last executing test programs: 1m26.345966548s ago: executing program 4 (id=5): r0 = syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x24f}, &(0x7f00000000c0)=0x0, &(0x7f0000000340)=0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300000000000000000001000000090001"], 0xd0}}, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, {0x2}}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 1m25.530385239s ago: executing program 4 (id=21): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0xf3a, 0x0) write$cgroup_pid(r1, &(0x7f0000000000), 0xffffff98) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x3fd4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) 1m24.107138387s ago: executing program 4 (id=24): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 1m23.570974807s ago: executing program 4 (id=28): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1) r1 = socket$inet(0x2, 0x1, 0x0) shutdown(r1, 0x0) recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0xfe, 0x0) 1m8.409954435s ago: executing program 32 (id=28): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1) r1 = socket$inet(0x2, 0x1, 0x0) shutdown(r1, 0x0) recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0xfe, 0x0) 7.031309592s ago: executing program 3 (id=348): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000c80)="0b0ec2a1e3fc84788972f461fec29e0fe5be85ea822a7348bd54a57f68a85a2284ad43c367bae5f7bd6c1e1d9017109e232e5bb561d280b32fa2b07a0cd31f1b8b9acdc89d4d5725350a9ec9303e53def89bcb6bb6ea83324927b43749f25be60c4f8707382b8e3062032c28dcccb784fdcfe6f2febd55e05bf1ccb63237c1d1bea4db828a5be79e518cf55a88e130609528b8aff64359e76eee93584aad3f751172c449fb", 0xa5}, {&(0x7f0000000680)="5f62f632763c84825847145170282f67ba6d5dadf0baf135d503e93a17ee560409202f4c5f0de32b0e53e4d26d04c825d923318fd574b1924b09ebb91d5be30b532a2fb95030c6be2a14ccfbce6eef05ea88d2413dc3fc0ae8a2e071f8764a4843611ae28b340100ddefa8ffed32420677397aa63e880adc56d03d8799429f33741886bd6c4065bba5005d74f67508dc3434165b51bf8f73bf1a7c158d8905e518e8", 0xa2}, {&(0x7f0000000740)="dfd1db04f5eef4b5714a69f5392e27d1b79a961a16fbdc4f01a9e38a1f95f939a209f049ad8d4f9447506fd73cec26b8246758f684013c99b717e119d15432e9d46da8a0c25e7e3771b0b146e56d2fcf8107332acc1c56948171260ed44c97919f70210c914c1098c9ac622d46f0ffae373480c9d8e590395ea4365569b8ea75ea1a9a181cfa88541804ec97980211c9b7eb2235d6f0b644fd31dda9bc2cc99434e0df4934d0", 0xa6}, {&(0x7f00000000c0)="a4f4de87c6e89abd7ae7e6b8550f9923917c9d38e14418e7c765214e9ace3100b34d00f9bf2b7ed43e9c00", 0x2b}, {&(0x7f0000000800)="f76c72c4066a174e1300da0da7d191a618fc5793ff23c6328c6d61df0a2fb72441d4ded25cf7b5f31eb5d65e412665a6177f09ca3ac5cfd751577dec547711dc43b694a601fcb6575547ee6ec2a01c32b65d3429fbb9623a83d457d3ddea9eb90ab14b6b323a9358af0b55cff95844d5b47f6994a72f984e19e961cc00f6e364e141c8", 0x83}, {&(0x7f00000008c0)="4b000ffd096c1b77cd99b1458609c4b82100375ca9411e734cc8e9627df29e9b97a002d7f15ea9f42bd71401384ed6b5772b5c618c35c4aab72b1d515ceada9e64d7a35fd435e98f06243fcd53966c196ff3f47537912a1a5dec7e8e1fbf4543d1a6c80467d6ba3d241e3fd22efa09c638c98b4ce9fbe6d2053fcfa334eaee64efad2d349f048afb2635ae06c05697746fe073ed230c9c7c4643396305424c1c7eaa3ee09891995a607de26be9abcd2b65a4f9093da8a07eea61b1ff21ea3b323b191f95b997cfdface3dc21a664e38896f9f689bc06f4800d5c977102358770b0d8425f098be9383b5e487e7165e847191d5e95233e971edd", 0xf9}, {&(0x7f0000002380)="a66554178426362975b882a7d6b43fe537b6b0036a966a05363793ec2f6830cc5b81e514b9cbe4c27c3f3a581556b832100a4233e3e80fda14dd84611893300a863a8a6f6d8e0c7633e168ad7e25d4bd14ba6812101488e9444165b8100d576a996fec019ae11a03498329bcbacd0e8a206bd0de0c7e09f64a57d56974599f09aa148b4224dcffe1b5a1e55bbc1fdae8bf2f72437cf399c4cda11554b21158e3ddb00ddb71a1bd1daa50d631b027238397d692214223af1d685e7a3318da65c9233eba674ff72097411ef3ee19b892b1b36eeb925a6698f4d455b02163a3504ee6accffad7aaf9d19763d886272559ef0501594ea23d45a43e13bba05d7d332750ce5d9d3b37d234f46464fcc5f495e0fae02a24efd67db315c92f9483196bd38b38b3675bc0de5873f9d7b01ee5c564f5573b474e3c9f3b955929d9112007049e4245d68b93f365a90d35c837cc13999f2d6a23be87786e4234d74b1160669c7962b3b413201192565fb93252c153dd735e280e01d13dc34468f67684a4308c7dbe07687e0f56fa54f44b0141895ad75781ca026d813e8c17794b9d87d97136d29aced71b1f526dfab6301b78f1deab7949c97cce6616f4afd46a331e2fb54342dd1964c70a2717f4239c9e5157ac93c42d05f230da440a9227f0f82ee95cc79ca2d3da3f889b37f85f50d75711a910a57d213edb4b981cde33e01ec960885f31511ed7f8e01ddd36d76e1b1e40e81cd21ef9c34134400fdd94e34e5d77f4b7ca3612663e0f6b364be4a9dc775f3b12386ec04960524a9a5e6879e50db657c89a7dc7ec1f919ba8c77e926538599e7969868a5ef3e92817a3402c13de0efcb9fef445ee49f4b0ed26c5dbadff51459d5229661e4b7d2548c9ea4ce89b828daf5f5873e1d9e693ba037fc00ccc3dd74096c0f1ea508ee96ad7d85664947193e011e2f037917af7716d7f27cac25c9785f13baddfeba40997af5f6f4029cf5b781b654a635ee8696078d99025012cbad5af13bc26e2d100726fc98c11f8f16057a8506f29cf30bcf9ab7883ad1708d11bf70ee54fced84c69d90eb302e8aff586c0b25893e09868426cb4649145ede32035c47360fba7fe863cb00b86f583090c5b8d8549ba62cb822ed182fc07f029a826b5c86dccd603408bfc060c80c8ae21be086998f45923e1fe36eea10a66a55cc9f3cb6a296535dabc831fefe26b80ee47c723c596c51e1d7c073df20874eef79a291934c4c6a7c6b656595fc76b25d0d50590c1df29d59842a19a6acd60e783069aa0c21d792129132d59d12cd4417583dc967d7d44f392770da18e30a70a330e7b05aebf09e93aa545ca382a29f810e8a4efc0fffd3660f76892c2027daccfd743734c359bacaec86e4f15ca31b83894b67b3a3539cb5567bbcacd9a52c9b8d87252ddab0dbdd373f7150b87893fa4b6c5e6016f2146471f092a2cf4c75b6ed08a2f27f9f68d1817d7e782c0fa3026fd4e283b6b23bff2a9d84f5cdea217ce396080b623fe6d5da91fcab0e563b8c54af99007f6680efc9fdcd35d1d2ad8539ee04744e38c750114de55b80192c5d6aee8cbc34a47426bb22a9e3e2fcb87530c418a65fad7d5fbb15f569a69fc2cb92dad8f574330fdf2aa6033d1be037d5e3e964ff01329c43401bc86a72025288100ce86c053b922e9a7a692912bca4dabfc0e3a8966a65c96d3a420809c2d600928546a4ea26ff7100081f3ca8a70c64b3a4fc33b3e2546ff4a43502d448f2c0b274a244d32c955b02d897b1c53a2724ff886a1ccc91ea3a22dbd1f5f3f2e33db9ac9aae458a27e2a529ac2d8671f0e30df63a5d1a579b8f5a68f4a53fb4f3f76d41bee8e10635606f2a7fde9af7bd0df3ab9750b0c6c962fbc36e9474e3efac01ea98a4fe6e0f819d62dcde2b9b77fb0d430495ee042d1e70a52debb0d13b09906f77327dd4ccfe2b6796f9aa5e5b2fa9b2249c66b49cd7e1cbdb194c239d7e2e0928a45c8c55904cd345c5d8b92a5526ff51b5c2e477089eeb16cb3996c243c66a82f4349370ac26bef5d900ec582f274cc38b0258993de6cc79574fdacb895721fd4d04f84c4d89e109629f48a24fb3241882f154a35ae6659e0bb35af409c51cb11a26413be88a1e5ae1e8d2b1333a6c80c42c654f269dd875aa7f19517f62b8e031f11bdb11bafcf4b4f06496142579f7769ee41dd24701cd3ed016030f7d5cf24a4cfdcd9b05e38524cd1a81e16b948672329bd111f7442bdc81b68b36495b5f4aa44d7c2fdea8703849a17f7d3327086355ca3b36c10eb38556bf95b3575ba32b97f268af1f1347ed28368828124361f6c1e6b64e6ba9efc3094d50bb049c35db5ea2b3c76576b1a8f37da0711436048ae443523032497e542c04458f04cfffd11c53c431065c20e8add72c0c31caeec12d0bf391fa1c0a75e23d39c31da409083f768f545090b05c54084ffc5d7fd85cea725807638f4ab0026204452a8c198cc60133ce00e9a2b9ebeb30d7f33a1bb25cb2948bf44288cce43b6ac13012d8860fce83d9a0f6f1886723f41130466186ac56d5384bfd04fe87c67528996c1ee1ad8e551dda563e75d5dc8ac6a47990a62c915dc23f4ae6596dcfdb44661de969aec7f6d3fa8f05e106a8db7abeb3682bdc8e87aefbb09e642b2cef2919ddc55ded8dbce0606d3c4a0747a293a991b8cd832381c30813b887a22c2df569c12c430cf7471578eb787acab65b54569bece6921805af9ac41b268ce329a25bacdb02f8f3c4ef930f1799ff940f42c21955ddd5496234d62447d1c9d8e0cc7bb8fd5ca5e9fa2ef99105a4d44d6ce37532407fcccc4e71103baa0c7ff1767e05762424d9301294daa95523792cb73b348c41ec713d19c2b917a4dc50be3f0742762e5055cd6ebb3afa2b89a94c6a921e039ddaee98fc7a961a5e415322bd4b333d83768ee8945f29556f94372a16285cb1ff103640d93b837861f1d0d9e65fe35583b6f76889e7d09a2cdf3c2ef305a0f6d205deedee94ac602974fa58284e33aee55947a7a042abf0759ec8c1410493114454320b5003f23dac1c600a471ff09bdbf5bb40be87a69d388592241d9989f0435eeede193e6994b80a2145eca4afb5e691341e37e4580b0c54d7fc506cc9641020cd342a85fe56946e49854756ae6534edd03de881481e11701851f0f30fedbfcf335c3855c8d9541ef234f8718fbb0d9f127093a3e7c1d49d8a20729ab41a0118683b7044ee490d7137bebbbbfb245d5e30356e102eda0052a37cca70c221475b5c596f68c745701dc6e31f7846270bcd516ded5d0b4666b249a32f0acb1b8a7de8e6f007ee740561f64b7f30b4764ec5116a1eda1526225ddd01b1d999ff17d0798be47e3a5957011aa6e03318897ce1c452b78f9badf89098fe696894953581b01ceffc4fa0eefd654df9ea70b1f2f1e287192a5a20a381e8fad0fb99814208970902fdd28cf6a6457d7873a76359e226e5b203bd6f85bea30cb0ab5817e1b32fbbbd33a4e67f3771b7256a3a9ec20dae8a248af32a909bb5ec28f0f85722b81151f0f0a500a5c39c36476ac42c30bcb68a61a13141541ec54d895f0d7ca1afb728202e77f2f85170a3c2de378f1cfa0c2d1b0353f5d2fd0537017dc5510232a7a27a444476bbca2b84394639cf8ded35568868f9dcfa445b33c694aa8696d899afdf0d98a542e6a3c0212480ef3063ae0b8bcaa133978e9ebd76a3ccf652b0022b3cc7f1c9f2731c1c08f45fc84f7dade8471f6855e3005d75390e36a6646b8ac0dd5da9f9ef4bc35639ac96280bc47a547c0941af4516278b66469c7fc22932cbb2ac92cc12745bdf4ab4411d48396120f0e397ff6c22c54873296a897928d0158a5e63e6d48016cb4af44a3d71296acffe59241a8537f8b2cbc88b8ee2f4090e8e16b8af4700a60d0c199cc45cedf8dfe9a78ddd8637f7a9cfc16b078b1f9acfb8cb35f94b7564b1e23904e40dd5bdef1c78397457c05dd1108c3257bfda2e36b31969e8642c825c9dafe2fa4ee2708023c26255e6c41c2c873923e98eb1397dbc51324dfbec7943a5564fa815b9492d53c6cf6d42cd07165ae54e81f7989f2e406a13bea4df4d4a6971d81a4492e5703b6ba1f21ca5ffd68cdb15a713abd70d411e64d873b9f36ced7f354273c5c9782dd8a410ac28fee250f4b82095f4ab7a5c5a7d57114b6196cc2accdb44e39351a5d7c2c519ff861db8e4a368fdc1c5459f2b4cef0076d9b57b9ba2e76b3d8b87a515fc5c777d7e8023ef898fcf31365abc3e0a1307fa85f29d3c8a7e70d58b1228e8376c212ffb76f895aadedcf3f70bddcc347473dba5602d7734c4e9a2054cd3763acbb7fe82155d4a50e6a72d917b22b16ea8abd987834b4b1b04556e5442b1b643fa842a08ab5d860715b250447170c8d30829730a53974b6554a6454bab2eeda2966cc13a02a2b2c2e157ccd1795bcbc9c7bec370d9f492745b7c03c5ba21a45ff6bbba0", 0xc6c}], 0x7}}], 0x1, 0x8800) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x604ab000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff87}, &(0x7f0000000000)=0x40) 6.942020967s ago: executing program 3 (id=349): r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$rtl8150(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000080)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000740)={0x1c, &(0x7f0000000040)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000980)={0x44, &(0x7f0000000800)={0x40, 0x16}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$lan78xx(r0, 0x0, 0x0) syz_usb_control_io$lan78xx(r0, 0x0, 0x0) 6.463554988s ago: executing program 2 (id=352): socket$inet6_sctp(0xa, 0x5, 0x84) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000100)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000400)=""/185, &(0x7f0000000380)=""/91, 0x4000}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000001500)=0x1) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) 4.754954443s ago: executing program 2 (id=356): gettid() syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x9}}}}}}, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) r1 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) mkdirat(0xffffffffffffffff, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163"]) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x5, 0xb68, 0xfffffffffffffeb9, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0xe}, 0x48) 4.57390477s ago: executing program 0 (id=357): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x9, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x8, 0xd1}) r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f7}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x4, 0x0, 0x0, 0x5c8c, 0x0, @empty, @mcast1, 0x80, 0x0, 0xffffffff, 0x20000000}}) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 4.342593829s ago: executing program 0 (id=359): setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f00000000c0)=0x20003, 0x4) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6) sendto$inet(r0, 0x0, 0x0, 0x20000010, &(0x7f0000000540)={0x2, 0x400, @empty}, 0x10) dup(0xffffffffffffffff) pipe2(0x0, 0x0) timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000600)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r1 = gettid() tkill(r1, 0x13) 4.202576043s ago: executing program 1 (id=360): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$notify(0xffffffffffffffff, 0x402, 0x100000043) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, 0x0) syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = epoll_create1(0x0) keyctl$dh_compute(0x17, &(0x7f0000001200), 0x0, 0x0, &(0x7f00000013c0)={0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = gettid() kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, r0, &(0x7f0000000280)={r0, 0xffffffffffffffff, 0xfffe}) 3.849996333s ago: executing program 1 (id=361): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x810}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002680)=@newtfilter={0x34, 0x2c, 0xd3f, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0xfff3, 0xffe0}, {}, {0x5, 0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8848}, 0x4000010) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 3.54360421s ago: executing program 2 (id=363): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000b80)) r2 = socket$packet(0x11, 0x3, 0x300) r3 = dup(r1) r4 = fcntl$dupfd(r0, 0x406, r2) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0}) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000080)={0x0, r3}) 3.51630097s ago: executing program 5 (id=364): sched_setaffinity(0x0, 0x0, 0x0) getpid() sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) openat$ppp(0xffffffffffffff9c, 0x0, 0x8901, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x12, &(0x7f00000004c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800150000000000050016"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0) 3.390334944s ago: executing program 0 (id=365): r0 = syz_io_uring_setup(0x237, &(0x7f0000000280)={0x0, 0x275, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=0x0, &(0x7f0000000600)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3}, 0x9c) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x38, 0x0, @fd=r0, 0x100000001, 0x0, 0x0, 0x2, 0x1}) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0) 3.298707912s ago: executing program 1 (id=366): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, 0x0, 0x0) r1 = syz_usb_connect(0x0, 0x34, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000092b75510ac05269289b201020301090222000100000000090400000303e900000907000000000000000705d77b"], 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x800007, 0x38011, 0xffffffffffffffff, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000280)={0x2c, 0x0, &(0x7f0000000140)={0x0, 0x3, 0x5, @string={0x5, 0x3, "d2424f"}}, 0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r2}, 0x18) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) unshare(0x22020600) 3.24752067s ago: executing program 3 (id=367): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text16={0x10, 0x0}], 0x1, 0x42, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff, 0xff}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) 3.244463668s ago: executing program 5 (id=368): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000240)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0) write$FUSE_CREATE_OPEN(r0, &(0x7f0000000300)={0xa0, 0xfffffffffffffff5, 0x0, {{0x3, 0x1, 0x5, 0xa, 0x3, 0xffffffff, {0x0, 0x17d, 0x8, 0x4, 0x102, 0x909, 0x9, 0x7ffffefd, 0x2, 0x6000, 0x20000000, 0x0, 0x0, 0x3ff, 0xb100}}, {0x0, 0x1e}}}, 0xa0) 3.107172565s ago: executing program 0 (id=369): bind$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESOCT], 0xb8}}, 0x20040014) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe, 0x0, 0x0, 0x20000000}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e0001"], 0xb8}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8, 0x4}, {0x0, 0x8}}}, 0xb8}}, 0x0) 2.967438074s ago: executing program 0 (id=370): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$sock_int(r0, 0x1, 0x29, 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x9a4, &(0x7f0000000740)={0x0, 0xf803, 0x10100, 0x1, 0x20002f5, 0x0, r2}, &(0x7f0000000140)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r3, 0x2ded, 0x4004, 0x0, 0x0, 0x0) r6 = syz_open_dev$mouse(&(0x7f0000000180), 0x0, 0x2) readv(r6, &(0x7f0000000980)=[{&(0x7f0000000000)=""/58, 0x3a}], 0x1) 2.927825566s ago: executing program 5 (id=371): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000045, 0x0, 0x0) add_key(0x0, 0x0, 0x0, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) 2.924041062s ago: executing program 2 (id=372): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unshare(0x64000600) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) 2.685438893s ago: executing program 0 (id=373): socket(0x2b, 0x80801, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x10b, &(0x7f00000003c0)={0x0, 0x334b, 0x80, 0x3, 0x805}, &(0x7f00000001c0)=0x0, &(0x7f0000000380)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345}) io_uring_enter(r2, 0xbbc, 0xd582, 0x0, 0x0, 0x0) 2.683022121s ago: executing program 2 (id=374): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0) openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0) lseek(r2, 0x3ff, 0x0) 1.996811374s ago: executing program 5 (id=375): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 1.51750006s ago: executing program 3 (id=376): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r3, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) 1.493777101s ago: executing program 5 (id=377): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000), 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe6, 0x0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f00000006c0)={0x2, 0x12, 0x6, 0x3, 0x0, 0x8c37, 0x0}) 1.16970427s ago: executing program 1 (id=378): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x110b, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0xffffffffffffff61, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000540)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x37}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xdc, 0x1, 0x29}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x36}}, &(0x7f00000001c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0}) 891.442813ms ago: executing program 1 (id=379): mkdir(&(0x7f0000000200)='./file0\x00', 0x28e08a7aa33ba155) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) timer_create(0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20) setxattr$security_capability(&(0x7f0000000080)='./file0/file1\x00', &(0x7f00000001c0), 0x0, 0x0, 0x3) fdatasync(r0) close(0x4) 704.21572ms ago: executing program 3 (id=380): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"}) r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xb0c4, 0x0, 0x2, 0xbedffffc}, &(0x7f0000000040)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}}) io_uring_enter(r1, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x8) r4 = syz_open_pts(r0, 0x101) r5 = dup3(r4, r0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0xd) 646.677578ms ago: executing program 1 (id=381): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newlink={0x20, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r2, 0xff7f}}, 0x20}}, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0) 335.295537ms ago: executing program 5 (id=382): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10b8}, 0xff00) r2 = socket$kcm(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x400007, 0x8, 0x4000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0xfffffffffffffffd}, 0x50) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)={r2}) socket$kcm(0xa, 0x5, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x24044015) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x100, @dev={0xac, 0x14, 0x14, 0x41}}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) 46.839583ms ago: executing program 2 (id=383): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 3 (id=384): socket$inet6(0xa, 0x800000000000002, 0x0) openat$vimc1(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0xa0842, 0x0) syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x2}, 0x94) r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r3, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES32=r1], 0x7c}}, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.222' (ED25519) to the list of known hosts. [ 83.517445][ T5791] cgroup: Unknown subsys name 'net' [ 83.828214][ T5791] cgroup: Unknown subsys name 'cpuset' [ 83.894025][ T5791] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.592629][ T5791] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.926712][ T10] cfg80211: failed to load regulatory.db [ 88.169596][ T5804] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.181760][ T5804] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.183068][ T5804] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.204754][ T62] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.209770][ T62] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.211497][ T62] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.218067][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.220432][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.227928][ T5810] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.233785][ T5123] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.238561][ T5804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.257586][ T5123] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.258388][ T5123] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.259788][ T5123] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.260542][ T5123] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.284726][ T5810] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.294666][ T5810] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.296256][ T5810] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.297491][ T5810] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.298240][ T5810] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.394052][ T5804] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.395414][ T5804] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.396170][ T5804] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.397549][ T5804] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.398313][ T5804] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.296802][ T5803] chnl_net:caif_netlink_parms(): no params data found [ 89.378033][ T5807] chnl_net:caif_netlink_parms(): no params data found [ 89.396837][ T5806] chnl_net:caif_netlink_parms(): no params data found [ 89.406351][ T5808] chnl_net:caif_netlink_parms(): no params data found [ 89.575214][ T5816] chnl_net:caif_netlink_parms(): no params data found [ 90.125134][ T5803] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.126819][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.127186][ T5803] bridge_slave_0: entered allmulticast mode [ 90.131018][ T5803] bridge_slave_0: entered promiscuous mode [ 90.285454][ T5804] Bluetooth: hci1: command tx timeout [ 90.285458][ T5810] Bluetooth: hci2: command tx timeout [ 90.365153][ T5804] Bluetooth: hci0: command tx timeout [ 90.365618][ T5804] Bluetooth: hci3: command tx timeout [ 90.436699][ T5803] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.436792][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.436943][ T5803] bridge_slave_1: entered allmulticast mode [ 90.438432][ T5803] bridge_slave_1: entered promiscuous mode [ 90.443473][ T5810] Bluetooth: hci4: command tx timeout [ 90.800735][ T5807] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.800817][ T5807] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.801168][ T5807] bridge_slave_0: entered allmulticast mode [ 90.802713][ T5807] bridge_slave_0: entered promiscuous mode [ 90.830198][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.830323][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.830506][ T5806] bridge_slave_0: entered allmulticast mode [ 90.832458][ T5806] bridge_slave_0: entered promiscuous mode [ 90.841638][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.841765][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.842270][ T5808] bridge_slave_0: entered allmulticast mode [ 90.845448][ T5808] bridge_slave_0: entered promiscuous mode [ 91.044314][ T5807] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.044415][ T5807] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.044526][ T5807] bridge_slave_1: entered allmulticast mode [ 91.046073][ T5807] bridge_slave_1: entered promiscuous mode [ 91.047787][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.047883][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.048006][ T5806] bridge_slave_1: entered allmulticast mode [ 91.049555][ T5806] bridge_slave_1: entered promiscuous mode [ 91.050888][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.050988][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.051096][ T5808] bridge_slave_1: entered allmulticast mode [ 91.052565][ T5808] bridge_slave_1: entered promiscuous mode [ 91.059447][ T5803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.346606][ T5803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.346841][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.346966][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.347092][ T5816] bridge_slave_0: entered allmulticast mode [ 91.348585][ T5816] bridge_slave_0: entered promiscuous mode [ 91.764401][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.764489][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.764600][ T5816] bridge_slave_1: entered allmulticast mode [ 91.766119][ T5816] bridge_slave_1: entered promiscuous mode [ 91.769704][ T5807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.772910][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.777291][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.926336][ T5807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.928609][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.930742][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.932619][ T5803] team0: Port device team_slave_0 added [ 92.205785][ T5803] team0: Port device team_slave_1 added [ 92.208879][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.363666][ T5810] Bluetooth: hci1: command tx timeout [ 92.363680][ T5804] Bluetooth: hci2: command tx timeout [ 92.443511][ T5810] Bluetooth: hci3: command tx timeout [ 92.453711][ T5810] Bluetooth: hci0: command tx timeout [ 92.516408][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.517935][ T5807] team0: Port device team_slave_0 added [ 92.520037][ T5806] team0: Port device team_slave_0 added [ 92.523495][ T5810] Bluetooth: hci4: command tx timeout [ 92.806329][ T5808] team0: Port device team_slave_0 added [ 92.965719][ T5807] team0: Port device team_slave_1 added [ 92.967325][ T5806] team0: Port device team_slave_1 added [ 92.968912][ T5808] team0: Port device team_slave_1 added [ 92.970009][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.970018][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.970033][ T5803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.265038][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.265050][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.265065][ T5803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.266966][ T5816] team0: Port device team_slave_0 added [ 93.504703][ T5816] team0: Port device team_slave_1 added [ 93.505588][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.505602][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.505616][ T5807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.507259][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.507272][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.507295][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.509341][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.509354][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.509378][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.755894][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.755906][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.755920][ T5807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.756845][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.756854][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.756868][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.757757][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.757767][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.757782][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.135128][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.135141][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.135156][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.275942][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.275953][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.275967][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.286007][ T5803] hsr_slave_0: entered promiscuous mode [ 94.287670][ T5803] hsr_slave_1: entered promiscuous mode [ 94.443601][ T5810] Bluetooth: hci2: command tx timeout [ 94.443614][ T5804] Bluetooth: hci1: command tx timeout [ 94.524789][ T5810] Bluetooth: hci0: command tx timeout [ 94.524822][ T5810] Bluetooth: hci3: command tx timeout [ 94.603605][ T5810] Bluetooth: hci4: command tx timeout [ 94.784176][ T5807] hsr_slave_0: entered promiscuous mode [ 94.784974][ T5807] hsr_slave_1: entered promiscuous mode [ 94.785686][ T5807] debugfs: 'hsr0' already exists in 'hsr' [ 94.785766][ T5807] Cannot create hsr debugfs directory [ 94.859760][ T5806] hsr_slave_0: entered promiscuous mode [ 94.860544][ T5806] hsr_slave_1: entered promiscuous mode [ 94.861313][ T5806] debugfs: 'hsr0' already exists in 'hsr' [ 94.861332][ T5806] Cannot create hsr debugfs directory [ 95.029757][ T5808] hsr_slave_0: entered promiscuous mode [ 95.030803][ T5808] hsr_slave_1: entered promiscuous mode [ 95.031338][ T5808] debugfs: 'hsr0' already exists in 'hsr' [ 95.031357][ T5808] Cannot create hsr debugfs directory [ 95.209507][ T5816] hsr_slave_0: entered promiscuous mode [ 95.210338][ T5816] hsr_slave_1: entered promiscuous mode [ 95.211104][ T5816] debugfs: 'hsr0' already exists in 'hsr' [ 95.211125][ T5816] Cannot create hsr debugfs directory [ 96.523625][ T5810] Bluetooth: hci1: command tx timeout [ 96.523652][ T5804] Bluetooth: hci2: command tx timeout [ 96.548423][ T5803] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 96.591921][ T5803] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 96.603519][ T5804] Bluetooth: hci3: command tx timeout [ 96.603550][ T5804] Bluetooth: hci0: command tx timeout [ 96.638504][ T5803] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 96.690405][ T5803] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 96.693492][ T5810] Bluetooth: hci4: command tx timeout [ 96.807287][ T5806] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 96.840290][ T5806] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 96.878528][ T5806] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 96.914567][ T5806] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.027913][ T5807] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.063082][ T5807] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.101946][ T5807] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.131931][ T5807] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.239000][ T5808] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 97.289225][ T5808] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 97.332205][ T5808] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 97.390629][ T5808] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 97.534989][ T5816] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.561549][ T5803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.576210][ T5816] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.601466][ T5816] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.639833][ T5816] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.708277][ T5803] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.746303][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.746431][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.753009][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.786934][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.787086][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.849596][ T5806] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.880453][ T5807] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.897512][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.898761][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.945140][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.945281][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.999299][ T5807] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.023166][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.040687][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.040826][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.093290][ T3660] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.094426][ T3660] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.159411][ T5808] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.186798][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.215870][ T3660] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.215998][ T3660] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.276996][ T3660] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.277140][ T3660] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.364869][ T5816] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.399746][ T1432] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.401215][ T1432] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.453134][ T1432] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.458007][ T1432] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.587999][ T5803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.729173][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.886625][ T5807] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.888358][ T5803] veth0_vlan: entered promiscuous mode [ 98.949015][ T5803] veth1_vlan: entered promiscuous mode [ 99.055234][ T5806] veth0_vlan: entered promiscuous mode [ 99.094908][ T5806] veth1_vlan: entered promiscuous mode [ 99.099847][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.187881][ T5803] veth0_macvtap: entered promiscuous mode [ 99.193037][ T5807] veth0_vlan: entered promiscuous mode [ 99.219311][ T5803] veth1_macvtap: entered promiscuous mode [ 99.239331][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.266350][ T5807] veth1_vlan: entered promiscuous mode [ 99.317230][ T5806] veth0_macvtap: entered promiscuous mode [ 99.322616][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.368492][ T5806] veth1_macvtap: entered promiscuous mode [ 99.378435][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.435896][ T1150] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.442545][ T1150] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.451141][ T1150] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.474182][ T1150] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.478474][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.499446][ T5807] veth0_macvtap: entered promiscuous mode [ 99.539364][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.556176][ T5816] veth0_vlan: entered promiscuous mode [ 99.557203][ T5807] veth1_macvtap: entered promiscuous mode [ 99.617385][ T1432] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.622684][ T1432] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.634893][ T1432] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.695382][ T1432] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.714913][ T5816] veth1_vlan: entered promiscuous mode [ 99.826042][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.882941][ T1478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.882965][ T1478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.917309][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.961345][ T5808] veth0_vlan: entered promiscuous mode [ 100.008539][ T43] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.024639][ T43] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.031410][ T1150] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.035957][ T1432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.035975][ T1432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.040624][ T5808] veth1_vlan: entered promiscuous mode [ 100.043221][ T1150] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.150900][ T5816] veth0_macvtap: entered promiscuous mode [ 100.162034][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.162053][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.229455][ T5816] veth1_macvtap: entered promiscuous mode [ 100.393206][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.393226][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.508923][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.520121][ T3660] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.520141][ T3660] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.542994][ T5808] veth0_macvtap: entered promiscuous mode [ 100.563173][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.619571][ T5808] veth1_macvtap: entered promiscuous mode [ 100.667521][ T3660] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.676913][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.676931][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.685132][ T3660] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.727723][ T3660] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.739391][ T3660] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.847200][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.928053][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.093273][ T3660] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.108833][ T3660] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.114968][ T3660] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.142529][ T3660] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.318852][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.318873][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.091897][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.091916][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.583012][ T1528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.583032][ T1528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.913411][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 103.029064][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.031218][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.032585][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.064256][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 103.069438][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 103.071932][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 103.073054][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 103.073409][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 103.133378][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 103.748880][ T992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.748900][ T992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.218317][ T5958] loop2: detected capacity change from 0 to 7 [ 104.587188][ T5958] Dev loop2: unable to read RDB block 7 [ 104.587245][ T5958] loop2: unable to read partition table [ 104.587476][ T5958] loop2: partition table beyond EOD, truncated [ 104.588030][ T5958] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 107.215834][ T5993] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 107.229138][ T5990] ======================================================= [ 107.229138][ T5990] WARNING: The mand mount option has been deprecated and [ 107.229138][ T5990] and is ignored by this kernel. Remove the mand [ 107.229138][ T5990] option from the mount to silence this warning. [ 107.229138][ T5990] ======================================================= [ 108.156838][ T6007] netlink: 4 bytes leftover after parsing attributes in process `syz.2.32'. [ 109.062896][ T37] audit: type=1326 audit(1762871530.108:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.102694][ T37] audit: type=1326 audit(1762871530.278:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.102731][ T37] audit: type=1326 audit(1762871530.278:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.102753][ T37] audit: type=1326 audit(1762871530.278:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.102775][ T37] audit: type=1326 audit(1762871530.278:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.210596][ T37] audit: type=1326 audit(1762871530.388:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.210629][ T37] audit: type=1326 audit(1762871530.388:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.210785][ T37] audit: type=1326 audit(1762871530.388:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.211574][ T37] audit: type=1326 audit(1762871530.388:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 109.308757][ T37] audit: type=1326 audit(1762871530.488:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6015 comm="syz.2.35" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 111.582082][ T6047] syz_tun: entered allmulticast mode [ 112.063902][ T6046] syz_tun: left allmulticast mode [ 112.107492][ T5856] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 112.309872][ T5856] usb 3-1: Using ep0 maxpacket: 16 [ 112.437721][ T5856] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.437802][ T5856] usb 3-1: config 0 interface 0 has no altsetting 0 [ 112.437997][ T5856] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 112.438043][ T5856] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.688003][ T5856] usb 3-1: config 0 descriptor?? [ 113.385645][ T5856] nzxt-smart2 0003:1E71:2009.0001: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0 [ 113.845046][ T5856] usb 3-1: USB disconnect, device number 2 [ 114.116758][ T6068] fido_id[6068]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 114.466994][ T5810] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 114.467137][ T5810] Bluetooth: hci0: Injecting HCI hardware error event [ 114.471921][ T5810] Bluetooth: hci0: hardware error 0x00 [ 114.615594][ T6070] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 114.615736][ T6070] block device autoloading is deprecated and will be removed. [ 116.666183][ T37] kauditd_printk_skb: 5 callbacks suppressed [ 116.666202][ T37] audit: type=1326 audit(1762871537.838:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.666248][ T37] audit: type=1326 audit(1762871537.838:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.666284][ T37] audit: type=1326 audit(1762871537.838:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.667521][ T37] audit: type=1326 audit(1762871537.848:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.667570][ T37] audit: type=1326 audit(1762871537.848:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.667604][ T37] audit: type=1326 audit(1762871537.848:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.667647][ T37] audit: type=1326 audit(1762871537.848:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.668133][ T37] audit: type=1326 audit(1762871537.848:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.668526][ T37] audit: type=1326 audit(1762871537.848:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 116.668568][ T37] audit: type=1326 audit(1762871537.848:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6102 comm="syz.2.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f009061f6c9 code=0x7ffc0000 [ 117.006302][ T5810] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 117.324734][ T1229] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 117.508527][ T1229] usb 3-1: Using ep0 maxpacket: 32 [ 117.518923][ T1229] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 117.518951][ T1229] usb 3-1: config 0 has no interface number 0 [ 117.519005][ T1229] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 117.519032][ T1229] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0 [ 117.519054][ T1229] usb 3-1: config 0 interface 85 has no altsetting 0 [ 117.562529][ T1229] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 117.562559][ T1229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.562579][ T1229] usb 3-1: Product: syz [ 117.562593][ T1229] usb 3-1: Manufacturer: syz [ 117.562608][ T1229] usb 3-1: SerialNumber: syz [ 117.616911][ T1229] usb 3-1: config 0 descriptor?? [ 117.832320][ T1229] appletouch 3-1:0.85: Failed to read mode from device. [ 117.832623][ T1229] appletouch 3-1:0.85: probe with driver appletouch failed with error -5 [ 117.873890][ T1229] usb 3-1: USB disconnect, device number 3 [ 118.700305][ T6114] pim6reg1: entered promiscuous mode [ 118.700332][ T6114] pim6reg1: entered allmulticast mode [ 119.635804][ T6130] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 119.637005][ T6130] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 120.365911][ T6152] netlink: 'syz.3.83': attribute type 12 has an invalid length. [ 120.983991][ T6169] netlink: 'syz.2.89': attribute type 1 has an invalid length. [ 121.154780][ T6170] veth1_macvtap: left promiscuous mode [ 124.848572][ T5804] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 124.870001][ T5804] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 124.872265][ T5804] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 124.899941][ T5804] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 124.900835][ T5804] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 125.924946][ T6227] @: renamed from vlan0 (while UP) [ 126.912627][ T1150] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.084232][ T5810] Bluetooth: hci5: command tx timeout [ 127.946759][ T1150] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.520124][ T1150] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.619180][ T6213] chnl_net:caif_netlink_parms(): no params data found [ 128.907984][ T1150] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.164899][ T5810] Bluetooth: hci5: command tx timeout [ 129.626352][ T6284] netlink: 4 bytes leftover after parsing attributes in process `syz.3.129'. [ 129.837045][ T6288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.129'. [ 130.822821][ T6213] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.822960][ T6213] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.823211][ T6213] bridge_slave_0: entered allmulticast mode [ 130.855880][ T6213] bridge_slave_0: entered promiscuous mode [ 130.897394][ T6213] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.898197][ T6213] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.898421][ T6213] bridge_slave_1: entered allmulticast mode [ 130.929822][ T6213] bridge_slave_1: entered promiscuous mode [ 130.931800][ T6298] netlink: 8 bytes leftover after parsing attributes in process `syz.0.133'. [ 130.931841][ T6298] netlink: 8 bytes leftover after parsing attributes in process `syz.0.133'. [ 131.243554][ T5810] Bluetooth: hci5: command tx timeout [ 131.377360][ T6305] Driver unsupported XDP return value 0 on prog (id 25) dev N/A, expect packet loss! [ 131.683459][ T6213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.719394][ T6213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.948018][ T1150] bridge_slave_1: left allmulticast mode [ 131.948210][ T1150] bridge_slave_1: left promiscuous mode [ 131.950729][ T1150] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.141135][ T1150] bridge_slave_0: left allmulticast mode [ 132.141165][ T1150] bridge_slave_0: left promiscuous mode [ 132.142390][ T1150] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.022624][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.022722][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.346211][ T5810] Bluetooth: hci5: command tx timeout [ 135.757254][ T1684] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 135.840818][ T1684] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 135.926689][ T37] kauditd_printk_skb: 45 callbacks suppressed [ 135.926706][ T37] audit: type=1326 audit(1762871557.088:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.926749][ T37] audit: type=1326 audit(1762871557.108:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.926784][ T37] audit: type=1326 audit(1762871557.108:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.955141][ T37] audit: type=1326 audit(1762871557.138:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.955192][ T37] audit: type=1326 audit(1762871557.138:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.955231][ T37] audit: type=1326 audit(1762871557.138:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.955273][ T37] audit: type=1326 audit(1762871557.138:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.956142][ T37] audit: type=1326 audit(1762871557.138:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.956184][ T37] audit: type=1326 audit(1762871557.138:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 135.956222][ T37] audit: type=1326 audit(1762871557.138:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6348 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1a829f6c9 code=0x7ffc0000 [ 136.218850][ T6352] fido_id[6352]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 138.824288][ T1150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 138.915479][ T1150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 138.957364][ T1150] bond0 (unregistering): Released all slaves [ 139.572905][ T6213] team0: Port device team_slave_0 added [ 140.115858][ T6213] team0: Port device team_slave_1 added [ 140.143125][ T6401] fuse: root generation should be zero [ 140.795901][ T6419] overlayfs: failed to clone upperpath [ 141.079220][ T6429] loop2: detected capacity change from 0 to 7 [ 141.140418][ T5924] Dev loop2: unable to read RDB block 7 [ 141.140469][ T5924] loop2: unable to read partition table [ 141.140723][ T5924] loop2: partition table beyond EOD, truncated [ 141.194615][ T6429] Dev loop2: unable to read RDB block 7 [ 141.194670][ T6429] loop2: unable to read partition table [ 141.194886][ T6429] loop2: partition table beyond EOD, truncated [ 141.194916][ T6429] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 141.648625][ T6213] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 141.648641][ T6213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 141.648665][ T6213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 141.711900][ T6213] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 141.711924][ T6213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 141.711949][ T6213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 142.665697][ T1150] hsr_slave_0: left promiscuous mode [ 142.720460][ T1150] hsr_slave_1: left promiscuous mode [ 142.734254][ T1150] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 142.734391][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 142.767273][ T1150] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 142.767300][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 142.947786][ T1150] veth1_macvtap: left promiscuous mode [ 142.947960][ T1150] veth0_macvtap: left promiscuous mode [ 142.948126][ T1150] veth1_vlan: left promiscuous mode [ 142.948308][ T1150] veth0_vlan: left promiscuous mode [ 143.721123][ T37] kauditd_printk_skb: 33 callbacks suppressed [ 143.721142][ T37] audit: type=1326 audit(1762871564.898:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6452 comm="syz.3.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 143.751887][ T37] audit: type=1326 audit(1762871564.898:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6452 comm="syz.3.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 143.752699][ T37] audit: type=1326 audit(1762871564.928:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6452 comm="syz.3.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 143.752988][ T37] audit: type=1326 audit(1762871564.928:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6452 comm="syz.3.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 143.819549][ T37] audit: type=1326 audit(1762871564.928:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6452 comm="syz.3.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 143.820070][ T37] audit: type=1326 audit(1762871564.998:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6452 comm="syz.3.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 143.867018][ T37] audit: type=1326 audit(1762871565.028:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6452 comm="syz.3.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 144.154473][ T37] audit: type=1800 audit(1762871565.318:122): pid=6460 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.185" name="/" dev="fuse" ino=1 res=0 errno=0 [ 144.613467][ T1229] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 144.765278][ T1229] usb 4-1: Using ep0 maxpacket: 32 [ 144.768789][ T1229] usb 4-1: config 8 has an invalid interface number: 203 but max is 0 [ 144.768824][ T1229] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 144.768843][ T1229] usb 4-1: config 8 has no interface number 0 [ 144.770399][ T1229] usb 4-1: config 8 interface 203 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 144.770418][ T1229] usb 4-1: config 8 interface 203 has no altsetting 0 [ 144.772830][ T1229] usb 4-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 144.772857][ T1229] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.772876][ T1229] usb 4-1: Product: syz [ 144.772890][ T1229] usb 4-1: Manufacturer: syz [ 144.772904][ T1229] usb 4-1: SerialNumber: syz [ 145.255927][ T1229] port100 4-1:8.203: NFC: Could not find bulk-in or bulk-out endpoint [ 145.278920][ T1229] usb 4-1: USB disconnect, device number 2 [ 145.674086][ T1150] team0 (unregistering): Port device team_slave_1 removed [ 145.954539][ T1150] team0 (unregistering): Port device team_slave_0 removed [ 148.111359][ T6213] hsr_slave_0: entered promiscuous mode [ 148.113215][ T6213] hsr_slave_1: entered promiscuous mode [ 148.129245][ T6213] debugfs: 'hsr0' already exists in 'hsr' [ 148.129272][ T6213] Cannot create hsr debugfs directory [ 148.273809][ T6450] kthread_run failed with err -4 [ 149.663428][ T37] audit: type=1326 audit(1762871570.838:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.663477][ T37] audit: type=1326 audit(1762871570.838:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.672251][ T37] audit: type=1326 audit(1762871570.848:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.672528][ T37] audit: type=1326 audit(1762871570.848:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.695420][ T37] audit: type=1326 audit(1762871570.868:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.695467][ T37] audit: type=1326 audit(1762871570.878:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.717378][ T37] audit: type=1326 audit(1762871570.898:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.717429][ T37] audit: type=1326 audit(1762871570.898:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.717467][ T37] audit: type=1326 audit(1762871570.898:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.717505][ T37] audit: type=1326 audit(1762871570.898:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6522 comm="syz.3.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073e74f6c9 code=0x7ffc0000 [ 149.970136][ T6213] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 150.082018][ T6213] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 150.126047][ T6524] mmap: syz.2.208 (6524) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 150.188163][ T1229] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 150.200939][ T6213] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 150.285862][ T6213] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 150.337479][ T1229] usb 2-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x36, changing to 0x6 [ 150.337512][ T1229] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 43, changing to 9 [ 150.337539][ T1229] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 58014, setting to 1024 [ 150.337566][ T1229] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 150.361992][ T1229] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 150.362021][ T1229] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.362041][ T1229] usb 2-1: Product: syz [ 150.362054][ T1229] usb 2-1: Manufacturer: syz [ 150.362068][ T1229] usb 2-1: SerialNumber: syz [ 150.419268][ T1229] hub 2-1:1.0: bad descriptor, ignoring hub [ 150.419307][ T1229] hub 2-1:1.0: probe with driver hub failed with error -5 [ 150.656695][ T1684] usb 2-1: USB disconnect, device number 2 [ 151.247133][ T6213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 151.430736][ T6213] 8021q: adding VLAN 0 to HW filter on device team0 [ 151.468351][ T3660] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.468556][ T3660] bridge0: port 1(bridge_slave_0) entered forwarding state [ 151.594800][ T3660] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.611212][ T3660] bridge0: port 2(bridge_slave_1) entered forwarding state [ 152.220607][ T6581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.219'. [ 152.311928][ T6582] overlayfs: failed to clone upperpath [ 154.088989][ T6213] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 154.113490][ T49] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 154.318520][ T49] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 154.318548][ T49] usb 3-1: config 0 has no interface number 0 [ 154.318600][ T49] usb 3-1: config 0 interface 41 has no altsetting 0 [ 154.545178][ T49] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 154.545208][ T49] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.545227][ T49] usb 3-1: Product: syz [ 154.545240][ T49] usb 3-1: Manufacturer: syz [ 154.545254][ T49] usb 3-1: SerialNumber: syz [ 154.565612][ T49] usb 3-1: config 0 descriptor?? [ 155.216398][ T6213] veth0_vlan: entered promiscuous mode [ 155.476311][ T49] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0 [ 155.684251][ T6213] veth1_vlan: entered promiscuous mode [ 155.924854][ T6213] veth0_macvtap: entered promiscuous mode [ 155.950378][ T6213] veth1_macvtap: entered promiscuous mode [ 156.060311][ T6213] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.127423][ T6213] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.245940][ T992] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.273518][ T992] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.277257][ T992] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.279083][ T992] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.698581][ T49] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9 [ 156.698608][ T49] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): Failed to reset PHY: -71 [ 156.702196][ T49] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71 [ 156.822340][ T49] usb 3-1: USB disconnect, device number 4 [ 157.055280][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.055296][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.220976][ T992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.220996][ T992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.615831][ T6653] Zero length message leads to an empty skb [ 157.736053][ T5174] udevd[5174]: worker [5936] terminated by signal 33 (Unknown signal 33) [ 157.736105][ T5174] udevd[5174]: worker [5936] failed while handling '/devices/virtual/block/loop1' [ 158.173250][ T6664] loop3: detected capacity change from 0 to 7 [ 158.217159][ T6664] Dev loop3: unable to read RDB block 7 [ 158.217205][ T6664] loop3: unable to read partition table [ 158.217402][ T6664] loop3: partition table beyond EOD, truncated [ 158.217454][ T6664] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 158.233466][ T5794] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 158.405580][ T5794] usb 6-1: Using ep0 maxpacket: 32 [ 158.407902][ T5794] usb 6-1: config 0 has an invalid interface number: 188 but max is 0 [ 158.407929][ T5794] usb 6-1: config 0 has no interface number 0 [ 158.407977][ T5794] usb 6-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 158.411051][ T5794] usb 6-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 158.411080][ T5794] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.411099][ T5794] usb 6-1: Product: syz [ 158.411112][ T5794] usb 6-1: Manufacturer: syz [ 158.411126][ T5794] usb 6-1: SerialNumber: syz [ 158.487603][ T5794] usb 6-1: config 0 descriptor?? [ 158.489277][ T6661] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 158.714382][ T6680] syz_tun: entered allmulticast mode [ 158.736874][ T6661] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 160.115699][ T6692] netlink: 4 bytes leftover after parsing attributes in process `syz.3.248'. [ 161.121738][ T5794] asix 6-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 161.121769][ T5794] asix 6-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 161.122042][ T5794] asix 6-1:0.188: probe with driver asix failed with error -71 [ 161.173871][ T5883] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 161.173990][ T5794] usb 6-1: USB disconnect, device number 2 [ 161.343399][ T5883] usb 3-1: Using ep0 maxpacket: 32 [ 161.353860][ T6715] netlink: 'syz.3.256': attribute type 4 has an invalid length. [ 161.377227][ T6715] netlink: 'syz.3.256': attribute type 4 has an invalid length. [ 161.399229][ T5883] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 161.399259][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.399278][ T5883] usb 3-1: Product: syz [ 161.399291][ T5883] usb 3-1: Manufacturer: syz [ 161.399305][ T5883] usb 3-1: SerialNumber: syz [ 161.408823][ T5883] usb 3-1: config 0 descriptor?? [ 161.458920][ T5883] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 163.396340][ T5883] gspca_stk1135: reg_w 0x200 err -71 [ 163.397420][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397432][ T5883] gspca_stk1135: Sensor write failed [ 163.397459][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397468][ T5883] gspca_stk1135: Sensor write failed [ 163.397495][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397561][ T5883] gspca_stk1135: Sensor read failed [ 163.397589][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397599][ T5883] gspca_stk1135: Sensor read failed [ 163.397606][ T5883] gspca_stk1135: Detected sensor type unknown (0x0) [ 163.397639][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397648][ T5883] gspca_stk1135: Sensor read failed [ 163.397673][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397680][ T5883] gspca_stk1135: Sensor read failed [ 163.397707][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397716][ T5883] gspca_stk1135: Sensor write failed [ 163.397750][ T5883] gspca_stk1135: serial bus timeout: status=0x00 [ 163.397759][ T5883] gspca_stk1135: Sensor write failed [ 163.397846][ T5883] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71 [ 163.409101][ T5883] usb 3-1: USB disconnect, device number 5 [ 163.923541][ T37] kauditd_printk_skb: 36 callbacks suppressed [ 163.923558][ T37] audit: type=1326 audit(1762871585.098:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923602][ T37] audit: type=1326 audit(1762871585.098:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923650][ T37] audit: type=1326 audit(1762871585.098:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923692][ T37] audit: type=1326 audit(1762871585.098:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923790][ T37] audit: type=1326 audit(1762871585.098:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923831][ T37] audit: type=1326 audit(1762871585.098:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923871][ T37] audit: type=1326 audit(1762871585.098:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923910][ T37] audit: type=1326 audit(1762871585.098:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923950][ T37] audit: type=1326 audit(1762871585.098:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 163.923991][ T37] audit: type=1326 audit(1762871585.098:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6721 comm="syz.5.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7fc00000 [ 167.910229][ T6790] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 167.910261][ T6790] overlayfs: failed to set xattr on upper [ 167.910269][ T6790] overlayfs: ...falling back to redirect_dir=nofollow. [ 167.910278][ T6790] overlayfs: ...falling back to index=off. [ 167.910285][ T6790] overlayfs: ...falling back to uuid=null. [ 170.762319][ T6829] evm: overlay not supported [ 171.603435][ T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 172.019596][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.019628][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.019640][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 172.019713][ T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 172.019726][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.098952][ T10] usb 3-1: config 0 descriptor?? [ 172.613099][ T10] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 173.763727][ T6859] netlink: 8 bytes leftover after parsing attributes in process `syz.5.308'. [ 173.835365][ C0] plantronics 0003:047F:FFFF.0003: usb_submit_urb(ctrl) failed: -1 [ 173.908292][ T6866] netlink: 'syz.5.308': attribute type 4 has an invalid length. [ 175.051829][ T1229] usb 3-1: USB disconnect, device number 6 [ 180.450989][ T37] kauditd_printk_skb: 21 callbacks suppressed [ 180.451008][ T37] audit: type=1326 audit(1762871601.628:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451056][ T37] audit: type=1326 audit(1762871601.628:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451096][ T37] audit: type=1326 audit(1762871601.628:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451143][ T37] audit: type=1326 audit(1762871601.628:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451192][ T37] audit: type=1326 audit(1762871601.628:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451232][ T37] audit: type=1326 audit(1762871601.628:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451273][ T37] audit: type=1326 audit(1762871601.628:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451317][ T37] audit: type=1326 audit(1762871601.628:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451359][ T37] audit: type=1326 audit(1762871601.628:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f726985f6c9 code=0x7ffc0000 [ 180.451393][ T37] audit: type=1326 audit(1762871601.628:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.5.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7269856567 code=0x7ffc0000 [ 180.790598][ T6924] syz_tun: entered allmulticast mode [ 180.850186][ T6924] pimreg: entered allmulticast mode [ 180.919996][ T6923] syz_tun: left allmulticast mode [ 183.403548][ T1684] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 183.583491][ T1684] usb 2-1: Using ep0 maxpacket: 16 [ 183.592631][ T1684] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 183.592665][ T1684] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 183.625033][ T1684] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 183.625064][ T1684] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.625084][ T1684] usb 2-1: Product: syz [ 183.625098][ T1684] usb 2-1: Manufacturer: syz [ 183.625112][ T1684] usb 2-1: SerialNumber: syz [ 183.629372][ T1684] usb 2-1: config 0 descriptor?? [ 183.676935][ T1684] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 183.676965][ T1684] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 184.276501][ T1684] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 184.277490][ T1684] em28xx 2-1:0.0: Config register raw data: 0xfffffffb [ 184.638167][ T10] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 185.040993][ T1684] em28xx 2-1:0.0: Unknown AC97 audio processor detected! [ 185.278490][ T10] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 185.278520][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.278540][ T10] usb 4-1: Product: syz [ 185.278606][ T10] usb 4-1: Manufacturer: syz [ 185.278621][ T10] usb 4-1: SerialNumber: syz [ 185.349136][ T10] usb 4-1: config 0 descriptor?? [ 185.539733][ T1684] em28xx 2-1:0.0: couldn't setup AC97 register 2 [ 185.540279][ T1684] em28xx 2-1:0.0: couldn't setup AC97 register 4 [ 185.541068][ T1684] em28xx 2-1:0.0: couldn't setup AC97 register 6 [ 185.541594][ T1684] em28xx 2-1:0.0: couldn't setup AC97 register 54 [ 185.542549][ T1684] em28xx 2-1:0.0: couldn't setup AC97 register 56 [ 185.550102][ T6990] trusted_key: syz.0.353 sent an empty control message without MSG_MORE. [ 185.591179][ T10] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 185.634901][ T1684] usb 2-1: USB disconnect, device number 3 [ 186.585362][ T10] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 187.845418][ T1684] usb 4-1: USB disconnect, device number 3 [ 188.080891][ T7027] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 188.080920][ T7027] overlayfs: failed to set xattr on upper [ 188.080928][ T7027] overlayfs: ...falling back to redirect_dir=nofollow. [ 188.080937][ T7027] overlayfs: ...falling back to index=off. [ 188.080944][ T7027] overlayfs: ...falling back to uuid=null. [ 188.124952][ T5810] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 188.125092][ T5810] Bluetooth: hci2: Injecting HCI hardware error event [ 188.127016][ T5804] Bluetooth: hci2: hardware error 0x00 [ 188.229984][ T7032] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 188.253450][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 188.343054][ T7037] netlink: 'syz.2.372': attribute type 4 has an invalid length. [ 188.403404][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 188.434073][ T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 188.434107][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 188.434134][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 188.434156][ T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 188.512448][ T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 188.512480][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.512500][ T10] usb 2-1: Product: syz [ 188.512514][ T10] usb 2-1: Manufacturer: syz [ 188.512529][ T10] usb 2-1: SerialNumber: syz [ 188.575530][ T10] usb 2-1: config 0 descriptor?? [ 188.579982][ T10] appledisplay 2-1:0.0: Submitting URB failed [ 188.580171][ T10] appledisplay 2-1:0.0: probe with driver appledisplay failed with error -5 [ 189.950467][ T49] usb 2-1: USB disconnect, device number 4 [ 190.041045][ T7064] binder: 7063:7064 ioctl c0306201 200000000080 returned -14 [ 190.533569][ T5804] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 191.003463][ T7074] netlink: 'syz.1.381': attribute type 1 has an invalid length. [ 191.207905][ T7075] tipc: Started in network mode [ 191.207940][ T7075] tipc: Node identity ac141441, cluster identity 4711 [ 191.313978][ T7075] ------------[ cut here ]------------ [ 191.313992][ T7075] kernel BUG at net/ipv6/route.c:1473! [ 191.315876][ T7075] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 191.315916][ T7075] CPU: 1 UID: 0 PID: 7075 Comm: syz.5.382 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 191.315939][ T7075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 191.315954][ T7075] RIP: 0010:ip6_pol_route+0x117d/0x1180 [ 191.315992][ T7075] Code: ab f8 e9 f4 fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fb ff ff 48 89 df e8 de 15 ab f8 e9 f6 fa ff ff e8 c4 5c 49 f8 90 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e [ 191.316021][ T7075] RSP: 0018:ffffc90005be6080 EFLAGS: 00010283 [ 191.316047][ T7075] RAX: ffffffff8975509c RBX: ffff888126ef7000 RCX: 0000000000080000 [ 191.316062][ T7075] RDX: ffffc9001b276000 RSI: 0000000000000ee9 RDI: 0000000000000eea [ 191.316076][ T7075] RBP: ffffc90005be6190 R08: ffffe8ffffd35ce7 R09: 1ffffd1ffffa6b9c [ 191.316092][ T7075] R10: dffffc0000000000 R11: fffff91ffffa6b9d R12: ffff8880487a1640 [ 191.316108][ T7075] R13: ffffffff89754082 R14: dffffc0000000000 R15: 0000607ed8e3ece0 [ 191.316129][ T7075] FS: 00007f7267ac66c0(0000) GS:ffff888126ef7000(0000) knlGS:0000000000000000 [ 191.316147][ T7075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.316162][ T7075] CR2: 0000001b2f914ff8 CR3: 0000000061fa8000 CR4: 00000000003526f0 [ 191.316180][ T7075] Call Trace: [ 191.316188][ T7075] [ 191.316197][ T7075] ? ip6_pol_route+0x162/0x1180 [ 191.316229][ T7075] ? __pfx_ip6_pol_route+0x10/0x10 [ 191.316263][ T7075] fib6_rule_lookup+0x348/0x6f0 [ 191.316292][ T7075] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 191.316311][ T7075] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 191.316333][ T7075] ? ip6_route_output_flags+0x2e/0x5d0 [ 191.316358][ T7075] ip6_route_output_flags+0x364/0x5d0 [ 191.316378][ T7075] ? ip6_route_output_flags+0x2e/0x5d0 [ 191.316398][ T7075] ip6_dst_lookup_tail+0x1ae/0x1510 [ 191.316435][ T7075] ? __pfx_ip6_dst_lookup_tail+0x10/0x10 [ 191.316459][ T7075] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 191.316484][ T7075] ? rt_spin_unlock+0x150/0x200 [ 191.316508][ T7075] ? rt_spin_unlock+0x161/0x200 [ 191.316532][ T7075] ip6_dst_lookup_flow+0x47/0xe0 [ 191.316555][ T7075] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 191.316578][ T7075] udp_tunnel6_dst_lookup+0x234/0x3c0 [ 191.316613][ T7075] ? __pfx_udp_tunnel6_dst_lookup+0x10/0x10 [ 191.316642][ T7075] ? geneve_get_dsfield+0xec/0x680 [ 191.316675][ T7075] ? __pfx_geneve_get_dsfield+0x10/0x10 [ 191.316710][ T7075] geneve_xmit+0xd2e/0x2b70 [ 191.316739][ T7075] ? __pfx_skb_network_protocol+0x10/0x10 [ 191.316772][ T7075] ? validate_xmit_xfrm+0xbf/0x1160 [ 191.316796][ T7075] ? geneve_xmit+0x128/0x2b70 [ 191.316825][ T7075] ? __pfx_validate_xmit_xfrm+0x10/0x10 [ 191.316848][ T7075] ? __pfx_geneve_xmit+0x10/0x10 [ 191.316888][ T7075] dev_hard_start_xmit+0x2f0/0x870 [ 191.316922][ T7075] __dev_queue_xmit+0x1b50/0x3b70 [ 191.316952][ T7075] ? __dev_queue_xmit+0x26f/0x3b70 [ 191.316986][ T7075] ? __pfx___dev_queue_xmit+0x10/0x10 [ 191.317017][ T7075] ? read_seqbegin+0x128/0x2e0 [ 191.317046][ T7075] ? neigh_resolve_output+0x46e/0x780 [ 191.317080][ T7075] ? lockdep_hardirqs_on+0x9c/0x150 [ 191.317107][ T7075] ? read_seqbegin+0x27c/0x2e0 [ 191.317135][ T7075] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 191.317158][ T7075] ? __pfx_read_seqbegin+0x10/0x10 [ 191.317184][ T7075] ? eth_header+0x11b/0x200 [ 191.317205][ T7075] ? __asan_memcpy+0x40/0x70 [ 191.317225][ T7075] ? eth_header+0x11b/0x200 [ 191.317245][ T7075] ? __pfx_eth_header+0x10/0x10 [ 191.317264][ T7075] ? neigh_resolve_output+0x65a/0x780 [ 191.317298][ T7075] ip_finish_output2+0xd97/0x11d0 [ 191.317327][ T7075] ? ip_finish_output2+0x452/0x11d0 [ 191.317356][ T7075] ? __pfx_ip_finish_output2+0x10/0x10 [ 191.317382][ T7075] ? ip_skb_dst_mtu+0x18d/0xb70 [ 191.317407][ T7075] ? ip_skb_dst_mtu+0x917/0xb70 [ 191.317431][ T7075] ? ip_finish_output+0x33a/0x3f0 [ 191.317457][ T7075] iptunnel_xmit+0x5f8/0xa90 [ 191.317485][ T7075] udp_tunnel_xmit_skb+0x26e/0x3c0 [ 191.317521][ T7075] tipc_udp_xmit+0x84e/0xb60 [ 191.317545][ T7075] ? tipc_crypto_xmit+0x1e2/0x23a0 [ 191.317569][ T7075] ? tipc_udp_xmit+0xa4/0xb60 [ 191.317587][ T7075] ? __pfx_tipc_udp_xmit+0x10/0x10 [ 191.317608][ T7075] ? tipc_net+0x45/0x270 [ 191.317638][ T7075] ? tipc_udp_send_msg+0x2a6/0x3f0 [ 191.317660][ T7075] tipc_bearer_xmit_skb+0x2b3/0x400 [ 191.317689][ T7075] ? tipc_bearer_xmit_skb+0xa9/0x400 [ 191.317717][ T7075] ? __pfx_tipc_bearer_xmit_skb+0x10/0x10 [ 191.317746][ T7075] ? tipc_mon_create+0x3c3/0x4d0 [ 191.317776][ T7075] __tipc_nl_bearer_enable+0x1044/0x13f0 [ 191.317811][ T7075] ? __pfx___tipc_nl_bearer_enable+0x10/0x10 [ 191.317841][ T7075] ? rt_mutex_slowlock+0x3de/0x6e0 [ 191.317865][ T7075] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 191.317900][ T7075] ? tipc_nl_bearer_enable+0x17/0x40 [ 191.317929][ T7075] ? mutex_lock_nested+0x16a/0x1d0 [ 191.317950][ T7075] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 191.317979][ T7075] ? genl_family_rcv_msg_attrs_parse+0x212/0x2a0 [ 191.318018][ T7075] tipc_nl_bearer_enable+0x22/0x40 [ 191.318048][ T7075] genl_family_rcv_msg_doit+0x215/0x300 [ 191.318079][ T7075] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 191.318169][ T7075] genl_rcv_msg+0x60e/0x790 [ 191.318200][ T7075] ? __pfx_genl_rcv_msg+0x10/0x10 [ 191.318226][ T7075] ? __pfx_tipc_nl_bearer_enable+0x10/0x10 [ 191.318257][ T7075] ? __lock_acquire+0xab9/0xd20 [ 191.318286][ T7075] netlink_rcv_skb+0x208/0x470 [ 191.318306][ T7075] ? __pfx_genl_rcv_msg+0x10/0x10 [ 191.318331][ T7075] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 191.318356][ T7075] ? netlink_deliver_tap+0x2e/0x1b0 [ 191.318375][ T7075] ? netlink_deliver_tap+0x2e/0x1b0 [ 191.318395][ T7075] genl_rcv+0x28/0x40 [ 191.318415][ T7075] netlink_unicast+0x846/0xa10 [ 191.318442][ T7075] ? __pfx_netlink_unicast+0x10/0x10 [ 191.318467][ T7075] ? netlink_sendmsg+0x642/0xb30 [ 191.318483][ T7075] ? skb_put+0x11b/0x210 [ 191.318503][ T7075] netlink_sendmsg+0x805/0xb30 [ 191.318526][ T7075] ? __pfx_netlink_sendmsg+0x10/0x10 [ 191.318548][ T7075] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 191.318576][ T7075] ? __pfx_netlink_sendmsg+0x10/0x10 [ 191.318597][ T7075] __sock_sendmsg+0x21c/0x270 [ 191.318635][ T7075] ____sys_sendmsg+0x508/0x820 [ 191.318660][ T7075] ? __pfx_____sys_sendmsg+0x10/0x10 [ 191.318688][ T7075] ? import_iovec+0x74/0xa0 [ 191.318711][ T7075] ___sys_sendmsg+0x21f/0x2a0 [ 191.318735][ T7075] ? __pfx____sys_sendmsg+0x10/0x10 [ 191.318775][ T7075] ? __fget_files+0x2a/0x420 [ 191.318803][ T7075] ? __fget_files+0x3a6/0x420 [ 191.318836][ T7075] __x64_sys_sendmsg+0x1a1/0x260 [ 191.318862][ T7075] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 191.318894][ T7075] ? do_syscall_64+0xbe/0xfa0 [ 191.318924][ T7075] do_syscall_64+0xfa/0xfa0 [ 191.318951][ T7075] ? lockdep_hardirqs_on+0x9c/0x150 [ 191.318980][ T7075] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.319008][ T7075] ? clear_bhb_loop+0x60/0xb0 [ 191.319031][ T7075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.319052][ T7075] RIP: 0033:0x7f726985f6c9 [ 191.319077][ T7075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.319096][ T7075] RSP: 002b:00007f7267ac6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 191.319118][ T7075] RAX: ffffffffffffffda RBX: 00007f7269ab5fa0 RCX: 00007f726985f6c9 [ 191.319135][ T7075] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003 [ 191.319149][ T7075] RBP: 00007f72698e1f91 R08: 0000000000000000 R09: 0000000000000000 [ 191.319163][ T7075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.319176][ T7075] R13: 00007f7269ab6038 R14: 00007f7269ab5fa0 R15: 00007ffee251ccb8 [ 191.319201][ T7075] [ 191.319208][ T7075] Modules linked in: [ 191.319228][ T7075] ---[ end trace 0000000000000000 ]--- [ 191.319237][ T7075] RIP: 0010:ip6_pol_route+0x117d/0x1180 [ 191.319269][ T7075] Code: ab f8 e9 f4 fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fb ff ff 48 89 df e8 de 15 ab f8 e9 f6 fa ff ff e8 c4 5c 49 f8 90 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e [ 191.319287][ T7075] RSP: 0018:ffffc90005be6080 EFLAGS: 00010283 [ 191.319308][ T7075] RAX: ffffffff8975509c RBX: ffff888126ef7000 RCX: 0000000000080000 [ 191.319324][ T7075] RDX: ffffc9001b276000 RSI: 0000000000000ee9 RDI: 0000000000000eea [ 191.319339][ T7075] RBP: ffffc90005be6190 R08: ffffe8ffffd35ce7 R09: 1ffffd1ffffa6b9c [ 191.319356][ T7075] R10: dffffc0000000000 R11: fffff91ffffa6b9d R12: ffff8880487a1640 [ 191.319373][ T7075] R13: ffffffff89754082 R14: dffffc0000000000 R15: 0000607ed8e3ece0 [ 191.319388][ T7075] FS: 00007f7267ac66c0(0000) GS:ffff888126ef7000(0000) knlGS:0000000000000000 [ 191.319405][ T7075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.319418][ T7075] CR2: 0000001b2f914ff8 CR3: 0000000061fa8000 CR4: 00000000003526f0 [ 191.319438][ T7075] Kernel panic - not syncing: Fatal exception in interrupt [ 191.319691][ T7075] Kernel Offset: disabled