last executing test programs: 5.314768595s ago: executing program 0 (id=364): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x4000000) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f0000000300)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd22, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xc, 0xf}, {}, {0xfff1, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x8004) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xffe0, 0xc}, {0x0, 0xfff1}, {0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000811}, 0x4041810) 5.16778984s ago: executing program 0 (id=365): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x5}, 0x1c, &(0x7f0000000640)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0xfffffff3, 0x101, 0xee52, 0x2, 0xc, 0x20008, 0x5}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x5, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) syz_usb_connect(0x2, 0x24, &(0x7f0000000600)=ANY=[@ANYBLOB="120100001d9167204f17316a3f26010203010902"], 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x71, 0xffff1896, 0x3, 0x26, 0x0, 0x1a}, 0x9c) 4.218783951s ago: executing program 3 (id=375): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x0, "45501821"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @main=@item_4={0x3, 0x0, 0xb, "4070f43f"}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[], 0x0) syz_usb_connect(0x0, 0x34, 0x0, 0x0) ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0) syz_usb_ep_read(0xffffffffffffffff, 0x2, 0x0, 0x0) ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f0000000040)={0x3, 0x100, 0x7}) syz_usb_disconnect(r0) 4.008331104s ago: executing program 0 (id=381): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x2, 0x4, 0x8, 0xf}, 0x50) r0 = fsopen(&(0x7f0000000080)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000180), 0x3, 0x4042) ioctl$XFS_IOC_START_COMMIT(r1, 0x80585882, &(0x7f00000003c0)) r2 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) close(r2) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) prctl$PR_SET_MM(0x23, 0x8, &(0x7f00003fb000/0x1000)=nil) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='erofs\x00', 0x208000, 0x0) r6 = fsmount(r0, 0x0, 0xa) fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f00000000c0)='=relative', &(0x7f0000000140)='./cgroup\x00', r6) 3.039205537s ago: executing program 0 (id=386): r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r1}, &(0x7f0000000580), &(0x7f00000005c0)=r2}, 0x20) pipe(0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x24, 0x10, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40938, 0x3}, [@IFLA_AF_SPEC={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x68010}, 0x0) 3.039031605s ago: executing program 0 (id=387): r0 = syz_usb_connect$hid(0x2, 0x90, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000105804165000000000000109022400010000c04009040000010300000009210900000122a00009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0000d2"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000340), 0x0, 0x801c0) ioctl$HIDIOCSUSAGES(r1, 0x501c4814, 0x0) 2.607412388s ago: executing program 2 (id=388): timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02}) socket$nl_route(0x10, 0x3, 0x0) preadv(r1, &(0x7f0000000340)=[{&(0x7f0000000000)=""/30, 0x1e}], 0x1, 0x8, 0x2) 2.549197544s ago: executing program 1 (id=389): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$SO_COOKIE(r0, 0x1, 0x39, 0x0, &(0x7f0000000380)) 2.549042391s ago: executing program 1 (id=390): r0 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 2.389116211s ago: executing program 1 (id=391): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4c000000000105000d0000000000000002000102240002801400018008000100e000000108000200e00000010c00028005000100000000000c000f"], 0x4c}}, 0x0) 2.326973336s ago: executing program 1 (id=392): socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_cmd={0x2, 0x6, 0x10, 0x3, 0xe8, 0x3, 0x0, 0x6, 0x1, 0x2, 0xfffffffd, 0x0, 0x200, 0xb, 0x47, 0x3, [0x100, 0xfffffff9]}}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000340)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xffffffffffffffe0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000280)=0xce76, 0x4) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/tty/drivers\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='\a\x00\x00'], 0x50) sendfile(r4, r5, 0x0, 0x106f) socket$rds(0x15, 0x5, 0x0) socket$packet(0x11, 0x3, 0x300) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet6(r6, &(0x7f0000000bc0)=[{{&(0x7f0000000180)={0xa, 0x4e22, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000000c0)='x', 0x1}], 0x1}}], 0x1, 0x40c40c0) r7 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400050124bd70007bdbdf250a84312a0900000000004e22"], 0x48}, 0x1, 0x0, 0x0, 0x4004081}, 0x2005c840) connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) recvmmsg(r7, &(0x7f00000081c0)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x0, 0x0) 2.326594801s ago: executing program 3 (id=393): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x2}}}]}, 0x38}}, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r8 = socket(0x400000000010, 0x3, 0x0) r9 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtfilter={0xe8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r10, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xe58, 0x2, [@TCA_MATCHALL_ACT={0xe54, 0x2, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x3ff, 0x5, 0x6, 0x18, 0x458}, 0x2, 0x2}, [{0x1, 0x87992fa, 0x8, 0x8, 0x8, 0x7ff}, {0x3b0000, 0x2, 0x5, 0x7, 0x3b4e, 0xfffffff2}, {0x9, 0x3, 0xd289, 0x3, 0x5, 0xfffff06d}, {0x4, 0x8f80, 0x7df1, 0x5, 0xbb, 0x6}, {0x40, 0x1, 0x8, 0x4, 0x8000000, 0x7fffffff}, {0x5, 0x2, 0x80000000, 0x4, 0x4, 0x8}, {0x7690ea5, 0x401, 0x1, 0x4, 0x7, 0x1ff}, {0x2, 0xd, 0xd41, 0x8, 0x80000000, 0x5}, {0x6, 0x0, 0x3ff, 0x4, 0x8, 0x4}, {0x2, 0xfffeffff, 0xbb, 0x1ff, 0x0, 0xb5}, {0x101, 0x1, 0x44, 0x1, 0xe8, 0x101}, {0x9, 0x8, 0x1, 0x1, 0x2, 0x7}, {0x6, 0xd, 0x9, 0xa0, 0xffffffff, 0x2}, {0x7fff, 0x7, 0x3, 0x80000000, 0x9, 0x10001}, {0x1004, 0x7ff, 0x7000000, 0x0, 0x2, 0x2}, {0x8, 0x3, 0x3ff, 0x5, 0x1, 0x5}, {0x8, 0x0, 0x4, 0x8, 0x1}, {0x4, 0x0, 0x3, 0xeaa, 0x40, 0xffff}, {0x1, 0x0, 0x4, 0x7, 0x2, 0x7}, {0xd319, 0xa, 0x80000001, 0x3, 0x9, 0x5}, {0x8, 0x2, 0xff, 0x9, 0x0, 0x81}, {0x9, 0x1, 0xa8, 0x9, 0x0, 0xfffff000}, {0x80, 0x6, 0x3ff, 0x2, 0x51e, 0x48e6}, {0x1, 0xf, 0x8000, 0x80000, 0x0, 0x7}, {0x6, 0x3, 0x101, 0x3, 0x3, 0xfffffff8}, {0x2, 0xab7c, 0x3, 0x2, 0x5}, {0x8, 0x2, 0x89, 0x0, 0x3, 0x6}, {0x3, 0x7, 0x1, 0xb435, 0x6, 0xfffffffc}, {0x8, 0x0, 0x0, 0x0, 0x100, 0x401}, {0xfffffffb, 0x5, 0x7, 0x4, 0x8, 0x7}, {0x5, 0x0, 0x2, 0x1, 0x0, 0x7}, {0x6, 0x0, 0x2, 0x7f, 0xc, 0x8}, {0x5, 0x3ff, 0xffffffff, 0x5, 0x10000, 0x6}, {0x9, 0x1, 0x7, 0xc, 0x3674, 0x5}, {0x2e52, 0x10001, 0x1000, 0xffff, 0x2, 0xa9e}, {0x6, 0x80000001, 0x7, 0x2, 0xfff, 0x7fff}, {0xf, 0x0, 0x8, 0x4, 0x79e, 0x2}, {0x8, 0x5, 0x3, 0x5, 0x8, 0x200}, {0x12, 0xfcc, 0x9, 0x6, 0x7, 0x5}, {0x3ff, 0x1, 0xa, 0xffffa747, 0xfffff002, 0xb0}, {0x2614, 0x5, 0x3ff, 0xe5, 0x200, 0x8}, {0x7e10, 0x4, 0xa, 0x0, 0x9, 0x401}, {0xfffffff7, 0x1000, 0x7fff, 0x8, 0x7, 0x7}, {0x81, 0x5, 0x3, 0x7, 0x82b3, 0x3}, {0xc, 0x401, 0x6, 0x3, 0x80000000, 0xb6e}, {0x9, 0x800, 0xfffffff9, 0x2, 0x3, 0x4}, {0xe, 0x0, 0x3, 0x5, 0x3b83, 0x3}, {0x200, 0xfffffffa, 0x8, 0x721, 0xd359, 0x10}, {0x7, 0x5, 0x10001, 0x8, 0x80000000, 0x2}, {0x9, 0x6, 0xfba, 0x6, 0x9bd, 0xdae}, {0x7, 0x507, 0x8, 0x10001, 0x5, 0x7}, {0x448f, 0x81, 0x8, 0x80, 0x9, 0x4}, {0x7, 0x4993, 0xe76, 0x6, 0xcb0, 0x401}, {0x9, 0xc49c, 0xd4e1, 0x5, 0x1, 0x5}, {0x1, 0x7, 0xc, 0x2, 0xade, 0xb}, {0x1e14, 0xe, 0x9, 0x95a, 0x1, 0x7}, {0x6, 0x101, 0xffff, 0x10001, 0x0, 0x7ff}, {0x4, 0x4, 0x0, 0x401, 0x5, 0x5}, {0x1, 0x4d8, 0x57a0, 0x1, 0x9, 0xffffffff}, {0xffffffff, 0x6, 0x0, 0x2222068c, 0x3, 0x1}, {0x2, 0x1000, 0x2, 0x2, 0xfffffff7, 0x7ff}, {0xd, 0x3af, 0x9, 0x8, 0x5, 0xe}, {0xfffffffc, 0x33a1, 0x8, 0x8, 0x2, 0xf59}, {0x10000, 0x7fffffff, 0x6, 0x6, 0x6, 0x6}, {0xe, 0xb1, 0x7, 0x1, 0x5, 0x2}, {0x191, 0x6, 0x1, 0x8, 0x4272, 0xfffffff8}, {0x9, 0x6, 0x7, 0x0, 0xf960, 0x9d}, {0x1, 0x2, 0x6, 0x6cde, 0xfffffff7, 0x1ff}, {0x5, 0x3, 0x3, 0x1030, 0x494, 0xffffffcc}, {0x1e2, 0x1, 0x1, 0x4, 0x5, 0x6}, {0xa503, 0x80000000, 0xc3, 0x1ff, 0x1, 0x7}, {0x7, 0x1, 0xe, 0xff, 0x3, 0x9}, {0x80000001, 0x0, 0x3, 0xd, 0x7fffffff, 0xef}, {0x7, 0x6, 0x0, 0x764, 0x5, 0x4}, {0x0, 0x2, 0xb69, 0x7fff, 0x9, 0x5}, {0x5, 0xff, 0x6, 0x2, 0x9, 0x4}, {0x7, 0x6, 0x5, 0x5, 0x3, 0x10001}, {0x6, 0x2, 0x0, 0x2, 0x2ee6, 0x8}, {0xb54, 0x5, 0x6, 0xfffffffa, 0x323, 0x2}, {0x3, 0x9, 0xfffffff7, 0x8, 0x7b6b14a2, 0x3}, {0x8, 0x80000000, 0x1, 0x44, 0x100, 0x257f}, {0x5, 0x5, 0xab, 0x9, 0x5, 0x7fffffff}, {0x9e, 0x6, 0x6, 0x3, 0x2, 0xf2}, {0x9, 0x4000, 0x101, 0x6, 0x4, 0xd}, {0x401, 0x0, 0x7, 0xffffffff, 0x8, 0x9}, {0xfffffffa, 0x9, 0xfffffffb, 0x5, 0x1004000, 0x7fff}, {0x0, 0x6, 0x80000000, 0x101, 0x5}, {0x10001, 0x2, 0x8, 0xffffffc0, 0xa, 0x5}, {0x7, 0x7, 0x8, 0xca, 0x5, 0x8}, {0xd576, 0x4, 0x4, 0x7, 0x4, 0x8}, {0xe, 0x6f, 0x10000, 0x2, 0xdc7f, 0xb66}, {0xb64, 0x4, 0x7, 0x0, 0x80000001, 0x9}, {0x1, 0x51b2, 0x7, 0x3, 0x4}, {0x3, 0x4, 0x6146a1c3, 0x3, 0xd7, 0x5}, {0x80000001, 0x40, 0xfff, 0x81, 0x4, 0xfffffff9}, {0x7, 0x800, 0x5c, 0x45, 0x4, 0x100}, {0x6, 0x1ff, 0x3, 0x9fed, 0x0, 0x4}, {0x4b, 0x4, 0x67, 0x7fffffff, 0xf7}, {0x35be, 0xc, 0x1, 0x800, 0xfffeffff, 0x1000000}, {0x7, 0x8001, 0x0, 0x1, 0x7}, {0x800, 0x5, 0x0, 0x10000000, 0x6, 0x3}, {0x9, 0x6, 0xd, 0x5, 0x537, 0x2}, {0x7, 0x80, 0xb51, 0x1, 0x8000, 0x6}, {0x1, 0x36, 0x186b, 0x995f, 0x5, 0x4}, {0xd3a, 0x15aa, 0x92c0, 0x10000, 0x4, 0x6}, {0x80000000, 0x7, 0x6, 0x0, 0x9, 0xe}, {0x3, 0x3694, 0x6, 0x9, 0x51cf3566, 0x4}, {0x0, 0xffffffff, 0x3, 0x7f, 0x4, 0x1ff}, {0x6, 0x6, 0x2, 0x5, 0xdf63, 0x4}, {0x6, 0x8001, 0x8, 0x7, 0x10000, 0xb}, {0x3, 0x4, 0x4, 0x6, 0x1ff, 0x1}, {0x10, 0x2, 0x54, 0x47c, 0x808, 0x4}, {0x7, 0x101, 0xe, 0x5, 0x100, 0xfffffffe}, {0x0, 0x6, 0x4, 0x1, 0xfffffff1, 0x36}, {0x0, 0x81, 0x6, 0x5b1b, 0xfff, 0xd29}, {0x1ff, 0x2, 0x7fffffff, 0x0, 0x0, 0x4}, {0x800, 0x53e, 0xac15, 0x73, 0xf112, 0x9}, {0x2, 0x800, 0x8d, 0x6268, 0x8, 0x4}, {0x8, 0xffff, 0xf2d, 0x2, 0x5, 0xa}, {0x8, 0x2, 0x1, 0x31d8, 0x7, 0x5}, {0x5, 0x8, 0xda2c, 0x823d, 0x2, 0xfffffff9}, {0x2, 0xc, 0x7fffffff, 0x0, 0x165, 0x6}, {0x5, 0x3, 0x8622, 0x80, 0x1, 0x1}, {0x3, 0x81, 0xc13, 0xffff, 0x1, 0x4}, {0xf4f0, 0x800, 0xa, 0x5, 0x7, 0x11b}, {0x7, 0x86b7, 0x0, 0xee, 0x81, 0x6}, {0x3, 0xfffffff7, 0xffff, 0x101, 0x3}, {0x5, 0x40, 0x7, 0xfffffffd, 0x9, 0x3}], [{0x1}, {0x5, 0x1}, {0x3}, {0x4}, {0x4}, {0x4}, {0x4}, {0x2}, {0x3, 0x1}, {0x0, 0x1}, {0x5}, {0x5}, {0x4}, {0x1}, {0x5}, {0x1}, {0x2}, {0x1, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x6bc7e79ad7b0d1cc}, {0x6}, {0x4, 0x1}, {0x0, 0x1}, {0x5}, {0x5, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x5}, {0x2}, {0x3}, {0x3, 0x1}, {0x2}, {}, {0x1, 0x1}, {0x2}, {0x3, 0x1}, {0x3}, {0x5}, {0x3}, {0x4}, {0x4}, {0x5}, {0x2, 0x1}, {0x2}, {}, {0x5}, {0x4}, {0x4}, {0x5}, {0x5}, {0x5, 0x1}, {0x4}, {0x3}, {0x2}, {0x4, 0x1}, {0x3}, {0x5, 0x1}, {0x1}, {0x4}, {0x2}, {0x5, 0x1}, {0x4, 0x1}, {0x5}, {0x5}, {0x5}, {0x2}, {0x4}, {0x2, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x2}, {}, {0x4}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x4, 0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {0x3, 0x1}, {0x3}, {0x4, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x1}, {}, {}, {0x3, 0x1}, {0x4}, {0x2}, {0x1}, {}, {0x3, 0x1}, {0x371e711c6fc2f61}, {0x5, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x1}, {}, {0x4, 0x1}, {0x1}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {}, {0x0, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x1}, {0xf9ad1b51769e9d3d}], 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0xe8c}, 0x1, 0x0, 0x0, 0x10}, 0x0) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r5, &(0x7f0000000000)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200080314000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f0000000780)="f058050000007f8f", 0x4000}], 0x2}, 0x5) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) 2.119185778s ago: executing program 3 (id=394): socket$packet(0x11, 0x3, 0x300) syz_open_procfs(0x0, &(0x7f0000000240)='net/packet\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07710936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 2.016783839s ago: executing program 3 (id=395): r0 = syz_open_dev$loop(&(0x7f0000000200), 0x4, 0x40100) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r1, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1d, 0x0, "fee8a2ab78fc179fd1f8a0e9a1af1ea09dc2b7fb0a010000000000000000030000000000000000000000000000000000000000000000001b00", "28095397bab22d0000b42076c1ce8ef05f819e01177d3d458dac0000000000000000000800000000003788cf8f00", "90be8b1c5512406c7f00", [0x4, 0xda04]}}) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x80000000) 2.016512253s ago: executing program 1 (id=396): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) socket$inet_sctp(0x2, 0x5, 0x84) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0xc831, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) openat$binfmt(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000001100), 0x40, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff) 1.927482459s ago: executing program 3 (id=397): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000000980)="1a", 0x1}], 0x1}}], 0x1, 0x0) sendto(r0, &(0x7f0000000180)='%', 0x300000, 0x840, 0x0, 0x60) 1.638878868s ago: executing program 2 (id=398): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f00000005c0)=0x4) 1.578802001s ago: executing program 2 (id=399): bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x68010}, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000040)={0xffdffff8, 0x401, 0xfffffffd, 0xc4d3, 0x7, "0441920887e87fcb367800000000080100", 0x4, 0x1fc}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x1) 1.518479811s ago: executing program 2 (id=400): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r0, &(0x7f000004ca80)=""/102392, 0x18ff8) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/mcfilter\x00') pread64(r2, &(0x7f00000004c0)=""/170, 0xaa, 0x9) 1.026214s ago: executing program 3 (id=401): syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0xc45, 0x5112, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, "", [{{0x9, 0x4, 0x0, 0x7, 0x19, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x200, 0x3, 0x1, {0x22, 0x2d}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0xff, 0x3}}}}}]}}]}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@local}) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$6lowpan_control(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e}) ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r1, 0x7af, &(0x7f0000000080)={@hyper, 0x2}) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e}) close_range(r0, 0xffffffffffffffff, 0x0) 849.060502ms ago: executing program 2 (id=402): symlinkat(0x0, 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4c090}, 0xc000) r3 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r3, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000200), 0x4) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) sendmsg$IPCTNL_MSG_CT_GET_DYING(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x14, 0x6, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000) sendmsg$rds(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x10814}, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000180)) 521.488535ms ago: executing program 1 (id=403): prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x9}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet(0xa, 0x1, 0x186) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) r3 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x1, &(0x7f0000000000)=0x2, 0x4) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0) ioctl$FUSE_DEV_IOC_BACKING_CLOSE(r4, 0xe503, 0x0) syz_fuse_handle_req(r4, 0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, 0x0, &(0x7f0000000340)}, 0x20) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r5 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$cdc_ecm(r5, 0x0, 0x0) syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003) timer_create(0x3, 0x0, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) clock_gettime(0x0, &(0x7f0000000100)) 520.327081ms ago: executing program 0 (id=404): syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0) sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x4008800) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/185) 0s ago: executing program 2 (id=405): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) r1 = gettid() timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "0517a9f6040839040000008d776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28) recvmmsg(r2, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000b00)=""/81, 0x51}], 0x1}}], 0x1, 0x0, 0x0) recvfrom$inet6(r2, 0x0, 0x0, 0x87b0cc373e1cda89, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:9666' (ED25519) to the list of known hosts. [ 57.229816][ T5927] cgroup: Unknown subsys name 'net' [ 57.375404][ T5927] cgroup: Unknown subsys name 'cpuset' [ 57.383617][ T5927] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 58.541023][ T5927] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 63.048076][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 63.053301][ T5943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 63.055369][ T5946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 63.058475][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 63.060787][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 63.064064][ T5943] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 63.067205][ T5946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 63.072254][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 63.072388][ T5951] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 63.078195][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 63.078293][ T5946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 63.082637][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 63.084428][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 63.088214][ T5956] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 63.091936][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 63.094200][ T5956] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 63.098162][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 63.101836][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 63.103873][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 63.109906][ T5951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 63.486220][ T5950] chnl_net:caif_netlink_parms(): no params data found [ 63.537850][ T5953] chnl_net:caif_netlink_parms(): no params data found [ 63.545867][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 63.558169][ T5941] chnl_net:caif_netlink_parms(): no params data found [ 63.663904][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.667526][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.669861][ T5950] bridge_slave_0: entered allmulticast mode [ 63.673543][ T5950] bridge_slave_0: entered promiscuous mode [ 63.679605][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.683043][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.685929][ T5950] bridge_slave_1: entered allmulticast mode [ 63.688729][ T5950] bridge_slave_1: entered promiscuous mode [ 63.741854][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.744326][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.746706][ T5940] bridge_slave_0: entered allmulticast mode [ 63.749572][ T5940] bridge_slave_0: entered promiscuous mode [ 63.769087][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.771820][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.774388][ T5953] bridge_slave_0: entered allmulticast mode [ 63.777516][ T5953] bridge_slave_0: entered promiscuous mode [ 63.782376][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.785315][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.787893][ T5940] bridge_slave_1: entered allmulticast mode [ 63.791371][ T5940] bridge_slave_1: entered promiscuous mode [ 63.803092][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.807952][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.818418][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.823623][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.826109][ T5953] bridge_slave_1: entered allmulticast mode [ 63.828986][ T5953] bridge_slave_1: entered promiscuous mode [ 63.882123][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.887165][ T5950] team0: Port device team_slave_0 added [ 63.891298][ T5950] team0: Port device team_slave_1 added [ 63.893252][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.895764][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.898135][ T5941] bridge_slave_0: entered allmulticast mode [ 63.901839][ T5941] bridge_slave_0: entered promiscuous mode [ 63.905612][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.908305][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.911304][ T5941] bridge_slave_1: entered allmulticast mode [ 63.914479][ T5941] bridge_slave_1: entered promiscuous mode [ 63.918726][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.924020][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.928378][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.976647][ T5940] team0: Port device team_slave_0 added [ 63.994386][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.996672][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.005123][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.011549][ T5940] team0: Port device team_slave_1 added [ 64.017077][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.021738][ T5953] team0: Port device team_slave_0 added [ 64.024270][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.026746][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.035675][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.056006][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.060222][ T5953] team0: Port device team_slave_1 added [ 64.075452][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.078010][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.088526][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.129124][ T5941] team0: Port device team_slave_0 added [ 64.132283][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.134747][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.143962][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.174162][ T5941] team0: Port device team_slave_1 added [ 64.177370][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.179678][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.188895][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.195917][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.199212][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.212296][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.245344][ T5950] hsr_slave_0: entered promiscuous mode [ 64.249046][ T5950] hsr_slave_1: entered promiscuous mode [ 64.299642][ T5940] hsr_slave_0: entered promiscuous mode [ 64.302850][ T5940] hsr_slave_1: entered promiscuous mode [ 64.306047][ T5940] debugfs: 'hsr0' already exists in 'hsr' [ 64.308766][ T5940] Cannot create hsr debugfs directory [ 64.312527][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.315825][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.326969][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.334870][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.337722][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.348479][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.403588][ T5953] hsr_slave_0: entered promiscuous mode [ 64.406284][ T5953] hsr_slave_1: entered promiscuous mode [ 64.408865][ T5953] debugfs: 'hsr0' already exists in 'hsr' [ 64.411041][ T5953] Cannot create hsr debugfs directory [ 64.502829][ T5941] hsr_slave_0: entered promiscuous mode [ 64.506411][ T5941] hsr_slave_1: entered promiscuous mode [ 64.508611][ T5941] debugfs: 'hsr0' already exists in 'hsr' [ 64.510559][ T5941] Cannot create hsr debugfs directory [ 64.839183][ T5950] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 64.848366][ T5950] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 64.853230][ T5950] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 64.860111][ T5950] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 64.863847][ T5950] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 64.873500][ T5950] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 64.876864][ T5950] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.881236][ T5950] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 64.936917][ T5941] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 64.944862][ T5941] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 64.948055][ T5941] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 64.955538][ T5941] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 64.959469][ T5941] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 64.965194][ T5941] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 64.968292][ T5941] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 64.975784][ T5941] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 65.048506][ T5953] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 65.056321][ T5953] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 65.065612][ T5953] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 65.070999][ T5953] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 65.075299][ T5953] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 65.081379][ T5953] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 65.085476][ T5953] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 65.091797][ T5953] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 65.112146][ T5951] Bluetooth: hci0: command tx timeout [ 65.181945][ T5940] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 65.189317][ T5940] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 65.199825][ T5940] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 65.200606][ T5951] Bluetooth: hci3: command tx timeout [ 65.200794][ T5949] Bluetooth: hci2: command tx timeout [ 65.201242][ T62] Bluetooth: hci1: command tx timeout [ 65.213268][ T5940] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 65.222558][ T5940] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 65.227559][ T5940] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 65.238650][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.243798][ T5940] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.251849][ T5940] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 65.290152][ T5950] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.306777][ T81] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.309699][ T81] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.324802][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.327244][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.356563][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.397429][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.413366][ T335] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.417019][ T335] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.423452][ T335] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.426473][ T335] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.436387][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.479513][ T5953] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.493554][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.508372][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.512139][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.534632][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.538339][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.545859][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.577016][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.580168][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.601191][ T335] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.604556][ T335] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.643184][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.714112][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.736440][ T5950] veth0_vlan: entered promiscuous mode [ 65.754827][ T5950] veth1_vlan: entered promiscuous mode [ 65.797770][ T5941] veth0_vlan: entered promiscuous mode [ 65.806627][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.815748][ T5941] veth1_vlan: entered promiscuous mode [ 65.847178][ T5950] veth0_macvtap: entered promiscuous mode [ 65.858169][ T5950] veth1_macvtap: entered promiscuous mode [ 65.896004][ T5941] veth0_macvtap: entered promiscuous mode [ 65.907557][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.913747][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.917567][ T5941] veth1_macvtap: entered promiscuous mode [ 65.923860][ T5953] veth0_vlan: entered promiscuous mode [ 65.932120][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.950873][ T5953] veth1_vlan: entered promiscuous mode [ 65.954471][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.959845][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.974706][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.977721][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.988439][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.014937][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.025840][ T5940] veth0_vlan: entered promiscuous mode [ 66.033559][ T5953] veth0_macvtap: entered promiscuous mode [ 66.040026][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.043443][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.052777][ T5940] veth1_vlan: entered promiscuous mode [ 66.059620][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.063608][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.068666][ T5953] veth1_macvtap: entered promiscuous mode [ 66.113675][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.117702][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.132678][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.143256][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.177259][ T81] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.184231][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.187232][ T81] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.187457][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.193531][ T81] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.206718][ T5940] veth0_macvtap: entered promiscuous mode [ 66.217905][ T81] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.229294][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.234776][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.237641][ T5940] veth1_macvtap: entered promiscuous mode [ 66.284595][ T5950] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 66.285192][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.293425][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.294979][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.297020][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.299663][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.311266][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.342684][ T216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.343461][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.350109][ T216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.367848][ T216] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.371696][ T216] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.387521][ T216] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.437803][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.439640][ T6031] fuse: Unknown parameter '' [ 66.444635][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.477968][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.482086][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.598223][ T6039] Illegal XDP return value 4294967294 on prog (id 2) dev syz_tun, expect packet loss! [ 66.617275][ T6042] overlayfs: failed to resolve './file1': -2 [ 66.639465][ T6042] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'. [ 66.841921][ T6047] fuse: Bad value for 'fd' [ 67.190810][ T5951] Bluetooth: hci0: command tx timeout [ 67.280764][ T5951] Bluetooth: hci1: command tx timeout [ 67.281697][ T62] Bluetooth: hci3: command tx timeout [ 67.284173][ T5949] Bluetooth: hci2: command tx timeout [ 67.900227][ T6067] fuse: Bad value for 'fd' [ 68.251039][ T6030] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 69.011718][ T6030] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 69.271100][ T5949] Bluetooth: hci0: command tx timeout [ 69.350658][ T5949] Bluetooth: hci3: command tx timeout [ 69.361804][ T5949] Bluetooth: hci2: command tx timeout [ 69.363989][ T5951] Bluetooth: hci1: command tx timeout [ 69.591238][ T39] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 70.025329][ T6111] ip6gre1: entered allmulticast mode [ 70.033300][ T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 70.106922][ T6106] ======================================================= [ 70.106922][ T6106] WARNING: The mand mount option has been deprecated and [ 70.106922][ T6106] and is ignored by this kernel. Remove the mand [ 70.106922][ T6106] option from the mount to silence this warning. [ 70.106922][ T6106] ======================================================= [ 71.361012][ T5949] Bluetooth: hci0: command tx timeout [ 71.431984][ T5949] Bluetooth: hci2: command tx timeout [ 71.432731][ T5951] Bluetooth: hci1: command tx timeout [ 71.433059][ T62] Bluetooth: hci3: command tx timeout [ 74.470921][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 76.476611][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.480643][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 78.455128][ T2298] libceph: connect (1)[c::]:6789 error -101 [ 78.458485][ T2298] libceph: mon0 (1)[c::]:6789 connect error [ 78.463558][ T2298] libceph: connect (1)[c::]:6789 error -101 [ 78.465788][ T2298] libceph: mon0 (1)[c::]:6789 connect error [ 78.569570][ C2] sr 2:0:0:0: [sr0] tag#12 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 78.572951][ T6158] Zero length message leads to an empty skb [ 78.572988][ C2] sr 2:0:0:0: [sr0] tag#12 CDB: Regenerate(16) 82 5a 86 a5 26 a3 50 1f b1 dd 8d ff 3e 90 d6 f5 [ 78.702044][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 78.726409][ T5729] libceph: connect (1)[c::]:6789 error -101 [ 78.730170][ T5729] libceph: mon0 (1)[c::]:6789 connect error [ 79.231231][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 79.245913][ T5729] libceph: connect (1)[c::]:6789 error -101 [ 79.248121][ T5729] libceph: mon0 (1)[c::]:6789 connect error [ 79.255584][ T6143] ceph: No mds server is up or the cluster is laggy [ 80.399733][ T40] audit: type=1800 audit(1776358144.313:2): pid=6193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.31" name="file1" dev="overlay" ino=77 res=0 errno=0 [ 80.539143][ T6195] netlink: 12 bytes leftover after parsing attributes in process `syz.3.33'. [ 83.511185][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 83.522020][ T40] audit: type=1326 audit(1776358147.433:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.531082][ T40] audit: type=1326 audit(1776358147.433:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.535712][ T6216] process 'syz.3.36' launched './file2' with NULL argv: empty string added [ 83.542466][ T40] audit: type=1326 audit(1776358147.433:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.551199][ T40] audit: type=1326 audit(1776358147.433:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.560398][ T40] audit: type=1326 audit(1776358147.443:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.569446][ T40] audit: type=1326 audit(1776358147.453:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.655496][ T40] audit: type=1326 audit(1776358147.573:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.670962][ T40] audit: type=1326 audit(1776358147.573:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.693884][ T40] audit: type=1326 audit(1776358147.613:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.36" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf700efcc code=0x7ffc0000 [ 83.897331][ T6216] netlink: 84 bytes leftover after parsing attributes in process `syz.3.36'. [ 85.625546][ T6256] netlink: 16 bytes leftover after parsing attributes in process `syz.3.48'. [ 85.628840][ T6256] netlink: 5 bytes leftover after parsing attributes in process `syz.3.48'. [ 85.635187][ T6256] netlink: 28 bytes leftover after parsing attributes in process `syz.3.48'. [ 85.638166][ T6256] netlink: 28 bytes leftover after parsing attributes in process `syz.3.48'. [ 86.264490][ T6258] netlink: 'syz.3.49': attribute type 2 has an invalid length. [ 86.269959][ T6258] netlink: 12 bytes leftover after parsing attributes in process `syz.3.49'. [ 86.292979][ T6257] ALSA: mixer_oss: invalid OSS volume 'SYJTH' [ 86.441972][ T6030] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 86.671537][ T39] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 86.726950][ T10] cfg80211: failed to load regulatory.db [ 87.319609][ T6282] netlink: 12 bytes leftover after parsing attributes in process `syz.0.57'. [ 87.731631][ T39] usb 8-1: Using ep0 maxpacket: 8 [ 87.738661][ T39] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.742428][ T39] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.745648][ T39] usb 8-1: config 0 interface 0 has no altsetting 0 [ 87.747893][ T39] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 87.751388][ T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.761288][ T39] usb 8-1: config 0 descriptor?? [ 88.213370][ T39] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 88.216565][ T39] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 88.365639][ T39] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 88.367954][ T39] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 88.370164][ T39] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 88.374541][ T39] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 88.712706][ T6271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.744672][ T6271] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.924982][ T6306] netlink: 8 bytes leftover after parsing attributes in process `syz.0.63'. [ 88.933872][ T6306] netlink: 8 bytes leftover after parsing attributes in process `syz.0.63'. [ 89.645150][ T39] usb 8-1: reset high-speed USB device number 2 using dummy_hcd [ 89.903609][ T6331] 9pnet_virtio: no channels available for device syz [ 91.602412][ T1024] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 91.611547][ T40] kauditd_printk_skb: 35 callbacks suppressed [ 91.611561][ T40] audit: type=1800 audit(1776358156.523:47): pid=6334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.68" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0 [ 91.611916][ T6334] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 91.625488][ T6334] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 91.629067][ T6334] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 91.673972][ T6333] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 91.677092][ T6333] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 91.686658][ T6333] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 91.691142][ T6333] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 91.693279][ T6333] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 91.697066][ T6333] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 91.699974][ T6333] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 91.703343][ T6333] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 91.731120][ T6333] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 91.979200][ T6357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.72'. [ 92.006918][ T6351] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.011371][ T6351] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.079356][ T6360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.72'. [ 92.089725][ T6351] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 92.097662][ T6351] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 92.140768][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.72'. [ 92.147010][ T6361] netlink: 348 bytes leftover after parsing attributes in process `syz.2.72'. [ 92.153289][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.72'. [ 92.158469][ T6361] netlink: 348 bytes leftover after parsing attributes in process `syz.2.72'. [ 92.164068][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.72'. [ 92.219916][ T6363] netlink: 164 bytes leftover after parsing attributes in process `syz.0.73'. [ 92.268982][ T24] usb 8-1: USB disconnect, device number 2 [ 92.389358][ T335] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.399441][ T335] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.413318][ T39] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 92.414892][ T335] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.433945][ T335] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.597816][ T6377] netlink: 'syz.0.76': attribute type 1 has an invalid length. [ 92.806921][ T6380] faux_driver vkms: [drm] Unknown color mode 9; guessing buffer size. [ 93.754263][ T5951] Bluetooth: hci3: command 0x0c1a tx timeout [ 93.754384][ T5949] Bluetooth: hci2: command 0x0c1a tx timeout [ 93.756554][ T62] Bluetooth: hci1: command 0x0c1a tx timeout [ 95.832213][ T5949] Bluetooth: hci2: command 0x0c1a tx timeout [ 95.835336][ T5951] Bluetooth: hci3: command 0x0c1a tx timeout [ 95.835498][ T62] Bluetooth: hci1: command 0x0c1a tx timeout [ 97.912274][ T5951] Bluetooth: hci2: command 0x0c1a tx timeout [ 97.912320][ T62] Bluetooth: hci3: command 0x0c1a tx timeout [ 97.921920][ T62] Bluetooth: hci1: command 0x0c1a tx timeout [ 100.152006][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 100.271892][ T829] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 100.322385][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 100.435536][ T829] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 100.456951][ T829] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.460656][ T829] usb 8-1: Product: syz [ 100.464534][ T829] usb 8-1: Manufacturer: syz [ 100.469590][ T829] usb 8-1: SerialNumber: syz [ 100.480906][ T829] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 100.560924][ T6426] syz.2.82 uses obsolete (PF_INET,SOCK_PACKET) [ 101.490973][ T829] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 101.502074][ T6434] warning: `syz.1.84' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 101.937595][ T24] usb 8-1: USB disconnect, device number 3 [ 102.257232][ T6450] netlink: 12 bytes leftover after parsing attributes in process `syz.0.87'. [ 102.562178][ T829] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive [ 102.567364][ T829] ath9k_htc: Failed to initialize the device [ 102.570377][ T24] usb 8-1: ath9k_htc: USB layer deinitialized [ 103.732663][ T6465] kAFS: unable to lookup cell '(,c¾ûL' [ 104.234930][ T6479] netlink: 92 bytes leftover after parsing attributes in process `syz.0.87'. [ 104.362387][ T6482] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11) [ 104.364644][ T6482] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 104.371564][ T6482] vhci_hcd vhci_hcd.0: Device attached [ 104.589680][ T6483] vhci_hcd: connection closed [ 104.590671][ T60] vhci_hcd vhci_hcd.2: stop threads [ 104.596439][ T60] vhci_hcd vhci_hcd.2: release socket [ 104.600576][ T60] vhci_hcd vhci_hcd.2: disconnect device [ 104.632026][ T6006] usb 42-1: enqueue for inactive port 0 [ 105.129430][ T6006] usb usb42-port1: attempt power cycle [ 105.702445][ T6006] usb usb42-port1: unable to enumerate USB device [ 109.713204][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 110.313646][ T6535] fuse: Bad value for 'user_id' [ 110.323161][ T6535] fuse: Bad value for 'user_id' [ 110.453324][ T6547] FAULT_INJECTION: forcing a failure. [ 110.453324][ T6547] name failslab, interval 1, probability 0, space 0, times 1 [ 110.458936][ T6547] CPU: 3 UID: 0 PID: 6547 Comm: syz.2.102 Not tainted syzkaller #0 PREEMPT(full) [ 110.458955][ T6547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.458962][ T6547] Call Trace: [ 110.459080][ T6547] [ 110.459086][ T6547] dump_stack_lvl+0x100/0x190 [ 110.459105][ T6547] should_fail_ex.cold+0x5/0xa [ 110.459121][ T6547] ? tomoyo_realpath_from_path+0xb6/0x690 [ 110.459141][ T6547] should_failslab+0xc2/0x120 [ 110.459155][ T6547] __kmalloc_noprof+0xe0/0x850 [ 110.459172][ T6547] ? kfree+0x1dd/0x6c0 [ 110.459187][ T6547] tomoyo_realpath_from_path+0xb6/0x690 [ 110.459209][ T6547] tomoyo_path_number_perm+0x23c/0x580 [ 110.459224][ T6547] ? tomoyo_path_number_perm+0x22e/0x580 [ 110.459245][ T6547] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 110.459265][ T6547] ? get_pid_task+0x106/0x250 [ 110.459306][ T6547] ? find_held_lock+0x2b/0x80 [ 110.459329][ T6547] ? __fget_files+0x215/0x3d0 [ 110.459348][ T6547] ? hook_file_ioctl_common+0x149/0x410 [ 110.459362][ T6547] ? __fget_files+0x215/0x3d0 [ 110.459381][ T6547] ? __fget_files+0x21f/0x3d0 [ 110.459401][ T6547] security_file_ioctl_compat+0xd3/0x230 [ 110.459418][ T6547] __ia32_compat_sys_ioctl+0xc2/0x360 [ 110.459436][ T6547] __do_fast_syscall_32+0xe7/0x950 [ 110.459457][ T6547] ? lockdep_hardirqs_on+0x78/0x100 [ 110.459474][ T6547] do_fast_syscall_32+0x32/0x70 [ 110.459491][ T6547] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 110.459506][ T6547] RIP: 0023:0xf701efcc [ 110.459516][ T6547] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 110.459526][ T6547] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 110.459538][ T6547] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c008ae88 [ 110.459544][ T6547] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000 [ 110.459551][ T6547] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 110.459557][ T6547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.459564][ T6547] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 110.459577][ T6547] [ 110.459584][ T6547] ERROR: Out of memory at tomoyo_realpath_from_path. [ 119.890447][ T6575] FAULT_INJECTION: forcing a failure. [ 119.890447][ T6575] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 119.895449][ T6575] CPU: 3 UID: 0 PID: 6575 Comm: syz.2.107 Not tainted syzkaller #0 PREEMPT(full) [ 119.895466][ T6575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 119.895472][ T6575] Call Trace: [ 119.895477][ T6575] [ 119.895482][ T6575] dump_stack_lvl+0x100/0x190 [ 119.895503][ T6575] should_fail_ex.cold+0x5/0xa [ 119.895520][ T6575] _copy_from_user+0x2e/0xd0 [ 119.895539][ T6575] sctp_getsockopt+0x2d23/0x7080 [ 119.895558][ T6575] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 119.895579][ T6575] ? __lock_acquire+0x4a5/0x2630 [ 119.895599][ T6575] ? __pfx_sctp_getsockopt+0x10/0x10 [ 119.895613][ T6575] ? _parse_integer_limit+0x17f/0x1d0 [ 119.895631][ T6575] ? __pfx___might_resched+0x10/0x10 [ 119.895647][ T6575] ? aa_sk_perm+0x309/0xaa0 [ 119.895664][ T6575] ? __pfx_aa_sk_perm+0x10/0x10 [ 119.895683][ T6575] ? aa_sock_opt_perm+0xfe/0x1b0 [ 119.895701][ T6575] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 119.895718][ T6575] do_sock_getsockopt+0x50a/0x6e0 [ 119.895732][ T6575] ? __lock_acquire+0x4a5/0x2630 [ 119.895751][ T6575] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 119.895768][ T6575] ? find_held_lock+0x2b/0x80 [ 119.895784][ T6575] ? __fget_files+0x21f/0x3d0 [ 119.895806][ T6575] __sys_getsockopt+0x133/0x1d0 [ 119.895828][ T6575] ? __ia32_sys_getsockopt+0xbc/0x160 [ 119.895845][ T6575] __ia32_sys_getsockopt+0xbc/0x160 [ 119.895862][ T6575] ? __do_fast_syscall_32+0x98/0x950 [ 119.895880][ T6575] ? lockdep_hardirqs_on+0x78/0x100 [ 119.895895][ T6575] __do_fast_syscall_32+0xe7/0x950 [ 119.895911][ T6575] ? lockdep_hardirqs_on+0x78/0x100 [ 119.895927][ T6575] do_fast_syscall_32+0x32/0x70 [ 119.895944][ T6575] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 119.895959][ T6575] RIP: 0023:0xf701efcc [ 119.895969][ T6575] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 119.895979][ T6575] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016d [ 119.895991][ T6575] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084 [ 119.895997][ T6575] RDX: 000000000000000a RSI: 0000000080000000 RDI: 0000000080000080 [ 119.896003][ T6575] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 119.896010][ T6575] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 119.896017][ T6575] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 119.896030][ T6575] [ 120.105149][ T6587] netlink: 'syz.2.110': attribute type 1 has an invalid length. [ 120.175237][ T6587] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 120.185055][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz.2.110'. [ 120.190025][ T6594] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 120.200166][ T6593] lo: entered allmulticast mode [ 120.203841][ T6593] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 120.216372][ T6587] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface [ 120.231363][ T6587] bond1 (unregistering): Released all slaves [ 120.279121][ T6593] bridge_slave_0: left allmulticast mode [ 120.281630][ T6593] bridge_slave_0: left promiscuous mode [ 120.284669][ T6593] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.298029][ T6593] bridge_slave_1: left allmulticast mode [ 120.300382][ T6593] bridge_slave_1: left promiscuous mode [ 120.311414][ T6593] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.325933][ T6593] bond0: (slave bond_slave_0): Releasing backup interface [ 120.334661][ T6593] bond0: (slave bond_slave_1): Releasing backup interface [ 120.350376][ T6593] team0: Port device team_slave_0 removed [ 120.357898][ T6593] team0: Port device team_slave_1 removed [ 120.360980][ T6593] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 120.364734][ T6593] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 120.369275][ T6593] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 120.372223][ T6593] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 120.377158][ T6593] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 120.385536][ T6598] lo: entered allmulticast mode [ 120.390243][ T6598] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 120.403462][ T6599] bridge_slave_0: left allmulticast mode [ 120.405511][ T6599] bridge_slave_0: left promiscuous mode [ 120.407644][ T6599] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.423193][ T6599] bridge_slave_1: left allmulticast mode [ 120.434435][ T6599] bridge_slave_1: left promiscuous mode [ 120.437266][ T6599] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.447525][ T6599] bond0: (slave bond_slave_0): Releasing backup interface [ 120.453927][ T6599] bond0: (slave bond_slave_1): Releasing backup interface [ 120.463431][ T6599] team0: Port device team_slave_0 removed [ 120.468779][ T6599] team0: Port device team_slave_1 removed [ 120.472685][ T6599] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 120.475731][ T6599] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 120.480165][ T6599] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 120.483118][ T6599] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 120.487145][ T6599] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 120.493072][ T6601] lo: entered allmulticast mode [ 120.497986][ T6601] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 120.510535][ T6603] bridge_slave_0: left allmulticast mode [ 120.512823][ T6603] bridge_slave_0: left promiscuous mode [ 120.514696][ T6603] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.522274][ T6603] bridge_slave_1: left allmulticast mode [ 120.524523][ T6603] bridge_slave_1: left promiscuous mode [ 120.527273][ T6603] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.534818][ T6603] bond0: (slave bond_slave_0): Releasing backup interface [ 120.540687][ T6603] bond0: (slave bond_slave_1): Releasing backup interface [ 120.552679][ T6603] team0: Port device team_slave_0 removed [ 120.558796][ T6603] team0: Port device team_slave_1 removed [ 120.561469][ T6603] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 120.565014][ T6603] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 120.568824][ T6603] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 120.571345][ T6603] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 120.573829][ T6612] FAULT_INJECTION: forcing a failure. [ 120.573829][ T6612] name failslab, interval 1, probability 0, space 0, times 0 [ 120.580650][ T6612] CPU: 2 UID: 0 PID: 6612 Comm: syz.3.118 Not tainted syzkaller #0 PREEMPT(full) [ 120.580674][ T6612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 120.580684][ T6612] Call Trace: [ 120.580691][ T6612] [ 120.580698][ T6612] dump_stack_lvl+0x100/0x190 [ 120.580723][ T6612] should_fail_ex.cold+0x5/0xa [ 120.580746][ T6612] ? tomoyo_realpath_from_path+0xb6/0x690 [ 120.580774][ T6612] should_failslab+0xc2/0x120 [ 120.580791][ T6612] __kmalloc_noprof+0xe0/0x850 [ 120.580814][ T6612] ? kfree+0x1dd/0x6c0 [ 120.580836][ T6612] tomoyo_realpath_from_path+0xb6/0x690 [ 120.580866][ T6612] tomoyo_path_number_perm+0x23c/0x580 [ 120.580886][ T6612] ? tomoyo_path_number_perm+0x22e/0x580 [ 120.580909][ T6612] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 120.580946][ T6612] ? get_pid_task+0x106/0x250 [ 120.580990][ T6612] ? find_held_lock+0x2b/0x80 [ 120.581009][ T6612] ? __fget_files+0x215/0x3d0 [ 120.581033][ T6612] ? hook_file_ioctl_common+0x149/0x410 [ 120.581053][ T6612] ? __fget_files+0x215/0x3d0 [ 120.581179][ T6612] ? __fget_files+0x21f/0x3d0 [ 120.581206][ T6612] security_file_ioctl_compat+0xd3/0x230 [ 120.581231][ T6612] __ia32_compat_sys_ioctl+0xc2/0x360 [ 120.581257][ T6612] __do_fast_syscall_32+0xe7/0x950 [ 120.581282][ T6612] ? lockdep_hardirqs_on+0x78/0x100 [ 120.581304][ T6612] do_fast_syscall_32+0x32/0x70 [ 120.581327][ T6612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 120.581348][ T6612] RIP: 0023:0xf700efcc [ 120.581361][ T6612] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 120.581376][ T6612] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 120.581397][ T6612] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 120.581406][ T6612] RDX: 0000000080000580 RSI: 0000000000000000 RDI: 0000000000000000 [ 120.581415][ T6612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 120.581424][ T6612] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 120.581433][ T6612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 120.581454][ T6612] [ 120.581490][ T6612] ERROR: Out of memory at tomoyo_realpath_from_path. [ 120.582160][ T6603] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 120.819148][ T6623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'. [ 121.137519][ T6631] comedi: valid board names for 8255 driver are: [ 121.141188][ T6631] 8255 [ 121.144996][ T6631] comedi: valid board names for vmk80xx driver are: [ 121.147284][ T6631] vmk80xx [ 121.148287][ T6631] comedi: valid board names for usbduxsigma driver are: [ 121.150503][ T6631] usbduxsigma [ 121.151660][ T6631] comedi: valid board names for usbduxfast driver are: [ 121.158318][ T6631] usbduxfast [ 121.162320][ T6631] comedi: valid board names for usbdux driver are: [ 121.165194][ T6631] usbdux [ 121.166183][ T6631] comedi: valid board names for ni6501 driver are: [ 121.168684][ T6631] ni6501 [ 121.169752][ T6631] comedi: valid board names for dt9812 driver are: [ 121.172818][ T6631] dt9812 [ 121.173970][ T6631] comedi: valid board names for ni_labpc_cs driver are: [ 121.176671][ T6631] ni_labpc_cs [ 121.178180][ T6631] comedi: valid board names for ni_daq_700 driver are: [ 121.180973][ T6631] ni_daq_700 [ 121.182933][ T6631] comedi: valid board names for labpc_pci driver are: [ 121.186206][ T6631] labpc_pci [ 121.187771][ T6631] comedi: valid board names for adl_pci9118 driver are: [ 121.190790][ T6633] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 121.194029][ T6631] pci9118dg [ 121.195707][ T6631] pci9118hg [ 121.197281][ T6631] pci9118hr [ 121.198656][ T6631] comedi: valid board names for 8255_pci driver are: [ 121.201342][ T6631] 8255_pci [ 121.202851][ T6631] comedi: valid board names for s526 driver are: [ 121.205547][ T6631] s526 [ 121.206838][ T6631] comedi: valid board names for multiq3 driver are: [ 121.209613][ T6631] multiq3 [ 121.211130][ T6631] comedi: valid board names for pcmuio driver are: [ 121.213917][ T6631] pcmuio48 [ 121.215225][ T6631] pcmuio96 [ 121.216611][ T6631] comedi: valid board names for pcmmio driver are: [ 121.219235][ T6631] pcmmio [ 121.220490][ T6631] comedi: valid board names for pcmda12 driver are: [ 121.223253][ T6631] pcmda12 [ 121.224249][ T6631] comedi: valid board names for pcmad driver are: [ 121.226332][ T6631] pcmad12 [ 121.227515][ T6631] pcmad16 [ 121.228550][ T6631] comedi: valid board names for ni_labpc driver are: [ 121.230700][ T6631] lab-pc-1200 [ 121.231930][ T6631] lab-pc-1200ai [ 121.233069][ T6631] lab-pc+ [ 121.234093][ T6631] comedi: valid board names for atmio16 driver are: [ 121.237153][ T6631] atmio16 [ 121.238337][ T6631] atmio16d [ 121.239557][ T6631] comedi: valid board names for ni_at_ao driver are: [ 121.243430][ T6631] at-ao-6 [ 121.244497][ T6631] at-ao-10 [ 121.245557][ T6631] comedi: valid board names for ni_at_a2150 driver are: [ 121.247918][ T6631] ni_at_a2150 [ 121.249063][ T6631] comedi: valid board names for adq12b driver are: [ 121.251239][ T6631] adq12b [ 121.252994][ T6631] comedi: valid board names for mpc624 driver are: [ 121.255913][ T6631] mpc624 [ 121.257191][ T6631] comedi: valid board names for c6xdigio driver are: [ 121.259627][ T6631] c6xdigio [ 121.260772][ T6631] comedi: valid board names for aio_iiro_16 driver are: [ 121.263292][ T6631] aio_iiro_16 [ 121.264446][ T6631] comedi: valid board names for aio_aio12_8 driver are: [ 121.266776][ T6631] aio_aio12_8 [ 121.267964][ T6631] aio_ai12_8 [ 121.268257][ T6633] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.269151][ T6631] aio_ao12_4 [ 121.274426][ T6631] comedi: valid board names for fl512 driver are: [ 121.274441][ T6631] fl512 [ 121.274447][ T6631] comedi: valid board names for dmm32at driver are: [ 121.274455][ T6631] dmm32at [ 121.274460][ T6631] comedi: valid board names for dt282x driver are: [ 121.274469][ T6631] dt2821 [ 121.274474][ T6631] dt2821-f [ 121.274480][ T6631] dt2821-g [ 121.274487][ T6631] dt2823 [ 121.274494][ T6631] dt2824-pgh [ 121.274500][ T6631] dt2824-pgl [ 121.274506][ T6631] dt2825 [ 121.274513][ T6631] dt2827 [ 121.274517][ T6631] dt2828 [ 121.274523][ T6631] dt2829 [ 121.274529][ T6631] dt21-ez [ 121.274535][ T6631] dt23-ez [ 121.274541][ T6631] dt24-ez [ 121.274547][ T6631] dt24-ez-pgl [ 121.274554][ T6631] comedi: valid board names for dt2817 driver are: [ 121.274562][ T6631] dt2817 [ 121.274568][ T6631] comedi: valid board names for dt2815 driver are: [ 121.274576][ T6631] dt2815 [ 121.274585][ T6631] comedi: valid board names for dt2814 driver are: [ 121.274593][ T6631] dt2814 [ 121.274599][ T6631] comedi: valid board names for dt2811 driver are: [ 121.274607][ T6631] dt2811-pgh [ 121.274614][ T6631] dt2811-pgl [ 121.274620][ T6631] comedi: valid board names for dt2801 driver are: [ 121.274628][ T6631] dt2801 [ 121.274633][ T6631] comedi: valid board names for das6402 driver are: [ 121.274639][ T6631] das6402-12 [ 121.274644][ T6631] das6402-16 [ 121.274649][ T6631] comedi: valid board names for das1800 driver are: [ 121.274656][ T6631] das-1701st [ 121.274661][ T6631] das-1701st-da [ 121.274666][ T6631] das-1702st [ 121.274671][ T6631] das-1702st-da [ 121.274676][ T6631] das-1702hr [ 121.274680][ T6631] das-1702hr-da [ 121.274685][ T6631] das-1701ao [ 121.274690][ T6631] das-1702ao [ 121.274695][ T6631] das-1801st [ 121.274700][ T6631] das-1801st-da [ 121.274705][ T6631] das-1802st [ 121.274710][ T6631] das-1802st-da [ 121.274715][ T6631] das-1802hr [ 121.274720][ T6631] das-1802hr-da [ 121.274725][ T6631] das-1801hc [ 121.274729][ T6631] das-1802hc [ 121.274735][ T6631] das-1801ao [ 121.274739][ T6631] das-1802ao [ 121.274745][ T6631] comedi: valid board names for das800 driver are: [ 121.274751][ T6631] das-800 [ 121.274755][ T6631] cio-das800 [ 121.274760][ T6631] das-801 [ 121.274765][ T6631] cio-das801 [ 121.274770][ T6631] das-802 [ 121.274775][ T6631] cio-das802 [ 121.274780][ T6631] cio-das802/16 [ 121.274785][ T6631] comedi: valid board names for isa-das08 driver are: [ 121.274791][ T6631] isa-das08 [ 121.274796][ T6631] das08-pgm [ 121.274801][ T6631] das08-pgh [ 121.274806][ T6631] das08-pgl [ 121.274811][ T6631] das08-aoh [ 121.274816][ T6631] das08-aol [ 121.274821][ T6631] das08-aom [ 121.274825][ T6631] das08/jr-ao [ 121.274830][ T6631] das08jr-16-ao [ 121.274835][ T6631] pc104-das08 [ 121.274840][ T6631] das08jr/16 [ 121.274845][ T6631] comedi: valid board names for das16m1 driver are: [ 121.274852][ T6631] das16m1 [ 121.274856][ T6631] comedi: valid board names for dac02 driver are: [ 121.274863][ T6631] dac02 [ 121.274867][ T6631] comedi: valid board names for rti802 driver are: [ 121.274874][ T6631] rti802 [ 121.274879][ T6631] comedi: valid board names for rti800 driver are: [ 121.274885][ T6631] rti800 [ 121.274890][ T6631] rti815 [ 121.274894][ T6631] comedi: valid board names for pcm3724 driver are: [ 121.274901][ T6631] pcm3724 [ 121.274905][ T6631] comedi: valid board names for pcl818 driver are: [ 121.274912][ T6631] pcl818l [ 121.274919][ T6631] pcl818h [ 121.274925][ T6631] pcl818hd [ 121.274931][ T6631] pcl818hg [ 121.274939][ T6631] pcl818 [ 121.274945][ T6631] pcl718 [ 121.274949][ T6631] pcm3718 [ 121.274954][ T6631] comedi: valid board names for pcl816 driver are: [ 121.274960][ T6631] pcl816 [ 121.274965][ T6631] pcl814b [ 121.274970][ T6631] comedi: valid board names for pcl812 driver are: [ 121.274976][ T6631] pcl812 [ 121.274981][ T6631] pcl812pg [ 121.274986][ T6631] acl8112pg [ 121.274991][ T6631] acl8112dg [ 121.274995][ T6631] acl8112hg [ 121.275000][ T6631] a821pgl [ 121.275005][ T6631] a821pglnda [ 121.275010][ T6631] a821pgh [ 121.275014][ T6631] a822pgl [ 121.275019][ T6631] a822pgh [ 121.275023][ T6631] a823pgl [ 121.275028][ T6631] a823pgh [ 121.275033][ T6631] pcl813 [ 121.275037][ T6631] pcl813b [ 121.275042][ T6631] acl8113 [ 121.275046][ T6631] iso813 [ 121.275051][ T6631] acl8216 [ 121.275056][ T6631] a826pg [ 121.275061][ T6631] comedi: valid board names for pcl730 driver are: [ 121.275067][ T6631] pcl730 [ 121.275072][ T6631] iso730 [ 121.275076][ T6631] acl7130 [ 121.275081][ T6631] pcm3730 [ 121.275086][ T6631] pcl725 [ 121.275090][ T6631] p8r8dio [ 121.275095][ T6631] acl7225b [ 121.275100][ T6631] p16r16dio [ 121.275105][ T6631] pcl733 [ 121.275109][ T6631] pcl734 [ 121.275114][ T6631] opmm-1616-xt [ 121.275119][ T6631] pearl-mm-p [ 121.275124][ T6631] ir104-pbf [ 121.275130][ T6631] comedi: valid board names for pcl726 driver are: [ 121.275136][ T6631] pcl726 [ 121.275141][ T6631] pcl727 [ 121.275145][ T6631] pcl728 [ 121.275150][ T6631] acl6126 [ 121.275155][ T6631] acl6128 [ 121.275159][ T6631] comedi: valid board names for pcl724 driver are: [ 121.275166][ T6631] pcl724 [ 121.275171][ T6631] pcl722 [ 121.275175][ T6631] pcl731 [ 121.275180][ T6631] acl7122 [ 121.275185][ T6631] acl7124 [ 121.275189][ T6631] pet48dio [ 121.275194][ T6631] pcmio48 [ 121.275199][ T6631] onyx-mm-dio [ 121.275204][ T6631] comedi: valid board names for pcl711 driver are: [ 121.275210][ T6631] pcl711 [ 121.275215][ T6631] pcl711b [ 121.275220][ T6631] acl8112hg [ 121.275224][ T6631] acl8112dg [ 121.275229][ T6631] comedi: valid board names for amplc_pc263 driver are: [ 121.275236][ T6631] pc263 [ 121.275241][ T6631] comedi: valid board names for amplc_pc236 driver are: [ 121.275247][ T6631] pc36at [ 121.275252][ T6631] comedi: valid board names for amplc_dio200 driver are: [ 121.275259][ T6631] pc212e [ 121.275263][ T6631] pc214e [ 121.275268][ T6631] pc215e [ 121.275273][ T6631] pc218e [ 121.275277][ T6631] pc272e [ 121.275282][ T6631] comedi: valid board names for comedi_parport driver are: [ 121.275288][ T6631] comedi_parport [ 121.275294][ T6631] comedi: valid board names for comedi_test driver are: [ 121.275300][ T6631] comedi_test [ 121.275305][ T6631] comedi: valid board names for comedi_bond driver are: [ 121.275311][ T6631] comedi_bond [ 121.283770][ T6633] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.288454][ T6634] netlink: 32 bytes leftover after parsing attributes in process `syz.1.123'. [ 121.380994][ T6636] FAULT_INJECTION: forcing a failure. [ 121.380994][ T6636] name failslab, interval 1, probability 0, space 0, times 0 [ 121.388872][ T6636] CPU: 0 UID: 0 PID: 6636 Comm: syz.0.124 Not tainted syzkaller #0 PREEMPT(full) [ 121.388895][ T6636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 121.388905][ T6636] Call Trace: [ 121.388913][ T6636] [ 121.388920][ T6636] dump_stack_lvl+0x100/0x190 [ 121.388948][ T6636] should_fail_ex.cold+0x5/0xa [ 121.388972][ T6636] ? tomoyo_realpath_from_path+0xb6/0x690 [ 121.389001][ T6636] should_failslab+0xc2/0x120 [ 121.389020][ T6636] __kmalloc_noprof+0xe0/0x850 [ 121.389044][ T6636] ? kfree+0x1dd/0x6c0 [ 121.389073][ T6636] tomoyo_realpath_from_path+0xb6/0x690 [ 121.389105][ T6636] tomoyo_path_number_perm+0x23c/0x580 [ 121.389124][ T6636] ? tomoyo_path_number_perm+0x22e/0x580 [ 121.389148][ T6636] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 121.389172][ T6636] ? get_pid_task+0x106/0x250 [ 121.389219][ T6636] ? find_held_lock+0x2b/0x80 [ 121.389240][ T6636] ? __fget_files+0x215/0x3d0 [ 121.389267][ T6636] ? hook_file_ioctl_common+0x149/0x410 [ 121.389289][ T6636] ? __fget_files+0x215/0x3d0 [ 121.389320][ T6636] ? __fget_files+0x21f/0x3d0 [ 121.389350][ T6636] security_file_ioctl_compat+0xd3/0x230 [ 121.389383][ T6636] __ia32_compat_sys_ioctl+0xc2/0x360 [ 121.389411][ T6636] __do_fast_syscall_32+0xe7/0x950 [ 121.389436][ T6636] ? lockdep_hardirqs_on+0x78/0x100 [ 121.389460][ T6636] do_fast_syscall_32+0x32/0x70 [ 121.389485][ T6636] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 121.389508][ T6636] RIP: 0023:0xf709efcc [ 121.389523][ T6636] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 121.389539][ T6636] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 121.389557][ T6636] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004048aecb [ 121.389568][ T6636] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 121.389577][ T6636] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 121.389587][ T6636] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 121.389596][ T6636] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 121.389619][ T6636] [ 121.389626][ T6636] ERROR: Out of memory at tomoyo_realpath_from_path. [ 121.617365][ T6633] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 121.967938][ T6650] FAULT_INJECTION: forcing a failure. [ 121.967938][ T6650] name failslab, interval 1, probability 0, space 0, times 0 [ 121.973151][ T6650] CPU: 1 UID: 0 PID: 6650 Comm: syz.0.128 Not tainted syzkaller #0 PREEMPT(full) [ 121.973176][ T6650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 121.973185][ T6650] Call Trace: [ 121.973191][ T6650] [ 121.973197][ T6650] dump_stack_lvl+0x100/0x190 [ 121.973225][ T6650] should_fail_ex.cold+0x5/0xa [ 121.973249][ T6650] ? tomoyo_realpath_from_path+0xb6/0x690 [ 121.973278][ T6650] should_failslab+0xc2/0x120 [ 121.973297][ T6650] __kmalloc_noprof+0xe0/0x850 [ 121.973319][ T6650] ? kfree+0x1dd/0x6c0 [ 121.973343][ T6650] tomoyo_realpath_from_path+0xb6/0x690 [ 121.973375][ T6650] tomoyo_path_number_perm+0x23c/0x580 [ 121.973396][ T6650] ? tomoyo_path_number_perm+0x22e/0x580 [ 121.973426][ T6650] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 121.973448][ T6650] ? get_pid_task+0x106/0x250 [ 121.973493][ T6650] ? find_held_lock+0x2b/0x80 [ 121.973512][ T6650] ? __fget_files+0x215/0x3d0 [ 121.973538][ T6650] ? hook_file_ioctl_common+0x149/0x410 [ 121.973560][ T6650] ? __fget_files+0x215/0x3d0 [ 121.973588][ T6650] ? __fget_files+0x21f/0x3d0 [ 121.973616][ T6650] security_file_ioctl_compat+0xd3/0x230 [ 121.973641][ T6650] __ia32_compat_sys_ioctl+0xc2/0x360 [ 121.973669][ T6650] __do_fast_syscall_32+0xe7/0x950 [ 121.973694][ T6650] ? lockdep_hardirqs_on+0x78/0x100 [ 121.973719][ T6650] do_fast_syscall_32+0x32/0x70 [ 121.973742][ T6650] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 121.973764][ T6650] RIP: 0023:0xf709efcc [ 121.973778][ T6650] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 121.973794][ T6650] RSP: 002b:00000000f546c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 121.973809][ T6650] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005412 [ 121.973821][ T6650] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 121.973829][ T6650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 121.973838][ T6650] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 121.973847][ T6650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 121.973869][ T6650] [ 121.973877][ T6650] ERROR: Out of memory at tomoyo_realpath_from_path. [ 122.158278][ T6656] netlink: 296 bytes leftover after parsing attributes in process `syz.1.131'. [ 122.162260][ T62] Bluetooth: hci3: unexpected event for opcode 0x200c [ 122.332205][ T6662] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 122.469907][ T6667] FAULT_INJECTION: forcing a failure. [ 122.469907][ T6667] name failslab, interval 1, probability 0, space 0, times 0 [ 122.477924][ T6667] CPU: 0 UID: 0 PID: 6667 Comm: syz.1.134 Not tainted syzkaller #0 PREEMPT(full) [ 122.477943][ T6667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 122.477949][ T6667] Call Trace: [ 122.477954][ T6667] [ 122.477960][ T6667] dump_stack_lvl+0x100/0x190 [ 122.477978][ T6667] should_fail_ex.cold+0x5/0xa [ 122.477994][ T6667] should_failslab+0xc2/0x120 [ 122.478007][ T6667] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 122.478023][ T6667] ? vm_area_dup+0x27/0x8e0 [ 122.478067][ T6667] vm_area_dup+0x27/0x8e0 [ 122.478083][ T6667] __split_vma+0x18c/0xd90 [ 122.478099][ T6667] ? is_bpf_text_address+0x8a/0x1a0 [ 122.478115][ T6667] ? is_bpf_text_address+0x8a/0x1a0 [ 122.478129][ T6667] ? __pfx___split_vma+0x10/0x10 [ 122.478143][ T6667] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 122.478162][ T6667] ? __kernel_text_address+0xd/0x30 [ 122.478172][ T6667] ? unwind_get_return_address+0x59/0xa0 [ 122.478188][ T6667] ? arch_stack_walk+0xa6/0xf0 [ 122.478205][ T6667] vms_gather_munmap_vmas+0x1d2/0x1720 [ 122.478222][ T6667] ? mtree_range_walk+0x72b/0xb70 [ 122.478243][ T6667] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 122.478264][ T6667] ? mas_walk+0x6ef/0x9b0 [ 122.478283][ T6667] __mmap_region+0x4aa/0x2dc0 [ 122.478301][ T6667] ? __pfx___mmap_region+0x10/0x10 [ 122.478316][ T6667] ? __pfx___might_resched+0x10/0x10 [ 122.478328][ T6667] ? find_held_lock+0x2b/0x80 [ 122.478341][ T6667] ? process_measurement+0x4c8/0x2350 [ 122.478355][ T6667] ? process_measurement+0x4c8/0x2350 [ 122.478372][ T6667] ? process_measurement+0x1f4/0x2350 [ 122.478386][ T6667] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 122.478401][ T6667] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 122.478424][ T6667] ? __lock_acquire+0x4a5/0x2630 [ 122.478447][ T6667] ? find_held_lock+0x2b/0x80 [ 122.478460][ T6667] ? is_bpf_text_address+0x8a/0x1a0 [ 122.478473][ T6667] ? is_bpf_text_address+0x8a/0x1a0 [ 122.478510][ T6667] mmap_region+0x35d/0x620 [ 122.478529][ T6667] ? __pfx_mmap_region+0x10/0x10 [ 122.478545][ T6667] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 122.478558][ T6667] ? cap_mmap_addr+0x4b/0x120 [ 122.478573][ T6667] ? bpf_lsm_mmap_addr+0x9/0x30 [ 122.478591][ T6667] ? security_mmap_addr+0x71/0x1e0 [ 122.478608][ T6667] ? __get_unmapped_area+0x255/0x3e0 [ 122.478621][ T6667] do_mmap+0xc63/0x12f0 [ 122.478635][ T6667] ? __pfx_do_mmap+0x10/0x10 [ 122.478646][ T6667] ? __pfx_down_write_killable+0x10/0x10 [ 122.478668][ T6667] vm_mmap_pgoff+0x29e/0x470 [ 122.478683][ T6667] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 122.478694][ T6667] ? __fget_files+0x215/0x3d0 [ 122.478714][ T6667] ? __fget_files+0x21f/0x3d0 [ 122.478734][ T6667] ksys_mmap_pgoff+0x3cb/0x610 [ 122.478745][ T6667] ? fput+0x79/0x100 [ 122.478758][ T6667] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 122.478768][ T6667] ? ksys_write+0x1ac/0x250 [ 122.478785][ T6667] ? rcu_is_watching+0x12/0xc0 [ 122.478800][ T6667] __do_fast_syscall_32+0xe7/0x950 [ 122.478818][ T6667] ? lockdep_hardirqs_on+0x78/0x100 [ 122.478834][ T6667] do_fast_syscall_32+0x32/0x70 [ 122.478851][ T6667] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 122.478866][ T6667] RIP: 0023:0xf7fb6fcc [ 122.478876][ T6667] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 122.478886][ T6667] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 00000000000000c0 [ 122.478898][ T6667] RAX: ffffffffffffffda RBX: 0000000080ff9000 RCX: 0000000000006000 [ 122.478904][ T6667] RDX: 0000000000000001 RSI: 0000000000000011 RDI: 0000000000000003 [ 122.478910][ T6667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 122.478916][ T6667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.478922][ T6667] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 122.478935][ T6667] [ 122.499002][ T6662] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 122.540911][ T6670] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 122.542285][ T6662] overlayfs: failed to look up (tracing) for ino (-66) [ 122.544062][ T6670] overlayfs: missing 'lowerdir' [ 122.603556][ T6671] netlink: 20 bytes leftover after parsing attributes in process `syz.1.135'. [ 122.604320][ T6672] netlink: 20 bytes leftover after parsing attributes in process `syz.1.135'. [ 123.152440][ T6678] netlink: 'syz.1.138': attribute type 1 has an invalid length. [ 123.169311][ T6678] netlink: 20 bytes leftover after parsing attributes in process `syz.1.138'. [ 123.179751][ T6678] bond1: (slave bridge1): making interface the new active one [ 123.183524][ T6678] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 123.192756][ T6678] macvlan2: entered promiscuous mode [ 123.194625][ T6678] macvlan2: entered allmulticast mode [ 123.197371][ T6678] bond1: entered promiscuous mode [ 123.199365][ T6678] bridge1: entered promiscuous mode [ 123.205026][ T6678] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 123.208015][ T6678] bond1: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 123.213731][ T6678] bond1: left promiscuous mode [ 123.215304][ T6678] bridge1: left promiscuous mode [ 123.342900][ T6681] FAULT_INJECTION: forcing a failure. [ 123.342900][ T6681] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.347604][ T6681] CPU: 0 UID: 0 PID: 6681 Comm: syz.1.139 Not tainted syzkaller #0 PREEMPT(full) [ 123.347620][ T6681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 123.347626][ T6681] Call Trace: [ 123.347631][ T6681] [ 123.347636][ T6681] dump_stack_lvl+0x100/0x190 [ 123.347654][ T6681] should_fail_ex.cold+0x5/0xa [ 123.347671][ T6681] _copy_from_iter+0x1f4/0x1690 [ 123.347690][ T6681] ? __lock_acquire+0x4a5/0x2630 [ 123.347708][ T6681] ? __lock_acquire+0x4a5/0x2630 [ 123.347725][ T6681] ? __pfx__copy_from_iter+0x10/0x10 [ 123.347741][ T6681] ? _parse_integer_limit+0x17f/0x1d0 [ 123.347756][ T6681] tun_get_user+0x265/0x3c20 [ 123.347782][ T6681] ? aa_file_perm+0x7f3/0x14d0 [ 123.347805][ T6681] ? __pfx_tun_get_user+0x10/0x10 [ 123.347824][ T6681] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 123.347848][ T6681] ? find_held_lock+0x2b/0x80 [ 123.347862][ T6681] ? tun_get+0x191/0x370 [ 123.347879][ T6681] ? tun_get+0x191/0x370 [ 123.347899][ T6681] tun_chr_write_iter+0xdc/0x200 [ 123.347920][ T6681] vfs_write+0x6ac/0x1070 [ 123.347939][ T6681] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 123.347959][ T6681] ? __pfx_vfs_write+0x10/0x10 [ 123.347976][ T6681] ? find_held_lock+0x2b/0x80 [ 123.347997][ T6681] ksys_write+0x12a/0x250 [ 123.348015][ T6681] ? __pfx_ksys_write+0x10/0x10 [ 123.348032][ T6681] ? ksys_write+0x1ac/0x250 [ 123.348050][ T6681] ? rcu_is_watching+0x12/0xc0 [ 123.348066][ T6681] __do_fast_syscall_32+0xe7/0x950 [ 123.348085][ T6681] ? lockdep_hardirqs_on+0x78/0x100 [ 123.348103][ T6681] do_fast_syscall_32+0x32/0x70 [ 123.348121][ T6681] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.348136][ T6681] RIP: 0023:0xf7fb6fcc [ 123.348147][ T6681] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 123.348157][ T6681] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 123.348169][ T6681] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440 [ 123.348176][ T6681] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000 [ 123.348182][ T6681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.348189][ T6681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.348196][ T6681] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.348209][ T6681] [ 123.406706][ T6684] capability: warning: `syz.0.140' uses deprecated v2 capabilities in a way that may be insecure [ 123.522532][ T6690] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1692678547 (1692678547 ns) > initial count (310440980 ns). Using initial count to start timer. [ 123.601973][ T6694] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1692678547 (1692678547 ns) > initial count (310440980 ns). Using initial count to start timer. [ 123.610774][ T6694] FAULT_INJECTION: forcing a failure. [ 123.610774][ T6694] name failslab, interval 1, probability 0, space 0, times 0 [ 123.615978][ T6694] CPU: 1 UID: 0 PID: 6694 Comm: syz.0.143 Not tainted syzkaller #0 PREEMPT(full) [ 123.615995][ T6694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 123.616002][ T6694] Call Trace: [ 123.616006][ T6694] [ 123.616010][ T6694] dump_stack_lvl+0x100/0x190 [ 123.616029][ T6694] should_fail_ex.cold+0x5/0xa [ 123.616046][ T6694] ? tomoyo_realpath_from_path+0xb6/0x690 [ 123.616066][ T6694] should_failslab+0xc2/0x120 [ 123.616077][ T6694] __kmalloc_noprof+0xe0/0x850 [ 123.616092][ T6694] ? kfree+0x1dd/0x6c0 [ 123.616108][ T6694] tomoyo_realpath_from_path+0xb6/0x690 [ 123.616128][ T6694] tomoyo_path_number_perm+0x23c/0x580 [ 123.616143][ T6694] ? tomoyo_path_number_perm+0x22e/0x580 [ 123.616158][ T6694] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 123.616174][ T6694] ? get_pid_task+0x106/0x250 [ 123.616203][ T6694] ? find_held_lock+0x2b/0x80 [ 123.616216][ T6694] ? __fget_files+0x215/0x3d0 [ 123.616234][ T6694] ? hook_file_ioctl_common+0x149/0x410 [ 123.616249][ T6694] ? __fget_files+0x215/0x3d0 [ 123.616268][ T6694] ? __fget_files+0x21f/0x3d0 [ 123.616288][ T6694] security_file_ioctl_compat+0xd3/0x230 [ 123.616305][ T6694] __ia32_compat_sys_ioctl+0xc2/0x360 [ 123.616323][ T6694] __do_fast_syscall_32+0xe7/0x950 [ 123.616341][ T6694] ? lockdep_hardirqs_on+0x78/0x100 [ 123.616358][ T6694] do_fast_syscall_32+0x32/0x70 [ 123.616375][ T6694] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.616389][ T6694] RIP: 0023:0xf709efcc [ 123.616399][ T6694] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 123.616417][ T6694] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 123.616428][ T6694] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80 [ 123.616435][ T6694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.616441][ T6694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.616447][ T6694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.616453][ T6694] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.616466][ T6694] [ 123.616470][ T6694] ERROR: Out of memory at tomoyo_realpath_from_path. [ 123.903752][ T6702] netlink: 32 bytes leftover after parsing attributes in process `syz.2.147'. [ 123.913261][ T6702] xt_addrtype: ipv6 does not support BROADCAST matching [ 123.982970][ T6710] FAULT_INJECTION: forcing a failure. [ 123.982970][ T6710] name failslab, interval 1, probability 0, space 0, times 0 [ 123.990970][ T6710] CPU: 1 UID: 0 PID: 6710 Comm: syz.0.148 Not tainted syzkaller #0 PREEMPT(full) [ 123.990994][ T6710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 123.991006][ T6710] Call Trace: [ 123.991013][ T6710] [ 123.991026][ T6710] dump_stack_lvl+0x100/0x190 [ 123.991059][ T6710] should_fail_ex.cold+0x5/0xa [ 123.991083][ T6710] should_failslab+0xc2/0x120 [ 123.991105][ T6710] __kvmalloc_node_noprof+0xfa/0xa00 [ 123.991133][ T6710] ? file_tty_write.isra.0+0x64e/0x890 [ 123.991164][ T6710] file_tty_write.isra.0+0x64e/0x890 [ 123.991186][ T6710] ? security_file_permission+0x76/0x210 [ 123.991213][ T6710] ? rw_verify_area+0xce/0x6d0 [ 123.991241][ T6710] vfs_write+0x6ac/0x1070 [ 123.991267][ T6710] ? __pfx_tty_write+0x10/0x10 [ 123.991289][ T6710] ? __pfx_vfs_write+0x10/0x10 [ 123.991313][ T6710] ? find_held_lock+0x2b/0x80 [ 123.991355][ T6710] ksys_write+0x12a/0x250 [ 123.991381][ T6710] ? __pfx_ksys_write+0x10/0x10 [ 123.991404][ T6710] ? ksys_write+0x1ac/0x250 [ 123.991431][ T6710] ? rcu_is_watching+0x12/0xc0 [ 123.991456][ T6710] __do_fast_syscall_32+0xe7/0x950 [ 123.991484][ T6710] ? lockdep_hardirqs_on+0x78/0x100 [ 123.991511][ T6710] do_fast_syscall_32+0x32/0x70 [ 123.991536][ T6710] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.991560][ T6710] RIP: 0023:0xf709efcc [ 123.991575][ T6710] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 123.991590][ T6710] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 123.991609][ T6710] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000 [ 123.991620][ T6710] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.991629][ T6710] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.991645][ T6710] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 123.991654][ T6710] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.991677][ T6710] [ 124.077342][ T6706] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1692678547 (1692678547 ns) > initial count (310440980 ns). Using initial count to start timer. [ 124.157842][ T6714] netlink: 24 bytes leftover after parsing attributes in process `syz.2.150'. [ 124.306173][ T6721] FAULT_INJECTION: forcing a failure. [ 124.306173][ T6721] name failslab, interval 1, probability 0, space 0, times 0 [ 124.311632][ T6721] CPU: 3 UID: 0 PID: 6721 Comm: syz.2.152 Not tainted syzkaller #0 PREEMPT(full) [ 124.311658][ T6721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 124.311667][ T6721] Call Trace: [ 124.311672][ T6721] [ 124.311678][ T6721] dump_stack_lvl+0x100/0x190 [ 124.311703][ T6721] should_fail_ex.cold+0x5/0xa [ 124.311732][ T6721] ? tomoyo_realpath_from_path+0xb6/0x690 [ 124.311752][ T6721] should_failslab+0xc2/0x120 [ 124.311763][ T6721] __kmalloc_noprof+0xe0/0x850 [ 124.311780][ T6721] ? kfree+0x1dd/0x6c0 [ 124.311795][ T6721] tomoyo_realpath_from_path+0xb6/0x690 [ 124.311815][ T6721] tomoyo_path_number_perm+0x23c/0x580 [ 124.311830][ T6721] ? tomoyo_path_number_perm+0x22e/0x580 [ 124.311846][ T6721] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 124.311861][ T6721] ? get_pid_task+0x106/0x250 [ 124.311964][ T6721] ? find_held_lock+0x2b/0x80 [ 124.311978][ T6721] ? __fget_files+0x215/0x3d0 [ 124.311996][ T6721] ? hook_file_ioctl_common+0x149/0x410 [ 124.312011][ T6721] ? __fget_files+0x215/0x3d0 [ 124.312030][ T6721] ? __fget_files+0x21f/0x3d0 [ 124.312049][ T6721] security_file_ioctl_compat+0xd3/0x230 [ 124.312067][ T6721] __ia32_compat_sys_ioctl+0xc2/0x360 [ 124.312085][ T6721] __do_fast_syscall_32+0xe7/0x950 [ 124.312103][ T6721] ? lockdep_hardirqs_on+0x78/0x100 [ 124.312119][ T6721] do_fast_syscall_32+0x32/0x70 [ 124.312136][ T6721] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 124.312151][ T6721] RIP: 0023:0xf701efcc [ 124.312161][ T6721] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 124.312171][ T6721] RSP: 002b:00000000f53ec50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 124.312182][ T6721] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000005404 [ 124.312188][ T6721] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 124.312194][ T6721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 124.312201][ T6721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.312207][ T6721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 124.312220][ T6721] [ 124.398389][ T6721] ERROR: Out of memory at tomoyo_realpath_from_path. [ 125.857557][ T6030] libceph: connect (1)[c::]:6789 error -101 [ 125.862286][ T6030] libceph: mon0 (1)[c::]:6789 connect error [ 125.865346][ T6030] libceph: connect (1)[c::]:6789 error -101 [ 125.867702][ T6030] libceph: mon0 (1)[c::]:6789 connect error [ 125.953456][ T6030] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 126.122272][ T6030] libceph: connect (1)[c::]:6789 error -101 [ 126.125721][ T6030] libceph: mon0 (1)[c::]:6789 connect error [ 126.632102][ T6030] libceph: connect (1)[c::]:6789 error -101 [ 126.635915][ T6030] libceph: mon0 (1)[c::]:6789 connect error [ 126.682467][ T6758] ceph: No mds server is up or the cluster is laggy [ 126.793028][ T6790] FAULT_INJECTION: forcing a failure. [ 126.793028][ T6790] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 126.798156][ T6790] CPU: 1 UID: 0 PID: 6790 Comm: syz.0.168 Not tainted syzkaller #0 PREEMPT(full) [ 126.798175][ T6790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 126.798183][ T6790] Call Trace: [ 126.798188][ T6790] [ 126.798194][ T6790] dump_stack_lvl+0x100/0x190 [ 126.798215][ T6790] should_fail_ex.cold+0x5/0xa [ 126.798234][ T6790] _copy_from_user+0x2e/0xd0 [ 126.798254][ T6790] do_sys_poll+0x345/0xe90 [ 126.798274][ T6790] ? find_held_lock+0x2b/0x80 [ 126.798291][ T6790] ? is_bpf_text_address+0x8a/0x1a0 [ 126.798309][ T6790] ? is_bpf_text_address+0x8a/0x1a0 [ 126.798326][ T6790] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 126.798346][ T6790] ? __pfx_do_sys_poll+0x10/0x10 [ 126.798365][ T6790] ? __kernel_text_address+0xd/0x30 [ 126.798382][ T6790] ? unwind_get_return_address+0x59/0xa0 [ 126.798441][ T6790] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 126.798462][ T6790] ? set_compat_user_sigmask+0x1d9/0x260 [ 126.798476][ T6790] ? __pfx_set_compat_user_sigmask+0x10/0x10 [ 126.798490][ T6790] ? __fget_files+0x215/0x3d0 [ 126.798510][ T6790] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 126.798533][ T6790] __ia32_compat_sys_ppoll_time32+0x2b6/0x350 [ 126.798548][ T6790] ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10 [ 126.798561][ T6790] ? fput+0x79/0x100 [ 126.798575][ T6790] ? ksys_write+0x1ac/0x250 [ 126.798595][ T6790] ? rcu_is_watching+0x12/0xc0 [ 126.798612][ T6790] __do_fast_syscall_32+0xe7/0x950 [ 126.798637][ T6790] ? lockdep_hardirqs_on+0x78/0x100 [ 126.798657][ T6790] do_fast_syscall_32+0x32/0x70 [ 126.798676][ T6790] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.798693][ T6790] RIP: 0023:0xf709efcc [ 126.798704][ T6790] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 126.798716][ T6790] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000135 [ 126.798729][ T6790] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 00000000000000dc [ 126.798737][ T6790] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 126.798743][ T6790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 126.798750][ T6790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.798757][ T6790] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 126.798772][ T6790] [ 133.246806][ T6825] ip6gre1: entered allmulticast mode [ 133.256031][ T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 133.641423][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 134.297052][ T10] libceph: connect (1)[c::]:6789 error -101 [ 134.299918][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 134.479620][ T6870] netlink: 12 bytes leftover after parsing attributes in process `syz.3.179'. [ 134.562371][ T10] libceph: connect (1)[c::]:6789 error -101 [ 134.564915][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 134.721884][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 134.807668][ T6874] netlink: 92 bytes leftover after parsing attributes in process `syz.3.179'. [ 135.072732][ T10] libceph: connect (1)[c::]:6789 error -101 [ 135.076270][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 135.116767][ T6862] ceph: No mds server is up or the cluster is laggy [ 136.951990][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 137.914969][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.917990][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.411946][ T10] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 140.574215][ T10] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 140.578039][ T10] usb 5-1: config 0 has no interface number 0 [ 140.580686][ T10] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0x6 has invalid maxpacket 512, setting to 64 [ 140.584768][ T10] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 140.590155][ T10] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 140.594055][ T10] usb 5-1: config 0 interface 2 has no altsetting 0 [ 140.599528][ T10] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f [ 140.603573][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.606535][ T10] usb 5-1: Product: syz [ 140.608456][ T10] usb 5-1: Manufacturer: syz [ 140.610357][ T10] usb 5-1: SerialNumber: syz [ 140.622366][ T10] usb 5-1: config 0 descriptor?? [ 140.630258][ T6917] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 140.642460][ T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 140.755521][ T10] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -12 [ 140.839330][ T10] usb 5-1: USB disconnect, device number 2 [ 140.853508][ T6925] udevd[6925]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 141.081546][ T6932] syzkaller0: entered promiscuous mode [ 141.084539][ T6932] syzkaller0: entered allmulticast mode [ 142.190512][ T6960] random: crng reseeded on system resumption [ 142.987368][ T6968] syz.3.208 (6968) used greatest stack depth: 18952 bytes left [ 143.389536][ T6985] syzkaller0: entered promiscuous mode [ 143.398728][ T6985] 0: reclassify loop, rule prio 0, protocol 800 [ 144.089492][ T7004] netlink: 32 bytes leftover after parsing attributes in process `syz.3.225'. [ 144.312068][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 144.381897][ T6030] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 144.535471][ T6030] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 144.539387][ T6030] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.543450][ T6030] usb 8-1: New USB device found, idVendor=056a, idProduct=5000, bcdDevice= 0.00 [ 144.547173][ T6030] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.556303][ T6030] usb 8-1: config 0 descriptor?? [ 144.972753][ T6030] hid (null): unknown global tag 0xd [ 144.976139][ T6030] hid (null): unknown global tag 0xe [ 144.983520][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 144.987168][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 144.989891][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 144.992969][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 144.996088][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 144.998411][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 145.000761][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 145.003181][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 145.005889][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 145.008915][ T6030] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 145.013872][ T6030] wacom 0003:056A:5000.0003: unknown global tag 0xd [ 145.016096][ T6030] wacom 0003:056A:5000.0003: item 0 4 1 13 parsing failed [ 145.018680][ T6030] wacom 0003:056A:5000.0003: parse failed [ 145.020639][ T6030] wacom 0003:056A:5000.0003: probe with driver wacom failed with error -22 [ 145.175529][ T6030] usb 8-1: USB disconnect, device number 4 [ 145.758350][ T7031] sch_tbf: burst 548 is lower than device syzkaller0 mtu (1500) ! [ 145.761538][ T7031] syzkaller0: entered promiscuous mode [ 145.763913][ T7031] syzkaller0: entered allmulticast mode [ 145.859722][ T7034] kAFS: unable to lookup cell 'ÿ' [ 146.385968][ T7051] syzkaller1: entered promiscuous mode [ 146.388031][ T7051] syzkaller1: entered allmulticast mode [ 146.921994][ T5729] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 147.075363][ T5729] usb 7-1: config index 0 descriptor too short (expected 39, got 27) [ 147.080542][ T5729] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 147.086525][ T5729] usb 7-1: config 0 interface 0 has no altsetting 0 [ 147.096175][ T5729] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 147.100562][ T5729] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 147.106182][ T5729] usb 7-1: Product: syz [ 147.109003][ T5729] usb 7-1: Manufacturer: syz [ 147.110550][ T5729] usb 7-1: SerialNumber: syz [ 147.117220][ T5729] usb 7-1: config 0 descriptor?? [ 147.126425][ T5729] hub 7-1:0.0: bad descriptor, ignoring hub [ 147.129981][ T5729] hub 7-1:0.0: probe with driver hub failed with error -5 [ 147.136929][ T5729] usb 7-1: selecting invalid altsetting 0 [ 147.701972][ T10] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 147.772889][ T7063] usb 7-1: reset high-speed USB device number 2 using dummy_hcd [ 147.851942][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 147.855412][ T10] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 147.858792][ T10] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.862617][ T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 147.867710][ T10] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 147.870992][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.873605][ T10] usb 6-1: Product: syz [ 147.874947][ T10] usb 6-1: Manufacturer: syz [ 147.876546][ T10] usb 6-1: SerialNumber: syz [ 147.881887][ T10] usb 6-1: 0:2 : does not exist [ 148.094619][ T10] usb 6-1: 1:0: failed to get current value for ch 0 (-22) [ 148.132242][ T10] usb 6-1: USB disconnect, device number 2 [ 148.161045][ T6926] udevd[6926]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card4/controlC4/../uevent} for writing: No such file or directory [ 148.391902][ T24] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 148.415620][ T6006] usb 7-1: USB disconnect, device number 2 [ 148.541900][ T24] usb 8-1: Using ep0 maxpacket: 32 [ 148.545424][ T24] usb 8-1: config 0 has an invalid interface number: 74 but max is 0 [ 148.548183][ T24] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 148.551371][ T24] usb 8-1: config 0 has no interface number 0 [ 148.553640][ T24] usb 8-1: config 0 interface 74 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 148.557471][ T24] usb 8-1: config 0 interface 74 has no altsetting 0 [ 148.561623][ T24] usb 8-1: New USB device found, idVendor=1ae7, idProduct=9003, bcdDevice=44.08 [ 148.564833][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.567474][ T24] usb 8-1: Product: syz [ 148.568863][ T24] usb 8-1: Manufacturer: syz [ 148.570478][ T24] usb 8-1: SerialNumber: syz [ 148.577067][ T24] usb 8-1: config 0 descriptor?? [ 148.582342][ T24] em28xx 8-1:0.74: New device syz syz @ 480 Mbps (1ae7:9003, interface 74, class 74) [ 148.585533][ T24] em28xx 8-1:0.74: Video interface 74 found: [ 148.787545][ T7086] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.793796][ T7086] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 149.286944][ T7114] syzkaller0: entered promiscuous mode [ 149.288842][ T7114] syzkaller0: entered allmulticast mode [ 149.566853][ T7120] netlink: 16 bytes leftover after parsing attributes in process `syz.0.267'. [ 149.570296][ T7120] netlink: 16 bytes leftover after parsing attributes in process `syz.0.267'. [ 149.673635][ T24] em28xx 8-1:0.74: unknown em28xx chip ID (0) [ 149.772244][ T24] em28xx 8-1:0.74: reading from i2c device at 0xa0 failed (error=-5) [ 149.778499][ T24] em28xx 8-1:0.74: board has no eeprom [ 149.796395][ T24] em28xx 8-1:0.74: writing to i2c device at 0xb8 failed (error=-5) [ 149.799168][ T24] em28xx 8-1:0.74: couldn't read from i2c device 0xb8: error -5 [ 149.802633][ T24] em28xx 8-1:0.74: writing to i2c device at 0xba failed (error=-5) [ 149.808338][ T24] em28xx 8-1:0.74: couldn't read from i2c device 0xba: error -5 [ 149.813050][ T24] em28xx 8-1:0.74: writing to i2c device at 0x90 failed (error=-5) [ 149.820789][ T24] em28xx 8-1:0.74: couldn't read from i2c device 0x90: error -5 [ 149.821898][ T6006] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 149.829229][ T24] em28xx 8-1:0.74: writing to i2c device at 0x42 failed (error=-5) [ 149.838295][ T24] em28xx 8-1:0.74: couldn't read from i2c device 0x42: error -5 [ 149.846047][ T24] em28xx 8-1:0.74: writing to i2c device at 0x60 failed (error=-5) [ 149.851038][ T24] em28xx 8-1:0.74: couldn't read from i2c device 0x60: error -5 [ 149.855334][ T24] em28xx 8-1:0.74: No sensor detected [ 149.911886][ T24] em28xx 8-1:0.74: Identified as SpeedLink Vicious And Devine Laplace webcam (card=91) [ 149.915695][ T24] em28xx 8-1:0.74: Currently, V4L2 is not supported on this model [ 149.919138][ T6030] em28xx 8-1:0.74: Registering snapshot button... [ 149.932533][ T24] usb 8-1: USB disconnect, device number 5 [ 149.936655][ T6030] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.74/input/input5 [ 149.943258][ T24] em28xx 8-1:0.74: Disconnecting em28xx [ 149.958429][ T6030] em28xx 8-1:0.74: Remote control support is not available for this card. [ 149.964411][ T24] em28xx 8-1:0.74: Closing input extension [ 149.968370][ T24] em28xx 8-1:0.74: Deregistering snapshot button [ 149.985363][ T6006] usb 5-1: config index 0 descriptor too short (expected 28277, got 36) [ 149.988694][ T6006] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 149.995555][ T6006] usb 5-1: config 0 has no interfaces? [ 150.000873][ T6006] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 150.007110][ T6006] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.010483][ T24] em28xx 8-1:0.74: Freeing device [ 150.019142][ T6006] usb 5-1: config 0 descriptor?? [ 151.432126][ T24] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 151.583316][ T24] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 151.586729][ T24] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.593101][ T24] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 151.596844][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.599865][ T24] usb 8-1: Product: syz [ 151.601215][ T24] usb 8-1: Manufacturer: syz [ 151.603023][ T24] usb 8-1: SerialNumber: syz [ 151.613233][ T24] cdc_mbim 8-1:1.0: skipping garbage [ 152.485003][ T6006] usb 5-1: string descriptor 0 read error: -71 [ 152.496330][ T6006] usb 5-1: USB disconnect, device number 3 [ 152.577659][ T7167] netlink: 20 bytes leftover after parsing attributes in process `syz.0.286'. [ 152.619743][ T24] cdc_mbim 8-1:1.0: bind() failure [ 152.629093][ T24] usbtest 8-1:1.1: probe with driver usbtest failed with error -71 [ 152.633782][ T24] usb 8-1: USB disconnect, device number 6 [ 152.688095][ T7174] block nbd0: NBD_DISCONNECT [ 152.991309][ T40] audit: type=1326 audit(1776358473.910:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.2.283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7fc00000 [ 153.354557][ T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 153.412068][ T6030] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 153.512157][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 153.515376][ T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 153.518648][ T24] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 153.551479][ T24] usb 6-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 153.559036][ T24] usb 6-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 153.572778][ T24] usb 6-1: Product: syz [ 153.574879][ T24] usb 6-1: Manufacturer: syz [ 153.576607][ T24] usb 6-1: SerialNumber: syz [ 153.578415][ T6030] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.588178][ T6030] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.594613][ T24] usb 6-1: config 0 descriptor?? [ 153.597724][ T6030] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 153.604011][ T6030] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 153.607519][ T6030] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.620190][ T6030] usb 8-1: config 0 descriptor?? [ 153.684226][ T7199] netlink: 168 bytes leftover after parsing attributes in process `syz.0.298'. [ 154.056516][ T6030] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 154.189032][ T7204] kvm: requested 74590 ns i8254 timer period limited to 200000 ns [ 154.206343][ T7204] kvm: requested 23466 ns i8254 timer period limited to 200000 ns [ 154.211863][ T7204] kvm: requested 74590 ns i8254 timer period limited to 200000 ns [ 154.276367][ T7204] kvm: requested 129066 ns i8254 timer period limited to 200000 ns [ 154.290262][ T7204] kvm: requested 129904 ns i8254 timer period limited to 200000 ns [ 154.306683][ T7204] kvm: requested 44419 ns i8254 timer period limited to 200000 ns [ 154.314526][ T7204] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 154.426373][ T1454] usb 8-1: USB disconnect, device number 7 [ 154.429300][ T7207] plantronics 0003:047F:FFFF.0004: usb_submit_urb(ctrl) failed: -19 [ 154.660173][ T54] usb 6-1: USB disconnect, device number 3 [ 154.932917][ T7217] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 154.938357][ T7217] block device autoloading is deprecated and will be removed. [ 155.341431][ T5729] IPVS: starting estimator thread 0... [ 155.348289][ T7230] netlink: 4 bytes leftover after parsing attributes in process `syz.0.310'. [ 155.351925][ T7230] netlink: 2 bytes leftover after parsing attributes in process `syz.0.310'. [ 155.389249][ T7233] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 155.394101][ T7233] IPv6: NLM_F_CREATE should be set when creating new route [ 155.397104][ T7234] lo speed is unknown, defaulting to 1000 [ 155.411969][ T7234] lo speed is unknown, defaulting to 1000 [ 155.438766][ T7234] lo speed is unknown, defaulting to 1000 [ 155.443601][ T7229] IPVS: using max 42 ests per chain, 100800 per kthread [ 155.449241][ T7234] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 155.473461][ T7234] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 155.503637][ T7234] lo speed is unknown, defaulting to 1000 [ 155.508470][ T7234] lo speed is unknown, defaulting to 1000 [ 155.511210][ T7234] lo speed is unknown, defaulting to 1000 [ 155.514779][ T7234] lo speed is unknown, defaulting to 1000 [ 156.286647][ T7265] netlink: 16 bytes leftover after parsing attributes in process `syz.3.323'. [ 156.567933][ T7219] Set syz1 is full, maxelem 65536 reached [ 156.829821][ T7290] syzkaller0: entered promiscuous mode [ 156.832166][ T7290] syzkaller0: entered allmulticast mode [ 158.402027][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.631909][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 158.781952][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 158.786591][ T10] usb 7-1: config 3 has an invalid interface number: 14 but max is 0 [ 158.791203][ T10] usb 7-1: config 3 has no interface number 0 [ 158.797394][ T10] usb 7-1: config 3 interface 14 has no altsetting 0 [ 158.821724][ T10] usb 7-1: New USB device found, idVendor=04b4, idProduct=0002, bcdDevice=ac.d1 [ 158.825128][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.830977][ T10] usb 7-1: Product: syz [ 158.832720][ T10] usb 7-1: Manufacturer: syz [ 158.836922][ T10] usb 7-1: SerialNumber: syz [ 159.142316][ T62] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 160.618310][ T7351] netlink: 4 bytes leftover after parsing attributes in process `syz.0.353'. [ 160.965136][ T104] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.968441][ T104] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.973854][ T104] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.980274][ T104] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.133159][ T10] cytherm 7-1:3.14: Cypress thermometer device now attached [ 161.141008][ T10] usb 7-1: USB disconnect, device number 3 [ 161.146125][ T10] cytherm 7-1:3.14: Cypress thermometer now disconnected [ 162.341969][ T34] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 162.516580][ T34] usb 5-1: config 0 has no interfaces? [ 162.520912][ T34] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 162.524579][ T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.527511][ T34] usb 5-1: Product: syz [ 162.529217][ T34] usb 5-1: Manufacturer: syz [ 162.530978][ T34] usb 5-1: SerialNumber: syz [ 162.539239][ T34] usb 5-1: config 0 descriptor?? [ 162.748867][ T6006] usb 5-1: USB disconnect, device number 4 [ 162.858853][ T7406] syzkaller0: entered promiscuous mode [ 162.861185][ T7406] syzkaller0: entered allmulticast mode [ 163.094208][ T7417] futex_wake_op: syz.1.377 tries to shift op by -1; fix this program [ 163.140889][ T7419] netlink: 'syz.1.378': attribute type 10 has an invalid length. [ 163.149750][ T7419] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 163.282415][ T6006] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 163.433714][ T6006] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.439157][ T6006] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.443582][ T6006] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 163.448938][ T6006] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 163.453269][ T6006] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.459134][ T6006] usb 8-1: config 0 descriptor?? [ 163.496864][ T7429] erofs (device nullb0): cannot find valid erofs superblock [ 163.874749][ T6006] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 163.889748][ T7438] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 164.123295][ T7413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.126414][ T7413] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.236905][ T34] usb 8-1: USB disconnect, device number 8 [ 164.501920][ T10] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 164.654551][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 164.658578][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.661860][ T10] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 164.664865][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.669582][ T10] usb 5-1: config 0 descriptor?? [ 164.879909][ T7454] netlink: 8 bytes leftover after parsing attributes in process `syz.1.391'. [ 164.885686][ T7454] netlink: 8 bytes leftover after parsing attributes in process `syz.1.391'. [ 164.978894][ T7458] syzkaller0: entered promiscuous mode [ 164.980758][ T7458] syzkaller0: entered allmulticast mode [ 164.989536][ T7458] tc action pedit offset must be on 32 bit boundaries [ 164.992791][ T7458] tc action pedit offset must be on 32 bit boundaries [ 164.994949][ T7458] tc action pedit offset must be on 32 bit boundaries [ 164.997207][ T7458] tc action pedit offset must be on 32 bit boundaries [ 164.999502][ T7458] tc action pedit offset must be on 32 bit boundaries [ 165.002090][ T7458] tc action pedit offset must be on 32 bit boundaries [ 165.004446][ T7458] tc action pedit offset must be on 32 bit boundaries [ 165.006681][ T7458] tc action pedit offset must be on 32 bit boundaries [ 165.008792][ T7458] tc action pedit offset must be on 32 bit boundaries [ 165.010900][ T7458] tc action pedit offset must be on 32 bit boundaries [ 165.013109][ T7458] TC_ACT_REPEAT abuse ? [ 165.097317][ T10] kye 0003:0458:5016.0006: control desc unexpectedly large [ 165.105250][ T10] input: HID 0458:5016 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5016.0006/input/input6 [ 165.181170][ T10] input: HID 0458:5016 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5016.0006/input/input7 [ 165.287178][ T10] kye 0003:0458:5016.0006: input,hiddev0,hidraw1: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.0-1/input0 [ 166.225224][ C0] kye 0003:0458:5016.0006: usb_submit_urb(ctrl) failed: -1 [ 166.231053][ T6006] usb 5-1: USB disconnect, device number 5 [ 166.474160][ T34] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 166.621971][ T34] usb 8-1: Using ep0 maxpacket: 16 [ 166.626837][ T34] usb 8-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.632090][ T34] usb 8-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 25 [ 166.638082][ T34] usb 8-1: config 0 interface 0 has no altsetting 0 [ 166.642115][ T34] usb 8-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.00 [ 166.646537][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.655323][ T34] usb 8-1: config 0 descriptor?? [ 166.938523][ T34] usbhid 8-1:0.0: can't add hid device: -71 [ 166.940965][ T34] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 166.944772][ T34] usb 8-1: USB disconnect, device number 9 [ 167.032040][ T5729] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 167.193824][ T5729] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 167.198198][ T5729] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.204850][ T5729] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 167.209162][ T5729] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 167.213990][ T5729] usb 5-1: Manufacturer: syz [ 167.218781][ T5729] usb 5-1: config 0 descriptor?? [ 167.224088][ T6030] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 167.273824][ T5729] rc_core: IR keymap rc-hauppauge not found [ 167.282083][ T5729] Registered IR keymap rc-empty [ 167.293680][ T5729] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 167.304802][ T5729] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input8 [ 167.322774][ T5729] ------------[ cut here ]------------ [ 167.325405][ T5729] usb 5-1: BOGUS control dir, pipe 80000680 doesn't match bRequestType 0 [ 167.329271][ T5729] WARNING: drivers/usb/core/urb.c:411 at usb_submit_urb+0x1573/0x1910, CPU#0: kworker/0:3/5729 [ 167.335013][ T5729] Modules linked in: [ 167.339530][ T5729] CPU: 0 UID: 0 PID: 5729 Comm: kworker/0:3 Tainted: G L syzkaller #0 PREEMPT(full) [ 167.344602][ T5729] Tainted: [L]=SOFTLOCKUP [ 167.346583][ T5729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 167.351668][ T5729] Workqueue: usb_hub_wq hub_event [ 167.354128][ T5729] RIP: 0010:usb_submit_urb+0x157e/0x1910 [ 167.356199][ T5729] Code: d2 74 5d 48 89 54 24 40 e8 8f d0 b8 fa 4c 89 ef e8 47 76 de fe 48 89 c6 48 8d 3d 2d 31 99 09 48 8b 54 24 40 45 89 f8 44 89 f1 <67> 48 0f b9 3a e9 c7 ed ff ff e8 63 d0 b8 fa 89 ee bf ff 00 00 00 [ 167.361983][ T6030] usb 6-1: device descriptor read/64, error -71 [ 167.362313][ T5729] RSP: 0018:ffffc900039aef90 EFLAGS: 00010293 [ 167.366925][ T5729] RAX: ffffffff8c81f760 RBX: ffff888072c17800 RCX: 0000000080000680 [ 167.369441][ T5729] RDX: ffff88806c6fa380 RSI: ffffffff8c81f760 RDI: ffffffff90e89170 [ 167.372060][ T5729] RBP: ffff8880274bc058 R08: 0000000000000000 R09: 0000000000000000 [ 167.374808][ T5729] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880136c4650 [ 167.379884][ T5729] R13: ffff8880274bc0b0 R14: 0000000080000680 R15: 0000000000000000 [ 167.383391][ T5729] FS: 0000000000000000(0000) GS:ffff88809710a000(0000) knlGS:0000000000000000 [ 167.387120][ T5729] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.389875][ T5729] CR2: 00000000f7257310 CR3: 0000000024f7f000 CR4: 0000000000352ef0 [ 167.393372][ T5729] Call Trace: [ 167.394951][ T5729] [ 167.396375][ T5729] igorplugusb_probe+0xa2f/0xf90 [ 167.398938][ T5729] usb_probe_interface+0x303/0x8f0 [ 167.401455][ T5729] ? __pfx_usb_probe_interface+0x10/0x10 [ 167.404007][ T5729] really_probe+0x241/0xa60 [ 167.406012][ T5729] __driver_probe_device+0x1de/0x400 [ 167.407803][ T5729] driver_probe_device+0x4c/0x1b0 [ 167.409459][ T5729] __device_attach_driver+0x1df/0x340 [ 167.411348][ T5729] ? __pfx___device_attach_driver+0x10/0x10 [ 167.413651][ T5729] bus_for_each_drv+0x159/0x1e0 [ 167.415504][ T5729] ? __pfx_bus_for_each_drv+0x10/0x10 [ 167.417386][ T5729] ? lockdep_hardirqs_on+0x78/0x100 [ 167.419253][ T5729] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 167.421275][ T5729] __device_attach+0x1e4/0x4d0 [ 167.422945][ T5729] ? __pfx___device_attach+0x10/0x10 [ 167.424715][ T5729] ? do_raw_spin_unlock+0x145/0x1e0 [ 167.426640][ T5729] device_initial_probe+0xaf/0xd0 [ 167.428763][ T5729] bus_probe_device+0x64/0x160 [ 167.430788][ T5729] device_add+0x11d9/0x1920 [ 167.432748][ T5729] ? __pfx_device_add+0x10/0x10 [ 167.434618][ T5729] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 167.436543][ T5729] usb_set_configuration+0xd97/0x1c60 [ 167.438280][ T5729] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 167.440198][ T5729] usb_generic_driver_probe+0xa1/0xe0 [ 167.442151][ T5729] usb_probe_device+0xef/0x400 [ 167.443899][ T5729] ? __pfx_usb_probe_device+0x10/0x10 [ 167.445988][ T5729] really_probe+0x241/0xa60 [ 167.447806][ T5729] __driver_probe_device+0x1de/0x400 [ 167.449612][ T5729] ? usb_driver_applicable+0x1c7/0x220 [ 167.451351][ T5729] driver_probe_device+0x4c/0x1b0 [ 167.453013][ T5729] __device_attach_driver+0x1df/0x340 [ 167.454721][ T5729] ? __pfx___device_attach_driver+0x10/0x10 [ 167.456621][ T5729] bus_for_each_drv+0x159/0x1e0 [ 167.458278][ T5729] ? __pfx_bus_for_each_drv+0x10/0x10 [ 167.460179][ T5729] ? lockdep_hardirqs_on+0x78/0x100 [ 167.462250][ T5729] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 167.464284][ T5729] __device_attach+0x1e4/0x4d0 [ 167.465816][ T5729] ? __pfx___device_attach+0x10/0x10 [ 167.467552][ T5729] ? do_raw_spin_unlock+0x145/0x1e0 [ 167.469216][ T5729] device_initial_probe+0xaf/0xd0 [ 167.470833][ T5729] bus_probe_device+0x64/0x160 [ 167.472455][ T5729] device_add+0x11d9/0x1920 [ 167.473975][ T5729] ? __pfx_device_add+0x10/0x10 [ 167.475791][ T5729] ? add_device_randomness+0xb7/0xf0 [ 167.478018][ T5729] usb_new_device.cold+0x685/0x115c [ 167.480008][ T5729] ? do_raw_spin_lock+0x128/0x260 [ 167.481902][ T5729] ? __pfx_usb_new_device+0x10/0x10 [ 167.483575][ T5729] ? mark_held_locks+0x40/0x70 [ 167.485151][ T5729] hub_event+0x314d/0x4af0 [ 167.486632][ T5729] ? __pfx_hub_event+0x10/0x10 [ 167.488162][ T5729] ? assoc_array_insert+0x1d00/0x32c0 [ 167.489907][ T5729] ? rcu_is_watching+0x12/0xc0 [ 167.491444][ T5729] process_one_work+0xa0e/0x1980 [ 167.493088][ T5729] ? __pfx_process_one_work+0x10/0x10 [ 167.494792][ T5729] ? __pfx_hub_event+0x10/0x10 [ 167.496336][ T5729] worker_thread+0x5ef/0xe50 [ 167.498176][ T5729] ? __pfx_worker_thread+0x10/0x10 [ 167.500380][ T5729] ? kthread+0x13a/0x450 [ 167.501961][ T5729] ? __pfx_worker_thread+0x10/0x10 [ 167.503596][ T5729] kthread+0x370/0x450 [ 167.504904][ T5729] ? __pfx_kthread+0x10/0x10 [ 167.506410][ T5729] ret_from_fork+0x72b/0xd50 [ 167.507878][ T5729] ? __pfx_ret_from_fork+0x10/0x10 [ 167.509523][ T5729] ? __switch_to+0x800/0x1100 [ 167.511153][ T5729] ? __pfx_kthread+0x10/0x10 [ 167.512933][ T5729] ret_from_fork_asm+0x1a/0x30 [ 167.514866][ T5729] [ 167.516018][ T5729] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 167.518395][ T5729] CPU: 0 UID: 0 PID: 5729 Comm: kworker/0:3 Tainted: G L syzkaller #0 PREEMPT(full) [ 167.521780][ T5729] Tainted: [L]=SOFTLOCKUP [ 167.523181][ T5729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 167.526596][ T5729] Workqueue: usb_hub_wq hub_event [ 167.528504][ T5729] Call Trace: [ 167.529739][ T5729] [ 167.530835][ T5729] dump_stack_lvl+0x100/0x190 [ 167.532363][ T5729] vpanic+0x552/0x970 [ 167.533644][ T5729] ? __pfx_vpanic+0x10/0x10 [ 167.535151][ T5729] panic+0xd1/0xe0 [ 167.536329][ T5729] ? __pfx_panic+0x10/0x10 [ 167.537802][ T5729] ? check_panic_on_warn+0x1f/0x90 [ 167.539461][ T5729] check_panic_on_warn.cold+0x19/0x34 [ 167.541397][ T5729] ? usb_submit_urb+0x1573/0x1910 [ 167.543471][ T5729] __warn.cold+0x191/0x328 [ 167.545257][ T5729] __report_bug+0x296/0x3d0 [ 167.547080][ T5729] ? usb_submit_urb+0x1573/0x1910 [ 167.548908][ T5729] ? __pfx___report_bug+0x10/0x10 [ 167.550527][ T5729] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 167.552368][ T5729] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 167.554301][ T5729] report_bug_entry+0xe1/0x290 [ 167.555894][ T5729] ? usb_submit_urb+0x157e/0x1910 [ 167.557578][ T5729] handle_bug+0x1cd/0x2a0 [ 167.559069][ T5729] exc_invalid_op+0x17/0x50 [ 167.560550][ T5729] asm_exc_invalid_op+0x1a/0x20 [ 167.562115][ T5729] RIP: 0010:usb_submit_urb+0x157e/0x1910 [ 167.563900][ T5729] Code: d2 74 5d 48 89 54 24 40 e8 8f d0 b8 fa 4c 89 ef e8 47 76 de fe 48 89 c6 48 8d 3d 2d 31 99 09 48 8b 54 24 40 45 89 f8 44 89 f1 <67> 48 0f b9 3a e9 c7 ed ff ff e8 63 d0 b8 fa 89 ee bf ff 00 00 00 [ 167.570076][ T5729] RSP: 0018:ffffc900039aef90 EFLAGS: 00010293 [ 167.572101][ T5729] RAX: ffffffff8c81f760 RBX: ffff888072c17800 RCX: 0000000080000680 [ 167.574954][ T5729] RDX: ffff88806c6fa380 RSI: ffffffff8c81f760 RDI: ffffffff90e89170 [ 167.577767][ T5729] RBP: ffff8880274bc058 R08: 0000000000000000 R09: 0000000000000000 [ 167.580344][ T5729] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880136c4650 [ 167.582841][ T5729] R13: ffff8880274bc0b0 R14: 0000000080000680 R15: 0000000000000000 [ 167.585314][ T5729] igorplugusb_probe+0xa2f/0xf90 [ 167.586942][ T5729] usb_probe_interface+0x303/0x8f0 [ 167.588568][ T5729] ? __pfx_usb_probe_interface+0x10/0x10 [ 167.590374][ T5729] really_probe+0x241/0xa60 [ 167.591880][ T5729] __driver_probe_device+0x1de/0x400 [ 167.593658][ T5729] driver_probe_device+0x4c/0x1b0 [ 167.595553][ T5729] __device_attach_driver+0x1df/0x340 [ 167.597620][ T5729] ? __pfx___device_attach_driver+0x10/0x10 [ 167.599694][ T5729] bus_for_each_drv+0x159/0x1e0 [ 167.601269][ T5729] ? __pfx_bus_for_each_drv+0x10/0x10 [ 167.602989][ T5729] ? lockdep_hardirqs_on+0x78/0x100 [ 167.604649][ T5729] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 167.606529][ T5729] __device_attach+0x1e4/0x4d0 [ 167.608060][ T5729] ? __pfx___device_attach+0x10/0x10 [ 167.609753][ T5729] ? do_raw_spin_unlock+0x145/0x1e0 [ 167.611531][ T5729] device_initial_probe+0xaf/0xd0 [ 167.613352][ T5729] bus_probe_device+0x64/0x160 [ 167.615138][ T5729] device_add+0x11d9/0x1920 [ 167.616628][ T5729] ? __pfx_device_add+0x10/0x10 [ 167.618187][ T5729] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 167.620039][ T5729] usb_set_configuration+0xd97/0x1c60 [ 167.621788][ T5729] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 167.623972][ T5729] usb_generic_driver_probe+0xa1/0xe0 [ 167.625907][ T5729] usb_probe_device+0xef/0x400 [ 167.627708][ T5729] ? __pfx_usb_probe_device+0x10/0x10 [ 167.629619][ T5729] really_probe+0x241/0xa60 [ 167.631179][ T5729] __driver_probe_device+0x1de/0x400 [ 167.632879][ T5729] ? usb_driver_applicable+0x1c7/0x220 [ 167.634640][ T5729] driver_probe_device+0x4c/0x1b0 [ 167.636244][ T5729] __device_attach_driver+0x1df/0x340 [ 167.638039][ T5729] ? __pfx___device_attach_driver+0x10/0x10 [ 167.640177][ T5729] bus_for_each_drv+0x159/0x1e0 [ 167.641981][ T5729] ? __pfx_bus_for_each_drv+0x10/0x10 [ 167.643803][ T5729] ? lockdep_hardirqs_on+0x78/0x100 [ 167.645464][ T5729] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 167.647382][ T5729] __device_attach+0x1e4/0x4d0 [ 167.648910][ T5729] ? __pfx___device_attach+0x10/0x10 [ 167.650599][ T5729] ? do_raw_spin_unlock+0x145/0x1e0 [ 167.652260][ T5729] device_initial_probe+0xaf/0xd0 [ 167.654032][ T5729] bus_probe_device+0x64/0x160 [ 167.655732][ T5729] device_add+0x11d9/0x1920 [ 167.657372][ T5729] ? __pfx_device_add+0x10/0x10 [ 167.659135][ T5729] ? add_device_randomness+0xb7/0xf0 [ 167.660761][ T5729] usb_new_device.cold+0x685/0x115c [ 167.662539][ T5729] ? do_raw_spin_lock+0x128/0x260 [ 167.664150][ T5729] ? __pfx_usb_new_device+0x10/0x10 [ 167.665786][ T5729] ? mark_held_locks+0x40/0x70 [ 167.667357][ T5729] hub_event+0x314d/0x4af0 [ 167.668804][ T5729] ? __pfx_hub_event+0x10/0x10 [ 167.670355][ T5729] ? assoc_array_insert+0x1d00/0x32c0 [ 167.672087][ T5729] ? rcu_is_watching+0x12/0xc0 [ 167.673757][ T5729] process_one_work+0xa0e/0x1980 [ 167.675499][ T5729] ? __pfx_process_one_work+0x10/0x10 [ 167.677631][ T5729] ? __pfx_hub_event+0x10/0x10 [ 167.679357][ T5729] worker_thread+0x5ef/0xe50 [ 167.680978][ T5729] ? __pfx_worker_thread+0x10/0x10 [ 167.682634][ T5729] ? kthread+0x13a/0x450 [ 167.683994][ T5729] ? __pfx_worker_thread+0x10/0x10 [ 167.685621][ T5729] kthread+0x370/0x450 [ 167.686982][ T5729] ? __pfx_kthread+0x10/0x10 [ 167.688459][ T5729] ret_from_fork+0x72b/0xd50 [ 167.689944][ T5729] ? __pfx_ret_from_fork+0x10/0x10 [ 167.691620][ T5729] ? __switch_to+0x800/0x1100 [ 167.693230][ T5729] ? __pfx_kthread+0x10/0x10 [ 167.694946][ T5729] ret_from_fork_asm+0x1a/0x30 [ 167.696732][ T5729] [ 167.698636][ T5729] Kernel Offset: disabled [ 167.700011][ T5729] Rebooting in 86400 seconds..