last executing test programs: 1.805832783s ago: executing program 0 (id=11813): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x100a, 0x2}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000180)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x51, 0x0, &(0x7f0000000200)="8b500200cd864231b996623c8df2e03839b8dfb0d7865c6fefe39ea389c7aa220de978dcab534586578e40fae0a3789b088ab8b56d769cd2cade8a2938a4cfd98b31000000000000000000000000000062"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@increfs], 0x0, 0x0, 0x0}) 1.595827782s ago: executing program 0 (id=11808): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r2, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e1d, 0x5, @remote, 0x6}, 0x1c) sendto$inet6(r4, &(0x7f0000000400)="80006466d3805699", 0x8, 0x20050008, &(0x7f0000000000)={0xa, 0x6e26, 0x805, @mcast1, 0x43}, 0x1c) 1.460158848s ago: executing program 2 (id=11812): syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_emit_ethernet(0x3a, &(0x7f0000000180)={@remote, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x64, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0) 1.40788329s ago: executing program 0 (id=11814): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) 1.245707757s ago: executing program 2 (id=11818): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r4, 0xc400941d, 0x0) 1.244900337s ago: executing program 4 (id=11819): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX]) 1.188281219s ago: executing program 1 (id=11820): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2) pwrite64(r3, &(0x7f0000000080)="cc", 0x1, 0x200980) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r0, r4, 0x0, 0xe0000000) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX]) 1.17221955s ago: executing program 0 (id=11821): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x14) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNGETFILTER(r4, 0x801054db, &(0x7f0000000300)=""/160) 1.042195165s ago: executing program 2 (id=11823): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380"], 0x44}}, 0x20008000) 1.041438315s ago: executing program 4 (id=11833): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xc, 0x54404d0a08a4d8, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x2, 0x4}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) writev(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)='W', 0x1}], 0x1) 1.021797496s ago: executing program 0 (id=11824): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00), 0x1, 0x4008080) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x20000815, &(0x7f0000b63fe4)={0xa, 0x2, 0x5}, 0x1c) 1.010846836s ago: executing program 1 (id=11825): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r2, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e1d, 0x5, @remote, 0x6}, 0x1c) sendto$inet6(r4, &(0x7f0000000400)="80006466d3805699", 0x8, 0x20050008, &(0x7f0000000000)={0xa, 0x6e26, 0x805, @mcast1, 0x43}, 0x1c) 907.169331ms ago: executing program 4 (id=11826): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000340)={0xc, 0x0, &(0x7f0000000300)=[@acquire={0x40046305, 0x2}, @register_looper], 0x0, 0x0, 0x0}) 860.803573ms ago: executing program 2 (id=11827): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) 859.398314ms ago: executing program 1 (id=11828): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)="390000001100090468fe07000000000007", 0x11}], 0x1) write$binfmt_misc(r3, &(0x7f00000004c0)="9af280d4ceac789215ee1c1db6a3d1f1002b32e08e01dd7e8378bb940abba66891521afa4e1fcd4a67", 0x29) splice(r2, 0x0, r4, 0x0, 0x19404, 0x0) 831.289024ms ago: executing program 3 (id=11829): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x7c384000) 720.022129ms ago: executing program 4 (id=11830): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/mcfilter6\x00') read$FUSE(r3, &(0x7f0000001a00)={0x2020}, 0x2020) preadv(r3, &(0x7f0000000280)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x1f1, 0x1) 719.570459ms ago: executing program 1 (id=11831): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) unshare(0x60000600) 707.316899ms ago: executing program 3 (id=11832): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) rt_sigaction(0xd, 0x0, 0x0, 0x0, 0x0) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000)) r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x9) ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000140)={0x7, 0xfff7, 0x8, 0x3, 0x17, "a9b39ba517c50901"}) write(r3, &(0x7f0000000180)="a788b9a48d1de6603c475fe3cfa8a27d7c8425073f756d1cefddc0", 0x1b) 372.047594ms ago: executing program 2 (id=11834): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) 371.689354ms ago: executing program 3 (id=11835): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280), 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") truncate(&(0x7f00000000c0)='./file1\x00', 0x8008) 371.374924ms ago: executing program 4 (id=11836): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000007c0)={0x30, r5, 0x7, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 287.895188ms ago: executing program 2 (id=11837): syz_open_dev$usbmon(0x0, 0xa, 0x512f1538a00c8645) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(0x0, r1) syz_genetlink_get_family_id$nl80211(0x0, r0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) socket$netlink(0x10, 0x3, 0x10) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8b18, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r4, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 273.113568ms ago: executing program 1 (id=11838): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xc, 0x54404d0a08a4d8, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x2, 0x4}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) writev(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)='W', 0x1}], 0x1) 203.906671ms ago: executing program 3 (id=11839): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) setresgid(0xee00, 0xee01, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 203.509791ms ago: executing program 4 (id=11840): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xe}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0x1}]}}]}, 0x3c}}, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r6 = socket$kcm(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0xdd86, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4) 194.209052ms ago: executing program 3 (id=11841): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r2, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = syz_open_dev$video(&(0x7f0000000040), 0x8, 0x41) ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x1, {0x10002, 0xffffffff, 0x401}}) 86.657896ms ago: executing program 1 (id=11842): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, 0x0) 37.428058ms ago: executing program 3 (id=11843): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}}, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000009c0)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0x6, 0xb}, {0x6, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x9}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2001c061}, 0x4008000) sendto$packet(r5, &(0x7f0000000440)="80000d80000021be51000000000000008100", 0x12, 0x40080e0, &(0x7f00000001c0)={0x11, 0x8100, r4, 0x1, 0xd8}, 0x14) 0s ago: executing program 0 (id=11844): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300) kernel console output (not intermixed with test programs): ompat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1276.955639][ T27] audit: type=1326 audit(1763570986.115:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19797 comm="syz.2.5215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1277.021145][ T27] audit: type=1326 audit(1763570986.115:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19797 comm="syz.2.5215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1277.044302][ T27] audit: type=1326 audit(1763570986.115:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19797 comm="syz.2.5215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1277.067631][ T27] audit: type=1326 audit(1763570986.115:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19797 comm="syz.2.5215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1277.090504][ T27] audit: type=1326 audit(1763570986.115:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19797 comm="syz.2.5215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1277.121467][ T27] audit: type=1326 audit(1763570986.115:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19797 comm="syz.2.5215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1277.150738][ T27] audit: type=1326 audit(1763570986.115:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19797 comm="syz.2.5215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1279.114556][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1279.803195][T19856] overlayfs: failed to clone upperpath [ 1280.662672][T19871] sctp: [Deprecated]: syz.2.5249 (pid 19871) Use of int in max_burst socket option deprecated. [ 1280.662672][T19871] Use struct sctp_assoc_value instead [ 1281.096273][T19877] overlayfs: failed to clone upperpath [ 1281.794208][T19901] 9pnet_fd: Insufficient options for proto=fd [ 1281.819577][T10908] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 1282.032643][T10908] usb 4-1: Using ep0 maxpacket: 16 [ 1282.039784][T10908] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1282.065598][T10908] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1282.083333][T10908] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1282.098573][T10908] usb 4-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00 [ 1282.118434][T10908] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1282.147705][T10908] usb 4-1: config 0 descriptor?? [ 1282.610178][T10908] apple 0003:05AC:0247.0005: fixing up Magic Keyboard JIS report descriptor [ 1282.641128][T10908] apple 0003:05AC:0247.0005: unexpected long global item [ 1282.651770][T10908] apple 0003:05AC:0247.0005: parse failed [ 1282.681789][T10908] apple: probe of 0003:05AC:0247.0005 failed with error -22 [ 1282.830782][T17092] usb 4-1: USB disconnect, device number 15 [ 1284.879636][T19971] sctp: [Deprecated]: syz.4.5293 (pid 19971) Use of int in max_burst socket option deprecated. [ 1284.879636][T19971] Use struct sctp_assoc_value instead [ 1285.111826][T17092] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 1285.314666][T17092] usb 4-1: Using ep0 maxpacket: 8 [ 1285.329073][T17092] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 1285.339256][T17092] usb 4-1: New USB device strings: Mfr=32, Product=2, SerialNumber=3 [ 1285.347702][T17092] usb 4-1: Product: syz [ 1285.351876][T17092] usb 4-1: Manufacturer: syz [ 1285.368402][T17092] usb 4-1: SerialNumber: syz [ 1285.382413][T17092] usb 4-1: config 0 descriptor?? [ 1285.608408][T17092] usb 4-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 1285.824077][T19997] sctp: [Deprecated]: syz.0.5317 (pid 19997) Use of int in max_burst socket option deprecated. [ 1285.824077][T19997] Use struct sctp_assoc_value instead [ 1286.465971][T17092] usb write operation failed. (-71) [ 1286.518649][T17092] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1286.518878][T20021] net_ratelimit: 3660 callbacks suppressed [ 1286.518891][T20021] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1286.531242][T17092] dvbdev: DVB: registering new adapter (Terratec H7) [ 1286.560617][T17092] usb 4-1: media controller created [ 1286.567526][T17092] usb read operation failed. (-71) [ 1286.584680][T17092] usb write operation failed. (-71) [ 1286.612615][T17092] dvb_usb_az6007: probe of 4-1:0.0 failed with error -5 [ 1286.639438][T17092] usb 4-1: USB disconnect, device number 16 [ 1287.908771][T20055] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 1289.736938][ T4345] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 1289.947944][ T4345] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1289.976016][ T4345] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 1290.031023][ T4345] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1290.054335][ T4345] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1290.072159][ T4345] usb 4-1: Product: syz [ 1290.082809][ T4345] usb 4-1: Manufacturer: syz [ 1290.095340][ T4345] usb 4-1: SerialNumber: syz [ 1290.130769][ T4345] cdc_mbim 4-1:1.0: skipping garbage [ 1290.343328][T20119] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1290.703543][T20167] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5382'. [ 1291.004424][T20119] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1291.012050][ T4345] cdc_mbim 4-1:1.0: setting tx_max = 16384 [ 1291.039731][ T4345] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device [ 1291.155758][ T4345] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 16:c6:8b:dd:90:1c [ 1291.273148][ T4345] usb 4-1: USB disconnect, device number 17 [ 1291.325995][ T4345] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM [ 1292.120881][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 1292.120894][ T27] audit: type=1326 audit(1763571000.454:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.242174][ T27] audit: type=1326 audit(1763571000.454:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.276506][ T27] audit: type=1326 audit(1763571000.492:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.306299][ T27] audit: type=1326 audit(1763571000.492:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.450630][ T27] audit: type=1326 audit(1763571000.492:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.581875][ T27] audit: type=1326 audit(1763571000.492:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.617952][T10908] usb 4-1: new full-speed USB device number 18 using dummy_hcd [ 1292.712394][ T27] audit: type=1326 audit(1763571000.492:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.776775][ T27] audit: type=1326 audit(1763571000.492:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.810425][T10908] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 1292.812969][ T27] audit: type=1326 audit(1763571000.492:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.845891][T10908] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 7 [ 1292.856286][ T27] audit: type=1326 audit(1763571000.492:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20201 comm="syz.1.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1292.882276][T10908] usb 4-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 1292.926445][T10908] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1292.952649][T10908] usb 4-1: config 0 descriptor?? [ 1292.969457][T20191] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1293.206469][T20191] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1293.228334][T20191] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1293.243343][T10908] usbhid 4-1:0.0: can't add hid device: -71 [ 1293.257943][T10908] usbhid: probe of 4-1:0.0 failed with error -71 [ 1293.280092][T10908] usb 4-1: USB disconnect, device number 18 [ 1293.555721][T20244] netlink: 'syz.4.5413': attribute type 1 has an invalid length. [ 1293.583695][T20244] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1293.631536][T20244] bond1: (slave geneve2): making interface the new active one [ 1293.659995][T20244] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 1293.672751][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 1293.963589][T10908] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 1294.166752][T10908] usb 4-1: Using ep0 maxpacket: 32 [ 1294.173722][T10908] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 129, changing to 11 [ 1294.194421][T10908] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 7 [ 1294.207791][T10908] usb 4-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 1294.224263][T10908] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1294.248523][T10908] usb 4-1: config 0 descriptor?? [ 1294.266731][T10908] hub 4-1:0.0: bad descriptor, ignoring hub [ 1294.272756][T10908] hub: probe of 4-1:0.0 failed with error -5 [ 1294.311538][T20279] overlayfs: failed to resolve './file0': -2 [ 1294.694791][T10908] hid-multitouch 0003:0EEF:72C4.0006: unknown main item tag 0xd [ 1294.714107][T10908] hid-multitouch 0003:0EEF:72C4.0006: hidraw0: USB HID v0.00 Device [HID 0eef:72c4] on usb-dummy_hcd.3-1/input0 [ 1295.060468][T10908] usb 4-1: USB disconnect, device number 19 [ 1295.174774][T20305] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1295.184410][T10908] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1296.165819][ T4416] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1296.616112][T20305] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1297.724706][T20397] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5467'. [ 1297.750157][T20397] netlink: 'syz.4.5467': attribute type 15 has an invalid length. [ 1297.774739][T20397] netlink: 'syz.4.5467': attribute type 18 has an invalid length. [ 1297.849289][T20397] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1297.858575][T20397] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1297.867360][T20397] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1297.876415][T20397] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1297.913444][T20397] device vxlan0 entered promiscuous mode [ 1297.979069][T20407] infiniband sz1: set active [ 1297.991934][T20407] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1298.019805][T20407] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 1298.045879][T10908] lo speed is unknown, defaulting to 1000 [ 1298.430767][T20431] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 1301.166706][T20511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5510'. [ 1302.411596][T20564] device bond_slave_0 entered promiscuous mode [ 1302.418570][T20564] device bond_slave_1 entered promiscuous mode [ 1302.424949][T20564] device wlan1 entered promiscuous mode [ 1302.495720][T20564] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 1302.503444][T20564] bridge0: port 3(macvlan4) entered blocking state [ 1302.542534][T20564] bridge0: port 3(macvlan4) entered disabled state [ 1302.554141][T20564] device macvlan4 entered promiscuous mode [ 1302.561392][T20564] device bond0 entered promiscuous mode [ 1302.578468][T20564] bridge0: port 3(macvlan4) entered blocking state [ 1302.585154][T20564] bridge0: port 3(macvlan4) entered forwarding state [ 1303.329580][T20608] device bond_slave_0 entered promiscuous mode [ 1303.335845][T20608] device bond_slave_1 entered promiscuous mode [ 1303.343703][T20608] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1303.351423][T20608] bridge0: port 3(macvlan2) entered blocking state [ 1303.358209][T20608] bridge0: port 3(macvlan2) entered disabled state [ 1303.384132][T20608] device macvlan2 entered promiscuous mode [ 1303.390498][T20608] device bond0 entered promiscuous mode [ 1303.397941][T20608] device wlan1 entered promiscuous mode [ 1303.411726][T20608] bridge0: port 3(macvlan2) entered blocking state [ 1303.418408][T20608] bridge0: port 3(macvlan2) entered forwarding state [ 1303.544762][T20620] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5549'. [ 1304.390279][T20656] device bond_slave_0 entered promiscuous mode [ 1304.396589][T20656] device bond_slave_1 entered promiscuous mode [ 1304.422318][T20656] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1304.445781][T20656] bridge0: port 4(macvlan2) entered blocking state [ 1304.469754][T20656] bridge0: port 4(macvlan2) entered disabled state [ 1304.502379][T20656] device macvlan2 entered promiscuous mode [ 1304.523507][T20656] device bond0 entered promiscuous mode [ 1304.545271][T20656] device wlan1 entered promiscuous mode [ 1304.569666][T20656] bridge0: port 4(macvlan2) entered blocking state [ 1304.576313][T20656] bridge0: port 4(macvlan2) entered forwarding state [ 1305.699535][T20693] netlink: 'syz.0.5586': attribute type 1 has an invalid length. [ 1305.899817][T20693] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1305.966974][T20697] bond2: (slave geneve3): making interface the new active one [ 1306.000390][T20697] bond2: (slave geneve3): Enslaving as an active interface with an up link [ 1306.041989][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 1306.356885][T20711] device bond_slave_0 entered promiscuous mode [ 1306.363156][T20711] device bond_slave_1 entered promiscuous mode [ 1306.383641][T20711] 8021q: adding VLAN 0 to HW filter on device macvlan5 [ 1306.407941][T20711] bridge0: port 3(macvlan5) entered blocking state [ 1306.425463][T20711] bridge0: port 3(macvlan5) entered disabled state [ 1306.443422][T20711] device macvlan5 entered promiscuous mode [ 1306.474850][T20711] device bond0 entered promiscuous mode [ 1306.480592][T20711] device wlan1 entered promiscuous mode [ 1306.511462][T20711] bridge0: port 3(macvlan5) entered blocking state [ 1306.518123][T20711] bridge0: port 3(macvlan5) entered forwarding state [ 1306.574775][T20721] netlink: 'syz.1.5585': attribute type 10 has an invalid length. [ 1306.612127][T20721] bridge0: port 1(batadv0) entered disabled state [ 1306.627149][T20721] device batadv0 left promiscuous mode [ 1306.641805][T20721] bridge0: port 1(batadv0) entered disabled state [ 1306.655471][T20721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1306.694654][T20721] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 1307.720056][T20768] netlink: 'syz.0.5616': attribute type 10 has an invalid length. [ 1307.769972][T20768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1307.811848][T20768] device batadv0 entered promiscuous mode [ 1307.821626][T20768] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 1307.913205][T20774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5606'. [ 1308.326811][T20786] netlink: 'syz.4.5612': attribute type 1 has an invalid length. [ 1308.413438][T20786] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1308.489599][T20788] bond2: (slave geneve3): making interface the new active one [ 1308.563991][T20788] bond2: (slave geneve3): Enslaving as an active interface with an up link [ 1308.612851][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 1309.271573][T20814] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5623'. [ 1310.412516][T20839] netlink: 'syz.1.5634': attribute type 39 has an invalid length. [ 1311.108921][T20875] netlink: 'syz.0.5649': attribute type 39 has an invalid length. [ 1311.641314][T20871] overlayfs: failed to clone upperpath [ 1311.772044][T20893] device ip6gre1 entered promiscuous mode [ 1312.174962][T20911] netlink: 'syz.4.5662': attribute type 39 has an invalid length. [ 1312.739894][ T4381] Process accounting resumed [ 1313.520939][T20970] device ip6gre1 entered promiscuous mode [ 1315.034893][T21010] device ip6gre1 entered promiscuous mode [ 1315.234549][T21018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5707'. [ 1315.268374][T21018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5707'. [ 1315.309936][ T4381] Process accounting resumed [ 1315.483156][T21026] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5711'. [ 1315.506484][T21026] bond0: option prio: mode dependency failed, not supported in mode balance-rr(0) [ 1315.533157][T21032] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5712'. [ 1315.553180][T21032] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5712'. [ 1320.815568][T21219] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5782'. [ 1321.252694][T21241] overlayfs: failed to clone upperpath [ 1321.445018][T21253] netlink: 7 bytes leftover after parsing attributes in process `syz.2.5795'. [ 1321.746511][T21266] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 1323.254089][T21296] lo speed is unknown, defaulting to 1000 [ 1323.554993][T10909] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 1323.768762][T10909] usb 4-1: Using ep0 maxpacket: 32 [ 1323.780872][T10909] usb 4-1: config 0 has an invalid interface number: 89 but max is 0 [ 1323.788984][T10909] usb 4-1: config 0 has no interface number 0 [ 1323.813348][T10909] usb 4-1: config 0 interface 89 has no altsetting 0 [ 1323.834817][T10909] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e [ 1323.849366][T10909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1323.857866][T10909] usb 4-1: Product: syz [ 1323.865834][T10909] usb 4-1: Manufacturer: syz [ 1323.871949][T10909] usb 4-1: SerialNumber: syz [ 1323.895691][T10909] usb 4-1: config 0 descriptor?? [ 1323.914153][T10909] em28xx 4-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89) [ 1323.938254][T10909] em28xx 4-1:0.89: Video interface 89 found: bulk [ 1324.568458][T10909] em28xx 4-1:0.89: unknown em28xx chip ID (0) [ 1325.040969][T10909] em28xx 4-1:0.89: AC97 command still being executed: not handled properly! [ 1325.218940][T10909] em28xx 4-1:0.89: reading from i2c device at 0xa0 failed (error=-5) [ 1325.229036][T10909] em28xx 4-1:0.89: board has no eeprom [ 1325.319322][T10909] em28xx 4-1:0.89: Identified as Terratec Grabby (card=67) [ 1325.327064][T10909] em28xx 4-1:0.89: analog set to bulk mode. [ 1325.339840][T10909] usb 4-1: USB disconnect, device number 20 [ 1325.346742][T10909] em28xx 4-1:0.89: Disconnecting em28xx [ 1325.360453][T10908] em28xx 4-1:0.89: Registering V4L2 extension [ 1325.418746][T10908] em28xx 4-1:0.89: Config register raw data: 0xffffffed [ 1325.427197][T10908] em28xx 4-1:0.89: AC97 chip type couldn't be determined [ 1325.434247][T10908] em28xx 4-1:0.89: No AC97 audio processor [ 1325.452382][T10908] usb 4-1: Decoder not found [ 1325.467938][T10908] em28xx 4-1:0.89: failed to create media graph [ 1325.474903][T10908] em28xx 4-1:0.89: V4L2 device video103 deregistered [ 1325.497097][T10908] em28xx 4-1:0.89: Registering snapshot button... [ 1325.522346][T10908] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.89/input/input14 [ 1325.559584][T10908] em28xx 4-1:0.89: Remote control support is not available for this card. [ 1325.578425][T10909] em28xx 4-1:0.89: Closing input extension [ 1325.597815][T10909] em28xx 4-1:0.89: Deregistering snapshot button [ 1325.642014][T21395] device vlan0 entered promiscuous mode [ 1325.653760][T21395] device gretap0 entered promiscuous mode [ 1325.691455][T10909] em28xx 4-1:0.89: Freeing device [ 1326.231782][T21424] device netdevsim0 entered promiscuous mode [ 1326.239528][T21424] device vlan2 entered promiscuous mode [ 1327.215682][T21465] device netdevsim0 entered promiscuous mode [ 1327.229105][T21465] device vlan2 entered promiscuous mode [ 1327.812733][T21493] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1328.587241][T21522] overlayfs: failed to clone upperpath [ 1329.704516][ T4416] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1330.790643][T21615] netlink: 'syz.1.5931': attribute type 1 has an invalid length. [ 1330.829895][T21615] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1330.997016][T21619] bond1: (slave geneve3): making interface the new active one [ 1331.041965][T21627] vxcan1: tx drop: invalid da for name 0x0000000000000001 [ 1331.069740][T21619] bond1: (slave geneve3): Enslaving as an active interface with an up link [ 1331.079068][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 1332.377931][ C1] vxcan1: j1939_tp_rxtimer: 0xffff8880568d5800: rx timeout, send abort [ 1332.387041][ C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff8880568d5800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 1332.710215][T21682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5961'. [ 1334.026593][T21705] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1334.043988][T21705] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 1334.687739][T21736] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1334.697492][T21736] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 1334.862428][T21744] input: syz0 as /devices/virtual/input/input15 [ 1334.879593][T21746] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1334.905372][T21746] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 1335.140288][T21757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5991'. [ 1335.150309][T21757] netlink: 'syz.3.5991': attribute type 15 has an invalid length. [ 1335.160362][T21757] netlink: 'syz.3.5991': attribute type 18 has an invalid length. [ 1336.075171][T21781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6000'. [ 1337.138391][T21818] 9pnet_fd: Insufficient options for proto=fd [ 1337.146047][T21816] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6018'. [ 1337.192006][ C0] vcan0: j1939_xtp_rx_dpo: no connection found [ 1337.198289][ C0] vcan0: j1939_xtp_rx_dpo: no connection found [ 1337.204578][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 1337.211067][ C0] vcan0: j1939_xtp_rx_dat: no rx connection found [ 1337.217601][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 1337.224026][ C0] vcan0: j1939_xtp_rx_dat: no rx connection found [ 1337.230562][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 1337.236992][ C0] vcan0: j1939_xtp_rx_dat: no rx connection found [ 1337.244361][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.252251][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.260155][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.268059][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.276041][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.283909][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.291871][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.299739][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.307651][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.315521][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.323434][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.331303][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.339223][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.347092][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.354994][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.362874][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.370800][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.378667][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.386554][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.394423][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.402345][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.410213][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.418119][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.425994][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.433985][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.441824][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.449808][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.457667][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.465606][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.473436][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.481375][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.489265][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.497209][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.505039][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.513008][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.520870][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.528814][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.536641][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.544936][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.552794][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.560725][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.568545][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.576493][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.584342][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.592263][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.600085][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.608035][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.615889][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.623836][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.631657][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.639592][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.647443][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.655357][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.663229][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.671159][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.679037][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.686930][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.694802][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.702722][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.710625][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.718524][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.726407][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.734337][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.742203][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.750115][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.757979][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.765896][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.773762][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.781660][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.789544][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.797473][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.805321][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.813262][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.821124][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.829051][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.836876][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.844823][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.852679][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.860626][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.868456][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.876415][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.884291][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.892240][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.900078][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.908026][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.915885][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.923830][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.931655][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.939600][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.947460][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.955388][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.963217][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1337.971192][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 1337.979099][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 1338.527021][T21858] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6032'. [ 1339.289676][T21899] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6046'. [ 1340.727862][T21953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6072'. [ 1341.426918][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 1341.426932][ T27] audit: type=1326 audit(1763571046.570:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21983 comm="syz.3.6089" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe63b38f749 code=0x0 [ 1342.117655][T22015] overlayfs: failed to clone upperpath [ 1342.126752][T10908] usb 4-1: new low-speed USB device number 21 using dummy_hcd [ 1342.339701][T10908] usb 4-1: config index 0 descriptor too short (expected 1307, got 27) [ 1342.359042][T10908] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 1342.382592][T22026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6110'. [ 1342.396906][T10908] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 1342.490484][T10908] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 1342.525808][T10908] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 1342.556051][T10908] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 1342.576636][T22033] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6114'. [ 1342.596544][T10908] usb 4-1: string descriptor 0 read error: -22 [ 1342.604277][T10908] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 1342.614423][T22035] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6113'. [ 1342.623465][T10908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1342.640027][T10908] usb 4-1: config 0 descriptor?? [ 1342.645759][T22003] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1342.676487][T10908] hub 4-1:0.0: bad descriptor, ignoring hub [ 1342.686329][T10908] hub: probe of 4-1:0.0 failed with error -5 [ 1343.062569][T10909] usb 4-1: USB disconnect, device number 21 [ 1343.195278][T22057] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6125'. [ 1344.737692][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1345.734710][T22146] af_packet: tpacket_rcv: packet too big, clamped from 4922 to 3956. macoff=92 [ 1348.247058][T22244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6206'. [ 1349.366482][T22299] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6245'. [ 1350.382110][T22357] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6261'. [ 1352.444955][T22389] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6276'. [ 1354.484832][T22468] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6312'. [ 1355.067853][T22492] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6323'. [ 1355.226164][T22498] futex_wake_op: syz.3.6325 tries to shift op by -1; fix this program [ 1356.820029][T22556] netlink: 372 bytes leftover after parsing attributes in process `syz.2.6353'. [ 1357.409248][T22582] overlayfs: failed to clone upperpath [ 1359.565960][T22680] netlink: 'syz.2.6410': attribute type 21 has an invalid length. [ 1359.598590][T22680] netlink: 128 bytes leftover after parsing attributes in process `syz.2.6410'. [ 1359.609907][T22680] netlink: 3 bytes leftover after parsing attributes in process `syz.2.6410'. [ 1359.800991][T22692] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6415'. [ 1360.360432][T22712] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6422'. [ 1360.827384][T22726] overlayfs: failed to clone upperpath [ 1361.049875][T22733] futex_wake_op: syz.4.6432 tries to shift op by 144; fix this program [ 1362.722188][T22815] netlink: 76 bytes leftover after parsing attributes in process `syz.2.6470'. [ 1363.403650][T22853] netlink: 288 bytes leftover after parsing attributes in process `syz.2.6486'. [ 1363.517929][T22855] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6489'. [ 1363.836990][ T4740] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1366.082182][ T27] audit: type=1326 audit(1797125959.699:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22995 comm="syz.4.6554" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x0 [ 1369.498639][T23034] futex_wake_op: syz.1.6572 tries to shift op by 144; fix this program [ 1373.490981][T23179] netlink: 'syz.4.6641': attribute type 11 has an invalid length. [ 1373.551778][T23188] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6648'. [ 1378.276479][T23214] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6658'. [ 1378.922879][T23239] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6668'. [ 1380.114763][T23300] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6698'. [ 1380.337118][T23310] x_tables: duplicate underflow at hook 1 [ 1381.707212][T23372] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1383.052194][T23437] netlink: 'syz.0.6764': attribute type 21 has an invalid length. [ 1383.537458][T23468] netlink: 6 bytes leftover after parsing attributes in process `syz.4.6777'. [ 1383.554094][T23468] netlink: 6 bytes leftover after parsing attributes in process `syz.4.6777'. [ 1384.400461][T23513] netlink: 'syz.2.6801': attribute type 21 has an invalid length. [ 1388.718035][T23657] bridge0: port 5(veth0_to_bridge) entered blocking state [ 1388.760702][T23657] bridge0: port 5(veth0_to_bridge) entered disabled state [ 1388.800592][T23657] device veth0_to_bridge entered promiscuous mode [ 1388.814537][T23657] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1388.837229][T23657] bridge0: port 5(veth0_to_bridge) entered blocking state [ 1388.844499][T23657] bridge0: port 5(veth0_to_bridge) entered forwarding state [ 1388.954986][ T27] audit: type=1326 audit(1797125981.165:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23670 comm="syz.1.6877" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x0 [ 1389.301184][T23690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6888'. [ 1389.391383][T23693] netlink: 'syz.1.6889': attribute type 11 has an invalid length. [ 1389.446868][T23693] netlink: 'syz.1.6889': attribute type 2 has an invalid length. [ 1389.631804][T23705] netlink: 200 bytes leftover after parsing attributes in process `syz.2.6894'. [ 1389.664107][T23705] tc_dump_action: action bad kind [ 1390.166451][T23739] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6910'. [ 1391.185607][ T27] audit: type=1326 audit(1797125983.248:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.224872][ T27] audit: type=1326 audit(1797125983.257:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.266138][ T27] audit: type=1326 audit(1797125983.295:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.308973][ T27] audit: type=1326 audit(1797125983.295:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.349390][T23798] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6939'. [ 1391.370549][ T27] audit: type=1326 audit(1797125983.295:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.439628][ T27] audit: type=1326 audit(1797125983.295:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.494172][ T27] audit: type=1326 audit(1797125983.295:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.525850][ T27] audit: type=1326 audit(1797125983.295:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1391.585518][ T27] audit: type=1326 audit(1797125983.295:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23793 comm="syz.2.6937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1395.921032][T24013] overlayfs: empty lowerdir [ 1396.200897][ T4428] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1396.219270][ T4428] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1396.334847][ T4428] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1396.345646][ T4428] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1396.435095][ T4428] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1396.445453][ T4428] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1396.492009][ T4428] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1396.503283][ T4428] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1396.703685][ T4428] tipc: Left network mode [ 1397.551382][ T4428] bond0: (slave wlan1): Releasing backup interface [ 1397.571652][ T4428] device wlan1 left promiscuous mode [ 1397.953943][ T9] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1398.269224][ T4277] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1398.281530][ T4277] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1398.294803][ T4277] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1398.303676][ T4277] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1398.311330][ T4277] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1398.318692][ T4277] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1398.418690][T24047] lo speed is unknown, defaulting to 1000 [ 1398.531904][ T4428] device hsr_slave_0 left promiscuous mode [ 1398.547739][ T4428] device hsr_slave_1 left promiscuous mode [ 1398.560203][ T4428] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1398.578885][ T4428] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1398.612536][ T4428] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1398.654623][ T4428] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1398.675516][ T4428] device macvlan5 left promiscuous mode [ 1398.689645][ T4428] device bond0 left promiscuous mode [ 1398.714524][ T4428] bridge0: port 3(macvlan5) entered disabled state [ 1398.755550][ T4428] device bridge_slave_1 left promiscuous mode [ 1398.761800][ T4428] bridge0: port 2(bridge_slave_1) entered disabled state [ 1398.781442][ T27] kauditd_printk_skb: 25 callbacks suppressed [ 1398.781455][ T27] audit: type=1326 audit(1797125990.378:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1398.811910][ T4428] device bridge_slave_0 left promiscuous mode [ 1398.827957][ T4428] bridge0: port 1(bridge_slave_0) entered disabled state [ 1398.833404][ T27] audit: type=1326 audit(1797125990.425:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1398.866301][ T27] audit: type=1326 audit(1797125990.425:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1398.898370][ T27] audit: type=1326 audit(1797125990.425:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1398.928511][ T27] audit: type=1326 audit(1797125990.425:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1398.996278][ T27] audit: type=1326 audit(1797125990.434:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1399.041021][ T27] audit: type=1326 audit(1797125990.434:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1399.064419][ T4428] device bond_slave_0 left promiscuous mode [ 1399.071064][ T4428] device bond_slave_1 left promiscuous mode [ 1399.102342][ T27] audit: type=1326 audit(1797125990.434:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1399.128439][ T4428] device veth1_macvtap left promiscuous mode [ 1399.135458][ T4428] device veth0_macvtap left promiscuous mode [ 1399.157329][ T27] audit: type=1326 audit(1797125990.463:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1399.164241][ T4428] device veth1_vlan left promiscuous mode [ 1399.229231][ T4428] device veth0_vlan left promiscuous mode [ 1399.250997][ T27] audit: type=1326 audit(1797125990.463:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24067 comm="syz.0.7066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1400.449414][T24136] overlayfs: failed to clone upperpath [ 1400.502809][ T4282] Bluetooth: hci4: command 0x0409 tx timeout [ 1401.113472][ T4428] team0 (unregistering): Port device team_slave_1 removed [ 1401.439011][ T4428] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1401.583609][ T4428] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1401.839411][T24192] xt_hashlimit: max too large, truncated to 1048576 [ 1401.944643][T24192] Process accounting resumed [ 1402.726004][ T4282] Bluetooth: hci4: command 0x041b tx timeout [ 1402.831949][ T4428] bond0 (unregistering): Released all slaves [ 1402.943686][T24099] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7077'. [ 1402.954878][T24206] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7130'. [ 1403.274497][T24047] chnl_net:caif_netlink_parms(): no params data found [ 1403.594681][T24047] bridge0: port 1(bridge_slave_0) entered blocking state [ 1403.601828][T24047] bridge0: port 1(bridge_slave_0) entered disabled state [ 1403.668952][T24047] device bridge_slave_0 entered promiscuous mode [ 1403.700789][T24047] bridge0: port 2(bridge_slave_1) entered blocking state [ 1403.708079][T24047] bridge0: port 2(bridge_slave_1) entered disabled state [ 1403.736329][T24047] device bridge_slave_1 entered promiscuous mode [ 1403.828365][T24047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1403.851340][T24047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1403.939843][T24047] team0: Port device team_slave_0 added [ 1403.977900][T24047] team0: Port device team_slave_1 added [ 1404.040788][T24047] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1404.047763][T24047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1404.077393][T24047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1404.111627][T24047] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1404.131841][T24047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1404.168824][T24047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1404.250223][T24047] device hsr_slave_0 entered promiscuous mode [ 1404.277369][T24047] device hsr_slave_1 entered promiscuous mode [ 1404.314058][T24047] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1404.322906][T24047] Cannot create hsr debugfs directory [ 1404.935084][ T4282] Bluetooth: hci4: command 0x040f tx timeout [ 1405.277715][T24047] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1405.305990][T24047] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1405.357536][T24047] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1405.389531][T24047] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1405.665238][T24047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1405.724003][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1405.732404][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1405.764664][T24047] 8021q: adding VLAN 0 to HW filter on device team0 [ 1405.783117][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1405.810161][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1405.826773][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 1405.833946][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1405.870506][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1405.881369][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1405.904616][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1405.928420][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 1405.935552][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1405.974411][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1406.006226][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1406.028082][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1406.052983][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1406.078892][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1406.102532][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1406.124091][T24047] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1406.143211][T24047] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1406.161450][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1406.178865][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1406.190737][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1406.208690][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1406.225495][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1406.251782][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1406.804071][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1406.820167][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1406.848634][T24047] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1406.904520][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1406.932375][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1406.958561][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1406.967880][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1406.978863][T24047] device veth0_vlan entered promiscuous mode [ 1406.988312][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1406.999086][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1407.040430][T24378] block device autoloading is deprecated and will be removed. [ 1407.055496][T24047] device veth1_vlan entered promiscuous mode [ 1407.109135][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1407.126040][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1407.137843][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1407.152215][ T4282] Bluetooth: hci4: command 0x0419 tx timeout [ 1407.156906][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1407.175036][T24047] device veth0_macvtap entered promiscuous mode [ 1407.213816][T24047] device veth1_macvtap entered promiscuous mode [ 1407.288296][T24047] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1407.307636][T13342] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1407.316743][T13342] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1407.333936][T13342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1407.353634][T13342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1407.366324][T24047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1407.413868][T24047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1407.439116][T24047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1407.450180][T24047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1407.468347][T24047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1407.482365][ T27] kauditd_printk_skb: 17 callbacks suppressed [ 1407.482378][ T27] audit: type=1326 audit(1797125998.531:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24390 comm="syz.0.7208" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x0 [ 1407.499840][T24047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1407.566865][T24047] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1407.589592][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1407.600386][ T4483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1407.618141][T24047] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.643355][T24047] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.652094][T24047] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.667818][T24047] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.820106][ T4428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1407.867398][ T4428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1407.908473][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1407.917345][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1407.923895][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1407.970249][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1408.363263][T24424] netlink: 'syz.0.7221': attribute type 11 has an invalid length. [ 1408.397545][T24424] netlink: 'syz.0.7221': attribute type 2 has an invalid length. [ 1410.224148][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1411.276987][T24545] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7281'. [ 1411.476056][T24498] overlayfs: failed to clone upperpath [ 1411.735457][T10902] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 1411.945221][T10902] usb 4-1: Using ep0 maxpacket: 16 [ 1411.952318][T10902] usb 4-1: config 0 has an invalid interface number: 132 but max is 0 [ 1411.979283][T10902] usb 4-1: config 0 has no interface number 0 [ 1411.999141][T10902] usb 4-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 1412.030215][T10902] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1412.049968][T10902] usb 4-1: Product: syz [ 1412.054183][T10902] usb 4-1: Manufacturer: syz [ 1412.077602][T10902] usb 4-1: SerialNumber: syz [ 1412.100455][T10902] usb 4-1: config 0 descriptor?? [ 1412.128595][T10902] hub 4-1:0.132: bad descriptor, ignoring hub [ 1412.161567][T10902] hub: probe of 4-1:0.132 failed with error -5 [ 1412.202184][T10902] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.132/input/input16 [ 1413.445950][T24642] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7323'. [ 1413.486556][T24642] device bridge_slave_1 left promiscuous mode [ 1413.514200][T24642] bridge0: port 2(bridge_slave_1) entered disabled state [ 1413.557546][T24642] device bridge_slave_0 left promiscuous mode [ 1413.584134][T24642] bridge0: port 1(bridge_slave_0) entered disabled state [ 1413.972827][T24655] netlink: 'syz.2.7327': attribute type 10 has an invalid length. [ 1414.012183][T24655] bridge0: port 3(macvlan4) entered disabled state [ 1414.018900][T24655] bridge0: port 2(bridge_slave_1) entered disabled state [ 1414.026320][T24655] bridge0: port 1(bridge_slave_0) entered disabled state [ 1414.858686][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.871470][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.884151][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.896684][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.909157][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.921716][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.934234][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.946765][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.959204][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.971779][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1414.995089][T24708] binder: 24707:24708 ioctl c0306201 2000000001c0 returned -14 [ 1416.235715][T24756] overlayfs: failed to clone upperpath [ 1416.700004][T24771] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 1417.071114][ C0] bridge0: topology change detected, propagating [ 1417.078991][ C0] bridge0: port 5(veth0_to_bridge) entered blocking state [ 1417.230290][T10909] usb 4-1: USB disconnect, device number 22 [ 1418.064980][T24840] netlink: 'syz.0.7415': attribute type 11 has an invalid length. [ 1418.088015][T24840] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7415'. [ 1418.197530][T24845] loop3: detected capacity change from 0 to 512 [ 1419.809184][T24899] dns_resolver: Unsupported server list version (0) [ 1420.606606][T24935] 9pnet_virtio: no channels available for device syz [ 1421.451068][T24963] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7472'. [ 1422.122866][T25001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7498'. [ 1422.132071][T25001] device macvlan2 left promiscuous mode [ 1422.137709][T25001] device bond0 left promiscuous mode [ 1422.145005][T25001] device wlan1 left promiscuous mode [ 1422.152510][T25001] bridge0: port 3(macvlan2) entered disabled state [ 1422.172816][T25001] device bridge_slave_1 left promiscuous mode [ 1422.179206][T25001] bridge0: port 2(bridge_slave_1) entered disabled state [ 1422.196433][T25001] device bridge_slave_0 left promiscuous mode [ 1422.205859][T25001] bridge0: port 1(bridge_slave_0) entered disabled state [ 1422.383237][ T4381] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 1422.587755][ T4381] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1422.618307][ T4381] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1422.648968][ T4381] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1422.688653][ T4381] usb 4-1: config 0 descriptor?? [ 1423.141082][ T4381] usbhid 4-1:0.0: can't add hid device: -71 [ 1423.147093][ T4381] usbhid: probe of 4-1:0.0 failed with error -71 [ 1423.181414][ T4381] usb 4-1: USB disconnect, device number 23 [ 1425.184103][T25128] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7538'. [ 1425.474095][T25140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7544'. [ 1425.483323][T25140] device veth0_to_bridge left promiscuous mode [ 1425.489964][T25140] bridge0: port 5(veth0_to_bridge) entered disabled state [ 1425.508429][T25140] device macvlan2 left promiscuous mode [ 1425.514229][T25140] device bond0 left promiscuous mode [ 1425.526984][T25140] device wlan1 left promiscuous mode [ 1425.533459][T25140] bridge0: port 4(macvlan2) entered disabled state [ 1425.543930][T25140] device vlan2 left promiscuous mode [ 1425.549866][T25140] bridge0: port 3(vlan2) entered disabled state [ 1425.572943][T25140] device bridge_slave_1 left promiscuous mode [ 1425.581038][T25140] bridge0: port 2(bridge_slave_1) entered disabled state [ 1425.589983][T25140] device bridge_slave_0 left promiscuous mode [ 1425.597038][T25140] bridge0: port 1(bridge_slave_0) entered disabled state [ 1426.203195][T25166] overlayfs: failed to clone upperpath [ 1426.398204][T25173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7560'. [ 1426.423395][T25173] device macvlan4 left promiscuous mode [ 1426.428992][T25173] device bond0 left promiscuous mode [ 1426.457167][T25173] bridge0: port 3(macvlan4) entered disabled state [ 1426.479944][T25173] device bridge_slave_1 left promiscuous mode [ 1426.530870][T25173] bridge0: port 2(bridge_slave_1) entered disabled state [ 1426.581609][T25173] device bridge_slave_0 left promiscuous mode [ 1426.604551][T25173] bridge0: port 1(bridge_slave_0) entered disabled state [ 1426.750459][T25190] binder: 25188:25190 ioctl 400c620e 0 returned -14 [ 1427.687846][T25240] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7589'. [ 1428.778529][T25276] netlink: 228 bytes leftover after parsing attributes in process `syz.3.7608'. [ 1429.019737][T25286] tmpfs: Bad value for 'nr_inodes' [ 1429.255368][T25300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7619'. [ 1432.056209][ T9] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1432.238708][T25436] mkiss: ax0: crc mode is auto. [ 1432.638525][T25452] overlayfs: failed to clone upperpath [ 1433.709417][T25491] loop5: detected capacity change from 0 to 7 [ 1434.714613][ T4794] tipc: Subscription rejected, illegal request [ 1435.068929][T25564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7742'. [ 1435.892793][T25599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7758'. [ 1436.296874][T25616] loop3: detected capacity change from 0 to 256 [ 1436.957018][T25645] overlayfs: failed to clone upperpath [ 1437.425387][T25667] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1438.126698][T25703] raw_sendmsg: syz.0.7810 forgot to set AF_INET. Fix it! [ 1438.796341][ T4416] Bluetooth: hci5: Frame reassembly failed (-84) [ 1438.868531][T25738] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7827'. [ 1440.103677][T25788] overlayfs: failed to clone upperpath [ 1441.015183][ T4277] Bluetooth: hci5: command 0x1003 tx timeout [ 1441.025454][ T4282] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1442.544782][ T27] audit: type=1326 audit(1797126031.443:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25875 comm="syz.3.7890" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x0 [ 1442.764184][T25888] 9pnet_virtio: no channels available for device syz [ 1442.903978][T25891] tipc: New replicast peer: 255.255.255.255 [ 1442.917579][T25891] tipc: Enabled bearer , priority 10 [ 1443.531658][T25923] loop3: detected capacity change from 0 to 16 [ 1443.584217][T25923] erofs: Unknown parameter 'ÿÿßIÑ+z¤š#|# 3ÍNoO«ÀWuŒccx™Ù%È‘‡5¤gjÉÎâiZqu"ß/Ïð¨'ˆŽÃ)iéŸ?‹‚`l²jaYœˆª' [ 1445.501560][T25968] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7931'. [ 1446.178938][T25984] net_ratelimit: 2476 callbacks suppressed [ 1446.178954][T25984] IPv6: addrconf: prefix option has invalid lifetime [ 1446.721166][T26010] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7951'. [ 1446.735465][T26009] overlayfs: failed to clone upperpath [ 1446.766503][T26009] overlayfs: failed to clone upperpath [ 1447.546890][T26041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7965'. [ 1448.533696][T26095] overlayfs: failed to clone upperpath [ 1449.050321][T26125] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8006'. [ 1449.409099][T26137] overlayfs: failed to clone lowerpath [ 1449.463132][T26140] netlink: 'syz.1.8008': attribute type 15 has an invalid length. [ 1449.928805][T26157] overlayfs: failed to clone upperpath [ 1452.842246][T26302] batman_adv: batadv0: adding TT local entry 08:02:11:00:00:01 to non-existent VLAN 1280 [ 1453.387361][T26329] overlayfs: failed to clone upperpath [ 1453.417876][T26329] overlayfs: failed to clone upperpath [ 1453.767449][T10901] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 1453.975816][T10901] usb 4-1: Using ep0 maxpacket: 16 [ 1453.983017][T10901] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1454.018075][T10901] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1454.037886][T10901] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1454.049550][T10901] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1454.083676][T10901] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1454.109460][T10901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1454.126187][T10901] usb 4-1: Product: syz [ 1454.131029][T10901] usb 4-1: Manufacturer: syz [ 1454.147084][T10901] usb 4-1: SerialNumber: syz [ 1454.232284][T26376] netlink: 76 bytes leftover after parsing attributes in process `syz.2.8124'. [ 1454.380298][T10901] usb 4-1: 0:2 : does not exist [ 1454.445464][T26384] netlink: 'syz.1.8127': attribute type 4 has an invalid length. [ 1454.452023][T10901] usb 4-1: USB disconnect, device number 24 [ 1454.647685][ T4277] Bluetooth: hci4: command 0x0405 tx timeout [ 1454.734281][T24289] udevd[24289]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1455.123711][T26416] loop3: detected capacity change from 0 to 1024 [ 1455.168432][T26416] 9pnet_fd: Insufficient options for proto=fd [ 1455.234527][T26422] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8145'. [ 1455.923749][T26458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8162'. [ 1456.271700][T26468] binder_alloc: binder_alloc_mmap_handler: 26467 200000ffc000-200000fff000 already mapped failed -16 [ 1456.865475][T10908] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 1456.941531][T10908] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1457.558851][T26528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8193'. [ 1457.567177][T26531] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8192'. [ 1458.258821][T26561] loop9: detected capacity change from 0 to 7 [ 1458.290140][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.299680][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.324472][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.333679][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.372673][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.381885][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.410753][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.419949][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.442032][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.451205][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.459792][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.468995][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.484720][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.493891][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.502583][T26561] ldm_validate_partition_table(): Disk read failed. [ 1458.509560][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.518761][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.536173][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.545640][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.558537][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1458.567741][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 1458.589182][T26561] Dev loop9: unable to read RDB block 0 [ 1458.590071][T26575] overlayfs: failed to clone upperpath [ 1458.597178][T26561] loop9: unable to read partition table [ 1458.606763][T26561] loop9: partition table beyond EOD, truncated [ 1458.613541][T26561] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 1458.613541][T26561] ) failed (rc=-5) [ 1458.707548][T26575] overlayfs: failed to clone upperpath [ 1459.632199][T26595] loop3: detected capacity change from 0 to 32768 [ 1460.999507][T26692] binder: Bad value for 'max' [ 1461.633137][T26726] loop3: detected capacity change from 0 to 256 [ 1463.669107][T26818] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8329'. [ 1464.448810][T26872] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8352'. [ 1465.720169][T26910] binder: 26909:26910 ioctl c0306201 2000000001c0 returned -14 [ 1466.092387][T26929] netlink: 'syz.2.8380': attribute type 17 has an invalid length. [ 1466.117387][T26929] infiniband sz1: set active [ 1466.122519][T17092] lo speed is unknown, defaulting to 1000 [ 1466.160133][T14868] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1466.178804][T26932] lo speed is unknown, defaulting to 1000 [ 1467.298169][T26980] overlayfs: failed to clone upperpath [ 1468.632264][T27041] binder: 27040:27041 ioctl c018620c 200000000000 returned -22 [ 1469.027645][T27059] loop3: detected capacity change from 0 to 1024 [ 1469.087804][T27059] EXT4-fs: Ignoring removed mblk_io_submit option [ 1469.143018][T27059] EXT4-fs: Ignoring removed oldalloc option [ 1469.149001][T27059] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1469.207137][T27059] /dev/loop3: Can't open blockdev [ 1469.632118][T27093] overlayfs: failed to clone upperpath [ 1469.842948][T27104] netlink: 'syz.4.8463': attribute type 17 has an invalid length. [ 1470.473749][T27141] netlink: 'syz.0.8480': attribute type 17 has an invalid length. [ 1470.641465][T27151] netlink: 'syz.4.8486': attribute type 27 has an invalid length. [ 1470.660278][T27151] netlink: 'syz.4.8486': attribute type 4 has an invalid length. [ 1470.694382][T27151] netlink: 144 bytes leftover after parsing attributes in process `syz.4.8486'. [ 1470.858716][T27158] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8489'. [ 1471.873909][T27168] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1472.918698][T27266] tap0: tun_chr_ioctl cmd 1074025672 [ 1472.924034][T27266] tap0: ignored: set checksum enabled [ 1473.742285][T27310] loop3: detected capacity change from 0 to 256 [ 1474.480867][T27345] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8574'. [ 1474.539092][T27345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8574'. [ 1474.652460][T27358] netlink: 'syz.4.8577': attribute type 16 has an invalid length. [ 1474.686126][T27358] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.8577'. [ 1474.810441][T27366] netlink: 96 bytes leftover after parsing attributes in process `syz.1.8581'. [ 1474.867183][T10909] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 1475.069291][T10909] usb 4-1: Using ep0 maxpacket: 8 [ 1475.078968][T10909] usb 4-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 1475.106779][T10909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1475.130196][T10909] usb 4-1: Product: syz [ 1475.148325][T10909] usb 4-1: Manufacturer: syz [ 1475.164267][T10909] usb 4-1: SerialNumber: syz [ 1475.179932][T10909] usb 4-1: config 0 descriptor?? [ 1475.207983][T10909] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 1475.394079][T27391] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8592'. [ 1475.710844][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1476.760855][T27445] overlayfs: failed to clone lowerpath [ 1477.554812][T10909] gspca_sonixj: reg_w1 err -71 [ 1477.559884][T10909] sonixj: probe of 4-1:0.0 failed with error -71 [ 1477.594531][T10909] usb 4-1: USB disconnect, device number 25 [ 1478.677920][T27547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8662'. [ 1481.314947][T27661] loop3: detected capacity change from 0 to 512 [ 1481.363834][T27661] /dev/loop3: Can't open blockdev [ 1481.662370][ T27] audit: type=1326 audit(1797126068.136:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1481.727482][ T27] audit: type=1326 audit(1797126068.174:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1481.757621][ T27] audit: type=1326 audit(1797126068.174:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1481.824136][ T27] audit: type=1326 audit(1797126068.174:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1481.850040][ T27] audit: type=1326 audit(1797126068.174:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1481.890890][ T27] audit: type=1326 audit(1797126068.174:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1481.951932][T27691] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8733'. [ 1481.961567][ T27] audit: type=1326 audit(1797126068.174:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1482.018660][ T27] audit: type=1326 audit(1797126068.174:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1482.063293][ T27] audit: type=1326 audit(1797126068.174:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1482.111578][ T27] audit: type=1326 audit(1797126068.174:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27678 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fea81f8f749 code=0x7ffc0000 [ 1482.133956][ C0] vkms_vblank_simulate: vblank timer overrun [ 1482.799521][T27722] binder: BINDER_SET_CONTEXT_MGR already set [ 1482.805774][T27722] binder: 27720:27722 ioctl 40046207 0 returned -16 [ 1485.075662][T27786] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in; [ 1485.075662][T27786] program syz.3.8772 not setting count and/or reply_len properly [ 1485.304241][T27796] netlink: 92 bytes leftover after parsing attributes in process `syz.3.8777'. [ 1485.856062][ T4345] usb 4-1: new full-speed USB device number 26 using dummy_hcd [ 1486.060339][ T4345] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1486.082421][ T4345] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 1486.105440][ T4345] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1486.116543][ T4345] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1486.155016][T27808] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1486.169189][T27808] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1486.434060][T10901] usb 4-1: USB disconnect, device number 26 [ 1487.352820][T27883] mkiss: ax0: crc mode is auto. [ 1487.874999][T27897] lo speed is unknown, defaulting to 1000 [ 1488.751320][T27920] loop3: detected capacity change from 0 to 2048 [ 1489.793089][T27959] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1489.863637][T27959] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 1489.952935][T27959] bond3: (slave macvlan3): making interface the new active one [ 1489.997034][T27959] bond3: (slave macvlan3): Enslaving as an active interface with an up link [ 1490.007554][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready [ 1491.886745][T28007] lo speed is unknown, defaulting to 1000 [ 1493.035496][T28066] overlayfs: failed to clone upperpath [ 1493.117727][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 1493.117740][ T27] audit: type=1326 audit(1797126078.888:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.196593][ T27] audit: type=1326 audit(1797126078.888:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.292605][ T27] audit: type=1326 audit(1797126078.888:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.366126][T28086] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8904'. [ 1493.416498][T28085] loop3: detected capacity change from 0 to 256 [ 1493.421759][ T27] audit: type=1326 audit(1797126078.888:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.455322][T28085] /dev/loop3: Can't open blockdev [ 1493.539416][ T27] audit: type=1326 audit(1797126078.888:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.656877][ T27] audit: type=1326 audit(1797126078.888:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.732647][ T27] audit: type=1326 audit(1797126078.888:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.764310][ T27] audit: type=1326 audit(1797126078.888:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.816044][ T27] audit: type=1326 audit(1797126078.916:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1493.857498][ T27] audit: type=1326 audit(1797126078.916:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28071 comm="syz.3.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dea18f749 code=0x7ffc0000 [ 1494.367002][T28125] binder_alloc: 28123: pid 28123 spamming oneway? 1 buffers allocated for a total size of 4096 [ 1494.570412][T28135] loop3: detected capacity change from 0 to 256 [ 1494.606424][T28135] /dev/loop3: Can't open blockdev [ 1494.725651][T28143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8935'. [ 1494.778121][T28143] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1494.803015][T28143] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1494.957812][T28143] bond0: (slave batadv0): Releasing backup interface [ 1496.943424][T28223] overlayfs: failed to resolve './file1': -2 [ 1496.954468][T28225] lo speed is unknown, defaulting to 1000 [ 1497.558178][T28248] overlayfs: failed to clone lowerpath [ 1498.569709][T28287] binder_alloc: 28286: pid 28286 spamming oneway? 1 buffers allocated for a total size of 4096 [ 1499.952128][T28358] loop3: detected capacity change from 0 to 512 [ 1499.991242][T28358] /dev/loop3: Can't open blockdev [ 1500.138754][T28370] loop3: detected capacity change from 0 to 512 [ 1500.161527][T28370] /dev/loop3: Can't open blockdev [ 1501.084092][T28414] lo speed is unknown, defaulting to 1000 [ 1501.351020][T28423] netlink: 'syz.2.9059': attribute type 4 has an invalid length. [ 1501.407115][T28423] netlink: 3649 bytes leftover after parsing attributes in process `syz.2.9059'. [ 1502.661063][T28476] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9085'. [ 1503.400749][T28505] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1503.524418][T28514] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9099'. [ 1504.007290][T28533] netlink: 'syz.0.9116': attribute type 4 has an invalid length. [ 1504.298061][T28547] overlayfs: failed to clone lowerpath [ 1504.784960][T28563] lo speed is unknown, defaulting to 1000 [ 1505.598817][T28582] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9127'. [ 1505.773355][T28586] lo speed is unknown, defaulting to 1000 [ 1505.785321][T28592] binder: 28591:28592 ioctl c018620c 200000000180 returned -22 [ 1506.515592][T28615] netlink: 96 bytes leftover after parsing attributes in process `syz.1.9142'. [ 1507.029860][T28630] lo speed is unknown, defaulting to 1000 [ 1507.796773][T28656] device syzkaller0 entered promiscuous mode [ 1508.359153][T28681] overlayfs: failed to clone upperpath [ 1508.464326][ T4794] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1508.890058][T28706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9185'. [ 1508.916519][T28706] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1508.953891][T28706] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1509.299180][T28720] netlink: 104 bytes leftover after parsing attributes in process `syz.4.9193'. [ 1509.388663][T28728] lo speed is unknown, defaulting to 1000 [ 1509.745889][T28745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9204'. [ 1509.839060][T28745] bond0: (slave batadv0): Releasing backup interface [ 1510.154189][T28759] netlink: 156 bytes leftover after parsing attributes in process `syz.2.9210'. [ 1510.193839][T28759] netlink: 156 bytes leftover after parsing attributes in process `syz.2.9210'. [ 1510.768049][T28789] lo speed is unknown, defaulting to 1000 [ 1511.180683][T28808] /dev/loop3: Can't open blockdev [ 1511.576516][T28835] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9244'. [ 1511.675256][T28839] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9244'. [ 1512.254536][T28866] netlink: 'syz.1.9255': attribute type 1 has an invalid length. [ 1512.293629][T28866] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1512.338038][T28871] overlayfs: failed to clone lowerpath [ 1512.339383][T28866] bond2: option lacp_active: mode dependency failed, not supported in mode balance-alb(6) [ 1512.383912][T28866] bond2: (slave ip6gretap1): making interface the new active one [ 1512.393430][T28866] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 1512.402873][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 1512.419591][T28834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1512.587052][T28879] lo speed is unknown, defaulting to 1000 [ 1512.620012][T10901] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 1512.846546][T10901] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1512.857707][T10901] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1512.879170][T10901] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1512.894510][T10901] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1512.903120][T10901] usb 4-1: Product: syz [ 1512.907410][T10901] usb 4-1: Manufacturer: syz [ 1512.912781][T10901] usb 4-1: SerialNumber: syz [ 1512.922049][T10901] usb 4-1: config 0 descriptor?? [ 1512.937493][T10901] usb 4-1: selecting invalid altsetting 0 [ 1513.199117][T10908] usb 4-1: USB disconnect, device number 27 [ 1513.483003][T28911] lo speed is unknown, defaulting to 1000 [ 1514.107855][T28935] pit: kvm: requested 25142 ns i8254 timer period limited to 200000 ns [ 1514.148080][T28935] pit: kvm: requested 77104 ns i8254 timer period limited to 200000 ns [ 1514.172769][T28935] pit: kvm: requested 93866 ns i8254 timer period limited to 200000 ns [ 1514.210271][T28935] pit: kvm: requested 124038 ns i8254 timer period limited to 200000 ns [ 1514.521536][T28957] netlink: 48 bytes leftover after parsing attributes in process `syz.2.9299'. [ 1514.599305][T28966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9303'. [ 1514.915782][T28981] loop3: detected capacity change from 0 to 512 [ 1514.944304][T28981] /dev/loop3: Can't open blockdev [ 1516.295036][T29051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9339'. [ 1516.636330][T29057] kvm: emulating exchange as write [ 1517.398802][T29080] lo speed is unknown, defaulting to 1000 [ 1517.615028][T29090] loop3: detected capacity change from 0 to 1024 [ 1517.643167][T29090] EXT4-fs: inline encryption not supported [ 1517.666034][T29090] EXT4-fs: Ignoring removed nobh option [ 1517.691304][T29090] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1517.722324][T29090] /dev/loop3: Can't open blockdev [ 1517.856719][T29096] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9359'. [ 1517.872436][T29096] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1517.881931][T29096] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1518.456854][T29111] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9368'. [ 1518.472736][T29118] overlayfs: failed to clone upperpath [ 1519.189184][T29145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9378'. [ 1519.217249][T29145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1519.241935][T29145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1519.253487][T29145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1519.278061][T29145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1520.010837][T29194] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 1520.042971][T29194] 8021q: adding VLAN 0 to HW filter on device team0 [ 1520.054174][T29194] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1520.259169][T29199] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9405'. [ 1521.328244][T10908] usb 4-1: new full-speed USB device number 28 using dummy_hcd [ 1521.459158][T29264] netlink: 56 bytes leftover after parsing attributes in process `syz.1.9434'. [ 1521.532924][T10908] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1521.562468][T10908] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1521.578954][T10908] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00 [ 1521.602502][T10908] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1521.633254][T10908] usb 4-1: config 0 descriptor?? [ 1521.653105][T29240] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1521.676061][T29278] netlink: 'syz.2.9440': attribute type 1 has an invalid length. [ 1521.714080][T29278] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1521.737432][T29278] bond1: option lacp_active: mode dependency failed, not supported in mode balance-alb(6) [ 1521.759695][T29278] bond1: (slave ip6gretap1): making interface the new active one [ 1521.769712][T29278] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 1521.787233][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 1521.890594][T10908] usbhid 4-1:0.0: can't add hid device: -71 [ 1521.907734][T10908] usbhid: probe of 4-1:0.0 failed with error -71 [ 1521.926112][T10908] usb 4-1: USB disconnect, device number 28 [ 1521.958910][T29289] overlayfs: failed to clone upperpath [ 1522.489181][ T27] kauditd_printk_skb: 17 callbacks suppressed [ 1522.489194][ T27] audit: type=1326 audit(1797126106.443:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.525122][ T27] audit: type=1326 audit(1797126106.443:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.560597][ T27] audit: type=1326 audit(1797126106.480:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.584722][ T27] audit: type=1326 audit(1797126106.480:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.609908][ T27] audit: type=1326 audit(1797126106.480:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.662283][T29327] can0: slcan on ttyS3. [ 1522.703068][ T27] audit: type=1326 audit(1797126106.499:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.757614][T29325] can0 (unregistered): slcan off ttyS3. [ 1522.773253][ T27] audit: type=1326 audit(1797126106.499:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.824280][ T27] audit: type=1326 audit(1797126106.499:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.916701][ T27] audit: type=1326 audit(1797126106.508:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1522.983297][ T27] audit: type=1326 audit(1797126106.508:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29321 comm="syz.4.9461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1523.874530][T29394] loop3: detected capacity change from 0 to 512 [ 1523.915905][T29394] EXT4-fs: Ignoring removed mblk_io_submit option [ 1523.941222][T29394] EXT4-fs: inline encryption not supported [ 1523.955667][T29394] EXT4-fs: Ignoring removed mblk_io_submit option [ 1523.970527][T29394] /dev/loop3: Can't open blockdev [ 1524.907774][T29443] binder: 29442:29443 ioctl 4008ae9c 0 returned -22 [ 1525.245418][T29461] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1526.038733][T29503] lo speed is unknown, defaulting to 1000 [ 1528.348700][T29584] loop3: detected capacity change from 0 to 64 [ 1528.424106][T24289] blk_print_req_error: 11 callbacks suppressed [ 1528.424121][T24289] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1529.961212][T29636] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9604'. [ 1530.167193][T29645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9609'. [ 1531.528107][T29686] lo speed is unknown, defaulting to 1000 [ 1532.114111][T29716] loop3: detected capacity change from 0 to 128 [ 1532.138268][T29716] /dev/loop3: Can't open blockdev [ 1532.509254][ T4282] Bluetooth: hci4: command 0x0406 tx timeout [ 1533.556337][T29798] binder: 29797:29798 ioctl c0306201 200000000100 returned -14 [ 1534.514167][T29850] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 1534.591934][T29852] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9698'. [ 1536.126026][T29935] netlink: 60 bytes leftover after parsing attributes in process `syz.2.9732'. [ 1536.600355][T29910] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1536.617380][T29910] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1536.636426][T29910] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1536.662686][T29910] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 1537.968745][ T4282] Bluetooth: hci2: command 0x0c1a tx timeout [ 1538.733393][T30037] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9787'. [ 1538.765653][T30037] netlink: 'syz.1.9787': attribute type 14 has an invalid length. [ 1538.800632][T30037] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9787'. [ 1538.811241][ T4282] Bluetooth: hci4: command 0x0c1a tx timeout [ 1538.832789][T30037] netlink: 'syz.1.9787': attribute type 14 has an invalid length. [ 1538.908133][T30046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9781'. [ 1540.804397][T30158] overlayfs: failed to clone lowerpath [ 1541.025446][ T4282] Bluetooth: hci4: command 0x0406 tx timeout [ 1541.197982][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1541.310772][T30189] loop3: detected capacity change from 0 to 512 [ 1541.364295][T30189] /dev/loop3: Can't open blockdev [ 1545.839479][T30288] lo speed is unknown, defaulting to 1000 [ 1546.321522][T30315] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9898'. [ 1546.785091][T30315] team0 (unregistering): Port device team_slave_0 removed [ 1546.809737][T30315] team0 (unregistering): Port device team_slave_1 removed [ 1547.681383][T30374] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1548.199909][T30403] loop3: detected capacity change from 0 to 512 [ 1548.206987][T30403] /dev/loop3: Can't open blockdev [ 1548.469870][T30421] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9938'. [ 1551.219866][T30507] loop3: detected capacity change from 0 to 512 [ 1551.228469][T30507] /dev/loop3: Can't open blockdev [ 1551.261877][T24289] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1552.150352][T30516] input: syz1 as /devices/virtual/input/input18 [ 1552.982219][T30567] Invalid ELF header magic: != ELF [ 1553.633341][T30601] lo speed is unknown, defaulting to 1000 [ 1553.985647][T30619] loop3: detected capacity change from 0 to 1024 [ 1554.025163][T30619] EXT4-fs: Ignoring removed nobh option [ 1554.036688][T30619] /dev/loop3: Can't open blockdev [ 1555.619794][T30661] netlink: 27 bytes leftover after parsing attributes in process `syz.1.10043'. [ 1555.690325][T30668] binder: Bad value for 'stats' [ 1555.861931][T30679] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10051'. [ 1558.003003][T30759] netlink: 68 bytes leftover after parsing attributes in process `syz.1.10088'. [ 1560.250805][T30836] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10122'. [ 1560.585473][T30843] misc userio: Can't change port type on an already running userio instance [ 1563.395992][T30895] lo speed is unknown, defaulting to 1000 [ 1563.585400][T30901] [ 1565.783628][T30984] netlink: 'syz.0.10184': attribute type 10 has an invalid length. [ 1566.411380][T31015] overlayfs: failed to clone upperpath [ 1568.787713][T31088] device batadv_slave_1 entered promiscuous mode [ 1568.816212][T31087] device batadv_slave_1 left promiscuous mode [ 1569.205831][T31106] netlink: 76 bytes leftover after parsing attributes in process `syz.4.10240'. [ 1569.713220][T31137] input: syz1 as /devices/virtual/input/input21 [ 1570.686789][T31194] loop3: detected capacity change from 0 to 512 [ 1570.714702][T31196] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10277'. [ 1570.732691][T31194] EXT4-fs: Ignoring removed i_version option [ 1570.738803][T31194] EXT4-fs: Ignoring removed bh option [ 1570.773854][T31194] /dev/loop3: Can't open blockdev [ 1570.784689][T31200] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10280'. [ 1570.944607][T31207] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10284'. [ 1570.959760][T31210] 9pnet_fd: Insufficient options for proto=fd [ 1571.290547][ T27] kauditd_printk_skb: 23 callbacks suppressed [ 1571.290563][ T27] audit: type=1326 audit(1797126152.230:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1571.449461][T31238] binder: 31237:31238 ioctl 40046205 0 returned -22 [ 1571.477334][T31238] binder: 31237:31238 ioctl c0306201 200000000300 returned -11 [ 1571.984357][T31269] netlink: 128 bytes leftover after parsing attributes in process `syz.4.10312'. [ 1571.989007][ T27] audit: type=1326 audit(1797126152.878:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1572.013910][T31269] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10312'. [ 1572.036148][T31269] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10312'. [ 1572.052217][ T27] audit: type=1326 audit(1797126152.878:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1572.108296][ T27] audit: type=1326 audit(1797126152.878:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1572.282068][ T27] audit: type=1326 audit(1797126152.878:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1572.333851][ T27] audit: type=1326 audit(1797126152.878:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1572.357232][ T27] audit: type=1326 audit(1797126152.878:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1572.405295][ T27] audit: type=1326 audit(1797126152.878:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1572.428489][ T27] audit: type=1326 audit(1797126152.878:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1573.057869][ T27] audit: type=1326 audit(1797126152.878:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31215 comm="syz.1.10287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea81f8f749 code=0x7fc00000 [ 1573.589872][T31316] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10329'. [ 1574.429783][ T4314] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 1574.645113][ T4314] usb 4-1: Using ep0 maxpacket: 16 [ 1574.652981][ T4314] usb 4-1: config 0 has an invalid interface number: 231 but max is 0 [ 1574.681301][ T4314] usb 4-1: config 0 has no interface number 0 [ 1574.698554][ T4314] usb 4-1: config 0 interface 231 altsetting 0 has an invalid endpoint with address 0xA3, skipping [ 1574.727776][ T4314] usb 4-1: config 0 interface 231 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1574.763656][ T4314] usb 4-1: New USB device found, idVendor=0cf3, idProduct=1001, bcdDevice=b9.d6 [ 1574.777721][ T4314] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1574.786461][ T4314] usb 4-1: Product: syz [ 1574.790868][ T4314] usb 4-1: Manufacturer: syz [ 1574.798261][ T4314] usb 4-1: SerialNumber: syz [ 1574.827914][ T4314] usb 4-1: config 0 descriptor?? [ 1574.841699][T31348] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1575.029072][ T4314] usb 4-1: reset high-speed USB device number 29 using dummy_hcd [ 1576.018117][ T4314] usb 4-1: USB disconnect, device number 29 [ 1577.064082][T31461] overlayfs: failed to clone upperpath [ 1578.636330][T31507] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10412'. [ 1580.428507][T31564] lo speed is unknown, defaulting to 1000 [ 1580.581408][T31572] overlayfs: failed to clone upperpath [ 1583.472259][T31661] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10480'. [ 1584.439277][T31689] loop3: detected capacity change from 0 to 8192 [ 1584.732020][T31702] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10498'. [ 1586.015574][T31728] random: crng reseeded on system resumption [ 1587.597024][T31791] netlink: 'syz.2.10537': attribute type 10 has an invalid length. [ 1589.801829][T31876] device batadv_slave_1 entered promiscuous mode [ 1589.809974][T31875] device batadv_slave_1 left promiscuous mode [ 1590.816627][T31900] netlink: 'syz.4.10580': attribute type 10 has an invalid length. [ 1591.694421][T31946] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1592.375153][T31950] netlink: 52 bytes leftover after parsing attributes in process `syz.1.10603'. [ 1592.495612][T31957] loop3: detected capacity change from 0 to 8 [ 1592.525985][T31957] /dev/loop3: Can't open blockdev [ 1593.450293][T31986] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10617'. [ 1594.518551][T32010] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10630'. [ 1598.111290][T32103] lo speed is unknown, defaulting to 1000 [ 1600.902836][T32181] IPVS: set_ctl: invalid protocol: 1 224.0.0.1:20004 [ 1600.989999][T32184] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10709'. [ 1602.558006][T32252] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10730'. [ 1603.421479][T32266] netlink: 'syz.1.10738': attribute type 4 has an invalid length. [ 1603.429410][T32266] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.10738'. [ 1605.517797][T32345] loop3: detected capacity change from 0 to 128 [ 1605.533361][T32345] /dev/loop3: Can't open blockdev [ 1605.938929][T32363] loop3: detected capacity change from 0 to 2048 [ 1606.042908][T32363] Alternate GPT is invalid, using primary GPT. [ 1606.064241][T32363] loop3: p2 p3 p7 [ 1606.373404][T25044] udevd[25044]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 1606.375772][T24290] udevd[24290]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 1606.403600][T24289] udevd[24289]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 1606.468562][T24290] udevd[24290]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 1606.469073][T25044] udevd[25044]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 1606.512097][T24289] udevd[24289]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 1606.693980][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1607.104654][T32409] IPVS: set_ctl: invalid protocol: 1 224.0.0.1:20004 [ 1607.184373][T32413] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10803'. [ 1607.356486][T32419] binder: 32416:32419 ioctl c0046209 200000001340 returned -22 [ 1608.784788][T32454] netlink: 96 bytes leftover after parsing attributes in process `syz.4.10825'. [ 1609.864606][T32482] netlink: 96 bytes leftover after parsing attributes in process `syz.0.10835'. [ 1610.187711][T32499] lo speed is unknown, defaulting to 1000 [ 1610.230261][T32476] loop3: detected capacity change from 0 to 32768 [ 1610.271434][T32506] netlink: 'syz.2.10846': attribute type 4 has an invalid length. [ 1610.280474][T24289] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1610.309536][T32506] infiniband sz1: set down [ 1610.325402][T10908] lo speed is unknown, defaulting to 1000 [ 1610.335616][T10908] lo speed is unknown, defaulting to 1000 [ 1611.160019][T32533] loop3: detected capacity change from 0 to 4096 [ 1611.190709][T32533] /dev/loop3: Can't open blockdev [ 1611.775604][T32564] netlink: 72 bytes leftover after parsing attributes in process `syz.3.10874'. [ 1613.753593][ T27] kauditd_printk_skb: 56 callbacks suppressed [ 1613.753607][ T27] audit: type=1326 audit(1797126192.066:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1613.788569][ T27] audit: type=1326 audit(1797126192.066:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1613.856313][ T27] audit: type=1326 audit(1797126192.104:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1613.909802][ T27] audit: type=1326 audit(1797126192.104:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1613.957726][ T27] audit: type=1326 audit(1797126192.104:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1614.041936][ T27] audit: type=1326 audit(1797126192.104:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1614.071434][ T27] audit: type=1326 audit(1797126192.104:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1614.165468][ T27] audit: type=1326 audit(1797126192.104:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1614.242044][ T27] audit: type=1326 audit(1797126192.104:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1614.286896][ T27] audit: type=1326 audit(1797126192.104:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32636 comm="syz.2.10909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480d78f749 code=0x7ffc0000 [ 1617.528467][T32748] 9pnet_fd: Insufficient options for proto=fd [ 1617.728137][T32758] netlink: 'syz.1.10962': attribute type 4 has an invalid length. [ 1618.835396][ T320] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10973'. [ 1620.952957][ T404] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11007'. [ 1620.973248][ T406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11008'. [ 1621.237037][ T415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11015'. [ 1621.249002][ T415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11015'. [ 1621.297198][ T415] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11015'. [ 1621.313131][ T415] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11015'. [ 1621.662362][ T436] loop3: detected capacity change from 0 to 512 [ 1621.681057][ T436] /dev/loop3: Can't open blockdev [ 1622.034447][ T459] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11034'. [ 1625.474638][ T598] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11102'. [ 1626.416876][ T645] loop3: detected capacity change from 0 to 512 [ 1626.440265][ T645] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 1626.488095][ T645] EXT4-fs (loop3): write access unavailable, skipping orphan cleanup [ 1626.531903][ T645] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1626.739500][T24047] EXT4-fs (loop3): unmounting filesystem. [ 1626.972611][ T673] binder: 669:673 ioctl 80089418 0 returned -22 [ 1628.785658][T30022] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 1628.981024][T30022] usb 4-1: Using ep0 maxpacket: 32 [ 1628.989005][T30022] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1629.009356][T30022] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1629.023334][T30022] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 1629.036839][T30022] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1629.058810][T30022] usb 4-1: config 0 descriptor?? [ 1629.282978][T30022] usb 4-1: string descriptor 0 read error: -71 [ 1629.305979][T30022] usb 4-1: USB disconnect, device number 30 [ 1630.080690][ T776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11177'. [ 1630.811543][ T807] input: syz1 as /devices/virtual/input/input26 [ 1631.209519][ T812] loop3: detected capacity change from 0 to 40427 [ 1631.262453][T24289] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1632.018421][ T843] device syzkaller0 entered promiscuous mode [ 1632.823301][ T882] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11222'. [ 1633.458059][ T928] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11237'. [ 1634.080857][ T961] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11252'. [ 1634.466879][ T975] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11258'. [ 1634.788849][ T992] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=io+mem:owns=io+mem [ 1635.940595][ T1059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11289'. [ 1636.214022][ T1074] overlayfs: failed to clone upperpath [ 1636.770367][ T1103] bond0: (slave wlan1): Releasing backup interface [ 1637.172970][ T1125] loop3: detected capacity change from 0 to 2048 [ 1637.925998][T24289] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1638.091453][ T1143] lo speed is unknown, defaulting to 1000 [ 1638.335987][ T1150] program syz.3.11327 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1638.741780][ T27] kauditd_printk_skb: 24 callbacks suppressed [ 1638.741794][ T27] audit: type=1326 audit(1797126215.512:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1638.879481][ T27] audit: type=1326 audit(1797126215.512:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1638.969593][ T27] audit: type=1326 audit(1797126215.512:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.043261][ T27] audit: type=1326 audit(1797126215.512:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.085542][ T27] audit: type=1326 audit(1797126215.512:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.161297][ T27] audit: type=1326 audit(1797126215.512:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.224045][ T27] audit: type=1326 audit(1797126215.512:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.313352][ T27] audit: type=1326 audit(1797126215.512:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.372486][ T27] audit: type=1326 audit(1797126215.512:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.432499][ T27] audit: type=1326 audit(1797126215.512:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.0.11335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ccd8f749 code=0x7ffc0000 [ 1639.937594][ T1232] netlink: 'syz.0.11362': attribute type 6 has an invalid length. [ 1640.238671][ T1246] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11371'. [ 1640.331622][ T1246] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11371'. [ 1640.558046][ T1246] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11371'. [ 1640.588525][ T1261] snd_dummy snd_dummy.0: control 1:9:195::53367 is already present [ 1641.278706][ T1295] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1641.302909][ T1295] overlayfs: missing 'lowerdir' [ 1641.462749][ T1305] 9pnet_fd: Insufficient options for proto=fd [ 1643.497050][ T1386] loop3: detected capacity change from 0 to 512 [ 1643.529819][ T1386] /dev/loop3: Can't open blockdev [ 1644.759588][ T1451] 9pnet_fd: Insufficient options for proto=fd [ 1644.897376][ T1455] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1644.908882][ T1460] loop3: detected capacity change from 0 to 512 [ 1644.942133][ T1460] EXT4-fs (loop3): write access unavailable, skipping orphan cleanup [ 1644.950649][ T1455] overlayfs: missing 'lowerdir' [ 1644.972534][ T1460] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1645.123943][T24047] EXT4-fs (loop3): unmounting filesystem. [ 1645.149017][ T1467] 9pnet_fd: Insufficient options for proto=fd [ 1645.280869][ T1476] tmpfs: Bad value for 'nr_inodes' [ 1645.865971][ T1505] loop3: detected capacity change from 0 to 512 [ 1645.874016][ T1505] /dev/loop3: Can't open blockdev [ 1647.306133][ T1579] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11508'. [ 1647.446644][ T1586] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11506'. [ 1648.047556][T10908] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 1648.073830][T10908] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1649.186097][ T1624] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11526'. [ 1650.046782][ T1665] loop3: detected capacity change from 0 to 128 [ 1651.437367][ T1712] overlayfs: failed to clone upperpath [ 1652.360958][ T1761] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11590'. [ 1652.380564][ T1760] loop3: detected capacity change from 0 to 512 [ 1652.409626][ T1760] EXT4-fs: Ignoring removed oldalloc option [ 1652.421722][ T1760] EXT4-fs: inline encryption not supported [ 1652.440960][ T1760] /dev/loop3: Can't open blockdev [ 1652.555742][ T1766] lo speed is unknown, defaulting to 1000 [ 1652.665556][ T1773] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11597'. [ 1653.333267][ T1803] lo speed is unknown, defaulting to 1000 [ 1653.374070][ T1806] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11612'. [ 1653.677572][ T1816] loop3: detected capacity change from 0 to 128 [ 1653.709378][ T1816] /dev/loop3: Can't open blockdev [ 1653.994028][ T1832] overlayfs: failed to clone upperpath [ 1654.211514][ T1837] lo speed is unknown, defaulting to 1000 [ 1654.679755][ T1862] netlink: 'syz.4.11635': attribute type 4 has an invalid length. [ 1654.715343][ T1862] netlink: 'syz.4.11635': attribute type 5 has an invalid length. [ 1654.723581][ T1862] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.11635'. [ 1654.775534][T30022] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 1654.929300][ T1876] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11640'. [ 1654.989715][T30022] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1655.034697][T30022] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1655.054646][T30022] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1655.084337][T30022] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1655.112507][T30022] usb 4-1: config 0 descriptor?? [ 1655.316640][ T1893] netlink: 'syz.2.11649': attribute type 13 has an invalid length. [ 1655.341730][ T1893] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11649'. [ 1655.560296][T30022] usb 4-1: string descriptor 0 read error: -71 [ 1655.592696][T30022] usb 4-1: USB disconnect, device number 31 [ 1655.902810][ T1920] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11660'. [ 1656.036076][ T1926] lo speed is unknown, defaulting to 1000 [ 1656.297256][ T1941] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11669'. [ 1656.644418][ T1957] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11677'. [ 1657.057506][ T1977] block nbd3: NBD_DISCONNECT [ 1657.232427][ T1987] lo speed is unknown, defaulting to 1000 [ 1657.238358][ T27] kauditd_printk_skb: 25 callbacks suppressed [ 1657.238370][ T27] audit: type=1326 audit(1797126232.859:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.295483][ T27] audit: type=1326 audit(1797126232.897:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.357214][ T27] audit: type=1326 audit(1797126232.897:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.413737][ T27] audit: type=1326 audit(1797126232.897:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.461773][ T27] audit: type=1326 audit(1797126232.897:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.511769][ T27] audit: type=1326 audit(1797126232.897:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.537782][ T27] audit: type=1326 audit(1797126232.906:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.564554][ T27] audit: type=1326 audit(1797126232.906:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.588131][ T27] audit: type=1326 audit(1797126232.906:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.613605][ T27] audit: type=1326 audit(1797126232.906:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1989 comm="syz.4.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd91178f749 code=0x7ffc0000 [ 1657.647317][ T1985] lo speed is unknown, defaulting to 1000 [ 1657.817791][ T2008] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1659.289884][ T2045] lo speed is unknown, defaulting to 1000 [ 1659.680662][ T2057] lo speed is unknown, defaulting to 1000 [ 1659.847386][ T2069] overlayfs: failed to clone lowerpath [ 1660.128005][ T2081] lo speed is unknown, defaulting to 1000 [ 1660.732390][ T2103] lo speed is unknown, defaulting to 1000 [ 1661.319222][ T2127] overlayfs: failed to clone upperpath [ 1661.545911][ T2137] lo speed is unknown, defaulting to 1000 [ 1662.624448][ T2155] netlink: 'syz.0.11762': attribute type 1 has an invalid length. [ 1662.886160][ T2162] lo speed is unknown, defaulting to 1000 [ 1662.987376][ T2168] netlink: 'syz.0.11767': attribute type 4 has an invalid length. [ 1663.005808][ T2168] netlink: 'syz.0.11767': attribute type 5 has an invalid length. [ 1663.019666][ T2168] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.11767'. [ 1663.992069][ T2194] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11777'. [ 1664.062824][ T2197] lo speed is unknown, defaulting to 1000 [ 1664.208889][ T2203] loop3: detected capacity change from 0 to 512 [ 1664.243751][ T2203] /dev/loop3: Can't open blockdev [ 1664.602637][ T2219] netlink: 108 bytes leftover after parsing attributes in process `syz.4.11790'. [ 1665.136566][ T2248] overlayfs: failed to clone upperpath [ 1665.144333][ T2246] netlink: 'syz.1.11803': attribute type 4 has an invalid length. [ 1665.180217][ T2246] netlink: 'syz.1.11803': attribute type 5 has an invalid length. [ 1665.210956][ T2246] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.11803'. [ 1665.691195][ T2276] 9pnet_fd: Insufficient options for proto=fd [ 1665.718177][ T2278] 9pnet_fd: Insufficient options for proto=fd [ 1665.871991][ T2282] netlink: 'syz.3.11822': attribute type 4 has an invalid length. [ 1665.879857][ T2282] netlink: 'syz.3.11822': attribute type 5 has an invalid length. [ 1665.907639][ T2282] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.11822'. [ 1666.250069][ T2302] lo speed is unknown, defaulting to 1000 [ 1666.458802][ T2308] loop3: detected capacity change from 0 to 1024 [ 1666.488009][ T2308] /dev/loop3: Can't open blockdev [ 1666.865565][ T2316] bond0: (slave wlan1): Releasing backup interface [ 1666.911151][ T2316] ------------[ cut here ]------------ [ 1666.917920][ T2316] WARNING: CPU: 1 PID: 2316 at net/mac80211/chan.c:2017 ieee80211_link_release_channel+0x150/0x180 [ 1666.928704][ T2316] Modules linked in: [ 1666.932636][ T2316] CPU: 1 PID: 2316 Comm: syz.2.11837 Not tainted syzkaller #0 [ 1666.940249][ T2316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1666.950406][ T2316] RIP: 0010:ieee80211_link_release_channel+0x150/0x180 [ 1666.957298][ T2316] Code: 7c 2d 00 00 74 08 48 89 df e8 0c 45 2f f8 bf 18 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b5 00 7f 00 e8 f0 15 df f7 <0f> 0b eb c5 48 c7 c1 64 9f 1f 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51 [ 1666.977008][ T2316] RSP: 0018:ffffc9000cc3f188 EFLAGS: 00010287 [ 1666.983154][ T2316] RAX: ffffffff89a1c070 RBX: ffff88807cd6d5a8 RCX: 0000000000080000 [ 1666.991214][ T2316] RDX: ffffc9000e77a000 RSI: 00000000000594f9 RDI: 00000000000594fa [ 1666.999238][ T2316] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1c3ed56 [ 1667.007307][ T2316] R10: fffffbfff1c3ed56 R11: 1ffffffff1c3ed55 R12: ffff88807cd6eae0 [ 1667.015356][ T2316] R13: 1ffff1100f9adab5 R14: ffff88807cd6e258 R15: dffffc0000000000 [ 1667.023413][ T2316] FS: 00007f480e5e96c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1667.032427][ T2316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1667.039115][ T2316] CR2: 00007fd984612a90 CR3: 0000000053ab1000 CR4: 00000000003506e0 [ 1667.047188][ T2316] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1667.055235][ T2316] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 1667.063230][ T2316] Call Trace: [ 1667.066600][ T2316] [ 1667.069567][ T2316] ? trace_drv_return_void+0x240/0x240 [ 1667.075066][ T2316] unregister_netdevice_many+0x12ab/0x1840 [ 1667.080998][ T2316] ? alloc_netdev_mqs+0xf00/0xf00 [ 1667.086135][ T2316] ? kernfs_remove_by_name_ns+0x113/0x150 [ 1667.091888][ T2316] ? __lock_acquire+0x7c50/0x7c50 [ 1667.097020][ T2316] unregister_netdevice_queue+0x31c/0x360 [ 1667.102778][ T2316] ? list_netdevice+0x6c0/0x6c0 [ 1667.107726][ T2316] ? kernfs_remove_by_name_ns+0x113/0x150 [ 1667.113488][ T2316] _cfg80211_unregister_wdev+0x177/0x590 [ 1667.119234][ T2316] ieee80211_if_remove+0x1bd/0x2c0 [ 1667.124381][ T2316] ieee80211_del_iface+0x15/0x20 [ 1667.129419][ T2316] cfg80211_remove_virtual_intf+0x243/0x450 [ 1667.135355][ T2316] genl_family_rcv_msg_doit+0x22e/0x320 [ 1667.140995][ T2316] ? end_current_label_crit_section+0x170/0x170 [ 1667.147274][ T2316] ? genl_family_rcv_msg_dumpit+0x340/0x340 [ 1667.153268][ T2316] ? bpf_lsm_capable+0x5/0x10 [ 1667.157974][ T2316] ? security_capable+0x85/0xb0 [ 1667.162924][ T2316] genl_rcv_msg+0x5f2/0x780 [ 1667.167469][ T2316] ? genl_bind+0x350/0x350 [ 1667.171979][ T2316] ? nl80211_new_interface+0xff0/0xff0 [ 1667.177484][ T2316] netlink_rcv_skb+0x1de/0x420 [ 1667.182349][ T2316] ? genl_bind+0x350/0x350 [ 1667.186798][ T2316] ? netlink_ack+0x1100/0x1100 [ 1667.191602][ T2316] ? down_read+0x1a8/0x2d0 [ 1667.196118][ T2316] genl_rcv+0x24/0x40 [ 1667.200137][ T2316] netlink_unicast+0x74d/0x8d0 [ 1667.205016][ T2316] netlink_sendmsg+0x89e/0xbc0 [ 1667.209824][ T2316] ? netlink_getsockopt+0x540/0x540 [ 1667.215139][ T2316] ? aa_sock_msg_perm+0x94/0x150 [ 1667.220112][ T2316] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 1667.225489][ T2316] ? security_socket_sendmsg+0x7c/0xa0 [ 1667.230994][ T2316] ? netlink_getsockopt+0x540/0x540 [ 1667.236290][ T2316] ____sys_sendmsg+0x59b/0x970 [ 1667.241102][ T2316] ? __sys_sendmsg_sock+0x30/0x30 [ 1667.246223][ T2316] ? __import_iovec+0x315/0x500 [ 1667.251117][ T2316] ? import_iovec+0x6f/0xa0 [ 1667.255674][ T2316] ___sys_sendmsg+0x21c/0x290 [ 1667.260460][ T2316] ? __sys_sendmsg+0x270/0x270 [ 1667.265309][ T2316] ? __fdget+0x17c/0x200 [ 1667.269645][ T2316] __se_sys_sendmsg+0x19e/0x270 [ 1667.274534][ T2316] ? __se_sys_futex+0x14a/0x440 [ 1667.279470][ T2316] ? __x64_sys_sendmsg+0x80/0x80 [ 1667.284460][ T2316] ? lockdep_hardirqs_on+0x94/0x140 [ 1667.289749][ T2316] do_syscall_64+0x4c/0xa0 [ 1667.294190][ T2316] ? clear_bhb_loop+0x60/0xb0 [ 1667.298964][ T2316] ? clear_bhb_loop+0x60/0xb0 [ 1667.303690][ T2316] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1667.309845][ T2316] RIP: 0033:0x7f480d78f749 [ 1667.314298][ T2316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1667.333996][ T2316] RSP: 002b:00007f480e5e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1667.342482][ T2316] RAX: ffffffffffffffda RBX: 00007f480d9e5fa0 RCX: 00007f480d78f749 [ 1667.350524][ T2316] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000005 [ 1667.358595][ T2316] RBP: 00007f480d813f91 R08: 0000000000000000 R09: 0000000000000000 [ 1667.366646][ T2316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1667.374731][ T2316] R13: 00007f480d9e6038 R14: 00007f480d9e5fa0 R15: 00007ffc8314fbd8 [ 1667.382758][ T2316] [ 1667.385877][ T2316] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1667.393167][ T2316] CPU: 1 PID: 2316 Comm: syz.2.11837 Not tainted syzkaller #0 [ 1667.400631][ T2316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1667.410696][ T2316] Call Trace: [ 1667.413990][ T2316] [ 1667.416937][ T2316] dump_stack_lvl+0x168/0x22e [ 1667.421638][ T2316] ? memcpy+0x3c/0x60 [ 1667.425652][ T2316] ? show_regs_print_info+0x12/0x12 [ 1667.430872][ T2316] ? load_image+0x3b0/0x3b0 [ 1667.435414][ T2316] panic+0x2c9/0x710 [ 1667.439334][ T2316] ? bpf_jit_dump+0xd0/0xd0 [ 1667.444057][ T2316] __warn+0x2f8/0x4f0 [ 1667.448060][ T2316] ? ieee80211_link_release_channel+0x150/0x180 [ 1667.454336][ T2316] ? ieee80211_link_release_channel+0x150/0x180 [ 1667.460607][ T2316] report_bug+0x2ba/0x4f0 [ 1667.464953][ T2316] ? ieee80211_link_release_channel+0x150/0x180 [ 1667.471219][ T2316] handle_bug+0x3a/0x70 [ 1667.475372][ T2316] exc_invalid_op+0x16/0x40 [ 1667.479877][ T2316] asm_exc_invalid_op+0x16/0x20 [ 1667.484740][ T2316] RIP: 0010:ieee80211_link_release_channel+0x150/0x180 [ 1667.491591][ T2316] Code: 7c 2d 00 00 74 08 48 89 df e8 0c 45 2f f8 bf 18 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b5 00 7f 00 e8 f0 15 df f7 <0f> 0b eb c5 48 c7 c1 64 9f 1f 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51 [ 1667.511203][ T2316] RSP: 0018:ffffc9000cc3f188 EFLAGS: 00010287 [ 1667.517290][ T2316] RAX: ffffffff89a1c070 RBX: ffff88807cd6d5a8 RCX: 0000000000080000 [ 1667.525344][ T2316] RDX: ffffc9000e77a000 RSI: 00000000000594f9 RDI: 00000000000594fa [ 1667.533325][ T2316] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1c3ed56 [ 1667.541299][ T2316] R10: fffffbfff1c3ed56 R11: 1ffffffff1c3ed55 R12: ffff88807cd6eae0 [ 1667.549297][ T2316] R13: 1ffff1100f9adab5 R14: ffff88807cd6e258 R15: dffffc0000000000 [ 1667.557314][ T2316] ? ieee80211_link_release_channel+0x150/0x180 [ 1667.563598][ T2316] ? ieee80211_link_release_channel+0x150/0x180 [ 1667.569866][ T2316] ? trace_drv_return_void+0x240/0x240 [ 1667.575360][ T2316] unregister_netdevice_many+0x12ab/0x1840 [ 1667.581216][ T2316] ? alloc_netdev_mqs+0xf00/0xf00 [ 1667.586271][ T2316] ? kernfs_remove_by_name_ns+0x113/0x150 [ 1667.592022][ T2316] ? __lock_acquire+0x7c50/0x7c50 [ 1667.597075][ T2316] unregister_netdevice_queue+0x31c/0x360 [ 1667.602796][ T2316] ? list_netdevice+0x6c0/0x6c0 [ 1667.607653][ T2316] ? kernfs_remove_by_name_ns+0x113/0x150 [ 1667.613419][ T2316] _cfg80211_unregister_wdev+0x177/0x590 [ 1667.619049][ T2316] ieee80211_if_remove+0x1bd/0x2c0 [ 1667.624155][ T2316] ieee80211_del_iface+0x15/0x20 [ 1667.629100][ T2316] cfg80211_remove_virtual_intf+0x243/0x450 [ 1667.635004][ T2316] genl_family_rcv_msg_doit+0x22e/0x320 [ 1667.640549][ T2316] ? end_current_label_crit_section+0x170/0x170 [ 1667.646805][ T2316] ? genl_family_rcv_msg_dumpit+0x340/0x340 [ 1667.652693][ T2316] ? bpf_lsm_capable+0x5/0x10 [ 1667.657354][ T2316] ? security_capable+0x85/0xb0 [ 1667.662207][ T2316] genl_rcv_msg+0x5f2/0x780 [ 1667.666725][ T2316] ? genl_bind+0x350/0x350 [ 1667.671131][ T2316] ? nl80211_new_interface+0xff0/0xff0 [ 1667.676593][ T2316] netlink_rcv_skb+0x1de/0x420 [ 1667.681347][ T2316] ? genl_bind+0x350/0x350 [ 1667.685753][ T2316] ? netlink_ack+0x1100/0x1100 [ 1667.690514][ T2316] ? down_read+0x1a8/0x2d0 [ 1667.694957][ T2316] genl_rcv+0x24/0x40 [ 1667.698953][ T2316] netlink_unicast+0x74d/0x8d0 [ 1667.703718][ T2316] netlink_sendmsg+0x89e/0xbc0 [ 1667.708477][ T2316] ? netlink_getsockopt+0x540/0x540 [ 1667.713665][ T2316] ? aa_sock_msg_perm+0x94/0x150 [ 1667.718600][ T2316] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 1667.723873][ T2316] ? security_socket_sendmsg+0x7c/0xa0 [ 1667.729323][ T2316] ? netlink_getsockopt+0x540/0x540 [ 1667.734513][ T2316] ____sys_sendmsg+0x59b/0x970 [ 1667.739300][ T2316] ? __sys_sendmsg_sock+0x30/0x30 [ 1667.744317][ T2316] ? __import_iovec+0x315/0x500 [ 1667.749187][ T2316] ? import_iovec+0x6f/0xa0 [ 1667.753690][ T2316] ___sys_sendmsg+0x21c/0x290 [ 1667.758363][ T2316] ? __sys_sendmsg+0x270/0x270 [ 1667.763142][ T2316] ? __fdget+0x17c/0x200 [ 1667.767375][ T2316] __se_sys_sendmsg+0x19e/0x270 [ 1667.772220][ T2316] ? __se_sys_futex+0x14a/0x440 [ 1667.777066][ T2316] ? __x64_sys_sendmsg+0x80/0x80 [ 1667.782004][ T2316] ? lockdep_hardirqs_on+0x94/0x140 [ 1667.787194][ T2316] do_syscall_64+0x4c/0xa0 [ 1667.791603][ T2316] ? clear_bhb_loop+0x60/0xb0 [ 1667.796266][ T2316] ? clear_bhb_loop+0x60/0xb0 [ 1667.800943][ T2316] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1667.806822][ T2316] RIP: 0033:0x7f480d78f749 [ 1667.811236][ T2316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1667.830868][ T2316] RSP: 002b:00007f480e5e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1667.839310][ T2316] RAX: ffffffffffffffda RBX: 00007f480d9e5fa0 RCX: 00007f480d78f749 [ 1667.847297][ T2316] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000005 [ 1667.855280][ T2316] RBP: 00007f480d813f91 R08: 0000000000000000 R09: 0000000000000000 [ 1667.863239][ T2316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1667.871202][ T2316] R13: 00007f480d9e6038 R14: 00007f480d9e5fa0 R15: 00007ffc8314fbd8 [ 1667.879174][ T2316] [ 1667.882431][ T2316] Kernel Offset: disabled [ 1667.886900][ T2316] Rebooting in 86400 seconds..