ T9754] bond5 (unregistering): Released all slaves [ 731.641122][T17104] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 731.649194][T17104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 731.680893][T17104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 731.692802][T17104] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 731.700781][T17104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 731.728015][T17104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 732.069168][ T9754] tipc: Disabling bearer [ 732.074760][T17123] lo: left allmulticast mode [ 732.099273][T17104] hsr_slave_0: entered promiscuous mode [ 732.105431][T17104] hsr_slave_1: entered promiscuous mode [ 732.111395][T17104] debugfs: 'hsr0' already exists in 'hsr' [ 732.117491][T17104] Cannot create hsr debugfs directory [ 732.123022][ T51] Bluetooth: hci5: command tx timeout [ 732.131746][ T9754] tipc: Left network mode [ 732.245543][T17145] binder_alloc: 17144: binder_alloc_buf, no vma [ 732.270522][ T9754] hsr_slave_0: left promiscuous mode [ 732.276966][ T9754] hsr_slave_1: left promiscuous mode [ 732.284974][ T9754] veth1_macvtap: left promiscuous mode [ 732.290540][ T9754] veth0_macvtap: left promiscuous mode [ 732.296203][ T9754] veth1_vlan: left promiscuous mode [ 732.301526][ T9754] veth0_vlan: left promiscuous mode [ 732.380721][ T9754] team0 (unregistering): Port device team_slave_1 removed [ 732.390964][ T9754] team0 (unregistering): Port device team_slave_0 removed [ 732.393031][T13780] usb 4-1: new high-speed USB device number 106 using dummy_hcd [ 732.654768][T13780] usb 4-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid wMaxPacketSize 0 [ 732.685631][ T51] Bluetooth: hci0: command tx timeout [ 733.122056][T13780] usb 4-1: config 0 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 733.159490][T17171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3044'. [ 733.162269][T13780] usb 4-1: config 0 interface 0 has no altsetting 0 [ 733.175462][T17171] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3044'. [ 733.183923][T13780] usb 4-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.00 [ 733.198241][T13780] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 733.321087][T13780] usb 4-1: config 0 descriptor?? [ 733.607350][T13780] usb 4-1: string descriptor 0 read error: -71 [ 733.628385][T13780] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input36 [ 733.669752][ T5205] bcm5974 4-1:0.0: could not read from device [ 733.706327][ T5205] bcm5974 4-1:0.0: could not read from device [ 733.755602][ T5205] bcm5974 4-1:0.0: could not read from device [ 733.814600][T13780] usb 4-1: USB disconnect, device number 106 [ 733.853386][ T5205] bcm5974 4-1:0.0: could not read from device [ 733.935270][ T9754] IPVS: stop unused estimator thread 0... [ 734.138732][T17104] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 734.400016][T17104] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 734.559268][T17104] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 734.656499][T17104] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 734.721509][T17199] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3050'. [ 734.914796][T17210] binder_alloc: 17209: binder_alloc_buf, no vma [ 734.924164][T17104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 734.951396][T17104] 8021q: adding VLAN 0 to HW filter on device team0 [ 734.983932][ T9750] bridge0: port 1(bridge_slave_0) entered blocking state [ 734.991020][ T9750] bridge0: port 1(bridge_slave_0) entered forwarding state [ 735.017427][ T9746] bridge0: port 2(bridge_slave_1) entered blocking state [ 735.024519][ T9746] bridge0: port 2(bridge_slave_1) entered forwarding state [ 735.126187][ T30] audit: type=1400 audit(1755497362.538:1861): avc: denied { setopt } for pid=17223 comm="syz.3.3061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 735.142596][T17104] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 735.156834][T17104] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 735.283147][ T51] Bluetooth: hci0: command tx timeout [ 735.301365][ T30] audit: type=1400 audit(1755497362.568:1862): avc: denied { connect } for pid=17223 comm="syz.3.3061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 736.008521][T17104] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 736.276704][T17104] veth0_vlan: entered promiscuous mode [ 736.291926][T17104] veth1_vlan: entered promiscuous mode [ 736.343507][T17104] veth0_macvtap: entered promiscuous mode [ 736.359669][T17104] veth1_macvtap: entered promiscuous mode [ 736.397768][T17104] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 736.408102][T17104] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 736.435763][ T9739] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.485630][ T9739] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.508965][ T9754] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.524569][ T9754] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.617854][ T9739] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 736.630766][ T9739] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 736.713034][ T43] usb 1-1: new high-speed USB device number 83 using dummy_hcd [ 736.876985][ T43] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 736.945781][ T9749] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 736.956074][ T9749] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 736.970157][ T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 736.981109][ T43] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 736.990458][ T43] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 737.000162][ T43] usb 1-1: Manufacturer: syz [ 737.006368][ T43] usb 1-1: config 0 descriptor?? [ 737.382862][ T51] Bluetooth: hci0: command tx timeout [ 737.393016][ T43] rc_core: IR keymap rc-hauppauge not found [ 737.400592][ T43] Registered IR keymap rc-empty [ 737.407130][ T43] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 737.419414][ T43] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input37 [ 737.436548][ C1] igorplugusb 1-1:0.0: Error: urb status = -32 [ 737.542647][ T43] usb 1-1: USB disconnect, device number 83 [ 738.403181][T17289] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 738.409480][T17289] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 738.444346][T17289] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 738.469471][T17289] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 738.476212][T17289] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 738.513326][T17289] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 738.546487][T17289] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 738.552476][T17289] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 738.559123][T17289] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 738.801124][T16306] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 738.824005][T16306] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 738.831813][T16306] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 738.986154][T16306] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 738.994208][T16306] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 739.022594][T17300] lo speed is unknown, defaulting to 1000 [ 739.161816][T17305] Invalid option length (65058) for dns_resolver key [ 739.818933][ T30] audit: type=1400 audit(1755497367.208:1863): avc: denied { write } for pid=17321 comm="syz.2.3090" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 739.956395][T17323] lo speed is unknown, defaulting to 1000 [ 740.045903][T17300] chnl_net:caif_netlink_parms(): no params data found [ 740.203399][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 740.255223][T17300] bridge0: port 1(bridge_slave_0) entered blocking state [ 740.279001][T17300] bridge0: port 1(bridge_slave_0) entered disabled state [ 740.300275][T17300] bridge_slave_0: entered allmulticast mode [ 740.533374][T10923] usb 1-1: new high-speed USB device number 84 using dummy_hcd [ 740.553426][ T51] Bluetooth: hci5: command 0x0c1a tx timeout [ 740.553656][T17300] bridge_slave_0: entered promiscuous mode [ 740.569661][ T9754] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 740.602411][T17300] bridge0: port 2(bridge_slave_1) entered blocking state [ 740.609698][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 740.633986][T17300] bridge0: port 2(bridge_slave_1) entered disabled state [ 740.641906][T17300] bridge_slave_1: entered allmulticast mode [ 740.652204][T17300] bridge_slave_1: entered promiscuous mode [ 740.669687][ T9754] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 740.713403][T10923] usb 1-1: Using ep0 maxpacket: 32 [ 740.724884][T10923] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 740.735262][T10923] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 740.745986][ T9754] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.342633][T10923] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 741.394219][ T51] Bluetooth: hci1: command tx timeout [ 741.442988][T10923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 741.472987][T10923] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 741.473866][T17300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 741.504208][T10923] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 741.533698][T10923] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 741.548097][ T9754] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.563995][T10923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 741.589009][T17300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 741.659332][T10923] usb 1-1: config 0 descriptor?? [ 741.714145][T17300] team0: Port device team_slave_0 added [ 741.810448][T17300] team0: Port device team_slave_1 added [ 741.952317][T17300] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 742.197540][T10923] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 84 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 742.202614][T17300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 742.239668][T17300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 742.242827][T10923] usb 1-1: USB disconnect, device number 84 [ 742.265948][ T9754] bridge_slave_1: left allmulticast mode [ 742.270756][T17364] binder: BINDER_SET_CONTEXT_MGR already set [ 742.272092][ T9754] bridge_slave_1: left promiscuous mode [ 742.285223][ T9754] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.288465][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 742.298310][T17364] binder: 17363:17364 ioctl 4018620d 200000000040 returned -16 [ 742.308207][ T9754] bridge_slave_0: left allmulticast mode [ 742.316839][T10923] usblp0: removed [ 742.323781][ T9754] bridge_slave_0: left promiscuous mode [ 742.329799][ T9754] bridge0: port 1(bridge_slave_0) entered disabled state [ 742.602232][ T9754] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 742.611378][ T51] Bluetooth: hci5: command 0x0c1a tx timeout [ 742.654298][ T9754] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 742.674315][ T9754] bond0 (unregistering): Released all slaves [ 742.682999][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 742.703105][T10923] usb 1-1: new high-speed USB device number 85 using dummy_hcd [ 742.712489][ T9754] bond1 (unregistering): Released all slaves [ 742.731236][ T9754] bond2 (unregistering): Released all slaves [ 742.747217][ T9754] bond3 (unregistering): Released all slaves [ 742.762192][ T9754] bond4 (unregistering): Released all slaves [ 742.777110][ T9754] bond5 (unregistering): Released all slaves [ 742.851931][ T9754] bond6 (unregistering): Released all slaves [ 742.863008][T10923] usb 1-1: Using ep0 maxpacket: 32 [ 742.869300][T10923] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 742.880112][ T9754] bond7 (unregistering): Released all slaves [ 742.880672][T10923] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 742.898201][T10923] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 742.907261][T10923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 742.908848][ T9754] bond8 (unregistering): Released all slaves [ 742.928898][T10923] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 742.950785][ T9754] bond9 (unregistering): Released all slaves [ 742.964003][T10923] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 742.989007][T10923] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 742.999861][T10923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 743.074855][T10923] usb 1-1: config 0 descriptor?? [ 743.081812][ T9754] bond10 (unregistering): Released all slaves [ 743.098604][T17300] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 743.117360][T17300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 743.143297][ C1] vkms_vblank_simulate: vblank timer overrun [ 743.149927][T17300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 743.461361][ T51] Bluetooth: hci1: command tx timeout [ 743.497901][T10923] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 85 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 743.529040][T10923] usb 1-1: USB disconnect, device number 85 [ 743.567214][T10923] usblp0: removed [ 743.667263][ T9754] _ÐZ`Ô€@ÿÃ: left promiscuous mode [ 743.677059][T17300] hsr_slave_0: entered promiscuous mode [ 743.689168][T17300] hsr_slave_1: entered promiscuous mode [ 743.990424][ T9754] tipc: Left network mode [ 744.126740][T17399] binder: BINDER_SET_CONTEXT_MGR already set [ 744.164259][T17399] binder: 17398:17399 ioctl 4018620d 200000000040 returned -16 [ 744.192854][ T9754] hsr_slave_0: left promiscuous mode [ 744.216148][ T9754] hsr_slave_1: left promiscuous mode [ 744.228771][ T9754] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 744.260956][ T9754] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 744.278077][ T9754] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 744.278204][T17402] loop2: detected capacity change from 0 to 7 [ 744.292559][ T9754] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 744.315769][T17402] Dev loop2: unable to read RDB block 7 [ 744.321594][T17402] loop2: unable to read partition table [ 744.328117][T17402] loop2: partition table beyond EOD, truncated [ 744.334416][T17402] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 744.347259][ T9754] batman_adv: batadv0: Removing interface: team0 [ 744.359762][ T9754] batman_adv: batadv0: Interface deactivated: hsr0 [ 744.366508][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 744.428813][ T9754] batman_adv: batadv0: Removing interface: hsr0 [ 744.461727][ T9754] veth1_macvtap: left promiscuous mode [ 744.467386][ T9754] veth0_macvtap: left promiscuous mode [ 744.472983][ T9754] veth1_vlan: left promiscuous mode [ 744.683064][ T51] Bluetooth: hci5: command 0x0c1a tx timeout [ 745.226972][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 745.327287][T17409] block nbd1: shutting down sockets [ 745.405386][ T9754] team0 (unregistering): Port device team_slave_1 removed [ 745.486026][ T51] Bluetooth: hci1: command tx timeout [ 745.487206][T17418] vxcan1: tx drop: invalid da for name 0x0000000000000003 [ 745.618811][ T9754] team0 (unregistering): Port device C removed [ 746.980347][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.597431][ T51] Bluetooth: hci1: command tx timeout [ 747.800175][T17373] Set syz1 is full, maxelem 65536 reached [ 747.879425][T17300] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 747.894314][T17440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3133'. [ 747.907540][T17300] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 747.913044][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x1 [ 747.922612][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 747.930536][T17300] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 747.931075][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 747.948325][T17300] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 747.955174][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 747.962622][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 747.975331][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 748.008314][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 748.016620][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 748.026417][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 748.034059][T10923] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 748.042445][T10923] hid-generic 0000:0000:0000.001B: hidraw0: HID v0.00 Device [syz0] on syz1 [ 748.172237][ T30] audit: type=1400 audit(1755497375.568:1864): avc: denied { listen } for pid=17459 comm="syz.2.3139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 748.373358][ T30] audit: type=1400 audit(1755497375.608:1865): avc: denied { accept } for pid=17459 comm="syz.2.3139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 748.664591][T17300] 8021q: adding VLAN 0 to HW filter on device bond0 [ 748.711348][T17300] 8021q: adding VLAN 0 to HW filter on device team0 [ 748.754839][ T9752] bridge0: port 1(bridge_slave_0) entered blocking state [ 748.761905][ T9752] bridge0: port 1(bridge_slave_0) entered forwarding state [ 748.779417][ T9752] bridge0: port 2(bridge_slave_1) entered blocking state [ 748.786537][ T9752] bridge0: port 2(bridge_slave_1) entered forwarding state [ 748.825515][T17300] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 748.941051][T17300] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 748.954026][T13794] usb 2-1: new high-speed USB device number 89 using dummy_hcd [ 749.089438][T17300] veth0_vlan: entered promiscuous mode [ 749.098215][T17300] veth1_vlan: entered promiscuous mode [ 749.173115][ T24] usb 4-1: new high-speed USB device number 107 using dummy_hcd [ 749.336979][ T24] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 749.389190][T13794] usb 2-1: Using ep0 maxpacket: 32 [ 749.389838][ T24] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 749.396367][T13794] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 14385, setting to 1024 [ 749.428160][T17300] veth0_macvtap: entered promiscuous mode [ 749.434100][T13794] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 749.444738][ T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 749.446112][T17300] veth1_macvtap: entered promiscuous mode [ 749.463248][ T24] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 749.473967][T13794] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 749.476048][ T24] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 749.486384][T13794] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 749.497457][ T24] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 749.513408][T13794] usb 2-1: Product: syz [ 749.517584][T13794] usb 2-1: Manufacturer: syz [ 749.522173][T13794] usb 2-1: SerialNumber: syz [ 749.534890][T13794] usb 2-1: config 0 descriptor?? [ 749.540375][ T24] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 749.549617][ T24] usb 4-1: Product: syz [ 749.554081][ T24] usb 4-1: Manufacturer: syz [ 749.562143][ T24] cdc_wdm 4-1:1.0: skipping garbage [ 749.563386][T17476] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 749.574554][ T24] cdc_wdm 4-1:1.0: skipping garbage [ 749.580621][ T24] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 749.589410][T17300] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 749.593994][ T24] cdc_wdm 4-1:1.0: Unknown control protocol [ 749.598825][T17300] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 749.619067][ T9746] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.635473][ T9746] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.656501][ T9746] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.671047][ T9746] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 749.689268][ T9746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 749.701832][ T9746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 749.719601][ T9746] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 749.728657][ T9746] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 749.789633][T17497] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 749.797581][ T5925] usb 2-1: USB disconnect, device number 89 [ 749.901184][ T24] usb 4-1: USB disconnect, device number 107 [ 750.533209][T13794] usb 1-1: new full-speed USB device number 86 using dummy_hcd [ 750.686137][T13794] usb 1-1: config 9 interface 0 altsetting 10 endpoint 0x7 has invalid maxpacket 1023, setting to 64 [ 750.698152][T13794] usb 1-1: config 9 interface 0 has no altsetting 0 [ 750.707364][T13794] usb 1-1: New USB device found, idVendor=147a, idProduct=e03e, bcdDevice= 8.f4 [ 750.719181][T13794] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 750.727656][T13794] usb 1-1: Product: syz [ 750.731981][T13794] usb 1-1: Manufacturer: syz [ 750.737648][T13794] usb 1-1: SerialNumber: syz [ 750.744696][T17520] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 752.157774][T17565] binder: BINDER_SET_CONTEXT_MGR already set [ 752.164312][T17565] binder: 17564:17565 ioctl 4018620d 200000000040 returned -16 [ 752.302964][T13780] usb 3-1: new high-speed USB device number 103 using dummy_hcd [ 752.473969][T13780] usb 3-1: Using ep0 maxpacket: 32 [ 752.480763][T13780] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 14385, setting to 1024 [ 752.492936][T13780] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 752.505046][T13780] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 752.514158][T13780] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 752.522517][T13780] usb 3-1: Product: syz [ 752.526987][T13780] usb 3-1: Manufacturer: syz [ 752.531703][T13780] usb 3-1: SerialNumber: syz [ 752.553538][T13780] usb 3-1: config 0 descriptor?? [ 752.563178][T17556] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 752.739648][T13794] usb 1-1: USB disconnect, device number 86 [ 752.775386][T13815] usb 3-1: USB disconnect, device number 103 [ 752.798995][ T30] audit: type=1400 audit(1755497380.208:1866): avc: denied { name_bind } for pid=17586 comm="syz.0.3177" src=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 754.089155][T17612] fuse: Bad value for 'fd' [ 754.241155][ T30] audit: type=1400 audit(1755497381.648:1867): avc: denied { accept } for pid=17615 comm="syz.2.3189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 754.763577][T17632] tipc: Started in network mode [ 754.768479][T17632] tipc: Node identity 663737d60c5d, cluster identity 4711 [ 754.776340][T17632] tipc: Enabled bearer , priority 0 [ 755.064621][T17632] syzkaller0: entered promiscuous mode [ 755.070115][T17632] syzkaller0: entered allmulticast mode [ 755.089514][T17632] tipc: Resetting bearer [ 755.097527][T17631] tipc: Resetting bearer [ 755.123424][T17631] tipc: Disabling bearer [ 756.623385][T17664] netlink: 180 bytes leftover after parsing attributes in process `syz.2.3203'. [ 756.632764][T17659] netlink: 180 bytes leftover after parsing attributes in process `syz.2.3203'. [ 757.936971][ T30] audit: type=1400 audit(1755497385.348:1868): avc: denied { mounton } for pid=17690 comm="syz.1.3215" path="/93/file1/file0" dev="autofs" ino=59758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 759.938608][T17730] netlink: 'syz.1.3225': attribute type 13 has an invalid length. [ 759.947817][T17730] netlink: 'syz.1.3225': attribute type 17 has an invalid length. [ 760.102369][T17730] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 761.783157][T13794] usb 5-1: new high-speed USB device number 97 using dummy_hcd [ 761.943765][T13794] usb 5-1: Using ep0 maxpacket: 16 [ 761.947613][T17776] bpq0: left allmulticast mode [ 761.977044][T13794] usb 5-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb [ 761.987878][T13794] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 762.104432][T13794] usb 5-1: Product: syz [ 762.140535][T13794] usb 5-1: Manufacturer: syz [ 762.249710][T13794] usb 5-1: SerialNumber: syz [ 762.580854][T17767] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 762.698659][T17767] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 763.136795][T13794] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 763.162136][T13794] snd-usb-audio 5-1:222.0: probe with driver snd-usb-audio failed with error -71 [ 763.210865][T13794] usb 5-1: USB disconnect, device number 97 [ 763.616103][T16306] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 763.623896][T16306] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 763.631208][T16306] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 763.638899][T16306] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 763.646936][T16306] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 763.725180][ T9754] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.020399][ T9754] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.040038][T17805] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.078846][T17797] chnl_net:caif_netlink_parms(): no params data found [ 764.307303][T17805] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.547915][ T9754] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.599658][T17805] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.685993][ T9754] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.762444][T17805] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.812864][T17797] bridge0: port 1(bridge_slave_0) entered blocking state [ 764.826252][T17797] bridge0: port 1(bridge_slave_0) entered disabled state [ 764.833626][T17797] bridge_slave_0: entered allmulticast mode [ 764.840357][T17797] bridge_slave_0: entered promiscuous mode [ 764.858281][T17797] bridge0: port 2(bridge_slave_1) entered blocking state [ 764.865504][T17797] bridge0: port 2(bridge_slave_1) entered disabled state [ 764.872714][T17797] bridge_slave_1: entered allmulticast mode [ 764.880689][T17797] bridge_slave_1: entered promiscuous mode [ 764.934336][T17797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 764.943950][ T9749] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.197620][ T9754] bond3 (unregistering): (slave ip6erspan0): Releasing active interface [ 765.260711][ T9754] team0: Port device gtp0 removed [ 765.722963][T16306] Bluetooth: hci2: command tx timeout [ 765.876890][ T9754] bond0 (unregistering): Released all slaves [ 766.016456][ T9754] bond1 (unregistering): Released all slaves [ 766.045445][ T9754] bond2 (unregistering): (slave veth3): Releasing active interface [ 766.063273][ T9754] bond2 (unregistering): Released all slaves [ 766.075739][ T9754] bond3 (unregistering): Released all slaves [ 766.085444][ T9754] bond4 (unregistering): Released all slaves [ 766.096079][ T9754] bond5 (unregistering): Released all slaves [ 766.126338][ T9754] bond6 (unregistering): (slave batadv1): Releasing backup interface [ 766.148656][ T9754] bond6 (unregistering): Released all slaves [ 766.162813][ T9754] bond7 (unregistering): (slave veth5): Releasing active interface [ 766.233183][ T9754] bond7 (unregistering): Released all slaves [ 766.246258][ T9754] bond8 (unregistering): Released all slaves [ 766.256513][ T9754] bond9 (unregistering): Released all slaves [ 766.266624][T17797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 766.279840][ T9749] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.682347][ T9745] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.693664][ T9745] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.714681][T17833] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3257'. [ 766.770546][ T9754] tipc: Disabling bearer [ 766.779776][ T9754] tipc: Left network mode [ 766.785408][T17797] team0: Port device team_slave_0 added [ 766.805880][T17797] team0: Port device team_slave_1 added [ 767.329635][T17797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 767.343894][T17797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 767.381375][T17856] usb usb8: usbfs: process 17856 (syz.0.3265) did not claim interface 0 before use [ 767.383170][T17797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 767.402544][T17797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 767.412988][T17797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 767.439385][T17797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 767.504658][T17797] hsr_slave_0: entered promiscuous mode [ 767.511465][T17797] hsr_slave_1: entered promiscuous mode [ 767.518921][T17797] debugfs: 'hsr0' already exists in 'hsr' [ 767.526965][T17797] Cannot create hsr debugfs directory [ 767.595572][ T9754] hsr_slave_0: left promiscuous mode [ 767.601421][ T9754] hsr_slave_1: left promiscuous mode [ 767.610914][ T9754] veth1_macvtap: left allmulticast mode [ 767.616694][ T9754] veth1_macvtap: left promiscuous mode [ 767.622275][ T9754] veth0_macvtap: left promiscuous mode [ 767.629663][ T9754] veth1_vlan: left promiscuous mode [ 767.635115][ T9754] veth0_vlan: left promiscuous mode [ 767.803033][T16306] Bluetooth: hci2: command tx timeout [ 767.810846][T17870] fuse: Bad value for 'fd' [ 768.585680][ T30] audit: type=1400 audit(1755497395.838:1869): avc: denied { setattr } for pid=17877 comm="syz.0.3274" name="file0" dev="tmpfs" ino=307 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 768.765491][T17797] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 768.776677][T17797] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 768.932389][T17797] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 769.127489][T17797] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 769.257970][T17903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3281'. [ 769.271912][ T9754] IPVS: stop unused estimator thread 0... [ 769.302216][T17903] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 769.750865][ T9739] Bluetooth: hci3: Frame reassembly failed (-84) [ 769.791158][T17908] hub 2-0:1.0: USB hub found [ 769.796868][T17908] hub 2-0:1.0: 1 port detected [ 769.884030][ T51] Bluetooth: hci2: command tx timeout [ 770.190973][T17797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 770.285866][T17797] 8021q: adding VLAN 0 to HW filter on device team0 [ 770.606001][T17797] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 770.620922][T17797] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 770.635748][ T9752] bridge0: port 1(bridge_slave_0) entered blocking state [ 770.642819][ T9752] bridge0: port 1(bridge_slave_0) entered forwarding state [ 770.666979][ T9752] bridge0: port 2(bridge_slave_1) entered blocking state [ 770.674056][ T9752] bridge0: port 2(bridge_slave_1) entered forwarding state [ 770.881989][T17797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 770.918734][T17797] veth0_vlan: entered promiscuous mode [ 770.930778][T17797] veth1_vlan: entered promiscuous mode [ 770.967616][T17797] veth0_macvtap: entered promiscuous mode [ 770.980352][T17797] veth1_macvtap: entered promiscuous mode [ 770.996211][T17797] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 771.036072][T17797] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 771.073428][T17924] syz.1.3286 (17924): drop_caches: 2 [ 771.079265][T17924] syz.1.3286 (17924): drop_caches: 2 [ 771.095231][ T9752] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 771.108856][ T9744] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.119905][ T9752] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 771.126524][ T9744] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.147668][ T9744] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.164955][ T9744] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.175884][ T30] audit: type=1326 audit(1755497398.588:1870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e4f385ba7 code=0x7ffc0000 [ 771.216008][ T30] audit: type=1326 audit(1755497398.588:1871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e4f32add9 code=0x7ffc0000 [ 771.252615][ T9752] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 771.258679][ T30] audit: type=1326 audit(1755497398.588:1872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e4f385ba7 code=0x7ffc0000 [ 771.269483][ T9752] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 771.283815][ C1] vkms_vblank_simulate: vblank timer overrun [ 771.284324][ T30] audit: type=1326 audit(1755497398.588:1873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e4f32add9 code=0x7ffc0000 [ 771.321160][ C1] vkms_vblank_simulate: vblank timer overrun [ 771.329691][ T30] audit: type=1326 audit(1755497398.588:1874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e4f385ba7 code=0x7ffc0000 [ 771.353242][ C1] vkms_vblank_simulate: vblank timer overrun [ 771.361986][ T30] audit: type=1326 audit(1755497398.588:1875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e4f32add9 code=0x7ffc0000 [ 771.385396][ C1] vkms_vblank_simulate: vblank timer overrun [ 771.395453][ T30] audit: type=1326 audit(1755497398.588:1876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e4f385ba7 code=0x7ffc0000 [ 771.418837][ C1] vkms_vblank_simulate: vblank timer overrun [ 771.427253][ T30] audit: type=1326 audit(1755497398.588:1877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e4f32add9 code=0x7ffc0000 [ 771.450642][ C1] vkms_vblank_simulate: vblank timer overrun [ 771.457578][ T30] audit: type=1326 audit(1755497398.588:1878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17935 comm="syz.4.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e4f385ba7 code=0x7ffc0000 [ 771.804661][ T51] Bluetooth: hci3: command 0xfc11 tx timeout [ 771.820012][T16306] Bluetooth: hci3: Entering manufacturer mode failed (-110) [ 772.232815][T16306] Bluetooth: hci2: command tx timeout [ 772.239681][T17962] binder: 17961:17962 ioctl 4018620d 0 returned -22 [ 772.281228][T17966] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3303'. [ 772.495788][T17977] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 774.671995][T18015] syz.3.3316 (18015): drop_caches: 2 [ 774.679341][T18015] syz.3.3316 (18015): drop_caches: 2 [ 777.633976][T18069] binder: BINDER_SET_CONTEXT_MGR already set [ 777.668497][T18069] binder: 18068:18069 ioctl 4018620d 200000000040 returned -16 [ 777.694454][T18073] loop8: detected capacity change from 0 to 16384 [ 777.697217][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 777.697231][ T30] audit: type=1326 audit(1755497405.098:1942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 777.772045][ T30] audit: type=1326 audit(1755497405.098:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 777.797457][ T30] audit: type=1326 audit(1755497405.098:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 777.902628][ T30] audit: type=1326 audit(1755497405.098:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 777.945523][ T30] audit: type=1326 audit(1755497405.098:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 777.972893][ T30] audit: type=1326 audit(1755497405.098:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 778.002126][T18077] loop8: detected capacity change from 16384 to 16383 [ 778.187706][ T30] audit: type=1326 audit(1755497405.098:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 778.214219][ T30] audit: type=1326 audit(1755497405.098:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 778.277927][ T30] audit: type=1326 audit(1755497405.098:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 778.306288][ T30] audit: type=1326 audit(1755497405.098:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18072 comm="syz.0.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc197f8ebe9 code=0x7ffc0000 [ 778.357169][T18073] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3336'. [ 778.812797][T18108] usb usb8: usbfs: process 18108 (syz.2.3347) did not claim interface 0 before use [ 778.916186][T18113] Can't find a SQUASHFS superblock on nullb0 [ 779.209612][T13812] usb 1-1: new high-speed USB device number 87 using dummy_hcd [ 779.443178][T13812] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 779.503234][T13812] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 779.693420][T13812] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 779.795358][T13812] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 779.837896][T13812] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 780.776143][T13812] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 780.811259][T13812] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 780.829417][T13812] usb 1-1: Product: syz [ 780.841319][T18140] comedi comedi0: pcm3724: I/O port conflict (0x3,16) [ 780.849310][T13812] usb 1-1: Manufacturer: syz [ 780.946035][T13812] cdc_wdm 1-1:1.0: skipping garbage [ 780.974218][T18144] _ÐZ`Ô€@ÿÃ: entered promiscuous mode [ 781.073103][T13812] cdc_wdm 1-1:1.0: skipping garbage [ 781.101292][T18146] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3360'. [ 781.101503][T13812] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 781.116580][T13812] cdc_wdm 1-1:1.0: Unknown control protocol [ 781.189476][T18148] kvm: pic: single mode not supported [ 781.206625][T18148] kvm: pic: level sensitive irq not supported [ 781.232928][ T24] usb 1-1: USB disconnect, device number 87 [ 781.379440][T18148] kvm: pic: level sensitive irq not supported [ 781.382491][T18148] kvm: pic: single mode not supported [ 781.388730][T18148] kvm: pic: level sensitive irq not supported [ 781.405295][T18148] kvm: pic: single mode not supported [ 781.411698][T18148] kvm: pic: level sensitive irq not supported [ 781.422363][T18156] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3363'. [ 781.422888][T18148] kvm: pic: single mode not supported [ 781.680845][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.799181][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.823591][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.834513][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.853816][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.864734][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.886250][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.923530][T18173] netlink: 'syz.4.3369': attribute type 20 has an invalid length. [ 781.965407][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.980453][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 781.991829][T18164] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 783.192697][T16306] Bluetooth: hci5: ACL packet for unknown connection handle 200 [ 783.469554][T18229] syz_tun: entered allmulticast mode [ 783.921811][T18234] netlink: 'syz.0.3393': attribute type 13 has an invalid length. [ 784.154151][T18238] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3393'. [ 784.216895][T18234] bridge0: port 2(bridge_slave_1) entered disabled state [ 784.224116][T18234] bridge0: port 1(bridge_slave_0) entered disabled state [ 784.254891][T18234] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 784.501859][T18234] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 784.529900][T18234] Oops: general protection fault, probably for non-canonical address 0xdffffc001fff41ac: 0000 [#1] SMP KASAN NOPTI [ 784.541961][T18234] KASAN: probably user-memory-access in range [0x00000000fffa0d60-0x00000000fffa0d67] [ 784.551584][T18234] CPU: 0 UID: 0 PID: 18234 Comm: syz.0.3393 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 784.563628][T18234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 784.573662][T18234] RIP: 0010:__ip_mc_dec_group+0x25a/0x5b0 [ 784.579366][T18234] Code: 9c 2d 0d f8 69 43 08 47 86 c8 61 49 bd 00 00 00 00 00 fc ff df c1 e8 17 4d 8d 24 c4 eb 2d e8 dd d6 a6 f7 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 0f 85 1e 03 00 00 4d 8b 34 24 4c 39 f3 0f 84 ef 00 [ 784.598948][T18234] RSP: 0018:ffffc90003996da0 EFLAGS: 00010206 [ 784.604995][T18234] RAX: 000000001fff41ac RBX: ffff888030515800 RCX: ffffc9000de83000 [ 784.612945][T18234] RDX: 0000000000080000 RSI: ffffffff8a14bb03 RDI: 0000000000000005 [ 784.620901][T18234] RBP: ffff888056ad1820 R08: 0000000000000005 R09: 0000000000000000 [ 784.628850][T18234] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffa0d60 [ 784.636798][T18234] R13: dffffc0000000000 R14: 0000000000000000 R15: 00000000010000e0 [ 784.644747][T18234] FS: 00007fc198de46c0(0000) GS:ffff8881246bc000(0000) knlGS:0000000000000000 [ 784.653654][T18234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 784.660214][T18234] CR2: 0000200000404030 CR3: 000000003ce8e000 CR4: 00000000003526f0 [ 784.668163][T18234] Call Trace: [ 784.671419][T18234] [ 784.674328][T18234] inetdev_event+0x3b2/0x18a0 [ 784.678989][T18234] ? ib_netdevice_event+0xfc/0x330 [ 784.684776][T18234] ? __pfx_inetdev_event+0x10/0x10 [ 784.689865][T18234] ? cfg802154_netdev_notifier_call+0x391/0xa00 [ 784.696183][T18234] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 784.702057][T18234] notifier_call_chain+0xbc/0x410 [ 784.707065][T18234] ? __pfx_inetdev_event+0x10/0x10 [ 784.712156][T18234] call_netdevice_notifiers_info+0xbe/0x140 [ 784.718213][T18234] __dev_notify_flags+0x1f7/0x2e0 [ 784.723236][T18234] ? __pfx___dev_notify_flags+0x10/0x10 [ 784.728788][T18234] ? __pfx___dev_change_flags+0x10/0x10 [ 784.734312][T18234] ? rtnl_is_locked+0x15/0x20 [ 784.738980][T18234] ? __pfx_netif_state_change+0x10/0x10 [ 784.744512][T18234] netif_change_flags+0x108/0x160 [ 784.749516][T18234] do_setlink.constprop.0+0xb53/0x4380 [ 784.754966][T18234] ? preempt_schedule_common+0x44/0xc0 [ 784.760426][T18234] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 784.766317][T18234] ? preempt_count_add+0x76/0x150 [ 784.771323][T18234] ? __wake_up_klogd.part.0+0x99/0xf0 [ 784.776673][T18234] ? vprintk_emit+0x1e6/0x6d0 [ 784.781330][T18234] ? __pfx_vprintk_emit+0x10/0x10 [ 784.786335][T18234] ? rcu_is_watching+0x12/0xc0 [ 784.791079][T18234] ? avc_has_perm_noaudit+0x117/0x3b0 [ 784.796429][T18234] ? rcu_is_watching+0x12/0xc0 [ 784.801170][T18234] ? __mutex_trylock_common+0xe9/0x250 [ 784.806612][T18234] ? __pfx___mutex_trylock_common+0x10/0x10 [ 784.812489][T18234] ? __pfx___might_resched+0x10/0x10 [ 784.817755][T18234] ? rcu_is_watching+0x12/0xc0 [ 784.822497][T18234] ? trace_contention_end+0xdd/0x130 [ 784.827768][T18234] ? __mutex_lock+0x1c5/0x1060 [ 784.832513][T18234] ? __pfx___mutex_lock+0x10/0x10 [ 784.837516][T18234] ? cap_capable+0xb3/0x250 [ 784.842004][T18234] rtnl_newlink+0x18e0/0x2000 [ 784.846664][T18234] ? __pfx_rtnl_newlink+0x10/0x10 [ 784.851666][T18234] ? avc_has_perm_noaudit+0x117/0x3b0 [ 784.857014][T18234] ? rcu_is_watching+0x12/0xc0 [ 784.861755][T18234] ? lock_release+0x201/0x2f0 [ 784.866415][T18234] ? avc_has_perm_noaudit+0x149/0x3b0 [ 784.871761][T18234] ? cred_has_capability.isra.0+0x190/0x310 [ 784.877636][T18234] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 784.884297][T18234] ? cap_capable+0xb3/0x250 [ 784.888779][T18234] ? rcu_is_watching+0x12/0xc0 [ 784.893525][T18234] ? __pfx_rtnl_newlink+0x10/0x10 [ 784.898528][T18234] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 784.903617][T18234] ? rcu_is_watching+0x12/0xc0 [ 784.908362][T18234] ? __pfx_rtnl_newlink+0x10/0x10 [ 784.913363][T18234] ? lock_release+0x201/0x2f0 [ 784.918046][T18234] ? __pfx_rtnl_newlink+0x10/0x10 [ 784.923047][T18234] rtnetlink_rcv_msg+0x95b/0xe90 [ 784.927962][T18234] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 784.933398][T18234] ? ref_tracker_free+0x37c/0x830 [ 784.938403][T18234] netlink_rcv_skb+0x155/0x420 [ 784.943145][T18234] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 784.948580][T18234] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 784.953845][T18234] ? netlink_deliver_tap+0x1ae/0xd30 [ 784.959108][T18234] netlink_unicast+0x5aa/0x870 [ 784.963849][T18234] ? __pfx_netlink_unicast+0x10/0x10 [ 784.969111][T18234] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 784.975067][T18234] netlink_sendmsg+0x8d1/0xdd0 [ 784.979812][T18234] ? __pfx_netlink_sendmsg+0x10/0x10 [ 784.985078][T18234] ____sys_sendmsg+0xa95/0xc70 [ 784.989823][T18234] ? copy_msghdr_from_user+0x10a/0x160 [ 784.995255][T18234] ? __pfx_____sys_sendmsg+0x10/0x10 [ 785.000524][T18234] ? __pfx_futex_wake_mark+0x10/0x10 [ 785.005786][T18234] ___sys_sendmsg+0x134/0x1d0 [ 785.010441][T18234] ? __pfx____sys_sendmsg+0x10/0x10 [ 785.015614][T18234] ? futex_private_hash_put+0x11c/0x300 [ 785.021142][T18234] ? rcu_is_watching+0x12/0xc0 [ 785.025890][T18234] __sys_sendmsg+0x16d/0x220 [ 785.030458][T18234] ? __pfx___sys_sendmsg+0x10/0x10 [ 785.035544][T18234] ? __x64_sys_futex+0x1e0/0x4c0 [ 785.040470][T18234] do_syscall_64+0xcd/0x4c0 [ 785.044954][T18234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.050822][T18234] RIP: 0033:0x7fc197f8ebe9 [ 785.055214][T18234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.074812][T18234] RSP: 002b:00007fc198de4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 785.083203][T18234] RAX: ffffffffffffffda RBX: 00007fc1981b5fa0 RCX: 00007fc197f8ebe9 [ 785.091153][T18234] RDX: 0000000004000c00 RSI: 0000200000000180 RDI: 0000000000000003 [ 785.099099][T18234] RBP: 00007fc198011e19 R08: 0000000000000000 R09: 0000000000000000 [ 785.107045][T18234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 785.114993][T18234] R13: 00007fc1981b6038 R14: 00007fc1981b5fa0 R15: 00007ffeaa66c1d8 [ 785.122945][T18234] [ 785.125941][T18234] Modules linked in: [ 785.129877][ C0] vkms_vblank_simulate: vblank timer overrun [ 785.137317][T18234] ---[ end trace 0000000000000000 ]--- [ 785.154095][T18234] RIP: 0010:__ip_mc_dec_group+0x25a/0x5b0 [ 785.159982][T18234] Code: 9c 2d 0d f8 69 43 08 47 86 c8 61 49 bd 00 00 00 00 00 fc ff df c1 e8 17 4d 8d 24 c4 eb 2d e8 dd d6 a6 f7 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 0f 85 1e 03 00 00 4d 8b 34 24 4c 39 f3 0f 84 ef 00 [ 785.203035][T18234] RSP: 0018:ffffc90003996da0 EFLAGS: 00010206 [ 785.211828][T18234] RAX: 000000001fff41ac RBX: ffff888030515800 RCX: ffffc9000de83000 [ 785.230285][T18234] RDX: 0000000000080000 RSI: ffffffff8a14bb03 RDI: 0000000000000005 [ 785.238456][T18234] RBP: ffff888056ad1820 R08: 0000000000000005 R09: 0000000000000000 [ 785.246705][T18234] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffa0d60 [ 785.254840][T18234] R13: dffffc0000000000 R14: 0000000000000000 R15: 00000000010000e0 [ 785.262837][T18234] FS: 00007fc198de46c0(0000) GS:ffff8881246bc000(0000) knlGS:0000000000000000 [ 785.272016][T18234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 785.278958][T18234] CR2: 00007ffcd0c74f08 CR3: 000000003ce8e000 CR4: 00000000003526f0 [ 785.287728][T18234] Kernel panic - not syncing: Fatal exception [ 785.294140][T18234] Kernel Offset: disabled [ 785.298440][T18234] Rebooting in 86400 seconds..