last executing test programs: 8m31.334600391s ago: executing program 3 (id=788): r0 = gettid() rt_sigqueueinfo(r0, 0x19, &(0x7f0000000080)={0x16, 0x6, 0xffff}) 8m30.734601083s ago: executing program 3 (id=791): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = eventfd(0x8000) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000000c0)={r1, 0x7}) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000140)={r1, 0x0, 0x2, r1}) 8m30.114204988s ago: executing program 3 (id=795): openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8100, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000696000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000068f000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000690000/0x4000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f000068d000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0xffffffffffffffd7) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4400ae8f, &(0x7f0000000000)=@x86={0x6, 0x8, 0x2, 0x0, 0x0, 0x10, 0xfa, 0x8, 0xe, 0x6, 0x42, 0x9, 0x0, 0x82, 0x0, 0x3, 0x1, 0x52, 0xe0, '\x00', 0x4, 0x6e53d5d3}) 8m29.420027608s ago: executing program 3 (id=797): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r0, r2, 0x25, 0x0, @val=@tcx}, 0x1c) syz_emit_ethernet(0xbc1, &(0x7f00000005c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x3, 0x1, 0xbb3, 0x66, 0x0, 0x0, 0x1, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}}, @echo_reply={0x0, 0x0, 0x0, 0x65, 0x3, "de43a6b52191a54790b10bab31489ad7bee6896a8057df5ca4745dd0e5e65be9d75ad36f38dbecaa16024664aee91295540ab35e04a0946c969d6575fcd71cce57e9235878a5a214b59cb046b52fc38c2586dc4c4b020c410c389ab8c2fa17ba32182f7d2c7ea8f0c452ce2a27bc28359e118a0a0705a17cbc75259dba11ff5734cd1a562ab24211cdc5d2ecb172f4ab94f9feba3d68e2a35a6e42aa5e20f8244c18df57a45759f366abf516985f64b2e94f392d5e6d9d2447f650fccc2b1ceed3af583df98fa7c713542b4e4c30c96875339ada41cee404f4e54f6e4b2d391b4eb498a51373e4f570682fc709c6d7ff6348b89e6e48b4733724556be13a4960b924dd551ce53490200d236db89ee502bdb8fc6f1729ec8c182394f8b26f980ccb69833f81b134f0b26027a0fd23334d762e4dc69c71a689b55f75363940fe5d4189f51ab69a5a6b8c48d14edaa6c5438afa25764911cda21ce9a26774876774c6a4c0f7cbf105edf3513e0ddbfa52ccbb782206f48323211dce5bf5c88d9aa2ae31598491f65ff2efa9febc267541b06530e59f5228af844db0a8131274f4214b15088c3776946abebe2a401811244eebbd10549600afb5a8f77068340033853ca739934a9da3ff40167fe78562991a2c32f068691ff00d2a78f25b0126d18066f1cb36bc8734622d006eb6ad07446a432f50f62a458379a400a65562bdad8619b3189b44c0e6312008e83b5fd238816e74c76a2a5cd79f3729108c3155a14c7ff9dc737a76da3bc798f60f27c24e5089388b47ff34c4cdc87858d75182b169878078be2f369047f344dea18b2c9a5455b45094bf3ced5a58ede2b5959891a38730b04607ee585d542895d3af0e5f265a4f0e404eab4eaa62512124f436e329278ee75be1e12e3a24633209dfda22efac628f5e242663f68f541efb944244999a88885e45f43d6420fdf65e42d5011aa72761538f43b8a0a35877ed3a2fcc57661b3a3dd33ff17407772198255d36d197c7b24099eb19607466b339f884b9cee847881b1bac30bdd2fc64a4cdf6d2667a65ac089f9f2a8ed06fabcdd7a52b90832286f54e8439ea249a173eb5c67097d553e07608e2e42e277105b5667cc00b30c6b2c0f9d124ebf463775dbdfbbe178019d31e425f7bcf201606423c60dd9c0421de9fbae32a3535f840629e288115b1401ee607e3aac86b49afc0dcd48d537933096d7af3cc0d687c5a9a547a9a4f5c84a0c76ff47a7181e8214743481b2a90de8f90f2839c010a89f21f4827845a57755584cd886be4999a9a6b4add376378a27c45f87f91f03e61a2f9a25a86ce93c0ffd16f1296594dc3656be5a949c7be681f2d459431acf2e26652e78cfc87cf89222fc1f7600e42626dea26c000e503f04b4437f8de09097323d9af3a351fffcde6db43cb317d6d7b0f7719c2171d7b82f2e37f3409e94dfbb0c3dffcf3174e93761df6fe39e1e195024c3fe94cad3f0fe62b14ace12544a7588a17ff96ed3d202f1cdfeadf4e64e7be79848f7c24094b508fa576c1a9cf8fccb44981ca20cc551709e43d5ccf35db4ea2204caf9bc8c9db63a7ed14cbd054840e921455fbc8419d33ca5293043779088bf0f5c71a4838f71b3e4a2f410977f848099198a5631b258ec4b6506579636143a1f9900bdacf3384bb5ecf5e28783b2598e5328d18c9373b81e6daeadd2016389234fe0eff430606c0c770ea82e397157a45d0a417cda96ed9933f94fd14065a89cbb52315b6e40411ef318471746c4cc448afad47924e706a9aee6d5d286eb81cf4d3d0a7882c2bcf802f527b64d9514c1adcbf45dcd6822737d4ad42c4e8eaf3ab535a3389d14a5ce7724158032d28aa75bbe374f24f7f162e0d568cf8e1510fd1ce7e34c63c4bc910a7b24ac98b8c6f56f5f68ab554f02fd00591197b5ca45a75114d42524a658d1d2880694d19046891e485eea940e4468b1c3c3cd609ea8a522086c27b019705ee3e8767afd6c686ae0d47331b56397aba19505810b935a8e72e9dc741bae071efeb855db9c6006c230e414bf8b53a6765263ba7d73817f92639acc12237b12e4ef4426638bb6ab32d835a92a00b76fb3b38f1d3a32ada5d956f6082a65d9bf17594491ef0344e820d250d986b3bb28c7cd3cb1e0ce0b72afcac284fc4d747f0fb8b2dcf00221112a2c26790a75a9b3d66da7d15e0cfbffb96e19b2765091c1758e3c78fa817d077ef3222e355b99241bdf5b5a4c5ed53e8aa5bbed3c0368778f53717c9afd2908b44f0cd4c1aa17f16fa8e142d5a40a44e877470787d99d42438ba528dc93f3ba04e8d60e1b9704064c7fe09156c9a59edb53e2394d5d4549028b161e3946121e9213f5da6f298e181e53ca26e26285a5503d3169383abfcb03b63e9df25c503b67307faf2de4a9f1ecebe2160ac5ce64c1bbfd70b265c5d287c30f78f2be5cb2c4f2201ed5f560103c2532bbb6ec3ac607a47cc9289bb49c12a7d4269cceb336cf63bd37ca835225141da0ead7f33d6481218ffdccceff6115bdbfc445a31799d5c8ac5f186ff592dcae6694ee538b44510b0c2aa97ad1a62ae515c61adf64904cc3af969d0d3e2b056ede1dc9603a09b2c1348d9c859ca827242672a1112b29c9857a2502231a022676395403867ee855f14985578467000464c097907ab8cbf2b46b94d4fffc00bf9e6fc1775b432e6f3a8c0e9b203cc28d609570d439444cfa898b315e355eb829e7e3d59c4e670f2b7a07423e23d61f12997876bfab398b14af95dcbe873dacdb5cd7c643cc91f79c8c04a4d3d44d8bc464f286f7ab0c57830a0ae804b0aa2e844b86dce9816701d4cd5e47deff65cef4249bbda92344a5a6dc27ae8e9c33503da7bd5532201941b9a9302143688a7123dc738c873809ffa575463f89206575c389783d37c722b9fd6084be729382ea8210c4ca10a4fece2c96a4262b60da8569b9f24ff8b8753df732cbda0c76bc458449f0bd110e485aec139acb3147ae547553e60730bc83caf48c0a7672869219cad94329562497a9147c6a43faf1484d7dac461ea48c6a723a1c76e1e566b1619efc076a52e452b2119168b15a345458a1d8cad1dfb977dee2a666c744c6bcde0bab547ed2b5571b5e385ec8fc562545b803ec5e1ac9f012025ba72da64bc981387085a46a3776a6d0628a104bd7ea8a0bb50649409d49d7ab7533483559f9bca9aa59c022fb900915daa7bd615d078412ce4b8e103ed8a4d2d8356fe94e6737066c45afa1826b807229486e15fd5a675d05e27e4245accbbb92e5f8a55ef2ed38c2f26afb9489e7ac1d8f6aa3d2a3cf0fb4dc8bb65b6af662996fdcc1dffced3d3de08f1ebbff3491a47a865d5eabd0532534d8b05e62d98c6c01678a20b8c41225282bba5846598390db22e678297eb8216e317ce178f8b410a713bedca77322836250fe092ca735d9a303ef1391c6c06d19d0ca8cfe1583561ef536e6dc7b8cc85b6be2fad331546cdb78fa5ec8d35434ff5805519dad0c97cda65d535629aa78ab7cc8d395e2d67df08c1d925c891fa841fd0fbd65e5e16c61254088aa67fa9125da8294da346136b6918d840223948d8ff60e8a0acb731d2ce5e1476c2a1d8b450b2949c9ed4468b4f3e726fb4283ee32996c4379f80c76de1c4263892edc4f8cda295e9d2fc5b67afaa95f7d8728cf9febfc52a66eb4fa655e5a1991a7e3ab6285bf0af101c29a47ee78f5202a94ea9312bf27fda8edd1d5cdfed7dfcfacc6a1cc00ba5e184ec2ab9a87efa67c4d8a526ff2dd0243ca185f5db66952ab9f8cfb7ed66baf959f6846d2749962013d24d36b09634723ea01a3bf8aab691610c11a2adf12e7da292e11404ce54b41df62df8c1876b5c7cd6ed34dff8c7893ac975e557cad0aa22976ebc8a7a590d3c5f09740092355cfff4d5fe5e2df03eb75270294e1526f87774a1dcb5994d14c40c5730583fa73ccdad7fdfb583a621ddee90c52ab65955903d1e6193c168d242df9d95fc5296bcc48fb965b4fa0a823c30982acd0e2fa5a5a969719f42cfd94d3d298dd6773363895090eb044a30c2721828fb2d79c5bbc395cb7d6bb61ada4663f2982c487afd3ea07fa213ce03c3696da9a44a51ab86fd2263febcb594f3cc59f44f401ad7609ab24cb50e98accdf3f3ff54e047cc4ae51498303205a3862506c1"}}}}}, 0x0) 8m28.7156811s ago: executing program 3 (id=801): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x8040}, 0x20000000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@x86={0x9, 0x6, 0x5, 0x0, 0x10001, 0x59, 0x80, 0xfd, 0x4, 0xdd, 0x0, 0x9, 0x0, 0x800, 0x2, 0x45, 0x3, 0x5, 0xff, '\x00', 0x2d, 0x3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8m27.866503317s ago: executing program 3 (id=808): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) write$sndseq(0xffffffffffffffff, 0x0, 0x0) write$sndseq(0xffffffffffffffff, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x14, 0x7, 0x6, 0x801}, 0x14}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x29, 0x1, 0x3, 0x6, 0x6, @loopback, @local, 0x8, 0x7827, 0x3, 0x3}}) socket$inet_mptcp(0x2, 0x1, 0x106) r4 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0) sendfile(r4, r4, 0x0, 0x4800000009) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000000c0)='nv', 0x2) recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) shutdown(r5, 0x1) 8m12.725756867s ago: executing program 32 (id=808): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) write$sndseq(0xffffffffffffffff, 0x0, 0x0) write$sndseq(0xffffffffffffffff, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x14, 0x7, 0x6, 0x801}, 0x14}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x29, 0x1, 0x3, 0x6, 0x6, @loopback, @local, 0x8, 0x7827, 0x3, 0x3}}) socket$inet_mptcp(0x2, 0x1, 0x106) r4 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0) sendfile(r4, r4, 0x0, 0x4800000009) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000000c0)='nv', 0x2) recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) shutdown(r5, 0x1) 5m34.980508756s ago: executing program 2 (id=1819): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, 0x0, 0x44800) 5m34.555343653s ago: executing program 2 (id=1822): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000400)={0x79, 0x0, 0x6a7}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_SYNIC(r2, 0x4068aea3, &(0x7f00000000c0)) 5m34.044997182s ago: executing program 2 (id=1825): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3000002, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f00008ce000/0x3000)=nil, &(0x7f0000e18000/0x3000)=nil, 0x2, &(0x7f0000000000)=[{0x4000007, 0x0, 0x3}], 0x1, 0xb2, 0x14, 0x0, 0x70, 0x18}) 5m33.56924473s ago: executing program 2 (id=1828): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x1, &(0x7f0000000000)=[{0x6, 0xfd, 0xc, 0x42}]}, 0x10) listen(r0, 0x5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) sendmmsg$inet(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000000080)="39b73c23faa621f10c9457864265483377c393230402c600d5e422df31033a75324726", 0x23}], 0x1}}], 0x1, 0x48045) close_range(r0, 0xffffffffffffffff, 0x0) 5m33.214709056s ago: executing program 2 (id=1830): r0 = socket$packet(0x11, 0x3, 0x300) dup(r0) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r1, 0x40000000af01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, &(0x7f0000000200)=""/51, 0x0}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000340)) r3 = dup(r2) ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r3}) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00000001c0)=0x304008000) syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x21, 0x28, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x2, 0x0, 0xe7}}}}}}, 0x0) 5m32.796707563s ago: executing program 2 (id=1833): move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) pipe2(&(0x7f0000000080), 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0xc, &(0x7f0000000040)={0x0, 0xc8a1, 0xdb00, 0x8, 0x29}) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 5m16.802945296s ago: executing program 33 (id=1833): move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) pipe2(&(0x7f0000000080), 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0xc, &(0x7f0000000040)={0x0, 0xc8a1, 0xdb00, 0x8, 0x29}) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 3m27.151806268s ago: executing program 5 (id=2341): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0xff2e, 0x2, 0x62, 0xfffffffe}]}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0x2bb}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0xc18]}, 0x8) 3m26.661835213s ago: executing program 5 (id=2344): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket(0x11, 0x3, 0x0) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f00000000c0)=0x633b, 0x4) sendmmsg(r3, &(0x7f0000000bc0)=[{{&(0x7f0000000400)=@qipcrtr={0x2a, 0x1, 0x4001}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000040)="d479183d7d98d181a4b5f3e38100e2f288", 0x11}, {&(0x7f0000001c00)="659900c3f7c8e544e1abc41796cae4c9908368acb3abdb908ada84b1c98b91c34352f80ed64e4606a25bcbab94869ac816a7fb9c29a8c768fbffb21ad7f6013ff676da589c2e0865cfd321543070c3dd", 0x50}], 0x2}}], 0x1, 0x24044015) recvmmsg(r3, &(0x7f0000000380), 0x0, 0x2002, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x9, 0xe, 0xb0, '\x00', 0x8000000000000000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3m25.756484308s ago: executing program 5 (id=2351): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x68, 0x14, 0xf0b, 0x4, 0x0, {0x2, 0x0, 0x0, 0x0, {0x4}, {0xb, 0x1}, {0x1}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xfc, 0x200, 0x7, 0x0, 0x1, 0x7e}}, {0x4}}, {{0x1c, 0x1, {0x0, 0xc, 0x18, 0xd, 0x1, 0xc, 0x2}}, {0x4}}]}]}, 0x68}}, 0x20000000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0), 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3m24.73847138s ago: executing program 5 (id=2357): r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, 0x0, 0x0}) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340)) r4 = dup(r3) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r4}) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000001c0)=0x304008000) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000003c0)={0x1, r1}) syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x21, 0x28, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x2, 0x0, 0xe7}}}}}}, 0x0) 3m24.106714586s ago: executing program 5 (id=2362): open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x2) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 3m23.574468424s ago: executing program 5 (id=2366): msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x96, 0xfffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}) msgsnd(0x0, &(0x7f0000000080)=ANY=[@ANYRES8], 0x0, 0x0) r0 = semget$private(0x0, 0x20000000102, 0x140) gettid() timer_create(0x2, 0x0, &(0x7f0000bbdffc)) move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000040)=""/70) semctl$IPC_INFO(r0, 0x2, 0x3, &(0x7f00000000c0)=""/217) msgctl$IPC_RMID(0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f00000002c0)=""/4096) 3m8.349140656s ago: executing program 34 (id=2366): msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x96, 0xfffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}) msgsnd(0x0, &(0x7f0000000080)=ANY=[@ANYRES8], 0x0, 0x0) r0 = semget$private(0x0, 0x20000000102, 0x140) gettid() timer_create(0x2, 0x0, &(0x7f0000bbdffc)) move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000040)=""/70) semctl$IPC_INFO(r0, 0x2, 0x3, &(0x7f00000000c0)=""/217) msgctl$IPC_RMID(0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f00000002c0)=""/4096) 6.963063288s ago: executing program 6 (id=3149): mknodat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0xc000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7}) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0/file1\x00', &(0x7f0000000080), 0x0, 0x0, 0x3) 6.210486064s ago: executing program 6 (id=3151): syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setreuid(0x0, 0xee00) r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') mount(0x0, 0x0, &(0x7f0000000200)='hugetlbfs\x00', 0x16, 0x0) read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x5ecfb203) 5.803136515s ago: executing program 6 (id=3155): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000a0000000000000a07000000080000000000000b0400000009000000010000130c0000000740"], 0x0, 0x4a, 0x0, 0x1, 0x800, 0x10000}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22041800"], 0xfdef) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 4.507154235s ago: executing program 0 (id=3161): mknodat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0xc000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7}) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0/file1\x00', &(0x7f0000000080), 0x0, 0x0, 0x3) 4.391083107s ago: executing program 6 (id=3162): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d00193120e69ee517d38b0dbc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb99a2508d228c04fb0e754914", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000002940)=""/4077, 0xfed}, {&(0x7f0000000140)=""/90, 0x5a}, {&(0x7f0000000c00)=""/4109, 0x100d}], 0x3}, 0x0) recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 4.313523571s ago: executing program 7 (id=3163): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0x69, 0x0, 0x0, 0x0, 0x10, 0x7, 0x0, 0x88, 0x9, 0x0, 0x0, 0x0, 0x31, 0x83, 0x0, 0x2, 0x0, '\x00', 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.006236521s ago: executing program 0 (id=3166): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001a80)={0x1c, 0x1e, 0x1, 0x20000002, 0x0, {0x1}, [@nested={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0xc1}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0xa081}, 0x4004000) 3.743073283s ago: executing program 1 (id=3167): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) close_range(r0, 0xffffffffffffffff, 0x200000000000000) 3.577917353s ago: executing program 6 (id=3168): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec00"], 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)={0x0, 0x0, 0x1, '\"'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_connect$printer(0x1, 0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x5f, &(0x7f0000000840)=@string={0x5f, 0x3, "dcc4f21dc91c8dec8fbd9dd96b26d2e8f674c8dd23b669c89c7b0fb54b1a1abe4eaffcfe553d978269dec1ed0d9ec23aee2ff2ca302c66fae336dd467d8ae6e478a9e28c8e8512c75866ef596326b1c4db6ed808c55c031f59ad978739"}}]}) syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="201104060000000101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.532329648s ago: executing program 7 (id=3169): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000000500000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x12, 0x0, &(0x7f0000000080)="dc188619b95d02ff4284860188a86a4e0800", 0x0, 0x8001ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.434192809s ago: executing program 0 (id=3170): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8082, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000002c0)={'dummy0\x00', 0x400}) 3.165349189s ago: executing program 1 (id=3172): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) socket$packet(0x11, 0x3, 0x300) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0xa) 2.972227708s ago: executing program 0 (id=3173): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmmsg$inet(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001240)="cc5fd2518c506ebf347763559129e729164723d0e47c59f1b71a169d2bf45153816f628ff44cbe57e3b69377793663b2d7f0c39319dd2d25cf661253e80493fe43d4bd2521579cc80e15640e30cfedcde5be166f87dd93bc68ac7b179df08a08b19ec17b48e6ffa0026287ca02aec3d811c6262f219143baf964dd95c9ac5055ae4a8714ed7e524ab664ace9643ce2a56eb25288920ade7434d6be5cb5815dec81828de98e5f28bf5c536cff85314a25b345304ef6e35281f75d0e4fffb4effaf0ce6b4d689681dbd4fc160090761f1ee1c59099718474f81297928d9fb21c1ae86d7f0dc30e35584e5b4d862e086ae4f77647004b969c57a9eb0ec8f04665d4aed1e4255e3b4b130fd4f207d94fca04c482ae34da39997ab839477d717fc7aeba9e3380e2d3c42fcf8b65992c0e2ddc185af882cded42f0147fa010d40101edc65fe3652b4f95f7b9ecbbc09b5b2c8e2ede1d2b27a70b1f803fa0091b242dea878d5c8a711710fdd94c4883b02a1828742a779b92b0f5a083fb4646f903348c57cd48f70c8601bbbf28db00d94042c97470fffb2391548e3a2b52fab91b2b4f46a842eae1663c5b3af7e03f865331aff71bd73550fdfe354265f429b04cb31bbc1e4e6d0fd8aa6c06349c6b8810a5774c9db0dd225f0c8a2315f5c259e7f24ffb780db71b181bb3e4fdca6f190d65d81fea9db329d42186aa04f9242bc8cb7d3f1acc39b3d77827df3e460e0f9a75fdbd6c88859b94a346de22f4217bb887003aab", 0x222}, {0x0}], 0x2}}], 0x1, 0x2090) 2.744443792s ago: executing program 1 (id=3175): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1e0000000000000002000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x2000002, 0x3a, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.609572151s ago: executing program 0 (id=3176): r0 = syz_usb_connect$uac3(0x5, 0x93, &(0x7f0000000480)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x644, 0x8021, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x3, 0x1, 0x54, 0xc0, 0xf, {0x8, 0xb, 0x0, 0x1, 0x1, 0x1, 0x30, 0x4}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0xe, 0x1d, 0x81}, [@output_terminal={0x13, 0x24, 0x3, 0x6, 0x401, 0x6, 0x5, 0x3, 0xab3, 0xfff7, 0x5, 0x1}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x5, 0xe0, 0x0, {0xa, 0x25, 0x25, 0x8, 0x1f, 0x2}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x8, 0xc, 0x1, {0xa, 0x25, 0x25, 0x800, 0xf3, 0x3}}}}}}}}]}}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac3(r0, &(0x7f0000000880)={0x14, 0x0, &(0x7f0000000840)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x422}}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac3(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1c01}}}, 0x0) syz_usb_control_io(r0, &(0x7f0000001e80)={0x2c, 0x0, &(0x7f0000001c80)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) 2.584781565s ago: executing program 7 (id=3177): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=@delchain={0x1c8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x18c, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x124, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_connmark={0xf0, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0xbd, 0x6, "0ef6a460a5bbda16e826eafe044d3376872c48b74ae60f057b238fb15e2207986c5639bfbc3d91ee00b5a433e95b6b3527d9711d16abc0abaea927bcdffe4d3ec14fb6fca0407429934982873a3f054bcbf1e53f85fe7aee4ccd90229e6ba2b45bd165ebd7929c21abcdf0b8d47ff6a950009bf4b1ef96863b19aaa1c52a12b02f39c0816b2c6136341ed251c3b6f6af9385e3d242e39802d1054758f1fecd4810c086a3ef4c0b3354522333a981535fdda66a4dc5f04533ed"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_ACT={0x48, 0x1, [@m_ctinfo={0x44, 0x19, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x7fffffff}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x6}]}, {0x6, 0x6, "c048"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x81}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x40044}, 0x4000010) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x10) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 2.253322167s ago: executing program 4 (id=3179): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0x69, 0x0, 0x0, 0x0, 0x10, 0x7, 0x0, 0x88, 0x9, 0x0, 0x0, 0x0, 0x31, 0x83, 0x0, 0x2, 0x0, '\x00', 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.019827355s ago: executing program 4 (id=3180): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000007cc38af8ffa0000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001500000095"], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.626892019s ago: executing program 4 (id=3181): syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setreuid(0x0, 0xee00) r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x16, 0x0) read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x5ecfb203) 1.526735806s ago: executing program 7 (id=3182): socket$kcm(0xa, 0x5, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x26e1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_devices(r0, &(0x7f0000000280)=ANY=[@ANYRES8=r0, @ANYRES32=r0], 0xffdd) 1.281528099s ago: executing program 1 (id=3183): socket$kcm(0x10, 0x400000002, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000700)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x24, 0x7, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0xc82e}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000055}, 0x602169ed33ab2238) 978.569342ms ago: executing program 4 (id=3184): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a0011"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) 978.445312ms ago: executing program 7 (id=3185): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) socket$packet(0x11, 0x3, 0x300) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0xa) 792.414183ms ago: executing program 1 (id=3186): sendmmsg$inet6(0xffffffffffffffff, &(0x7f000000a000)=[{}], 0x1, 0x0) socket$netlink(0x10, 0x3, 0x4) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000000)=""/4087, &(0x7f0000001040)=0xff7) 606.246406ms ago: executing program 4 (id=3187): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x12, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x6e22, 0x9, @ipv4={'\x00', '\xff\xff', @empty}, 0x6}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x1a, 0x0, 0x0) bind$inet6(r1, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x200}, 0x1c) listen(r1, 0x5) listen(r0, 0x0) 494.888645ms ago: executing program 7 (id=3188): socket$kcm(0x11, 0x200000000000002, 0x300) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x18000000000002a0, 0x11, 0x0, &(0x7f0000000680)="b90103600040f000009e0ff008001fffff", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 351.216353ms ago: executing program 1 (id=3189): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000440)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) openat(0xffffffffffffff9c, &(0x7f0000001580)='./file0/file1\x00', 0x0, 0x40) setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0/file1\x00', &(0x7f0000000080), 0x0, 0x0, 0x3) umount2(&(0x7f00000002c0)='./file0\x00', 0x9) 147.006462ms ago: executing program 0 (id=3190): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0x69, 0x0, 0x0, 0x0, 0x10, 0x7, 0x0, 0x88, 0x9, 0x0, 0x0, 0x0, 0x31, 0x83, 0x0, 0x2, 0x0, '\x00', 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 68.0903ms ago: executing program 6 (id=3191): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @local}, @in6={0xa, 0x0, 0xfffffffc, @loopback, 0xc7f}], 0x2c) sendto$inet6(r0, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) recvmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/19, 0x13}, 0x8}], 0x1, 0x40000003, 0x0) 0s ago: executing program 4 (id=3192): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=@delchain={0x1c8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x18c, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x124, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_connmark={0xf0, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0xbd, 0x6, "0ef6a460a5bbda16e826eafe044d3376872c48b74ae60f057b238fb15e2207986c5639bfbc3d91ee00b5a433e95b6b3527d9711d16abc0abaea927bcdffe4d3ec14fb6fca0407429934982873a3f054bcbf1e53f85fe7aee4ccd90229e6ba2b45bd165ebd7929c21abcdf0b8d47ff6a950009bf4b1ef96863b19aaa1c52a12b02f39c0816b2c6136341ed251c3b6f6af9385e3d242e39802d1054758f1fecd4810c086a3ef4c0b3354522333a981535fdda66a4dc5f04533ed"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_ACT={0x48, 0x1, [@m_ctinfo={0x44, 0x19, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x7fffffff}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x6}]}, {0x6, 0x6, "c048"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x81}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x40044}, 0x4000010) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x10) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) kernel console output (not intermixed with test programs): x80 [ 255.634945][ T7104] netlink: 76 bytes leftover after parsing attributes in process `syz.4.414'. [ 255.661539][ T7105] fuse: Bad value for 'fd' [ 257.293357][ T7131] syzkaller0: entered promiscuous mode [ 257.302478][ T7131] syzkaller0: entered allmulticast mode [ 258.381389][ T7139] syzkaller0: entered promiscuous mode [ 258.408118][ T7139] syzkaller0: entered allmulticast mode [ 258.873691][ T7151] ======================================================= [ 258.873691][ T7151] WARNING: The mand mount option has been deprecated and [ 258.873691][ T7151] and is ignored by this kernel. Remove the mand [ 258.873691][ T7151] option from the mount to silence this warning. [ 258.873691][ T7151] ======================================================= [ 259.052218][ T7151] overlayfs: missing 'lowerdir' [ 260.802893][ T7180] netlink: 12 bytes leftover after parsing attributes in process `syz.1.440'. [ 262.090672][ T7211] overlayfs: missing 'workdir' [ 262.322106][ T7214] kvm: pic: non byte read [ 262.514801][ T7224] kvm: vcpu 0: requested 3328 ns lapic timer period limited to 200000 ns [ 262.669804][ T7223] syzkaller0: entered promiscuous mode [ 262.675468][ T7223] syzkaller0: entered allmulticast mode [ 262.773007][ T7228] netlink: 12 bytes leftover after parsing attributes in process `syz.1.453'. [ 262.777118][ C1] hrtimer: interrupt took 232300 ns [ 263.553909][ T29] audit: type=1326 audit(1775616311.328:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 263.649126][ T29] audit: type=1326 audit(1775616311.338:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 263.768972][ T29] audit: type=1326 audit(1775616311.338:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 263.838941][ T29] audit: type=1326 audit(1775616311.338:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 263.939470][ T29] audit: type=1326 audit(1775616311.338:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 264.031131][ T29] audit: type=1326 audit(1775616311.338:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 264.122822][ T29] audit: type=1326 audit(1775616311.338:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 264.187572][ T29] audit: type=1326 audit(1775616311.348:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 264.266050][ T29] audit: type=1326 audit(1775616311.348:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.2.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 264.354933][ T7255] overlayfs: fs on './cgroup' does not support file handles, falling back to index=off,nfs_export=off. [ 264.406122][ T7255] overlayfs: missing 'workdir' [ 264.948349][ T7263] netlink: 12 bytes leftover after parsing attributes in process `syz.3.466'. [ 265.002449][ T7265] syzkaller0: entered promiscuous mode [ 265.008102][ T7265] syzkaller0: entered allmulticast mode [ 265.419299][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.426205][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.701906][ T7280] fuse: Unknown parameter '0x0000000000000003' [ 267.043548][ T7308] syzkaller0: entered promiscuous mode [ 267.049785][ T7308] syzkaller0: entered allmulticast mode [ 268.918395][ T7349] syzkaller0: entered promiscuous mode [ 268.927964][ T7349] syzkaller0: entered allmulticast mode [ 271.272727][ T7394] kvm: requested 50285 ns i8254 timer period limited to 200000 ns [ 273.408646][ T7440] netlink: 12 bytes leftover after parsing attributes in process `syz.2.526'. [ 275.522163][ T7488] netlink: 12 bytes leftover after parsing attributes in process `syz.1.542'. [ 276.676250][ T7511] overlayfs: missing 'lowerdir' [ 277.361005][ T7525] fuse: Bad value for 'fd' [ 278.721843][ T7550] overlayfs: missing 'lowerdir' [ 279.297132][ T7558] fuse: Bad value for 'fd' [ 280.111875][ T7578] overlayfs: missing 'lowerdir' [ 281.250601][ T7592] syzkaller0: entered promiscuous mode [ 281.292471][ T7592] syzkaller0: entered allmulticast mode [ 283.051986][ T7617] overlayfs: missing 'lowerdir' [ 285.680089][ T7651] syzkaller0: entered promiscuous mode [ 285.725104][ T7651] syzkaller0: entered allmulticast mode [ 285.920875][ T7656] overlayfs: missing 'lowerdir' [ 286.815264][ T7672] kvm: pic: non byte write [ 287.969553][ T7658] Bluetooth: hci0: command 0x0406 tx timeout [ 287.976544][ T7658] Bluetooth: hci1: command 0x0406 tx timeout [ 287.983581][ T7658] Bluetooth: hci4: command 0x0406 tx timeout [ 287.990431][ T7658] Bluetooth: hci2: command 0x0406 tx timeout [ 288.001949][ T7658] Bluetooth: hci3: command 0x0406 tx timeout [ 288.531309][ T7697] overlayfs: missing 'lowerdir' [ 293.592487][ T29] audit: type=1326 audit(1775616341.368:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 293.719509][ T29] audit: type=1326 audit(1775616341.398:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 293.785239][ T29] audit: type=1326 audit(1775616341.398:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 293.885969][ T29] audit: type=1326 audit(1775616341.398:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 293.966297][ T29] audit: type=1326 audit(1775616341.408:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 294.050719][ T29] audit: type=1326 audit(1775616341.408:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 294.104084][ T29] audit: type=1326 audit(1775616341.408:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 294.158263][ T29] audit: type=1326 audit(1775616341.428:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 294.182069][ T29] audit: type=1326 audit(1775616341.428:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 294.257832][ T29] audit: type=1326 audit(1775616341.428:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.0.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 294.427969][ T7789] fuse: Unknown parameter '00000000000000000000003' [ 295.623089][ T7815] kvm: emulating exchange as write [ 296.163554][ T7826] fuse: Unknown parameter '00000000000000000000003' [ 297.601322][ T7857] kvm: requested 196952 ns i8254 timer period limited to 200000 ns [ 297.674716][ T7857] kvm: requested 16761 ns i8254 timer period limited to 200000 ns [ 297.768237][ T7857] kvm: requested 191085 ns i8254 timer period limited to 200000 ns [ 297.790790][ T7857] kvm: requested 19276 ns i8254 timer period limited to 200000 ns [ 297.817717][ T7857] kvm: requested 15923 ns i8254 timer period limited to 200000 ns [ 298.046327][ T7857] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 298.075492][ T7857] kvm: requested 93028 ns i8254 timer period limited to 200000 ns [ 298.116555][ T7857] kvm: requested 116495 ns i8254 timer period limited to 200000 ns [ 298.162382][ T7857] kvm: requested 163428 ns i8254 timer period limited to 200000 ns [ 298.222311][ T7857] kvm: requested 160076 ns i8254 timer period limited to 200000 ns [ 313.794528][ T29] audit: type=1326 audit(1775616361.568:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 313.916306][ T29] audit: type=1326 audit(1775616361.598:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.039101][ T29] audit: type=1326 audit(1775616361.598:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.149702][ T29] audit: type=1326 audit(1775616361.598:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.239219][ T29] audit: type=1326 audit(1775616361.618:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.299431][ T29] audit: type=1326 audit(1775616361.618:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.379073][ T29] audit: type=1326 audit(1775616361.618:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.467797][ T29] audit: type=1326 audit(1775616361.628:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.588936][ T29] audit: type=1326 audit(1775616361.628:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 314.729184][ T29] audit: type=1326 audit(1775616361.628:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8160 comm="syz.2.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 316.479548][ T8210] kvm: pic: non byte write [ 319.343550][ T8263] syzkaller0: entered promiscuous mode [ 319.361058][ T8263] syzkaller0: entered allmulticast mode [ 319.860596][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 319.860664][ T29] audit: type=1326 audit(1775616367.628:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 319.960469][ T29] audit: type=1326 audit(1775616367.668:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 320.066005][ T29] audit: type=1326 audit(1775616367.668:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 320.151641][ T29] audit: type=1326 audit(1775616367.668:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 320.248943][ T29] audit: type=1326 audit(1775616367.668:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 320.315999][ T29] audit: type=1326 audit(1775616367.668:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 320.399468][ T29] audit: type=1326 audit(1775616367.668:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.1.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 320.442237][ T8281] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 321.933641][ T8303] syzkaller0: entered promiscuous mode [ 321.979351][ T8303] syzkaller0: entered allmulticast mode [ 322.064575][ T29] audit: type=1326 audit(1775616369.828:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.2.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 322.129327][ T29] audit: type=1326 audit(1775616369.838:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.2.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 322.175215][ T29] audit: type=1326 audit(1775616369.838:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.2.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4decd9c819 code=0x7ffc0000 [ 323.687358][ T8336] fuse: Unknown parameter '0x0000000000000003' [ 324.746090][ T8347] kvm: kvm [8346]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x800 [ 326.856702][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.866664][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.537469][ T8412] kvm: pic: non byte write [ 329.153420][ T8424] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 331.277431][ T5791] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 331.301638][ T5791] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 331.326248][ T5791] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 331.381528][ T5791] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 331.399668][ T5791] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 332.434069][ T8455] chnl_net:caif_netlink_parms(): no params data found [ 333.482448][ T5789] Bluetooth: hci5: command tx timeout [ 333.794128][ T8455] bridge0: port 1(bridge_slave_0) entered blocking state [ 333.821997][ T8455] bridge0: port 1(bridge_slave_0) entered disabled state [ 333.859527][ T8455] bridge_slave_0: entered allmulticast mode [ 333.920421][ T8455] bridge_slave_0: entered promiscuous mode [ 333.961084][ T8455] bridge0: port 2(bridge_slave_1) entered blocking state [ 333.984250][ T8455] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.012120][ T8455] bridge_slave_1: entered allmulticast mode [ 334.036369][ T8455] bridge_slave_1: entered promiscuous mode [ 334.338987][ T8455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 334.456895][ T8455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 334.846097][ T8455] team0: Port device team_slave_0 added [ 334.888328][ T8455] team0: Port device team_slave_1 added [ 335.156574][ T8455] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 335.178898][ T8455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 335.251385][ T8455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 335.380968][ T8455] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 335.425347][ T8455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 335.489016][ T8455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 335.569163][ T5789] Bluetooth: hci5: command tx timeout [ 335.982390][ T8521] syzkaller0: entered promiscuous mode [ 335.988283][ T8521] syzkaller0: entered allmulticast mode [ 336.384286][ T8455] hsr_slave_0: entered promiscuous mode [ 336.422817][ T8455] hsr_slave_1: entered promiscuous mode [ 336.451428][ T8455] debugfs: 'hsr0' already exists in 'hsr' [ 336.457414][ T8455] Cannot create hsr debugfs directory [ 337.643301][ T5789] Bluetooth: hci5: command tx timeout [ 338.929124][ T8455] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 339.012397][ T8455] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 339.111280][ T8455] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 339.177623][ T8455] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 339.463552][ T8576] syzkaller0: entered promiscuous mode [ 339.519692][ T8576] syzkaller0: entered allmulticast mode [ 339.719267][ T5789] Bluetooth: hci5: command tx timeout [ 342.036371][ T8455] 8021q: adding VLAN 0 to HW filter on device bond0 [ 342.493921][ T3499] bridge_slave_1: left allmulticast mode [ 342.516013][ T3499] bridge_slave_1: left promiscuous mode [ 342.542887][ T3499] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.740730][ T3499] bridge_slave_0: left allmulticast mode [ 342.746564][ T3499] bridge_slave_0: left promiscuous mode [ 342.805047][ T3499] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.811224][ T3499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 343.954247][ T3499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 344.026465][ T3499] bond0 (unregistering): Released all slaves [ 344.145351][ T8455] 8021q: adding VLAN 0 to HW filter on device team0 [ 344.331897][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.339537][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 344.506207][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.513762][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 345.058975][ T3499] hsr_slave_0: left promiscuous mode [ 345.103629][ T3499] hsr_slave_1: left promiscuous mode [ 345.118134][ T3499] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 345.151250][ T3499] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 346.283520][ T3499] team0 (unregistering): Port device team_slave_1 removed [ 346.406907][ T3499] team0 (unregistering): Port device team_slave_0 removed [ 347.948960][ T8701] netlink: 12 bytes leftover after parsing attributes in process `syz.0.990'. [ 349.134441][ T8455] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 351.400125][ T8455] veth0_vlan: entered promiscuous mode [ 351.511707][ T8761] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1003'. [ 351.577673][ T8455] veth1_vlan: entered promiscuous mode [ 352.046122][ T8455] veth0_macvtap: entered promiscuous mode [ 352.152395][ T8455] veth1_macvtap: entered promiscuous mode [ 352.384879][ T8455] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 352.504664][ T8455] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 352.668174][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.702240][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.758550][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.827053][ T53] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.754937][ T8822] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1015'. [ 358.709539][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 358.745378][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 358.905578][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 358.925213][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 364.573738][ T9013] syzkaller0: entered promiscuous mode [ 364.590989][ T9013] syzkaller0: entered allmulticast mode [ 365.670160][ T9036] kvm: pic: non byte write [ 365.675316][ T9036] kvm: pic: non byte write [ 365.704718][ T9036] kvm: pic: non byte write [ 365.725096][ T9036] kvm: pic: non byte write [ 365.742038][ T9036] kvm: pic: non byte write [ 365.787485][ T9036] kvm: pic: non byte write [ 365.815487][ T9036] kvm: pic: non byte write [ 365.855553][ T9036] kvm: pic: non byte write [ 365.899355][ T9036] kvm: pic: non byte write [ 365.929812][ T9036] kvm: pic: non byte write [ 367.094545][ T9062] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 371.695819][ T9151] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 374.523888][ T9211] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 378.213720][ T9266] syzkaller0: entered promiscuous mode [ 378.240870][ T9266] syzkaller0: entered allmulticast mode [ 379.534152][ T9292] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 382.562237][ T9348] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 385.220760][ T9396] kvm: kvm [9393]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0 [ 385.269061][ T9396] kvm: kvm [9393]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 388.307522][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.314347][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 393.571456][ T9574] capability: warning: `syz.5.1259' uses deprecated v2 capabilities in a way that may be insecure [ 395.179927][ T9606] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 405.032563][ T9786] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 406.035057][ T9804] kvm_intel: kvm [9803]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x7e00000001 [ 412.265875][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 412.265948][ T29] audit: type=1326 audit(1775616460.038:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 412.389398][ T29] audit: type=1326 audit(1775616460.088:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 412.459442][ T29] audit: type=1326 audit(1775616460.088:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 412.509725][ T29] audit: type=1326 audit(1775616460.088:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 412.544834][ T29] audit: type=1326 audit(1775616460.088:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 412.624324][ T29] audit: type=1326 audit(1775616460.138:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 412.656612][ T29] audit: type=1326 audit(1775616460.138:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f11e1f9c582 code=0x7ffc0000 [ 412.679208][ T29] audit: type=1326 audit(1775616460.138:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f11e1f9c617 code=0x7ffc0000 [ 412.778273][ T29] audit: type=1326 audit(1775616460.138:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f11e1f59511 code=0x7ffc0000 [ 412.859145][ T29] audit: type=1326 audit(1775616460.138:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f11e1f9d609 code=0x7ffc0000 [ 417.050305][ T9970] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 417.213367][ T9975] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 420.298107][T10012] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 422.680829][T10057] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 427.061595][T10137] kvm: MWAIT instruction emulated as NOP! [ 428.851577][T10166] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 429.712923][T10185] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 430.642944][T10206] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 432.321440][T10236] picdev_write: 8 callbacks suppressed [ 432.321508][T10236] kvm: pic: non byte write [ 437.836509][T10334] loop1: detected capacity change from 0 to 16 [ 437.921357][T10334] erofs (device loop1): mounted with root inode @ nid 36. [ 438.017179][T10334] syz.1.1525: attempt to access beyond end of device [ 438.017179][T10334] loop1: rw=8912896, sector=1342177272, nr_sectors = 32 limit=16 [ 438.086250][T10334] syz.1.1525: attempt to access beyond end of device [ 438.086250][T10334] loop1: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 438.183635][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 438.183705][ T29] audit: type=1800 audit(1775616485.948:128): pid=10334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1525" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 445.877723][T10500] loop4: detected capacity change from 0 to 164 [ 445.904601][T10500] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 445.979497][T10500] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 445.998161][T10495] loop5: detected capacity change from 0 to 1764 [ 446.033734][T10500] rock: directory entry would overflow storage [ 446.047268][T10495] iso9660: Unknown parameter 'i' [ 446.065768][T10500] rock: sig=0x4f50, size=4, remaining=3 [ 446.079363][T10500] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 446.206237][T10495] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1586'. [ 447.680549][T10535] loop4: detected capacity change from 0 to 128 [ 449.618365][T10562] kvm: pic: non byte write [ 449.654081][T10562] kvm: pic: non byte write [ 449.680214][T10562] kvm: pic: non byte write [ 449.711738][T10562] kvm: pic: level sensitive irq not supported [ 449.712330][T10562] kvm: pic: non byte write [ 449.735988][T10562] kvm: pic: single mode not supported [ 449.736057][T10562] kvm: pic: level sensitive irq not supported [ 449.756736][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.788807][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.810838][T10562] kvm: pic: level sensitive irq not supported [ 449.863849][T10562] kvm: pic: non byte write [ 449.917779][T10562] kvm: pic: non byte write [ 449.926280][T10562] kvm: pic: non byte write [ 449.935670][T10562] kvm: pic: non byte write [ 449.944289][T10562] kvm: pic: non byte write [ 449.989652][T10562] kvm: pic: non byte write [ 450.022511][T10562] kvm: pic: level sensitive irq not supported [ 450.024123][T10562] kvm: pic: level sensitive irq not supported [ 450.072983][T10562] kvm: pic: level sensitive irq not supported [ 450.114825][T10562] kvm: pic: level sensitive irq not supported [ 450.144671][T10562] kvm: pic: single mode not supported [ 450.173232][T10562] kvm: pic: single mode not supported [ 450.179149][T10562] kvm: pic: level sensitive irq not supported [ 450.221915][T10577] loop2: detected capacity change from 0 to 128 [ 450.292318][T10577] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 450.380740][T10577] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 450.990654][T10584] pim6reg1: entered promiscuous mode [ 451.027164][T10584] pim6reg1: entered allmulticast mode [ 451.488540][T10599] loop4: detected capacity change from 0 to 256 [ 456.919050][ T5791] Bluetooth: hci5: command 0x0406 tx timeout [ 461.512577][T10736] loop2: detected capacity change from 0 to 256 [ 461.661851][T10736] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 462.246754][T10743] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1680'. [ 463.005845][T10753] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1682'. [ 463.112244][T10755] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1682'. [ 466.447728][T10800] kvm: pic: non byte write [ 470.770353][T10855] kvm: pic: non byte write [ 471.641659][T10872] loop4: detected capacity change from 0 to 128 [ 471.943086][T10875] loop1: detected capacity change from 0 to 16 [ 472.011240][T10875] erofs (device loop1): invalid ishare xattr prefix id 0 [ 472.067581][T10875] overlayfs: overlapping lowerdir path [ 472.896265][T10879] overlayfs: statfs failed on './file0' [ 474.014758][T10915] xt_CT: No such helper "netbios-ns" [ 476.056232][T10936] loop1: detected capacity change from 0 to 512 [ 477.714180][T10961] overlayfs: upper fs does not support file handles, falling back to index=off. [ 479.100233][T10993] kvm: pic: non byte write [ 486.963885][T11121] fuse: Bad value for 'fd' [ 487.027664][T11121] overlayfs: overlapping lowerdir path [ 487.119451][T11122] kvm: user requested TSC rate below hardware speed [ 487.218135][T11126] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 489.985344][T11178] process 'syz.1.1831' launched './file0' with NULL argv: empty string added [ 492.554110][T11211] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 494.907524][T11252] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1858'. [ 507.119648][ T5791] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 507.152727][ T5791] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 507.163139][ T5791] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 507.183532][ T5791] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 507.219673][ T5791] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 509.174914][T11383] chnl_net:caif_netlink_parms(): no params data found [ 509.319142][ T5791] Bluetooth: hci3: command tx timeout [ 510.468279][ T29] audit: type=1326 audit(1775616558.238:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 510.558892][ T29] audit: type=1326 audit(1775616558.238:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 510.709160][ T29] audit: type=1326 audit(1775616558.288:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 510.808894][ T29] audit: type=1326 audit(1775616558.288:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 510.932169][ T29] audit: type=1326 audit(1775616558.288:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 511.044797][T11383] bridge0: port 1(bridge_slave_0) entered blocking state [ 511.055726][ T29] audit: type=1326 audit(1775616558.288:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 511.080502][T11383] bridge0: port 1(bridge_slave_0) entered disabled state [ 511.088263][T11383] bridge_slave_0: entered allmulticast mode [ 511.176550][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.184350][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.185862][T11383] bridge_slave_0: entered promiscuous mode [ 511.217960][ T29] audit: type=1326 audit(1775616558.288:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 511.294656][T11383] bridge0: port 2(bridge_slave_1) entered blocking state [ 511.329913][ T29] audit: type=1326 audit(1775616558.288:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 511.348998][T11383] bridge0: port 2(bridge_slave_1) entered disabled state [ 511.389895][T11383] bridge_slave_1: entered allmulticast mode [ 511.408919][ T5791] Bluetooth: hci3: command tx timeout [ 511.421562][T11383] bridge_slave_1: entered promiscuous mode [ 511.438178][ T29] audit: type=1326 audit(1775616558.298:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 511.544221][T11383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 511.628081][ T29] audit: type=1326 audit(1775616558.298:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11437 comm="syz.5.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f516339c819 code=0x7ffc0000 [ 511.681734][T11383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 512.052640][T11383] team0: Port device team_slave_0 added [ 512.189900][T11383] team0: Port device team_slave_1 added [ 512.465672][T11383] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 512.494299][T11383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 512.589397][T11383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 512.654183][T11383] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 512.677909][T11383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 512.758290][T11383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 513.285355][T11383] hsr_slave_0: entered promiscuous mode [ 513.333349][T11383] hsr_slave_1: entered promiscuous mode [ 513.377938][T11383] debugfs: 'hsr0' already exists in 'hsr' [ 513.413725][T11383] Cannot create hsr debugfs directory [ 513.479246][ T5791] Bluetooth: hci3: command tx timeout [ 515.580042][ T5791] Bluetooth: hci3: command tx timeout [ 517.229122][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 517.229189][ T29] audit: type=1326 audit(1775616564.998:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 517.264564][T11383] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 517.349253][ T29] audit: type=1326 audit(1775616565.038:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 517.435724][T11383] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 517.449659][ T29] audit: type=1326 audit(1775616565.038:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 517.528868][ T29] audit: type=1326 audit(1775616565.038:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 517.614691][T11383] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 517.632511][ T29] audit: type=1326 audit(1775616565.058:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 517.718392][ T29] audit: type=1326 audit(1775616565.058:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 517.767292][T11383] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 517.905850][ T29] audit: type=1326 audit(1775616565.058:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 518.064614][ T29] audit: type=1326 audit(1775616565.058:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 518.174127][ T29] audit: type=1326 audit(1775616565.058:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 518.248825][ T29] audit: type=1326 audit(1775616565.058:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.0.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 519.053279][T11383] 8021q: adding VLAN 0 to HW filter on device bond0 [ 519.282136][T11383] 8021q: adding VLAN 0 to HW filter on device team0 [ 519.351973][ T70] bridge0: port 1(bridge_slave_0) entered blocking state [ 519.359589][ T70] bridge0: port 1(bridge_slave_0) entered forwarding state [ 519.566651][ T3499] bridge0: port 2(bridge_slave_1) entered blocking state [ 519.574394][ T3499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 521.932233][T11383] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 522.322491][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 522.322561][ T29] audit: type=1326 audit(1775616570.098:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11595 comm="syz.0.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 524.179277][T11383] veth0_vlan: entered promiscuous mode [ 524.256397][T11383] veth1_vlan: entered promiscuous mode [ 524.580930][T11383] veth0_macvtap: entered promiscuous mode [ 524.653904][T11383] veth1_macvtap: entered promiscuous mode [ 524.866658][T11383] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 525.032939][ T29] audit: type=1326 audit(1775616572.808:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 525.060474][T11383] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 525.174593][ T29] audit: type=1326 audit(1775616572.818:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 525.208848][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 525.232649][ T1032] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 525.288893][ T29] audit: type=1326 audit(1775616572.818:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 525.300888][ T1032] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 525.399807][ T29] audit: type=1326 audit(1775616572.818:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 525.459346][ T1032] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 525.489219][ T29] audit: type=1326 audit(1775616572.878:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 525.609709][ T29] audit: type=1326 audit(1775616572.878:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7feca3f9c582 code=0x7ffc0000 [ 525.708993][ T29] audit: type=1326 audit(1775616572.878:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7feca3f9c617 code=0x7ffc0000 [ 525.819261][ T29] audit: type=1326 audit(1775616572.878:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7feca3f59511 code=0x7ffc0000 [ 525.920265][ T29] audit: type=1326 audit(1775616572.878:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7feca3f9d609 code=0x7ffc0000 [ 527.849859][T11643] mmap: syz.5.1980 (11643) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 528.506762][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 528.506828][ T29] audit: type=1326 audit(1775616576.278:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 528.657810][ T29] audit: type=1326 audit(1775616576.288:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 528.753568][ T29] audit: type=1326 audit(1775616576.288:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 528.799008][ T29] audit: type=1326 audit(1775616576.288:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 528.881043][ T29] audit: type=1326 audit(1775616576.348:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 528.966300][ T29] audit: type=1326 audit(1775616576.348:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f11e1f9c582 code=0x7ffc0000 [ 529.047166][ T29] audit: type=1326 audit(1775616576.348:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f11e1f9c617 code=0x7ffc0000 [ 529.103065][ T29] audit: type=1326 audit(1775616576.348:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f11e1f59511 code=0x7ffc0000 [ 529.196326][ T29] audit: type=1326 audit(1775616576.348:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f11e1f9d609 code=0x7ffc0000 [ 529.289542][ T29] audit: type=1326 audit(1775616576.358:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f11e1f58c6c code=0x7ffc0000 [ 531.019116][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 531.027116][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 531.181276][T11714] overlayfs: overlapping lowerdir path [ 531.253881][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 531.286430][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 533.892537][T11754] overlayfs: overlapping lowerdir path [ 535.027327][ T29] kauditd_printk_skb: 45 callbacks suppressed [ 535.027396][ T29] audit: type=1326 audit(1775616582.798:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.113275][ T29] audit: type=1326 audit(1775616582.828:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.194997][ T29] audit: type=1326 audit(1775616582.828:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.303814][ T29] audit: type=1326 audit(1775616582.838:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.438984][ T29] audit: type=1326 audit(1775616582.858:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.541494][ T29] audit: type=1326 audit(1775616582.858:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.646972][ T29] audit: type=1326 audit(1775616582.858:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.772887][ T29] audit: type=1326 audit(1775616582.868:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.873797][ T29] audit: type=1326 audit(1775616582.868:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 535.986094][ T29] audit: type=1326 audit(1775616582.868:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11766 comm="syz.4.2015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 543.180845][T11855] loop5: detected capacity change from 0 to 128 [ 543.243812][T11855] FAT-fs (loop5): bogus number of reserved sectors [ 543.250846][T11855] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 543.260564][T11855] FAT-fs (loop5): Can't find a valid FAT filesystem [ 543.274726][T11855] ±ÿe=0,utf8=: renamed from lo (while UP) [ 546.196370][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 546.196438][ T29] audit: type=1326 audit(1775616593.968:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 546.308896][ T29] audit: type=1326 audit(1775616594.008:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 546.626900][ T29] audit: type=1326 audit(1775616594.008:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 547.204140][ T29] audit: type=1326 audit(1775616594.028:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 547.430109][ T29] audit: type=1326 audit(1775616594.028:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 547.620225][ T29] audit: type=1326 audit(1775616594.028:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 547.855375][ T29] audit: type=1326 audit(1775616594.028:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 548.065394][ T29] audit: type=1326 audit(1775616594.028:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11870 comm="syz.0.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9faf39c819 code=0x7ffc0000 [ 549.319843][T11834] bridge_slave_1: left allmulticast mode [ 549.325682][T11834] bridge_slave_1: left promiscuous mode [ 549.354090][T11834] bridge0: port 2(bridge_slave_1) entered disabled state [ 549.384404][T11834] bridge_slave_0: left allmulticast mode [ 549.422279][T11834] bridge_slave_0: left promiscuous mode [ 549.452538][T11834] bridge0: port 1(bridge_slave_0) entered disabled state [ 550.013630][ T29] audit: type=1800 audit(1775616597.788:391): pid=11915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2063" name="bus" dev="tmpfs" ino=2298 res=0 errno=0 [ 550.221840][T11834] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 550.329224][T11834] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 550.391474][T11834] bond0 (unregistering): Released all slaves [ 550.420748][T11916] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2182154216 (4364308432 ns) > initial count (507749598 ns). Using initial count to start timer. [ 552.597817][T11834] hsr_slave_0: left promiscuous mode [ 552.694296][T11834] hsr_slave_1: left promiscuous mode [ 552.739245][T11834] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 552.771207][T11834] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 554.139749][T11834] team0 (unregistering): Port device team_slave_1 removed [ 554.320476][T11834] team0 (unregistering): Port device team_slave_0 removed [ 557.641189][T12008] kvm_intel: kvm [12007]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x7e00000001 [ 557.995495][T12016] kvm: Disabled LAPIC found during irq injection [ 569.551092][T12173] kvm: user requested TSC rate below hardware speed [ 570.445398][T12180] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2135'. [ 572.620431][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.628034][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 574.284571][ T29] audit: type=1800 audit(1775616622.058:392): pid=12239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2152" name="bus" dev="tmpfs" ino=1123 res=0 errno=0 [ 578.317981][ T29] audit: type=1326 audit(1775616626.088:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12317 comm="syz.0.2178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9faf39c819 code=0x0 [ 584.796312][T12434] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2214'. [ 598.091738][T12621] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 611.711318][T12784] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2310'. [ 616.850587][T12885] kvm: requested 2514 ns i8254 timer period limited to 200000 ns [ 617.044812][T12883] kvm: kvm [12881]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x800 [ 617.055333][T12885] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 617.096239][T12883] kvm: kvm [12881]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x800 [ 617.216818][T12883] kvm: kvm [12881]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x800 [ 617.281412][T12883] kvm: kvm [12881]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x800 [ 625.061547][ T29] audit: type=1326 audit(1775616672.838:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13005 comm="syz.6.2392" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f17a679c819 code=0x0 [ 627.250194][T13034] overlayfs: missing 'lowerdir' [ 629.233139][T13058] kvm: requested 2514 ns i8254 timer period limited to 200000 ns [ 631.008947][T13053] Bluetooth: hci3: command 0x0406 tx timeout [ 634.071320][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.077922][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.705028][T13053] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 635.720693][T13053] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 635.730135][T13053] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 635.746683][T13053] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 635.758931][T13053] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 636.310910][T13135] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2441'. [ 637.256926][T13132] chnl_net:caif_netlink_parms(): no params data found [ 637.550688][ T29] audit: type=1326 audit(1775616685.318:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 637.672134][ T29] audit: type=1326 audit(1775616685.318:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 637.843225][ T29] audit: type=1326 audit(1775616685.328:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 637.889166][T13053] Bluetooth: hci2: command tx timeout [ 637.969047][ T29] audit: type=1326 audit(1775616685.328:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 638.108355][ T29] audit: type=1326 audit(1775616685.358:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 638.218786][ T29] audit: type=1326 audit(1775616685.408:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca3f9c819 code=0x7ffc0000 [ 638.351633][ T29] audit: type=1326 audit(1775616685.408:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7feca3f9c582 code=0x7ffc0000 [ 638.481082][ T29] audit: type=1326 audit(1775616685.538:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7feca3f9c617 code=0x7ffc0000 [ 638.589008][ T29] audit: type=1326 audit(1775616685.538:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7feca3f59511 code=0x7ffc0000 [ 638.728828][ T29] audit: type=1326 audit(1775616685.538:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13148 comm="syz.4.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7feca3f9d609 code=0x7ffc0000 [ 639.218127][T13132] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.278096][T13132] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.289268][T13132] bridge_slave_0: entered allmulticast mode [ 639.336425][T13132] bridge_slave_0: entered promiscuous mode [ 639.382998][T13132] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.421279][T13132] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.459421][T13132] bridge_slave_1: entered allmulticast mode [ 639.473235][T13132] bridge_slave_1: entered promiscuous mode [ 639.574789][T12354] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 639.724565][T13172] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2453'. [ 639.777748][T12354] usb 5-1: Using ep0 maxpacket: 32 [ 639.821323][T12354] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 639.830527][T13132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 639.850204][T12354] usb 5-1: config 0 has no interface number 0 [ 639.856499][T12354] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 639.916039][T12354] usb 5-1: config 0 interface 1 has no altsetting 0 [ 639.952762][T13132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 639.959487][ T5791] Bluetooth: hci2: command tx timeout [ 639.981899][T12354] usb 5-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 639.994603][T12354] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 640.012497][T12354] usb 5-1: Product: syz [ 640.016949][T12354] usb 5-1: Manufacturer: syz [ 640.023003][T12354] usb 5-1: SerialNumber: syz [ 640.044188][T12354] usb 5-1: config 0 descriptor?? [ 640.370298][T12354] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 640.410033][T12354] cx231xx 5-1:0.1: Failed to read PCB config [ 640.428986][T12354] cx231xx 5-1:0.1: probe with driver cx231xx failed with error -71 [ 640.474664][T13132] team0: Port device team_slave_0 added [ 640.479374][T12354] usb 5-1: USB disconnect, device number 2 [ 640.656425][T13132] team0: Port device team_slave_1 added [ 640.909051][T12354] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 640.937602][T13132] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 640.979166][T13132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 641.051398][T13132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 641.089709][T12354] usb 5-1: Using ep0 maxpacket: 32 [ 641.114154][T13132] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 641.133261][T12354] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 641.166650][T12354] usb 5-1: config 0 has no interface number 0 [ 641.189128][T13132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 641.230056][T12354] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 641.254086][T12354] usb 5-1: config 0 interface 1 has no altsetting 0 [ 641.301815][T13132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 641.339285][T12354] usb 5-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 641.358992][T12354] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 641.367190][T12354] usb 5-1: Product: syz [ 641.388889][T12354] usb 5-1: Manufacturer: syz [ 641.393681][T12354] usb 5-1: SerialNumber: syz [ 641.439725][T12354] usb 5-1: config 0 descriptor?? [ 641.464849][T13191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2460'. [ 641.706422][T12354] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 641.752189][T12354] cx231xx 5-1:0.1: bad config in buspower!!!! [ 641.752189][T12354] config_info=40 [ 641.801013][T13132] hsr_slave_0: entered promiscuous mode [ 641.808857][T12354] cx231xx 5-1:0.1: Identified as Conexant Hybrid TV - RDU253S (card=4) [ 641.852385][T13132] hsr_slave_1: entered promiscuous mode [ 641.891487][T13132] debugfs: 'hsr0' already exists in 'hsr' [ 641.897705][T13132] Cannot create hsr debugfs directory [ 641.955651][T12354] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --71 [ 642.003650][T12354] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --71 [ 642.037167][T12354] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --71 [ 642.045710][ T5791] Bluetooth: hci2: command tx timeout [ 642.059781][T12354] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --71 [ 642.079513][T12354] cx231xx 5-1:0.1: cx231xx_send_gpio_cmd: failed with status --71 [ 642.087548][T12354] cx231xx 5-1:0.1: Failed to set devmode to analog: error: -71 [ 642.222891][T12354] i2c i2c-2: Added multiplexed i2c bus 4 [ 642.321480][T12354] i2c i2c-2: Added multiplexed i2c bus 5 [ 642.339600][T12354] cx231xx 5-1:0.1: cx231xx_dev_init: Failed to set Power - errCode [-71]! [ 642.369588][T12354] cx231xx 5-1:0.1: cx231xx_init_dev: cx231xx_i2c_register - errCode [-71]! [ 642.541833][T12354] cx231xx 5-1:0.1: probe with driver cx231xx failed with error -71 [ 642.619984][T12354] usb 5-1: USB disconnect, device number 3 [ 643.583445][T13208] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2466'. [ 643.719600][T13209] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2466'. [ 643.762536][T13132] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 643.899089][T13132] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 643.974515][T13132] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 644.075097][T13132] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 644.119083][ T5791] Bluetooth: hci2: command tx timeout [ 644.752133][T13220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2471'. [ 645.527016][T13132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 645.769366][T13132] 8021q: adding VLAN 0 to HW filter on device team0 [ 645.869696][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 645.877256][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 646.024840][T12054] bridge0: port 2(bridge_slave_1) entered blocking state [ 646.032467][T12054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 646.192641][T13240] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2478'. [ 646.258163][T13240] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2478'. [ 648.742074][T13132] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 649.617158][T13282] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2491'. [ 649.696763][T13283] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2491'. [ 650.669132][T13296] loop1: detected capacity change from 0 to 16 [ 650.716785][T13296] erofs (device loop1): invalid ishare xattr prefix id 0 [ 652.340346][T13132] veth0_vlan: entered promiscuous mode [ 652.490321][T13132] veth1_vlan: entered promiscuous mode [ 652.694232][T13326] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2502'. [ 652.776972][T13326] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2502'. [ 653.850969][T13132] veth0_macvtap: entered promiscuous mode [ 654.154350][T13132] veth1_macvtap: entered promiscuous mode [ 654.827915][T13132] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 654.922774][T13132] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 655.133505][T13276] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.174884][T13276] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.331165][T13276] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.405719][T13276] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 656.663233][T13374] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2515'. [ 656.706783][T13374] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2515'. [ 659.302399][T13398] QAT: Invalid ioctl 1075883590 [ 659.318014][T13398] QAT: Invalid ioctl 1075883590 [ 659.339308][T13398] QAT: Invalid ioctl 1075883590 [ 659.344623][T13398] QAT: Invalid ioctl 1075883590 [ 659.413358][T13398] QAT: Invalid ioctl 1075883590 [ 659.444874][T13398] QAT: Invalid ioctl 1075883590 [ 659.465261][T13398] QAT: Invalid ioctl 1075883590 [ 659.507369][T13398] QAT: Invalid ioctl 1075883590 [ 659.550141][T13398] QAT: Invalid ioctl 1075883590 [ 659.576668][T13398] QAT: Invalid ioctl 1075883590 [ 659.650081][T13404] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 659.721022][T13404] block device autoloading is deprecated and will be removed. [ 659.765028][T13401] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 659.800952][T13401] block device autoloading is deprecated and will be removed. [ 660.566074][T13417] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2527'. [ 660.623857][T13417] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2527'. [ 664.848934][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 664.885032][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 665.162460][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 665.195500][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 665.239544][ T5937] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 665.426389][ T5937] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 665.442338][ T5937] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 665.460136][ T5937] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 665.487534][ T5937] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 665.525825][ T5937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.549005][ T5831] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 665.603283][T13468] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 665.650059][ T5937] hub 5-1:1.0: bad descriptor, ignoring hub [ 665.675723][ T5937] hub 5-1:1.0: probe with driver hub failed with error -5 [ 665.732074][ T5831] usb 7-1: Using ep0 maxpacket: 8 [ 665.750104][ T5937] cdc_wdm 5-1:1.0: skipping garbage [ 665.773451][ T5937] cdc_wdm 5-1:1.0: skipping garbage [ 665.782162][ T5831] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 665.813761][ T5937] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 665.833610][ T5831] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 665.846486][ T5937] cdc_wdm 5-1:1.0: Unknown control protocol [ 665.911576][ T5831] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 665.950209][ T5937] usb 5-1: USB disconnect, device number 4 [ 665.958941][ T5831] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 666.015689][ T5831] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 666.085400][ T5831] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 666.120789][ T5831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 666.382322][ T5937] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 666.415951][ T5831] usb 7-1: GET_CAPABILITIES returned 0 [ 666.436144][ T5831] usbtmc 7-1:16.0: can't read capabilities [ 666.569080][ T5937] usb 5-1: Using ep0 maxpacket: 8 [ 666.598041][ T5937] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 666.618705][ T5793] usb 7-1: USB disconnect, device number 2 [ 666.638772][ T5937] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 666.696620][ T5937] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 666.753972][ T5937] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 666.821055][ T5937] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 666.861324][ T5937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 666.955738][ T5937] hub 5-1:1.0: bad descriptor, ignoring hub [ 666.994258][ T5937] hub 5-1:1.0: probe with driver hub failed with error -5 [ 667.014146][ T5937] cdc_wdm 5-1:1.0: skipping garbage [ 667.033549][ T5937] cdc_wdm 5-1:1.0: skipping garbage [ 667.191523][ T5937] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 667.250353][ T5937] cdc_wdm 5-1:1.0: Unknown control protocol [ 667.460648][ T5937] usb 5-1: USB disconnect, device number 5 [ 672.925914][T13521] loop1: detected capacity change from 0 to 128 [ 678.346716][T13553] loop4: detected capacity change from 0 to 164 [ 678.409916][T13550] loop1: detected capacity change from 0 to 128 [ 679.381406][T13563] loop0: detected capacity change from 0 to 256 [ 679.418481][T13563] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 679.510185][ T29] kauditd_printk_skb: 66 callbacks suppressed [ 679.510259][ T29] audit: type=1800 audit(1775616727.258:471): pid=13563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2573" name="file1" dev="loop0" ino=1048624 res=0 errno=0 [ 679.716587][T13568] overlayfs: upper fs does not support file handles, falling back to index=off. [ 681.241816][T13589] loop0: detected capacity change from 0 to 128 [ 682.301982][T13604] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2588'. [ 684.210366][T13628] loop4: detected capacity change from 0 to 128 [ 684.817077][T13636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2601'. [ 684.851132][T13636] 8021q: VLANs not supported on ip6_vti0 [ 685.421467][ T57] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 685.696228][ T57] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 685.965843][ T57] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.743187][ T57] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 687.028840][ T5793] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 687.223686][ T5793] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 687.288116][ T5793] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 687.349284][ T5793] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.370484][ T57] bridge_slave_1: left allmulticast mode [ 687.376308][ T57] bridge_slave_1: left promiscuous mode [ 687.411438][ T5793] usb 1-1: config 0 descriptor?? [ 687.421336][ T57] bridge0: port 2(bridge_slave_1) entered disabled state [ 687.490182][ T57] bridge_slave_0: left allmulticast mode [ 687.496140][ T57] bridge_slave_0: left promiscuous mode [ 687.555430][ T57] bridge0: port 1(bridge_slave_0) entered disabled state [ 687.895678][ T5793] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor [ 687.955768][ T5793] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0001/input/input5 [ 688.082654][T13667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 688.108925][T13670] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 688.119966][T13667] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 688.262134][ T5793] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 688.305521][T13670] usb 7-1: unable to get BOS descriptor or descriptor too short [ 688.350521][T13670] usb 7-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice= 0.40 [ 688.363352][T13670] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 688.393275][T13670] usb 7-1: Product: syz [ 688.420502][T13670] usb 7-1: Manufacturer: syz [ 688.452632][T13670] usb 7-1: SerialNumber: syz [ 688.481987][ T5793] usb 1-1: USB disconnect, device number 2 [ 689.220023][T13670] usb 7-1: unit 5 not found! [ 689.224828][T13670] usb 7-1: unit 3 not found! [ 689.327259][ T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 689.368432][T13680] fido_id[13680]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 689.389814][ T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 689.504385][ T57] bond0 (unregistering): Released all slaves [ 689.862968][T13670] snd-usb-us122l 7-1:1.1: usb_set_interface error [ 689.881200][T13670] snd-usb-us122l 7-1:1.1: probe with driver snd-usb-us122l failed with error -22 [ 690.026233][T13670] usb 7-1: USB disconnect, device number 3 [ 690.572701][ T5927] udevd[5927]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 691.906020][ T57] hsr_slave_0: left promiscuous mode [ 691.923534][ T57] hsr_slave_1: left promiscuous mode [ 691.939649][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 691.978793][T13670] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 691.978876][ T57] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 692.001070][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 692.035797][ T57] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 692.160998][ T57] veth1_macvtap: left promiscuous mode [ 692.178860][ T57] veth0_macvtap: left promiscuous mode [ 692.186891][ T57] veth1_vlan: left promiscuous mode [ 692.218065][T13670] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 692.219139][ T57] veth0_vlan: left promiscuous mode [ 692.273768][T13670] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 692.338886][T13670] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 692.385449][T13670] usb 1-1: config 0 descriptor?? [ 692.910539][T13670] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor [ 693.009859][T13670] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0002/input/input6 [ 693.082672][T13739] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 693.095280][T13722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 693.132062][T13722] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 693.409613][T13670] keytouch 0003:0926:3333.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 693.498823][T13670] usb 1-1: USB disconnect, device number 3 [ 694.323253][T13750] fido_id[13750]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 695.065441][ T57] team0 (unregistering): Port device team_slave_1 removed [ 695.177392][ T57] team0 (unregistering): Port device team_slave_0 removed [ 695.501107][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 695.507689][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 698.049026][T13670] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 698.271998][T13670] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 698.289477][T13670] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 698.317270][T13670] usb 5-1: config 0 descriptor?? [ 698.366422][T13670] cp210x 5-1:0.0: cp210x converter detected [ 698.647981][T13809] syz.0.2650 (13809): /proc/13808/oom_adj is deprecated, please use /proc/13808/oom_score_adj instead. [ 698.784573][T13670] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 698.905895][T13670] usb 5-1: cp210x converter now attached to ttyUSB0 [ 699.038821][ T5831] usb 5-1: USB disconnect, device number 6 [ 699.080799][ T5831] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 699.172066][ T5831] cp210x 5-1:0.0: device disconnected [ 702.449284][ T5831] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 702.646603][ T5831] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 702.678905][ T5831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.718056][ T5831] usb 8-1: config 0 descriptor?? [ 702.772568][ T5831] cp210x 8-1:0.0: cp210x converter detected [ 702.825161][T13877] loop6: detected capacity change from 0 to 2364 [ 703.053236][T13875] kvm: kvm [13874]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0xa2 [ 703.106963][T13875] kvm: kvm [13874]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x14 [ 703.160340][T13875] kvm: kvm [13874]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x46 [ 703.442217][ T5831] cp210x 8-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 703.468817][ T5831] cp210x 8-1:0.0: GPIO initialisation failed: -71 [ 703.571854][ T5831] usb 8-1: cp210x converter now attached to ttyUSB0 [ 703.646987][ T5831] usb 8-1: USB disconnect, device number 2 [ 703.724212][ T5831] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 703.780786][ T5831] cp210x 8-1:0.0: device disconnected [ 705.512254][T13927] loop1: detected capacity change from 0 to 128 [ 707.187491][T13947] kvm: kvm [13944]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0xa2 [ 707.254457][T13947] kvm: kvm [13944]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x14 [ 707.282180][T13947] kvm: kvm [13944]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x46 [ 708.995046][T13979] loop1: detected capacity change from 0 to 256 [ 709.142277][T13979] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 709.831819][ T29] audit: type=1800 audit(1775616757.608:472): pid=13979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2693" name="file1" dev="loop1" ino=1048626 res=0 errno=0 [ 710.734313][T13994] loop0: detected capacity change from 0 to 512 [ 710.787092][T13994] FAT-fs (loop0): Invalid FSINFO signature: 0x41615231, 0x61417272 (sector = 1) [ 710.843383][T13994] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 711.158673][ T29] audit: type=1326 audit(1775616758.928:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.7.2696" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb7ac19c819 code=0x0 [ 711.491539][T13999] kvm: pic: single mode not supported [ 711.491877][T13999] kvm: pic: non byte write [ 711.595979][T13999] kvm: pic: single mode not supported [ 711.596362][T13999] kvm: pic: non byte write [ 711.697802][T13999] kvm: pic: non byte write [ 711.753605][T13999] kvm: pic: single mode not supported [ 711.753679][T13999] kvm: pic: level sensitive irq not supported [ 711.814537][T13999] kvm: pic: non byte write [ 711.882120][T13999] kvm: pic: non byte write [ 711.897110][T13999] kvm: pic: non byte write [ 711.903754][T13999] kvm: pic: single mode not supported [ 711.903821][T13999] kvm: pic: level sensitive irq not supported [ 711.938781][T13999] kvm: pic: non byte write [ 712.833485][T14021] syz.1.2703 uses obsolete (PF_INET,SOCK_PACKET) [ 712.959033][ T5835] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 713.162138][ T5835] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 713.211393][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.257534][ T5835] usb 1-1: config 0 descriptor?? [ 713.306164][ T5835] cp210x 1-1:0.0: cp210x converter detected [ 713.970806][ T5835] cp210x 1-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 713.998974][ T5835] cp210x 1-1:0.0: GPIO initialisation failed: -71 [ 714.065233][ T5835] usb 1-1: cp210x converter now attached to ttyUSB0 [ 714.150409][ T5835] usb 1-1: USB disconnect, device number 4 [ 714.186781][ T5835] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 714.237909][ T5835] cp210x 1-1:0.0: device disconnected [ 715.373702][T14052] kvm: kvm [14050]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0xa90000000900 [ 715.483398][T14052] kvm: kvm [14050]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x618000004d00 [ 715.584724][T14052] kvm: kvm [14050]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x10000005980 [ 715.642057][T14052] kvm: kvm [14050]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0xc30000006500 [ 715.789193][T14052] kvm: kvm [14050]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x490000004380 [ 716.231288][T14071] kvm: pic: non byte read [ 716.849304][ T5835] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 717.061509][ T5835] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 717.098945][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.145533][ T5835] usb 2-1: config 0 descriptor?? [ 717.176675][ T5835] cp210x 2-1:0.0: cp210x converter detected [ 717.412524][ T5835] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -32 [ 717.448920][ T5835] cp210x 2-1:0.0: querying part number failed [ 717.490893][ T5835] usb 2-1: cp210x converter now attached to ttyUSB0 [ 719.190338][T14115] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2736'. [ 719.691837][ T5835] usb 2-1: USB disconnect, device number 2 [ 719.749644][ T5835] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 719.816303][ T5835] cp210x 2-1:0.0: device disconnected [ 721.221086][T14141] kvm: kvm [14140]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0xa90000000900 [ 721.295532][T14141] kvm: kvm [14140]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x618000004d00 [ 721.440632][T14141] kvm: kvm [14140]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x10000005980 [ 721.524091][T14141] kvm: kvm [14140]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0xc30000006500 [ 721.609980][T14141] kvm: kvm [14140]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc1) = 0x490000004380 [ 723.270277][T13053] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 723.296021][T13053] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 723.305310][T13053] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 723.328797][T13053] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 723.347604][T13053] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 725.067035][T14176] chnl_net:caif_netlink_parms(): no params data found [ 725.481090][T13053] Bluetooth: hci5: command tx timeout [ 725.503396][T14215] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2766'. [ 726.284516][ T575] bridge_slave_1: left allmulticast mode [ 726.316148][ T575] bridge_slave_1: left promiscuous mode [ 726.349824][ T575] bridge0: port 2(bridge_slave_1) entered disabled state [ 726.519686][ T575] bridge_slave_0: left allmulticast mode [ 726.525524][ T575] bridge_slave_0: left promiscuous mode [ 726.605106][ T575] bridge0: port 1(bridge_slave_0) entered disabled state [ 727.524381][ T575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 727.559667][T13053] Bluetooth: hci5: command tx timeout [ 727.593306][ T575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 727.635646][ T575] bond0 (unregistering): Released all slaves [ 727.979046][T14176] bridge0: port 1(bridge_slave_0) entered blocking state [ 728.016018][T14176] bridge0: port 1(bridge_slave_0) entered disabled state [ 728.049158][T14176] bridge_slave_0: entered allmulticast mode [ 728.078427][T14176] bridge_slave_0: entered promiscuous mode [ 728.333173][T14176] bridge0: port 2(bridge_slave_1) entered blocking state [ 728.370314][T14176] bridge0: port 2(bridge_slave_1) entered disabled state [ 728.378044][T14176] bridge_slave_1: entered allmulticast mode [ 728.441859][T14176] bridge_slave_1: entered promiscuous mode [ 728.614679][ T29] audit: type=1326 audit(1775616776.388:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14265 comm="syz.7.2781" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb7ac19c819 code=0x0 [ 729.030033][T14176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 729.248943][ T575] hsr_slave_0: left promiscuous mode [ 729.308850][ T575] hsr_slave_1: left promiscuous mode [ 729.343043][ T575] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 729.403529][ T575] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 729.639802][T13053] Bluetooth: hci5: command tx timeout [ 730.085041][ T575] team0 (unregistering): Port device team_slave_1 removed [ 730.115227][ T575] team0 (unregistering): Port device team_slave_0 removed [ 730.717125][T14176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 731.050957][T14176] team0: Port device team_slave_0 added [ 731.124076][T14176] team0: Port device team_slave_1 added [ 731.469381][T14176] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 731.502820][T14176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 731.604842][T14176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 731.714922][T14176] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 731.728896][T13053] Bluetooth: hci5: command tx timeout [ 731.748883][T14176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 731.812487][T14176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 732.651758][T14323] syzkaller0: entered promiscuous mode [ 732.690777][T14323] syzkaller0: entered allmulticast mode [ 732.815872][T14176] hsr_slave_0: entered promiscuous mode [ 732.885861][T14176] hsr_slave_1: entered promiscuous mode [ 733.456970][T14349] loop6: detected capacity change from 0 to 512 [ 734.295531][T14364] Illegal XDP return value 4294967274 on prog (id 91) dev syz_tun, expect packet loss! [ 734.359198][T14214] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 734.549091][T14214] usb 8-1: Using ep0 maxpacket: 16 [ 734.564825][T14214] usb 8-1: config 1 has an invalid interface number: 58 but max is 0 [ 734.575101][T14214] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 734.609596][T14214] usb 8-1: config 1 has no interface number 0 [ 734.615949][T14214] usb 8-1: config 1 interface 58 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 734.637251][T14214] usb 8-1: config 1 interface 58 has no altsetting 0 [ 734.666998][T14214] usb 8-1: New USB device found, idVendor=0bfd, idProduct=0126, bcdDevice=bd.e4 [ 734.695805][T14214] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 734.750208][T14214] usb 8-1: Product: syz [ 734.776141][T14214] usb 8-1: Manufacturer: syz [ 734.806547][T14214] usb 8-1: SerialNumber: syz [ 735.090233][T14214] kvaser_usb 8-1:1.58: error -ENODEV: Cannot get usb endpoint(s) [ 735.185254][T14214] usb 8-1: USB disconnect, device number 3 [ 736.493419][T14392] loop1: detected capacity change from 0 to 512 [ 736.676398][T14176] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 736.780668][T14176] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 736.851073][T14176] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 736.927350][T14176] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 738.008123][T14176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 738.157253][T14176] 8021q: adding VLAN 0 to HW filter on device team0 [ 738.221755][T11834] bridge0: port 1(bridge_slave_0) entered blocking state [ 738.229323][T11834] bridge0: port 1(bridge_slave_0) entered forwarding state [ 738.382602][T11834] bridge0: port 2(bridge_slave_1) entered blocking state [ 738.390186][T11834] bridge0: port 2(bridge_slave_1) entered forwarding state [ 738.734560][ T5835] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 738.929423][ T5835] usb 2-1: Using ep0 maxpacket: 16 [ 738.952340][ T5835] usb 2-1: config 1 has an invalid interface number: 58 but max is 0 [ 738.983735][ T5835] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 739.016118][ T5835] usb 2-1: config 1 has no interface number 0 [ 739.031179][ T5835] usb 2-1: config 1 interface 58 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 739.053072][ T5835] usb 2-1: config 1 interface 58 has no altsetting 0 [ 739.070345][ T5835] usb 2-1: New USB device found, idVendor=0bfd, idProduct=0126, bcdDevice=bd.e4 [ 739.080516][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 739.120097][ T5835] usb 2-1: Product: syz [ 739.124461][ T5835] usb 2-1: Manufacturer: syz [ 739.154371][ T5835] usb 2-1: SerialNumber: syz [ 739.480984][ T5835] kvaser_usb 2-1:1.58: error -ENODEV: Cannot get usb endpoint(s) [ 739.571638][ T5835] usb 2-1: USB disconnect, device number 3 [ 740.162554][T14176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 741.990891][T14473] loop0: detected capacity change from 0 to 512 [ 742.635056][T14176] veth0_vlan: entered promiscuous mode [ 742.782887][T14176] veth1_vlan: entered promiscuous mode [ 743.167563][T14176] veth0_macvtap: entered promiscuous mode [ 743.264077][T14176] veth1_macvtap: entered promiscuous mode [ 743.540775][T14176] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 743.663403][T14176] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 743.780242][ T575] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 743.807085][ T575] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 743.890758][T13444] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 743.949119][T13444] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.446972][T14514] overlayfs: upper fs does not support file handles, falling back to index=off. [ 747.778714][T12335] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 747.959183][T12335] usb 7-1: device descriptor read/64, error -71 [ 748.218926][T12335] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 748.394826][T12335] usb 7-1: device descriptor read/64, error -71 [ 748.460410][ T29] audit: type=1326 audit(1775616796.238:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.514526][ T29] audit: type=1326 audit(1775616796.268:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.550302][T12335] usb usb7-port1: attempt power cycle [ 748.572735][T11834] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 748.592454][T11834] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 748.617559][ T29] audit: type=1326 audit(1775616796.278:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.645588][ T29] audit: type=1326 audit(1775616796.278:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.705786][ T29] audit: type=1326 audit(1775616796.278:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.768801][ T29] audit: type=1326 audit(1775616796.278:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.860027][ T29] audit: type=1326 audit(1775616796.288:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.922945][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 748.942120][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 748.945703][ T29] audit: type=1326 audit(1775616796.288:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 748.976490][T12335] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 749.025927][T12335] usb 7-1: device descriptor read/8, error -71 [ 749.059758][ T29] audit: type=1326 audit(1775616796.288:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.1.2873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f11e1f9c819 code=0x7ffc0000 [ 749.299760][T12335] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 749.353232][T12335] usb 7-1: device descriptor read/8, error -71 [ 749.481239][T12335] usb usb7-port1: unable to enumerate USB device [ 749.905625][T14598] 8021q: adding VLAN 0 to HW filter on device bond0 [ 749.955162][T14598] 8021q: adding VLAN 0 to HW filter on device team0 [ 750.109185][T14598] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 750.370654][ T5791] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 750.381652][ T5791] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 750.390597][ T5791] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 750.417892][ T5791] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 750.450817][ T5791] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 750.459667][T14600] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 752.014796][T14609] chnl_net:caif_netlink_parms(): no params data found [ 752.519314][T13053] Bluetooth: hci1: command tx timeout [ 752.848719][ T5793] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 753.021055][ T5793] usb 8-1: device descriptor read/64, error -71 [ 753.260014][ T5793] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 753.398833][ T5793] usb 8-1: device descriptor read/64, error -71 [ 753.529440][ T5793] usb usb8-port1: attempt power cycle [ 753.609286][T11834] bridge_slave_1: left allmulticast mode [ 753.629094][T11834] bridge_slave_1: left promiscuous mode [ 753.635589][T11834] bridge0: port 2(bridge_slave_1) entered disabled state [ 753.680091][T11834] bridge_slave_0: left allmulticast mode [ 753.685932][T11834] bridge_slave_0: left promiscuous mode [ 753.698641][T11834] bridge0: port 1(bridge_slave_0) entered disabled state [ 753.889098][ T5793] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 753.949609][ T5793] usb 8-1: device descriptor read/8, error -71 [ 754.248719][ T5793] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 754.318454][ T5793] usb 8-1: device descriptor read/8, error -71 [ 754.446822][ T5793] usb usb8-port1: unable to enumerate USB device [ 754.499135][T11834] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 754.553687][T11834] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 754.592613][T11834] bond0 (unregistering): Released all slaves [ 754.599427][T13053] Bluetooth: hci1: command tx timeout [ 754.664951][T14609] bridge0: port 1(bridge_slave_0) entered blocking state [ 754.679062][T14609] bridge0: port 1(bridge_slave_0) entered disabled state [ 754.695120][T14609] bridge_slave_0: entered allmulticast mode [ 754.716374][T14609] bridge_slave_0: entered promiscuous mode [ 754.767551][T14609] bridge0: port 2(bridge_slave_1) entered blocking state [ 754.786118][T14609] bridge0: port 2(bridge_slave_1) entered disabled state [ 754.813597][T14609] bridge_slave_1: entered allmulticast mode [ 754.856415][T14609] bridge_slave_1: entered promiscuous mode [ 755.158135][T14679] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2903'. [ 755.260100][T14609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 755.391515][T14609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 755.713225][T14609] team0: Port device team_slave_0 added [ 755.782019][T14609] team0: Port device team_slave_1 added [ 755.912843][T11834] hsr_slave_0: left promiscuous mode [ 755.940044][T14694] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 755.982818][T14694] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 756.000352][T11834] hsr_slave_1: left promiscuous mode [ 756.020683][T14694] overlayfs: failed to set uuid (73/file0, err=-13); falling back to uuid=null. [ 756.028926][T11834] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 756.077316][T11834] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 756.679552][T13053] Bluetooth: hci1: command tx timeout [ 756.937185][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 756.944575][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 757.186394][T11834] team0 (unregistering): Port device team_slave_1 removed [ 757.340593][T11834] team0 (unregistering): Port device team_slave_0 removed [ 758.273422][ T5793] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 758.428832][ T5793] usb 5-1: device descriptor read/64, error -71 [ 758.649906][T14609] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 758.657112][T14609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 758.685886][T14609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 758.692141][ T5793] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 758.756744][T14609] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 758.765385][T14609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 758.793755][ T5791] Bluetooth: hci1: command tx timeout [ 758.802314][T14609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 758.866316][ T5793] usb 5-1: device descriptor read/64, error -71 [ 758.989540][ T5793] usb usb5-port1: attempt power cycle [ 758.999488][ T5791] Bluetooth: hci2: command 0x0406 tx timeout [ 759.144743][T14609] hsr_slave_0: entered promiscuous mode [ 759.156260][T14609] hsr_slave_1: entered promiscuous mode [ 759.167693][T14609] debugfs: 'hsr0' already exists in 'hsr' [ 759.174308][T14609] Cannot create hsr debugfs directory [ 759.346843][ T5793] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 759.402547][ T5793] usb 5-1: device descriptor read/8, error -71 [ 759.668833][ T5793] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 759.740577][ T5793] usb 5-1: device descriptor read/8, error -71 [ 759.879850][ T5793] usb usb5-port1: unable to enumerate USB device [ 760.837938][T14753] loop6: detected capacity change from 0 to 16 [ 760.891994][T14753] erofs (device loop6): mounted with root inode @ nid 36. [ 761.124003][T14609] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 761.308755][T14609] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 761.394870][T14609] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 761.475016][T14609] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 764.477782][T14609] 8021q: adding VLAN 0 to HW filter on device bond0 [ 764.787520][T14609] 8021q: adding VLAN 0 to HW filter on device team0 [ 765.050545][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 765.058161][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 765.333835][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 765.341444][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 765.363048][T12335] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 765.569363][T12335] usb 7-1: device descriptor read/64, error -71 [ 765.820250][T12335] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 765.943233][T14811] loop0: detected capacity change from 0 to 16 [ 766.011245][T12335] usb 7-1: device descriptor read/64, error -71 [ 766.014905][T14811] erofs (device loop0): mounted with root inode @ nid 36. [ 766.129151][T12335] usb usb7-port1: attempt power cycle [ 766.509405][T12335] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 766.564062][T12335] usb 7-1: device descriptor read/8, error -71 [ 766.852192][T12335] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 766.905225][T12335] usb 7-1: device descriptor read/8, error -71 [ 767.059989][T12335] usb usb7-port1: unable to enumerate USB device [ 767.292449][T14609] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 767.445178][T14835] syzkaller0: entered promiscuous mode [ 767.458104][T14835] syzkaller0: entered allmulticast mode [ 767.857476][T14843] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2948'. [ 768.301112][T14848] kvm: pic: non byte write [ 768.339211][T14609] veth0_vlan: entered promiscuous mode [ 768.371341][T14848] kvm: pic: level sensitive irq not supported [ 768.375658][T14848] kvm: pic: level sensitive irq not supported [ 768.637084][T14609] veth1_vlan: entered promiscuous mode [ 769.237513][T14609] veth0_macvtap: entered promiscuous mode [ 769.332144][T14609] veth1_macvtap: entered promiscuous mode [ 769.543923][T14609] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 769.642580][T14609] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 770.028681][ T70] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 770.073623][ T53] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 770.118065][ T53] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 770.149060][ T53] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 770.204629][T14870] loop4: detected capacity change from 0 to 16 [ 770.279798][T14870] erofs (device loop4): mounted with root inode @ nid 36. [ 771.163190][ T5831] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 771.344278][ T5831] usb 8-1: device descriptor read/64, error -71 [ 771.608798][ T5831] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 771.836952][ T5831] usb 8-1: device descriptor read/64, error -71 [ 771.848841][T12335] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 771.968776][ T5831] usb usb8-port1: attempt power cycle [ 772.053687][T12335] usb 7-1: Using ep0 maxpacket: 16 [ 772.074568][T12335] usb 7-1: config 1 has an invalid interface number: 58 but max is 0 [ 772.119160][T12335] usb 7-1: config 1 has no interface number 0 [ 772.125475][T12335] usb 7-1: config 1 interface 58 altsetting 6 bulk endpoint 0x8 has invalid maxpacket 1024 [ 772.182047][T12335] usb 7-1: config 1 interface 58 altsetting 6 has an endpoint descriptor with address 0xBD, changing to 0x8D [ 772.230482][T12335] usb 7-1: config 1 interface 58 altsetting 6 endpoint 0x8D has invalid wMaxPacketSize 0 [ 772.259172][T12335] usb 7-1: config 1 interface 58 has no altsetting 0 [ 772.315230][T12335] usb 7-1: New USB device found, idVendor=0bfd, idProduct=0126, bcdDevice=bd.e4 [ 772.328828][T12335] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 772.348941][T12335] usb 7-1: Product: syz [ 772.348987][ T5831] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 772.358752][T12335] usb 7-1: Manufacturer: syz [ 772.375175][T12335] usb 7-1: SerialNumber: syz [ 772.400931][ T5831] usb 8-1: device descriptor read/8, error -71 [ 772.425774][T14896] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 772.654660][ T5831] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 772.670455][T12335] kvaser_usb 7-1:1.58: error -ENODEV: Cannot get usb endpoint(s) [ 772.732817][ T5831] usb 8-1: device descriptor read/8, error -71 [ 772.755637][T12335] usb 7-1: USB disconnect, device number 12 [ 772.868753][ T5831] usb usb8-port1: unable to enumerate USB device [ 773.914265][T14927] loop6: detected capacity change from 0 to 16 [ 773.959322][T14927] erofs (device loop6): mounted with root inode @ nid 36. [ 774.348940][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 774.398768][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 774.588043][T12054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 774.636582][T12054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 776.139274][T12335] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 776.339103][T12335] usb 7-1: Using ep0 maxpacket: 16 [ 776.382007][T12335] usb 7-1: config 1 has an invalid interface number: 58 but max is 0 [ 776.423371][T12335] usb 7-1: config 1 has no interface number 0 [ 776.448955][T12335] usb 7-1: config 1 interface 58 altsetting 6 bulk endpoint 0x8 has invalid maxpacket 1024 [ 776.508682][T12335] usb 7-1: config 1 interface 58 altsetting 6 has an endpoint descriptor with address 0xBD, changing to 0x8D [ 776.538686][T12335] usb 7-1: config 1 interface 58 altsetting 6 endpoint 0x8D has invalid wMaxPacketSize 0 [ 776.559558][ T5791] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 776.574601][ T5791] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 776.584302][T12335] usb 7-1: config 1 interface 58 has no altsetting 0 [ 776.592065][ T5791] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 776.613114][T12335] usb 7-1: New USB device found, idVendor=0bfd, idProduct=0126, bcdDevice=bd.e4 [ 776.623374][ T5791] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 776.634097][T12335] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 776.645838][ T5791] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 776.654685][T12335] usb 7-1: Product: syz [ 776.664304][T12335] usb 7-1: Manufacturer: syz [ 776.669468][T12335] usb 7-1: SerialNumber: syz [ 776.692873][T14947] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 776.954776][T12335] kvaser_usb 7-1:1.58: error -ENODEV: Cannot get usb endpoint(s) [ 777.054841][T12335] usb 7-1: USB disconnect, device number 13 [ 777.528734][T13670] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 777.677058][T13670] usb 5-1: device descriptor read/64, error -71 [ 777.971824][T13670] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 778.168740][T13670] usb 5-1: device descriptor read/64, error -71 [ 778.299997][T13670] usb usb5-port1: attempt power cycle [ 778.466052][T14953] chnl_net:caif_netlink_parms(): no params data found [ 778.680628][T13670] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 778.759877][T13670] usb 5-1: device descriptor read/8, error -71 [ 778.769102][ T5791] Bluetooth: hci4: command tx timeout [ 779.040646][T13670] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 779.079067][T13670] usb 5-1: device descriptor read/8, error -71 [ 779.189459][T13670] usb usb5-port1: unable to enumerate USB device [ 779.845042][T14953] bridge0: port 1(bridge_slave_0) entered blocking state [ 779.853310][T14953] bridge0: port 1(bridge_slave_0) entered disabled state [ 779.870381][T14953] bridge_slave_0: entered allmulticast mode [ 779.887753][T14953] bridge_slave_0: entered promiscuous mode [ 779.923773][T14953] bridge0: port 2(bridge_slave_1) entered blocking state [ 779.936009][T14953] bridge0: port 2(bridge_slave_1) entered disabled state [ 779.948358][T14953] bridge_slave_1: entered allmulticast mode [ 779.958280][T14953] bridge_slave_1: entered promiscuous mode [ 780.165133][T14953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 780.246544][T14953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 780.729868][T14990] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2992'. [ 780.839578][ T5791] Bluetooth: hci4: command tx timeout [ 780.868666][T14953] team0: Port device team_slave_0 added [ 780.960591][T14953] team0: Port device team_slave_1 added [ 781.278785][ T5793] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 781.291103][T14953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 781.319149][T14953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 781.430571][T14953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 781.508705][ T5793] usb 7-1: Using ep0 maxpacket: 16 [ 781.521061][ T5793] usb 7-1: config 1 has an invalid interface number: 58 but max is 0 [ 781.535262][ T5793] usb 7-1: config 1 has no interface number 0 [ 781.540176][T15001] loop1: detected capacity change from 0 to 128 [ 781.556528][ T5793] usb 7-1: config 1 interface 58 altsetting 6 bulk endpoint 0x8 has invalid maxpacket 1024 [ 781.615282][ T5793] usb 7-1: config 1 interface 58 altsetting 6 has an endpoint descriptor with address 0xBD, changing to 0x8D [ 781.616464][T14953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 781.661167][ T5793] usb 7-1: config 1 interface 58 altsetting 6 endpoint 0x8D has invalid wMaxPacketSize 0 [ 781.693092][T14953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 781.708716][ T5793] usb 7-1: config 1 interface 58 has no altsetting 0 [ 781.776507][ T5793] usb 7-1: New USB device found, idVendor=0bfd, idProduct=0126, bcdDevice=bd.e4 [ 781.813981][T14953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 781.824822][ T5793] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 781.825136][ T5793] usb 7-1: Product: syz [ 781.825228][ T5793] usb 7-1: Manufacturer: syz [ 781.825316][ T5793] usb 7-1: SerialNumber: syz [ 781.906546][T14995] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 782.073770][T11834] bridge_slave_1: left allmulticast mode [ 782.102281][T11834] bridge_slave_1: left promiscuous mode [ 782.131609][T11834] bridge0: port 2(bridge_slave_1) entered disabled state [ 782.192204][T11834] bridge_slave_0: left allmulticast mode [ 782.223189][ T5793] kvaser_usb 7-1:1.58: error -ENODEV: Cannot get usb endpoint(s) [ 782.246515][T11834] bridge_slave_0: left promiscuous mode [ 782.265470][T11834] bridge0: port 1(bridge_slave_0) entered disabled state [ 782.322316][ T5793] usb 7-1: USB disconnect, device number 14 [ 782.668817][T12335] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 782.858773][T12335] usb 8-1: Using ep0 maxpacket: 8 [ 782.906964][T12335] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 782.921200][ T5791] Bluetooth: hci4: command tx timeout [ 782.935659][T11834] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 782.956790][T12335] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 782.978028][T12335] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 782.989976][T12335] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 783.046352][T11834] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 783.094822][T11834] bond0 (unregistering): Released all slaves [ 783.232229][T15017] loop6: detected capacity change from 0 to 128 [ 783.429515][T15017] syz.6.3004: attempt to access beyond end of device [ 783.429515][T15017] loop6: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 783.513724][T15017] syz.6.3004: attempt to access beyond end of device [ 783.513724][T15017] loop6: rw=8390657, sector=158, nr_sectors = 2 limit=128 [ 783.558178][T15017] Buffer I/O error on dev loop6, logical block 79, lost async page write [ 783.593430][T14953] hsr_slave_0: entered promiscuous mode [ 783.628292][T15017] syz.6.3004: attempt to access beyond end of device [ 783.628292][T15017] loop6: rw=8390657, sector=160, nr_sectors = 2 limit=128 [ 783.650781][T14953] hsr_slave_1: entered promiscuous mode [ 783.673375][T14953] debugfs: 'hsr0' already exists in 'hsr' [ 783.687695][T14953] Cannot create hsr debugfs directory [ 783.695320][T15017] Buffer I/O error on dev loop6, logical block 80, lost async page write [ 783.972604][T15016] syz.6.3004: attempt to access beyond end of device [ 783.972604][T15016] loop6: rw=2049, sector=162, nr_sectors = 56 limit=128 [ 784.067926][T15027] loop4: detected capacity change from 0 to 16 [ 784.104066][T15027] erofs (device loop4): mounted with root inode @ nid 36. [ 784.237428][T11834] hsr_slave_0: left promiscuous mode [ 784.299381][T11834] hsr_slave_1: left promiscuous mode [ 784.332593][T11834] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 784.370765][T11834] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 784.999205][ T5791] Bluetooth: hci4: command tx timeout [ 785.615842][ T5831] usb 8-1: USB disconnect, device number 12 [ 785.980416][T11834] team0 (unregistering): Port device team_slave_1 removed [ 786.090496][T11834] team0 (unregistering): Port device team_slave_0 removed [ 787.748123][T15075] kvm: pic: non byte read [ 789.319458][T14953] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 789.448694][T14953] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 789.516902][T14953] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 789.676789][T14953] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 790.927518][T14953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 791.153299][T14953] 8021q: adding VLAN 0 to HW filter on device team0 [ 791.255623][ T70] bridge0: port 1(bridge_slave_0) entered blocking state [ 791.263201][ T70] bridge0: port 1(bridge_slave_0) entered forwarding state [ 791.396158][ T70] bridge0: port 2(bridge_slave_1) entered blocking state [ 791.403813][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state [ 793.260081][T15149] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3045'. [ 793.416784][T15152] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3045'. [ 793.889882][T15149] bond1: option miimon: invalid value (18446744071562264580) [ 793.929178][T15149] bond1: option miimon: allowed values 0 - 2147483647 [ 793.995065][T15149] bond1 (unregistering): Released all slaves [ 794.341360][T15152] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 794.611751][T14953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 795.009605][T15168] syzkaller0: entered promiscuous mode [ 795.041397][T15168] syzkaller0: entered allmulticast mode [ 795.525090][T14953] veth0_vlan: entered promiscuous mode [ 795.538839][ T5835] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 795.623680][T14953] veth1_vlan: entered promiscuous mode [ 795.698884][ T5835] usb 7-1: device descriptor read/64, error -71 [ 795.964579][ T5835] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 796.006137][T14953] veth0_macvtap: entered promiscuous mode [ 796.114877][T14953] veth1_macvtap: entered promiscuous mode [ 796.159048][ T5835] usb 7-1: device descriptor read/64, error -71 [ 796.310060][ T5835] usb usb7-port1: attempt power cycle [ 796.339274][T14953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 796.411633][T14953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 796.655356][ T70] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.702732][ T5835] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 796.753405][ T5835] usb 7-1: device descriptor read/8, error -71 [ 796.762180][ T70] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.829709][ T3499] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.860771][ T3499] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 797.029033][ T5835] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 797.109917][ T5835] usb 7-1: device descriptor read/8, error -71 [ 797.236440][ T5835] usb usb7-port1: unable to enumerate USB device [ 801.016685][T13670] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 801.190092][T13670] usb 7-1: device descriptor read/64, error -71 [ 801.449252][T13670] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 801.609085][T13670] usb 7-1: device descriptor read/64, error -71 [ 801.733963][T13670] usb usb7-port1: attempt power cycle [ 802.027531][T13276] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.063550][T13276] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.129245][T13670] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 802.175478][T13670] usb 7-1: device descriptor read/8, error -71 [ 802.254049][T12335] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 802.300416][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.315689][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.441264][T12335] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 802.481232][T13670] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 802.495023][T12335] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 802.527914][T12335] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 802.551062][T13670] usb 7-1: device descriptor read/8, error -71 [ 802.585749][T12335] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 802.599965][T12335] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 802.608178][T12335] usb 2-1: Manufacturer: syz [ 802.627744][T12335] usb 2-1: config 0 descriptor?? [ 802.680088][T13670] usb usb7-port1: unable to enumerate USB device [ 802.724711][T12335] igorplugusb 2-1:0.0: incorrect number of endpoints [ 802.935811][T12335] usb 2-1: USB disconnect, device number 4 [ 806.281298][T15302] netlink: 'syz.0.3094': attribute type 1 has an invalid length. [ 806.384874][T15303] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3094'. [ 809.186080][T15339] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3107'. [ 809.290642][T15340] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3107'. [ 809.363033][T15339] erspan0: entered promiscuous mode [ 809.369894][T15339] macvtap1: entered promiscuous mode [ 809.386542][T15339] macvtap1: entered allmulticast mode [ 809.411145][T15339] erspan0: entered allmulticast mode [ 809.458175][T15340] macvtap1: left promiscuous mode [ 809.464481][T15340] macvtap1: left allmulticast mode [ 809.470526][T15340] erspan0: left allmulticast mode [ 811.258831][T14214] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 811.434083][T14214] usb 7-1: device descriptor read/64, error -71 [ 811.758746][T14214] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 811.920127][T14214] usb 7-1: device descriptor read/64, error -71 [ 812.030204][T14214] usb usb7-port1: attempt power cycle [ 812.388829][T14214] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 812.451511][T14214] usb 7-1: device descriptor read/8, error -71 [ 812.698745][T14214] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 812.753127][T14214] usb 7-1: device descriptor read/8, error -71 [ 812.896461][T14214] usb usb7-port1: unable to enumerate USB device [ 814.612721][T12335] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 814.793033][T12335] usb 2-1: no configurations [ 814.812498][T12335] usb 2-1: can't read configurations, error -22 [ 814.985141][T12335] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 815.188620][T12335] usb 2-1: no configurations [ 815.193419][T12335] usb 2-1: can't read configurations, error -22 [ 815.262849][T12335] usb usb2-port1: attempt power cycle [ 815.436166][T15430] netlink: 64851 bytes leftover after parsing attributes in process `syz.7.3144'. [ 815.669348][T12335] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 815.752816][T12335] usb 2-1: no configurations [ 815.768695][T12335] usb 2-1: can't read configurations, error -22 [ 815.965867][T12335] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 816.018419][T12335] usb 2-1: no configurations [ 816.035026][T12335] usb 2-1: can't read configurations, error -22 [ 816.048743][T12335] usb usb2-port1: unable to enumerate USB device [ 816.139754][T15440] overlayfs: missing 'lowerdir' [ 816.839979][T15448] netlink: 'syz.0.3153': attribute type 16 has an invalid length. [ 816.847977][T15448] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3153'. [ 818.383328][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 818.393257][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 818.608299][T15469] overlayfs: missing 'lowerdir' [ 818.664696][T15471] netlink: 'syz.6.3162': attribute type 29 has an invalid length. [ 818.732908][T15473] netlink: 'syz.6.3162': attribute type 29 has an invalid length. [ 818.819369][T15471] netlink: 'syz.6.3162': attribute type 29 has an invalid length. [ 818.959850][T15473] netlink: 'syz.6.3162': attribute type 29 has an invalid length. [ 819.642571][T14214] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 819.863705][T14214] usb 7-1: no configurations [ 819.869199][T14214] usb 7-1: can't read configurations, error -22 [ 820.018991][T14214] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 820.220244][T14214] usb 7-1: no configurations [ 820.225049][T14214] usb 7-1: can't read configurations, error -22 [ 820.250181][T14214] usb usb7-port1: attempt power cycle [ 820.388173][T15504] fuse: Bad value for 'fd' [ 820.618766][T12335] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 820.638760][T14214] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 820.707893][T14214] usb 7-1: no configurations [ 820.723745][T14214] usb 7-1: can't read configurations, error -22 [ 820.825789][T12335] usb 1-1: unable to get BOS descriptor or descriptor too short [ 820.868907][T14214] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 820.898991][T12335] usb 1-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice= 0.40 [ 820.914321][T12335] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 820.928657][T12335] usb 1-1: Product: syz [ 820.932453][T14214] usb 7-1: no configurations [ 820.932977][T12335] usb 1-1: Manufacturer: syz [ 820.946632][T14214] usb 7-1: can't read configurations, error -22 [ 820.954246][T12335] usb 1-1: SerialNumber: syz [ 821.006448][T14214] usb usb7-port1: unable to enumerate USB device [ 821.626044][T12335] usb 1-1: unit 5 not found! [ 821.648738][T12335] usb 1-1: unit 3 not found! [ 822.190779][T12335] snd-usb-us122l 1-1:1.1: usb_set_interface error [ 822.214827][T12335] snd-usb-us122l 1-1:1.1: probe with driver snd-usb-us122l failed with error -22 [ 822.278685][T12335] usb 1-1: USB disconnect, device number 5 [ 822.447287][T13700] udevd[13700]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 822.809885][T15531] fuse: Bad value for 'fd' [ 822.905606][T15530] ===================================================== [ 822.913233][T15530] BUG: KMSAN: uninit-value in batadv_get_vid+0x2ce/0x3b0 [ 822.920644][T15530] batadv_get_vid+0x2ce/0x3b0 [ 822.925496][T15530] batadv_interface_tx+0x2e8/0x1dd0 [ 822.931043][T15530] dev_hard_start_xmit+0x24e/0xad0 [ 822.936310][T15530] __dev_queue_xmit+0x3412/0x5980 [ 822.941712][T15530] __bpf_redirect+0x162e/0x1760 [ 822.946738][T15530] bpf_clone_redirect+0x4a6/0x6c0 [ 822.952147][T15530] ___bpf_prog_run+0x13e8/0xea90 [ 822.957276][T15530] __bpf_prog_run512+0xc5/0x100 [ 822.962522][T15530] bpf_test_run+0x493/0xdf0 [ 822.967189][T15530] bpf_prog_test_run_skb+0x22a5/0x3050 [ 822.973043][T15530] bpf_prog_test_run+0x5bb/0x9f0 [ 822.978154][T15530] __sys_bpf+0x925/0xee0 [ 822.982717][T15530] __x64_sys_bpf+0xa4/0xf0 [ 822.987365][T15530] x64_sys_call+0x13d0/0x3ea0 [ 822.992426][T15530] do_syscall_64+0x134/0xf80 [ 822.997199][T15530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.003512][T15530] [ 823.005905][T15530] Uninit was created at: [ 823.010546][T15530] kmem_cache_alloc_node_noprof+0x3cd/0x12d0 [ 823.016683][T15530] pskb_expand_head+0x2ef/0x1fb0 [ 823.021937][T15530] skb_ensure_writable+0x44e/0x510 [ 823.027287][T15530] bpf_clone_redirect+0x301/0x6c0 [ 823.032609][T15530] ___bpf_prog_run+0x13e8/0xea90 [ 823.037706][T15530] __bpf_prog_run512+0xc5/0x100 [ 823.042974][T15530] bpf_test_run+0x493/0xdf0 [ 823.047645][T15530] bpf_prog_test_run_skb+0x22a5/0x3050 [ 823.053427][T15530] bpf_prog_test_run+0x5bb/0x9f0 [ 823.058723][T15530] __sys_bpf+0x925/0xee0 [ 823.063110][T15530] __x64_sys_bpf+0xa4/0xf0 [ 823.067660][T15530] x64_sys_call+0x13d0/0x3ea0 [ 823.072834][T15530] do_syscall_64+0x134/0xf80 [ 823.077600][T15530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.083839][T15530] [ 823.086276][T15530] CPU: 0 UID: 0 PID: 15530 Comm: syz.7.3188 Not tainted syzkaller #0 PREEMPT(full) [ 823.096047][T15530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 823.106434][T15530] ===================================================== [ 823.113577][T15530] Disabling lock debugging due to kernel taint [ 823.120033][T15530] Kernel panic - not syncing: kmsan.panic set ... [ 823.126590][T15530] CPU: 0 UID: 0 PID: 15530 Comm: syz.7.3188 Tainted: G B syzkaller #0 PREEMPT(full) [ 823.137790][T15530] Tainted: [B]=BAD_PAGE [ 823.142111][T15530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 823.152379][T15530] Call Trace: [ 823.155743][T15530] [ 823.158740][T15530] __dump_stack+0x26/0x30 [ 823.163224][T15530] dump_stack_lvl+0x50/0x1c0 [ 823.167949][T15530] ? dump_stack+0x12/0x25 [ 823.172427][T15530] dump_stack+0x1e/0x25 [ 823.176719][T15530] vpanic+0x7b4/0x1430 [ 823.180956][T15530] panic+0x15d/0x160 [ 823.185045][T15530] kmsan_report+0x31a/0x320 [ 823.189818][T15530] ? do_syscall_64+0x134/0xf80 [ 823.194734][T15530] ? __msan_warning+0x1b/0x30 [ 823.199655][T15530] ? batadv_get_vid+0x2ce/0x3b0 [ 823.204729][T15530] ? batadv_interface_tx+0x2e8/0x1dd0 [ 823.210248][T15530] ? dev_hard_start_xmit+0x24e/0xad0 [ 823.215668][T15530] ? __dev_queue_xmit+0x3412/0x5980 [ 823.221007][T15530] ? __bpf_redirect+0x162e/0x1760 [ 823.226175][T15530] ? bpf_clone_redirect+0x4a6/0x6c0 [ 823.231512][T15530] ? ___bpf_prog_run+0x13e8/0xea90 [ 823.236769][T15530] ? __bpf_prog_run512+0xc5/0x100 [ 823.242017][T15530] ? bpf_test_run+0x493/0xdf0 [ 823.246857][T15530] ? bpf_prog_test_run_skb+0x22a5/0x3050 [ 823.252628][T15530] ? bpf_prog_test_run+0x5bb/0x9f0 [ 823.257882][T15530] ? __sys_bpf+0x925/0xee0 [ 823.262418][T15530] ? __x64_sys_bpf+0xa4/0xf0 [ 823.267126][T15530] ? x64_sys_call+0x13d0/0x3ea0 [ 823.272216][T15530] ? do_syscall_64+0x134/0xf80 [ 823.277127][T15530] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.283329][T15530] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 823.289765][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.294989][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.300404][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.305640][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.311587][T15530] ? batadv_interface_tx+0x31/0x1dd0 [ 823.317116][T15530] ? filter_irq_stacks+0x49/0x190 [ 823.322318][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.327564][T15530] __msan_warning+0x1b/0x30 [ 823.332222][T15530] batadv_get_vid+0x2ce/0x3b0 [ 823.337052][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.343007][T15530] batadv_interface_tx+0x2e8/0x1dd0 [ 823.348373][T15530] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 823.354890][T15530] ? __pfx_batadv_interface_tx+0x10/0x10 [ 823.360676][T15530] dev_hard_start_xmit+0x24e/0xad0 [ 823.365962][T15530] __dev_queue_xmit+0x3412/0x5980 [ 823.371143][T15530] ? skb_release_data+0x107c/0x11b0 [ 823.376568][T15530] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 823.382987][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.388229][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.394177][T15530] ? __dev_queue_xmit+0x27a/0x5980 [ 823.399436][T15530] ? pskb_expand_head+0x1c0e/0x1fb0 [ 823.404789][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.410053][T15530] __bpf_redirect+0x162e/0x1760 [ 823.415086][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.420386][T15530] bpf_clone_redirect+0x4a6/0x6c0 [ 823.425618][T15530] ___bpf_prog_run+0x13e8/0xea90 [ 823.430735][T15530] __bpf_prog_run512+0xc5/0x100 [ 823.435773][T15530] ? kmsan_internal_poison_memory+0x78/0x90 [ 823.441938][T15530] ? kmsan_internal_poison_memory+0x4a/0x90 [ 823.447999][T15530] ? kmsan_slab_alloc+0xdc/0x160 [ 823.453102][T15530] ? kmem_cache_alloc_noprof+0x37b/0x1270 [ 823.458964][T15530] ? slab_build_skb+0x5c/0x5b0 [ 823.463940][T15530] ? bpf_prog_test_run_skb+0x74d/0x3050 [ 823.469632][T15530] ? bpf_prog_test_run+0x5bb/0x9f0 [ 823.474910][T15530] ? __sys_bpf+0x925/0xee0 [ 823.479453][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.484724][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.490688][T15530] ? bpf_test_run+0xc1/0xdf0 [ 823.495421][T15530] ? filter_irq_stacks+0x49/0x190 [ 823.500873][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.506107][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.511343][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.516574][T15530] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 823.523077][T15530] ? kmsan_get_metadata+0x146/0x160 [ 823.528424][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.534488][T15530] ? __pfx___bpf_prog_run512+0x10/0x10 [ 823.540098][T15530] ? __pfx___bpf_prog_run512+0x10/0x10 [ 823.545724][T15530] bpf_test_run+0x493/0xdf0 [ 823.550472][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.556410][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.561639][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.567581][T15530] ? bpf_test_run+0x2f4/0xdf0 [ 823.572429][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.577696][T15530] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.583656][T15530] bpf_prog_test_run_skb+0x22a5/0x3050 [ 823.589276][T15530] ? kmsan_get_metadata+0xf1/0x160 [ 823.594569][T15530] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 823.600526][T15530] bpf_prog_test_run+0x5bb/0x9f0 [ 823.605648][T15530] __sys_bpf+0x925/0xee0 [ 823.610059][T15530] __x64_sys_bpf+0xa4/0xf0 [ 823.614615][T15530] x64_sys_call+0x13d0/0x3ea0 [ 823.619532][T15530] do_syscall_64+0x134/0xf80 [ 823.624275][T15530] ? clear_bhb_loop+0x50/0xa0 [ 823.629084][T15530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.635125][T15530] RIP: 0033:0x7fb7ac19c819 [ 823.639644][T15530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 823.659494][T15530] RSP: 002b:00007fb7ad0d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 823.668081][T15530] RAX: ffffffffffffffda RBX: 00007fb7ac415fa0 RCX: 00007fb7ac19c819 [ 823.676187][T15530] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a [ 823.684303][T15530] RBP: 00007fb7ac232c91 R08: 0000000000000000 R09: 0000000000000000 [ 823.692413][T15530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 823.700502][T15530] R13: 00007fb7ac416038 R14: 00007fb7ac415fa0 R15: 00007ffccc455578 [ 823.708738][T15530] [ 823.712416][T15530] Kernel Offset: disabled [ 823.716833][T15530] Rebooting in 86400 seconds..