last executing test programs: 7.991056008s ago: executing program 1 (id=2276): socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00094000010009040002010035040009058dff86"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r0, 0x0, 0x0) write$char_usb(r0, &(0x7f00000000c0)="5614bfd19adeaf6798f37d7c0337ad925acbec90afe51819387fd6ee8246638556d42c3af8", 0x25) 6.388623078s ago: executing program 3 (id=2286): r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000e00)={0x0, 0x18, 0xfa00, {0x1, &(0x7f000000bb00)={0xffffffffffffffff}, 0x106, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0xfefe, 0x807, @empty, 0x3aa7}, @ib={0x1b, 0xffff, 0xfffffffd, {'\x00\x00\x00i\x00'}, 0x0, 0xfffffffffffffffc, 0x6}}}, 0x118) 6.095742608s ago: executing program 3 (id=2288): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_io_uring_setup(0x1327, &(0x7f0000000300)={0x0, 0x7303, 0x10100, 0x0, 0x2}, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000200)=0x1b) r3 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x200) ioctl$TCXONC(r3, 0x540a, 0x2) 5.838588628s ago: executing program 3 (id=2289): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0002}}}, 0x11, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x1000}, 0x800) 5.524248521s ago: executing program 3 (id=2290): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001940)={0x20, 0x49, 0x1, 0x70bd26, 0xfffffffc, {0xa, 0x0, 0x6e1c}, [@typed={0x8, 0x300, 0x0, 0x0, @u32}, @nested={0x4, 0x2}]}, 0x20}}, 0x20048800) writev(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8) syz_open_dev$vcsa(&(0x7f00000000c0), 0x3, 0x400) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40186f40, &(0x7f0000000440)=0x1f) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x840}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) syz_emit_ethernet(0x1d6, &(0x7f00000020c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x1a0, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x22, 0xa, "a78ce5400659808000ffffc0fe4023493b87aafaffffffffffffff2373247202fa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502"}, {0x0, 0x1, '\x00\x00\x00\x00\x00\x00\x00\x00\b'}, {0x4, 0x17, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731"}, {0x2, 0xe, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df2"}]}}}}}}, 0x0) getpid() bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 5.048196655s ago: executing program 1 (id=2292): r0 = socket$inet(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x4}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x20000050) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe) r5 = io_uring_setup(0x168f, &(0x7f0000000400)={0x0, 0x631d, 0x2, 0x2, 0x2d8}) socket$l2tp(0x2, 0x2, 0x73) io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r4, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x0) 4.638503593s ago: executing program 2 (id=2293): fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f00000001c0)) syz_clone3(&(0x7f0000000600)={0x14002000, 0x0, &(0x7f0000000440)=0x0, &(0x7f0000000240), {0x2f}, &(0x7f00000002c0)=""/202, 0xca, 0x0, 0x0}, 0x58) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x21800, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0x14, 0x2, 0x0, "11010000001400000100b64c0000000f4cb85200000400", 0x30314442}) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0) socket(0x1d, 0x2, 0x6) sched_getattr(r2, &(0x7f00000000c0)={0x38}, 0x38, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00') madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) read$FUSE(r5, &(0x7f0000004380)={0x2020}, 0x2032) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000000)={0x1}) writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1) r6 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r7, 0x400448ca, 0x0) bind$bt_hci(r7, &(0x7f0000000040)={0x1f, 0x4}, 0x1) ioctl$PAGEMAP_SCAN(r6, 0xc0606610, 0x0) socket$kcm(0xa, 0x2, 0x0) 4.000204151s ago: executing program 1 (id=2295): socket$kcm(0x11, 0x3, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r2 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) fcntl$setlease(r2, 0x400, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x60) close(0x3) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) process_vm_readv(0x0, &(0x7f00000007c0)=[{&(0x7f0000000180)=""/99, 0x63}, {&(0x7f0000000340)=""/84, 0x54}, {0x0}, {0x0}, {&(0x7f0000000500)=""/75, 0x4b}, {0x0}], 0x6, 0x0, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x20, 0x0, &(0x7f0000000000)="06ff03076844268cb89e14f008004ee0ffff00febabec41177fb86dd1402e000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r6, 0x6, 0x2, 0x0, &(0x7f0000000280)) 3.323514732s ago: executing program 2 (id=2298): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a090400000000000000000200000040000480718063068ddd100000000000000001800a00010072616e67650000002c000280080001400000002408000240000000030c00038005000100430000000c00048005"], 0x94}}, 0x0) 3.256603418s ago: executing program 2 (id=2300): openat$tun(0xffffffffffffff9c, 0x0, 0x90802, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x25702020}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2.592078954s ago: executing program 1 (id=2301): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94) memfd_create(0x0, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000) openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a310000000005000100"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 2.425538576s ago: executing program 0 (id=2302): r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003) ioctl$I2C_RDWR(r0, 0x707, 0x0) 2.103534364s ago: executing program 0 (id=2303): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r0 = openat$kvm(0xffffff9c, &(0x7f00000001c0), 0x841, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000000701030000000000000003000000010c00064000000000000080"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4000010) socket$inet6(0xa, 0x1, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8080000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3}) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x140) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPSET_CMD_GET_BYINDEX(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000060f060108000000000000000007000006050001000700000006000b0001"], 0x24}, 0x1, 0x0, 0x0, 0x45}, 0x800) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.984445224s ago: executing program 2 (id=2304): openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000) syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x8a2b81) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@ipv4_delroute={0x4c, 0x19, 0x901, 0x70bd29, 0x80, {0x2, 0x18, 0x10, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_SRC={0x14, 0x3, @private0}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 1.914227338s ago: executing program 0 (id=2305): socket(0x10, 0x2, 0x0) socket$inet6(0xa, 0x2, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d0000000400000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18) socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb1e9a000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x40, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14) 1.914007677s ago: executing program 3 (id=2306): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x1d) 1.857111174s ago: executing program 1 (id=2307): syz_open_dev$usbfs(&(0x7f0000000100), 0x204, 0x800542) syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_mr_cache\x00') openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000040)=@nl, &(0x7f00000000c0)=0x80) syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) fanotify_mark(0xffffffffffffffff, 0x105, 0x4800003a, 0xffffffffffffffff, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x30, 0x10, 0x1, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4891a, 0xa}, [@IFLA_GROUP={0x8}, @IFLA_TXQLEN={0x8, 0xd, 0x10}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x6000000) 1.789827026s ago: executing program 2 (id=2308): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000001880)=ANY=[], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94) r3 = dup(r2) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r1, 0x25, 0x4, @val=@tracing={0x0, 0x8}}, 0x20) syz_emit_ethernet(0x2a, &(0x7f0000000300)=ANY=[], 0x0) 1.181337167s ago: executing program 3 (id=2309): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10c4, 0xea90, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="20010e"], 0x0}) syz_usb_control_io(r0, 0x0, 0x0) 1.181059095s ago: executing program 2 (id=2310): bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xc) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000580)=""/78, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000a80)={0x1, 0x0, [{0x0, 0x1000, &(0x7f0000002600)=""/4096}]}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 1.002847209s ago: executing program 1 (id=2311): open_tree(0xffffffffffffff9c, 0x0, 0x900) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000480)={0x0, 0x701c, 0x700, 0x1, 0x1ef}, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000000300)=""/102400, 0x19000) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2) r5 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) ftruncate(r5, 0xffff) fcntl$addseals(r5, 0x409, 0x7) r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r5, 0x0, 0x0, 0x1000}) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r6, 0x0, 0x0, 0x0, {0x414}, 0x1}) io_uring_enter(r0, 0x3f72, 0x74f1, 0xc00000000000000, 0x0, 0x39) 705.058385ms ago: executing program 0 (id=2312): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x0) 84.816545ms ago: executing program 0 (id=2314): bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x14, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x635c, 0x1f480, 0x0, 0x399}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) io_uring_enter(r0, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd) 0s ago: executing program 0 (id=2315): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) socket(0x1d, 0x2, 0x6) r2 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) keyctl$read(0xb, r2, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2) r3 = syz_open_dev$video(0x0, 0x485, 0x40000) r4 = socket(0x2b, 0x80801, 0x1) connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e21, 0x0, @empty, 0x400005}, 0x1c) ioctl$sock_inet6_udp_SIOCOUTQ(r4, 0x894b, &(0x7f0000000040)) r5 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000600)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000ca32c7329458e68a330a721f000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000674ae874c8a3ac27c779eb0000000000000000000000000000000000000000000000000000000000000000fcffffff00"/143]}, 0xdf) ioctl$VIDIOC_S_SELECTION(r3, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xfffffffd, 0x4, 0xb, 0x8001}}) r6 = open(0x0, 0x64842, 0x389b0d52417bb201) sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x200488b0}, 0x40c4) pwritev2(r6, &(0x7f0000000240), 0x0, 0x7000, 0x0, 0x3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000}) openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000000c0), 0x92e82) sendmsg$sock(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000140)=@pppoe={0x2a, 0x0, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}, 'lo\x00'}}, 0x80, 0x0}, 0x40000c0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) capset(&(0x7f0000000000)={0x20080522}, 0x0) r7 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r7, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$inet6(r7, &(0x7f00000001c0)={0xa, 0x0, 0x9, @empty, 0x20002}, 0x1c) socket$netlink(0x10, 0x3, 0x8000000004) kernel console output (not intermixed with test programs): o HW filter on device batadv0 [ 54.532956][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.536934][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.567675][ T5938] veth0_vlan: entered promiscuous mode [ 54.586918][ T6024] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.591055][ T6024] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.592845][ T5946] veth0_vlan: entered promiscuous mode [ 54.598701][ T5938] veth1_vlan: entered promiscuous mode [ 54.622247][ T5946] veth1_vlan: entered promiscuous mode [ 54.628655][ T5941] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.640133][ T5937] veth0_vlan: entered promiscuous mode [ 54.683662][ T5937] veth1_vlan: entered promiscuous mode [ 54.696883][ T5938] veth0_macvtap: entered promiscuous mode [ 54.707793][ T5938] veth1_macvtap: entered promiscuous mode [ 54.721521][ T5946] veth0_macvtap: entered promiscuous mode [ 54.728228][ T5946] veth1_macvtap: entered promiscuous mode [ 54.737579][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.751370][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.762718][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.772479][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.776642][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.782601][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.788018][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.824889][ T6033] capability: warning: `syz.3.5' uses deprecated v2 capabilities in a way that may be insecure [ 54.845178][ T5937] veth0_macvtap: entered promiscuous mode [ 54.852795][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.889962][ T5937] veth1_macvtap: entered promiscuous mode [ 54.927445][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.931241][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.951578][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.955244][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.960832][ T6024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.963417][ T6024] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.964033][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.996757][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.003908][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.006601][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.019533][ T1220] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.026701][ T1220] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.037699][ T1220] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.050526][ T1220] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.157133][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.169288][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.274223][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.278978][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.323814][ T1220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.331008][ T1220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.363853][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.378488][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.741111][ T6042] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6'. [ 55.867252][ T6071] Zero length message leads to an empty skb [ 55.877569][ T6074] netlink: 'syz.3.17': attribute type 16 has an invalid length. [ 55.881009][ T6074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17'. [ 55.900311][ T6074] veth1_macvtap: left promiscuous mode [ 56.023644][ T6083] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.299693][ T5942] Bluetooth: hci2: command tx timeout [ 56.308542][ T5942] Bluetooth: hci3: command tx timeout [ 56.308577][ T5949] Bluetooth: hci1: command tx timeout [ 56.380142][ T5949] Bluetooth: hci0: command tx timeout [ 56.819742][ T6083] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.935280][ T6097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.25'. [ 56.938731][ T6097] netlink: 44 bytes leftover after parsing attributes in process `syz.0.25'. [ 57.757870][ T6097] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 57.761973][ T6097] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 57.772277][ T6097] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 57.774789][ T6097] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 57.796190][ T6097] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 57.799274][ T6097] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 57.816550][ T6097] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 57.820567][ T6097] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 57.822058][ T6083] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.052603][ T6083] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.205207][ T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.217771][ T13] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.235174][ T13] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.243646][ T13] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.482438][ T6183] netlink: 28 bytes leftover after parsing attributes in process `syz.2.44'. [ 58.535206][ T6186] netlink: 8 bytes leftover after parsing attributes in process `syz.1.45'. [ 58.538677][ T6186] netlink: 44 bytes leftover after parsing attributes in process `syz.1.45'. [ 58.609648][ T6175] netlink: 28 bytes leftover after parsing attributes in process `syz.0.42'. [ 58.852002][ T6198] mmap: syz.2.49 (6198) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 58.867298][ T6207] netlink: 'syz.1.51': attribute type 16 has an invalid length. [ 58.871225][ T6207] netlink: 12 bytes leftover after parsing attributes in process `syz.1.51'. [ 58.884517][ T6207] veth1_macvtap: left promiscuous mode [ 58.982288][ T6194] netlink: 28 bytes leftover after parsing attributes in process `syz.3.47'. [ 60.915093][ T6322] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.330186][ T6322] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.428736][ T6322] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.535623][ T6322] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.651231][ T6341] __nla_validate_parse: 11 callbacks suppressed [ 61.651246][ T6341] netlink: 8 bytes leftover after parsing attributes in process `syz.3.99'. [ 61.657512][ T6341] netlink: 44 bytes leftover after parsing attributes in process `syz.3.99'. [ 61.692663][ T13] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.695810][ T13] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.746315][ T13] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.758473][ T46] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.871073][ T6350] netlink: 28 bytes leftover after parsing attributes in process `syz.3.103'. [ 62.059034][ T6352] netlink: 28 bytes leftover after parsing attributes in process `syz.0.104'. [ 62.233272][ T6372] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.261792][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.112'. [ 62.277136][ T6377] netlink: 44 bytes leftover after parsing attributes in process `syz.2.112'. [ 62.300177][ T6370] netlink: 28 bytes leftover after parsing attributes in process `syz.0.109'. [ 62.311250][ T6372] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.336514][ T6382] netlink: 28 bytes leftover after parsing attributes in process `syz.3.114'. [ 62.404654][ T6372] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.484179][ T6372] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.643973][ T1140] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.652541][ T1140] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.676404][ T1140] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.684769][ T1140] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.811637][ T6419] netlink: 28 bytes leftover after parsing attributes in process `syz.3.128'. [ 62.869311][ T6416] netlink: 28 bytes leftover after parsing attributes in process `syz.2.127'. [ 63.313628][ T6453] futex_wake_op: syz.2.138 tries to shift op by -1; fix this program [ 64.735431][ T6578] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.835209][ T6578] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.951119][ T6578] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.062625][ T6578] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.827748][ T40] audit: type=1326 audit(1767129522.830:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.837974][ T40] audit: type=1326 audit(1767129522.830:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.847819][ T40] audit: type=1326 audit(1767129522.830:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.857195][ T40] audit: type=1326 audit(1767129522.830:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.869702][ T40] audit: type=1326 audit(1767129522.830:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.879099][ T40] audit: type=1326 audit(1767129522.830:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.891192][ T40] audit: type=1326 audit(1767129522.830:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.901442][ T40] audit: type=1326 audit(1767129522.830:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.910331][ T40] audit: type=1326 audit(1767129522.830:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 65.917765][ T40] audit: type=1326 audit(1767129522.830:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz.3.213" exe="/syz-executor" sig=0 arch=40000003 syscall=301 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 66.242429][ T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.263613][ T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.275704][ T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.284114][ T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.705753][ T6749] __nla_validate_parse: 22 callbacks suppressed [ 66.705771][ T6749] netlink: 8 bytes leftover after parsing attributes in process `syz.3.247'. [ 66.715008][ T6749] netlink: 44 bytes leftover after parsing attributes in process `syz.3.247'. [ 66.843594][ T6763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.254'. [ 67.103446][ T6790] netlink: 8 bytes leftover after parsing attributes in process `syz.0.263'. [ 67.106647][ T6790] netlink: 44 bytes leftover after parsing attributes in process `syz.0.263'. [ 67.166543][ T6783] netlink: 28 bytes leftover after parsing attributes in process `syz.3.261'. [ 67.242678][ T6794] netlink: 28 bytes leftover after parsing attributes in process `syz.0.264'. [ 67.411798][ T6805] netlink: 'syz.0.270': attribute type 16 has an invalid length. [ 67.414408][ T6805] netlink: 12 bytes leftover after parsing attributes in process `syz.0.270'. [ 67.431352][ T6805] veth1_macvtap: left promiscuous mode [ 67.662866][ T6817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.274'. [ 67.665849][ T6817] netlink: 44 bytes leftover after parsing attributes in process `syz.0.274'. [ 68.491723][ T6755] Set syz1 is full, maxelem 65536 reached [ 68.790274][ T6869] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.906783][ T6869] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.063723][ T6869] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.159353][ T6869] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.293409][ T1142] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.310193][ T1142] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.322590][ T1142] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.330546][ T1142] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.651328][ T6933] only policy match revision 0 supported [ 69.651340][ T6933] unable to load match [ 70.293638][ T6980] program syz.2.337 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 71.617108][ T7090] usb usb1: usbfs: process 7090 (syz.2.381) did not claim interface 0 before use [ 71.696131][ T7096] wg2: entered promiscuous mode [ 71.708418][ T7096] wg2: entered allmulticast mode [ 71.762279][ T7104] __nla_validate_parse: 9 callbacks suppressed [ 71.762291][ T7104] netlink: 8 bytes leftover after parsing attributes in process `syz.2.386'. [ 71.768119][ T7104] netlink: 44 bytes leftover after parsing attributes in process `syz.2.386'. [ 71.781408][ T7107] usb usb1: usbfs: process 7107 (syz.1.388) did not claim interface 0 before use [ 71.895592][ T7117] random: crng reseeded on system resumption [ 71.936772][ T7119] netlink: 28 bytes leftover after parsing attributes in process `syz.2.391'. [ 72.116649][ T7136] netlink: 'syz.1.398': attribute type 16 has an invalid length. [ 72.120474][ T7136] netlink: 12 bytes leftover after parsing attributes in process `syz.1.398'. [ 72.292239][ T7152] netlink: 28 bytes leftover after parsing attributes in process `syz.1.405'. [ 72.401349][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.404368][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.416620][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.421260][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.427528][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.430358][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.432771][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.435207][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.437758][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.441203][ T9] hid-generic 0000:0000:0004.0002: unknown main item tag 0x0 [ 72.459107][ T9] hid-generic 0000:0000:0004.0002: hidraw1: HID v0.03 Device [syz1] on syz1 [ 72.514387][ T7174] usb usb1: usbfs: process 7174 (syz.2.413) did not claim interface 0 before use [ 72.539399][ T7170] fido_id[7170]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 72.588578][ T7180] netlink: 56 bytes leftover after parsing attributes in process `syz.0.416'. [ 72.780624][ T7202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.425'. [ 72.784556][ T7202] netlink: 44 bytes leftover after parsing attributes in process `syz.1.425'. [ 72.953312][ T7223] netlink: 'syz.3.431': attribute type 1 has an invalid length. [ 72.955903][ T7223] netlink: 'syz.3.431': attribute type 2 has an invalid length. [ 72.959513][ T7223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.431'. [ 73.058260][ T40] kauditd_printk_skb: 100 callbacks suppressed [ 73.058276][ T40] audit: type=1326 audit(1767129530.060:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.088519][ T40] audit: type=1326 audit(1767129530.060:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.098232][ T40] audit: type=1326 audit(1767129530.070:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.107502][ T40] audit: type=1326 audit(1767129530.070:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.117393][ T40] audit: type=1326 audit(1767129530.070:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.125724][ T40] audit: type=1326 audit(1767129530.070:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.133768][ T40] audit: type=1326 audit(1767129530.070:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.142949][ T40] audit: type=1326 audit(1767129530.070:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.151655][ T40] audit: type=1326 audit(1767129530.070:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.159067][ T40] audit: type=1326 audit(1767129530.080:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.3.434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 73.184083][ T7244] netlink: 'syz.2.439': attribute type 16 has an invalid length. [ 73.187287][ T7244] netlink: 12 bytes leftover after parsing attributes in process `syz.2.439'. [ 73.192787][ T7244] veth1_macvtap: left promiscuous mode [ 73.622270][ T7285] netlink: 'syz.3.453': attribute type 16 has an invalid length. [ 73.668683][ T7286] netlink: 'syz.2.454': attribute type 4 has an invalid length. [ 73.674739][ T7286] netlink: 'syz.2.454': attribute type 4 has an invalid length. [ 73.967416][ T7317] smc: net device ip6gretap0 applied user defined pnetid SYZ2 [ 73.970535][ T7317] smc: net device ip6gretap0 erased user defined pnetid SYZ2 [ 74.384629][ T7344] netlink: 'syz.1.479': attribute type 16 has an invalid length. [ 74.678975][ T7370] syz_tun: entered allmulticast mode [ 74.688628][ T7370] pimreg: entered allmulticast mode [ 74.707751][ T7372] sch_fq: defrate 0 ignored. [ 74.727320][ T7369] syz_tun: left allmulticast mode [ 75.456116][ T7409] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.456138][ T7409] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.457018][ T7409] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.469436][ T7409] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.982188][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 75.982233][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.076386][ T7436] ======================================================= [ 76.076386][ T7436] WARNING: The mand mount option has been deprecated and [ 76.076386][ T7436] and is ignored by this kernel. Remove the mand [ 76.076386][ T7436] option from the mount to silence this warning. [ 76.076386][ T7436] ======================================================= [ 76.076454][ T7436] 9p: Bad value for 'wfdno' [ 76.699537][ T7487] syz.2.535 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 76.942905][ T7506] __nla_validate_parse: 25 callbacks suppressed [ 76.942923][ T7506] netlink: 40 bytes leftover after parsing attributes in process `syz.1.540'. [ 77.024283][ T7505] netlink: 28 bytes leftover after parsing attributes in process `syz.2.541'. [ 77.189385][ T7534] pimreg: entered allmulticast mode [ 77.338128][ T7544] netlink: 28 bytes leftover after parsing attributes in process `syz.1.557'. [ 77.531712][ T7559] netlink: 28 bytes leftover after parsing attributes in process `syz.1.560'. [ 78.060494][ T7627] pimreg: entered allmulticast mode [ 78.093527][ T7629] netlink: 8 bytes leftover after parsing attributes in process `syz.1.567'. [ 78.100520][ T7629] netlink: 44 bytes leftover after parsing attributes in process `syz.1.567'. [ 78.239708][ T7641] netlink: 'syz.3.572': attribute type 16 has an invalid length. [ 78.247658][ T7641] netlink: 12 bytes leftover after parsing attributes in process `syz.3.572'. [ 78.291471][ T40] kauditd_printk_skb: 344 callbacks suppressed [ 78.291485][ T40] audit: type=1326 audit(1767129541.370:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.292712][ T7655] syz_tun: entered allmulticast mode [ 78.294279][ T40] audit: type=1326 audit(1767129541.370:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.303510][ T7653] syz_tun: left allmulticast mode [ 78.314790][ T40] audit: type=1326 audit(1767129541.370:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.324872][ T40] audit: type=1326 audit(1767129541.370:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.332915][ T40] audit: type=1326 audit(1767129541.370:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.340143][ T40] audit: type=1326 audit(1767129541.370:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.347250][ T40] audit: type=1326 audit(1767129541.370:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.354156][ T40] audit: type=1326 audit(1767129541.370:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.361344][ T40] audit: type=1326 audit(1767129541.370:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.368380][ T40] audit: type=1326 audit(1767129541.370:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.1.578" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 78.405225][ T7666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.582'. [ 78.405726][ T7667] netlink: 28 bytes leftover after parsing attributes in process `syz.3.579'. [ 78.408412][ T7666] netlink: 44 bytes leftover after parsing attributes in process `syz.2.582'. [ 78.561681][ T7677] netlink: 'syz.0.586': attribute type 16 has an invalid length. [ 78.613136][ T7690] syz_tun: entered allmulticast mode [ 78.628412][ T7688] syz_tun: left allmulticast mode [ 79.018554][ T7715] netlink: 'syz.2.599': attribute type 16 has an invalid length. [ 79.251749][ T7726] syz_tun: entered allmulticast mode [ 79.267766][ T7725] syz_tun: left allmulticast mode [ 80.170323][ T7798] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.347861][ T7809] netlink: 'syz.2.633': attribute type 16 has an invalid length. [ 80.974400][ T7889] syz_tun: entered allmulticast mode [ 80.984016][ T7884] syz_tun: left allmulticast mode [ 81.724737][ T7954] __nla_validate_parse: 10 callbacks suppressed [ 81.724748][ T7954] netlink: 28 bytes leftover after parsing attributes in process `syz.1.694'. [ 81.808626][ T7964] syz_tun: entered allmulticast mode [ 81.812946][ T7963] syz_tun: left allmulticast mode [ 81.884507][ T7971] program syz.1.700 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 81.938804][ T7975] syzkaller1: entered promiscuous mode [ 81.941419][ T7975] syzkaller1: entered allmulticast mode [ 82.475020][ T8012] syz_tun: entered allmulticast mode [ 82.481120][ T8011] syz_tun: left allmulticast mode [ 82.769741][ T8030] syz_tun: entered allmulticast mode [ 82.779212][ T8030] pimreg: entered allmulticast mode [ 82.786301][ T8029] syz_tun: left allmulticast mode [ 83.033166][ T8048] netlink: 8 bytes leftover after parsing attributes in process `syz.1.731'. [ 83.037237][ T8048] netlink: 44 bytes leftover after parsing attributes in process `syz.1.731'. [ 83.181771][ T8052] netlink: 28 bytes leftover after parsing attributes in process `syz.1.732'. [ 83.255984][ T40] kauditd_printk_skb: 176 callbacks suppressed [ 83.255999][ T40] audit: type=1326 audit(1767129546.577:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.259303][ T8057] syz_tun: entered allmulticast mode [ 83.262352][ T8056] syz_tun: left allmulticast mode [ 83.274278][ T40] audit: type=1326 audit(1767129546.577:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.282530][ T40] audit: type=1326 audit(1767129546.577:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.290316][ T40] audit: type=1326 audit(1767129546.577:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.298478][ T40] audit: type=1326 audit(1767129546.577:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.307214][ T40] audit: type=1326 audit(1767129546.577:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.317609][ T40] audit: type=1326 audit(1767129546.577:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.328552][ T40] audit: type=1326 audit(1767129546.577:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.338003][ T40] audit: type=1326 audit(1767129546.577:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 83.349049][ T40] audit: type=1326 audit(1767129546.577:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.734" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 84.163900][ T8108] netlink: 260 bytes leftover after parsing attributes in process `syz.2.756'. [ 84.628637][ T8129] netlink: 12 bytes leftover after parsing attributes in process `syz.2.765'. [ 84.760906][ T8135] netlink: 'syz.2.767': attribute type 16 has an invalid length. [ 84.764370][ T8135] netlink: 4 bytes leftover after parsing attributes in process `syz.2.767'. [ 84.879248][ T8147] syz_tun: entered allmulticast mode [ 85.269613][ T8168] syz_tun: entered allmulticast mode [ 85.773695][ T909] cfg80211: failed to load regulatory.db [ 85.835250][ T8193] syz_tun: entered allmulticast mode [ 85.928936][ T8200] hub 1-0:1.0: USB hub found [ 85.930670][ T8200] hub 1-0:1.0: 2 ports detected [ 86.055102][ T8216] netlink: 28 bytes leftover after parsing attributes in process `syz.2.803'. [ 86.332914][ T8255] netlink: 28 bytes leftover after parsing attributes in process `syz.2.817'. [ 86.811541][ T8286] netlink: 8 bytes leftover after parsing attributes in process `syz.1.831'. [ 86.814847][ T8286] netlink: 44 bytes leftover after parsing attributes in process `syz.1.831'. [ 86.864078][ T8291] netlink: 'syz.3.832': attribute type 16 has an invalid length. [ 86.866800][ T8291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.832'. [ 87.011554][ T8293] netlink: 28 bytes leftover after parsing attributes in process `syz.3.833'. [ 87.628351][ T8322] netlink: 124 bytes leftover after parsing attributes in process `syz.3.844'. [ 87.631503][ T8322] netlink: 24 bytes leftover after parsing attributes in process `syz.3.844'. [ 87.834043][ T8348] netlink: 76 bytes leftover after parsing attributes in process `syz.2.857'. [ 88.331405][ T8387] syz_tun: entered allmulticast mode [ 88.353228][ T8386] syz_tun: left allmulticast mode [ 88.572051][ T8394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.875'. [ 88.575184][ T8394] netlink: 44 bytes leftover after parsing attributes in process `syz.3.875'. [ 88.765852][ T8302] Set syz1 is full, maxelem 65536 reached [ 88.775591][ T8410] netlink: 28 bytes leftover after parsing attributes in process `syz.3.880'. [ 89.071415][ T8439] netlink: 'syz.1.891': attribute type 10 has an invalid length. [ 89.093438][ T8439] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 89.524916][ T8472] syz.0.903 uses obsolete (PF_INET,SOCK_PACKET) [ 89.530312][ T8472] binder: 8471:8472 ioctl 80089418 0 returned -22 [ 89.567757][ T8477] bridge0: port 3(wlan1) entered blocking state [ 89.572065][ T8477] bridge0: port 3(wlan1) entered disabled state [ 89.574828][ T8477] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 89.579112][ T8477] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 90.692770][ T8442] Set syz1 is full, maxelem 65536 reached [ 91.414524][ T8564] tipc: Started in network mode [ 91.416454][ T8564] tipc: Node identity 32edd18a1e8f, cluster identity 4711 [ 91.418954][ T8564] tipc: Enabled bearer , priority 0 [ 91.422929][ T8565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 91.447379][ T8564] syzkaller0: entered promiscuous mode [ 91.449869][ T8564] syzkaller0: entered allmulticast mode [ 91.452997][ T8564] tipc: Resetting bearer [ 91.462316][ T8562] tipc: Resetting bearer [ 91.477396][ T8565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 91.482290][ T8565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 92.005405][ T8586] __nla_validate_parse: 14 callbacks suppressed [ 92.005416][ T8586] netlink: 8 bytes leftover after parsing attributes in process `syz.2.946'. [ 92.010549][ T8586] netlink: 44 bytes leftover after parsing attributes in process `syz.2.946'. [ 92.262013][ T8562] tipc: Disabling bearer [ 92.267012][ T8565] warning: `syz.0.939' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 92.437889][ T8593] netlink: 28 bytes leftover after parsing attributes in process `syz.1.947'. [ 92.733644][ T8597] netlink: 'syz.0.949': attribute type 10 has an invalid length. [ 92.752758][ T8597] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 92.825400][ T8579] infiniband syz1: set active [ 92.828154][ T8579] infiniband syz1: added syz_tun [ 92.837221][ T8607] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 92.837221][ T8607] program syz.0.953 not setting count and/or reply_len properly [ 92.862747][ T8579] RDS/IB: syz1: added [ 92.864380][ T8579] smc: adding ib device syz1 with port count 1 [ 92.868500][ T8579] smc: ib device syz1 port 1 has no pnetid [ 92.889573][ T8612] netlink: 'syz.0.955': attribute type 10 has an invalid length. [ 92.895897][ T8612] syz_tun: entered promiscuous mode [ 92.901441][ T8612] netlink: 'syz.0.955': attribute type 10 has an invalid length. [ 92.907968][ T8612] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.911990][ T8612] team0: Port device bond0 added [ 92.926785][ T8612] ipvlan2: entered promiscuous mode [ 92.928555][ T8612] ipvlan2: entered allmulticast mode [ 92.930360][ T8612] team0: entered allmulticast mode [ 92.932081][ T8612] team_slave_0: entered allmulticast mode [ 92.933891][ T8612] team_slave_1: entered allmulticast mode [ 92.937681][ T8612] bond0: entered allmulticast mode [ 92.939377][ T8612] bond_slave_0: entered allmulticast mode [ 92.941259][ T8612] bond_slave_1: entered allmulticast mode [ 92.942992][ T8612] syz_tun: entered allmulticast mode [ 92.982205][ T8612] bond0: (slave syz_tun): Releasing backup interface [ 92.985903][ T8612] syz_tun: left allmulticast mode [ 92.993181][ T8612] bond0: left allmulticast mode [ 92.995596][ T8612] bond_slave_0: left allmulticast mode [ 92.997852][ T8612] bond_slave_1: left allmulticast mode [ 93.002876][ T8612] team0: Port device bond0 removed [ 93.006817][ T8612] bridge_slave_0: left allmulticast mode [ 93.008731][ T8612] bridge_slave_0: left promiscuous mode [ 93.012015][ T8612] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.018411][ T8612] bridge_slave_1: left allmulticast mode [ 93.021923][ T8612] bridge_slave_1: left promiscuous mode [ 93.023872][ T8612] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.038942][ T8612] bond0: (slave bond_slave_0): Releasing backup interface [ 93.045220][ T8612] bond0: (slave bond_slave_1): Releasing backup interface [ 93.050788][ T8612] team_slave_0: left allmulticast mode [ 93.054925][ T8612] team0: Port device team_slave_0 removed [ 93.057462][ T8612] team_slave_1: left allmulticast mode [ 93.062284][ T8612] team0: Port device team_slave_1 removed [ 93.065046][ T8612] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 93.068214][ T8612] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 93.072535][ T8612] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 93.075059][ T8612] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 93.079192][ T8612] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 93.896636][ T34] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 94.050340][ T34] usb 6-1: Using ep0 maxpacket: 8 [ 94.058275][ T34] usb 6-1: config 0 has no interfaces? [ 94.060718][ T34] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 94.063751][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.070469][ T34] usb 6-1: config 0 descriptor?? [ 94.227337][ T8655] netlink: 28 bytes leftover after parsing attributes in process `syz.0.969'. [ 94.270847][ T29] usb 6-1: USB disconnect, device number 2 [ 94.274196][ T8669] netlink: 8 bytes leftover after parsing attributes in process `syz.3.975'. [ 94.279435][ T8669] netlink: 44 bytes leftover after parsing attributes in process `syz.3.975'. [ 94.363404][ T8676] bridge0: port 3(syz_tun) entered blocking state [ 94.366234][ T8676] bridge0: port 3(syz_tun) entered disabled state [ 94.369689][ T8676] syz_tun: entered promiscuous mode [ 94.373429][ T8676] bridge0: port 3(syz_tun) entered blocking state [ 94.375758][ T8676] bridge0: port 3(syz_tun) entered forwarding state [ 94.469507][ T8687] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 95.071593][ T8711] netlink: 28 bytes leftover after parsing attributes in process `syz.2.992'. [ 95.449146][ T8750] netlink: 'syz.3.1006': attribute type 10 has an invalid length. [ 95.460707][ T8750] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 95.511905][ T8754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1008'. [ 95.514813][ T8754] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1008'. [ 95.777141][ T8779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1017'. [ 96.211243][ T8818] netlink: 'syz.1.1031': attribute type 10 has an invalid length. [ 96.214382][ T8818] syz_tun: entered promiscuous mode [ 96.218883][ T8818] netlink: 'syz.1.1031': attribute type 10 has an invalid length. [ 96.226781][ T8818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.230449][ T8818] team0: Port device bond0 added [ 96.241301][ T8818] ipvlan2: entered promiscuous mode [ 96.243076][ T8818] ipvlan2: entered allmulticast mode [ 96.244841][ T8818] team0: entered allmulticast mode [ 96.246542][ T8818] team_slave_0: entered allmulticast mode [ 96.248451][ T8818] team_slave_1: entered allmulticast mode [ 96.250912][ T8818] bond0: entered allmulticast mode [ 96.252649][ T8818] bond_slave_0: entered allmulticast mode [ 96.254584][ T8818] bond_slave_1: entered allmulticast mode [ 96.304406][ T8826] netlink: 'syz.0.1034': attribute type 10 has an invalid length. [ 96.308060][ T8826] syz_tun: left promiscuous mode [ 96.361763][ T8831] tipc: Started in network mode [ 96.366424][ T8831] tipc: Node identity ac14140f, cluster identity 4711 [ 96.370018][ T8831] tipc: New replicast peer: 255.255.255.255 [ 96.373812][ T8831] tipc: Enabled bearer , priority 10 [ 96.578604][ T8852] netlink: 'syz.0.1044': attribute type 10 has an invalid length. [ 96.927157][ T8884] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 97.450942][ T24] tipc: Node number set to 2886997007 [ 97.477240][ T8924] __nla_validate_parse: 2 callbacks suppressed [ 97.477252][ T8924] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1071'. [ 97.649511][ T8944] netlink: 'syz.0.1079': attribute type 10 has an invalid length. [ 98.004474][ T8974] netlink: 'syz.1.1091': attribute type 10 has an invalid length. [ 98.010543][ T8974] syz_tun: left promiscuous mode [ 98.399348][ T9011] syzkaller1: entered promiscuous mode [ 98.401813][ T9011] syzkaller1: entered allmulticast mode [ 98.563430][ T34] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 98.581238][ T9017] syz_tun: entered allmulticast mode [ 98.584923][ T9016] syz_tun: left allmulticast mode [ 98.727448][ T34] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 98.734981][ T34] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 98.741881][ T34] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 98.745837][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.749090][ T34] usb 7-1: Product: syz [ 98.750803][ T34] usb 7-1: Manufacturer: syz [ 98.752816][ T34] usb 7-1: SerialNumber: syz [ 98.764897][ T34] cdc_mbim 7-1:1.0: skipping garbage [ 98.952559][ T9004] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 99.447010][ T9085] netlink: 'syz.0.1138': attribute type 10 has an invalid length. [ 99.449847][ T9085] syz_tun: entered promiscuous mode [ 99.463187][ T9085] netlink: 'syz.0.1138': attribute type 10 has an invalid length. [ 99.467142][ T9085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.470093][ T9085] bond0: entered allmulticast mode [ 99.472499][ T9085] team0: Port device bond0 added [ 99.479383][ T9085] bond0: left allmulticast mode [ 99.483136][ T9085] team0: Port device bond0 removed [ 99.489239][ T9085] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 99.530117][ T9004] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 99.534754][ T34] cdc_mbim 7-1:1.0: setting tx_max = 16384 [ 99.541996][ T34] cdc_mbim 7-1:1.0: cdc-wdm0: USB WDM device [ 99.548322][ T34] wwan wwan0: port wwan0mbim0 attached [ 99.558644][ T34] cdc_mbim 7-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, 46:31:8a:39:cf:a8 [ 99.744361][ C2] cdc_mbim 7-1:1.0: nonzero urb status received: -71 [ 99.747188][ C2] cdc_mbim 7-1:1.0: wdm_int_callback - 0 bytes [ 99.750588][ C2] cdc_mbim 7-1:1.0: nonzero urb status received: -71 [ 99.753509][ C2] cdc_mbim 7-1:1.0: wdm_int_callback - 0 bytes [ 99.756718][ C2] cdc_mbim 7-1:1.0: nonzero urb status received: -71 [ 99.759659][ C2] cdc_mbim 7-1:1.0: wdm_int_callback - 0 bytes [ 99.762456][ C2] cdc_mbim 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 99.772842][ T24] usb 7-1: USB disconnect, device number 2 [ 99.777603][ T5652] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 99.782192][ T24] cdc_mbim 7-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM [ 99.847457][ T9111] syz1: rxe_newlink: already configured on syz_tun [ 99.897602][ T24] wwan wwan0: port wwan0mbim0 disconnected [ 100.017564][ T9111] smc: removing ib device syz1 [ 100.356927][ T9145] syz_tun: entered allmulticast mode [ 100.360026][ T9144] syz_tun: left allmulticast mode [ 100.429633][ T9154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1158'. [ 100.497021][ T9158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1161'. [ 100.500076][ T9158] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1161'. [ 100.637140][ T9170] syz_tun: entered allmulticast mode [ 100.641304][ T9169] syz_tun: left allmulticast mode [ 100.686329][ T9167] infiniband syz1: set active [ 100.689241][ T9167] infiniband syz1: added syz_tun [ 100.717116][ T9167] RDS/IB: syz1: added [ 100.718604][ T9167] smc: adding ib device syz1 with port count 1 [ 100.720634][ T9167] smc: ib device syz1 port 1 has no pnetid [ 101.670837][ T9219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1184'. [ 101.674733][ T9219] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1184'. [ 102.246310][ T9268] gretap0: entered promiscuous mode [ 102.263643][ T9268] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1203'. [ 102.267858][ T9268] gretap0: left promiscuous mode [ 102.278512][ T9271] netlink: 'syz.3.1204': attribute type 10 has an invalid length. [ 102.283737][ T9271] syz_tun: entered promiscuous mode [ 102.289381][ T9271] netlink: 'syz.3.1204': attribute type 10 has an invalid length. [ 102.299312][ T9271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.310521][ T9271] team0: Port device bond0 added [ 102.322624][ T9271] bond0: (slave syz_tun): Releasing backup interface [ 102.381349][ T9271] team0: Port device bond0 removed [ 102.387809][ T9271] bridge_slave_0: left allmulticast mode [ 102.390421][ T9271] bridge_slave_0: left promiscuous mode [ 102.393029][ T9271] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.399556][ T9271] bridge_slave_1: left allmulticast mode [ 102.402467][ T9271] bridge_slave_1: left promiscuous mode [ 102.404964][ T9271] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.412806][ T9271] bond0: (slave bond_slave_0): Releasing backup interface [ 102.422597][ T9271] bond0: (slave bond_slave_1): Releasing backup interface [ 102.428126][ T9271] team0: Port device team_slave_0 removed [ 102.434249][ T9271] team0: Port device team_slave_1 removed [ 102.436637][ T9271] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.439083][ T9271] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 102.443083][ T9271] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.445587][ T9271] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 102.449761][ T9271] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 102.475035][ T9279] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1207'. [ 102.479321][ T9279] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1207'. [ 102.556542][ T9286] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1209'. [ 102.773014][ T9303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1218'. [ 102.782632][ T6011] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 102.924239][ T9315] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 102.924239][ T9315] program syz.3.1223 not setting count and/or reply_len properly [ 102.930555][ T6011] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 102.934053][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 102.939653][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 102.943852][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 102.947127][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 102.950099][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 102.953647][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 102.956944][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 102.960124][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 102.963907][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 102.966882][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 102.970082][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 102.973861][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 102.978069][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 102.981029][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 102.986495][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 102.992781][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 103.000024][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 103.005081][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 103.008235][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 103.011333][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 103.014883][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 103.018042][ T6011] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 103.021205][ T6011] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 103.024982][ T6011] usb 6-1: config 64 interface 0 has no altsetting 0 [ 103.029475][ T6011] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 103.032547][ T6011] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 103.035160][ T6011] usb 6-1: Product: syz [ 103.036519][ T6011] usb 6-1: Manufacturer: syz [ 103.038204][ T6011] usb 6-1: SerialNumber: syz [ 103.061389][ T6011] yurex 6-1:64.0: USB YUREX device now attached to Yurex #0 [ 103.068070][ T9320] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1225'. [ 103.128275][ T9324] binder: 9323:9324 ioctl c0306201 800001c0 returned -14 [ 103.159330][ T9328] netlink: 'syz.0.1229': attribute type 10 has an invalid length. [ 103.172574][ T9328] netlink: 'syz.0.1229': attribute type 10 has an invalid length. [ 103.176509][ T9328] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.179541][ T9328] bond0: entered allmulticast mode [ 103.182027][ T9328] team0: Port device bond0 added [ 103.188658][ T9328] bond0: left allmulticast mode [ 103.196439][ T9328] team0: Port device bond0 removed [ 103.204153][ T9328] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 103.299503][ T9334] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1232'. [ 103.430053][ T9349] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 103.430053][ T9349] program syz.0.1238 not setting count and/or reply_len properly [ 103.510848][ T9354] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1240'. [ 103.663733][ T9367] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1245'. [ 103.710074][ T9372] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 103.710074][ T9372] program syz.2.1247 not setting count and/or reply_len properly [ 103.800295][ T9378] netlink: 'syz.0.1250': attribute type 10 has an invalid length. [ 103.823185][ T9378] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 104.410575][ T9403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1260'. [ 104.706877][ T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 104.716328][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.854854][ T9419] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 104.854854][ T9419] program syz.3.1267 not setting count and/or reply_len properly [ 104.865212][ T24] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 104.878238][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.881672][ T24] usb 7-1: Product: syz [ 104.884431][ T24] usb 7-1: Manufacturer: syz [ 104.886669][ T24] usb 7-1: SerialNumber: syz [ 105.034260][ T9429] syz_tun: entered allmulticast mode [ 105.038562][ T9428] syz_tun: left allmulticast mode [ 105.201705][ C0] usb 6-1: yurex_control_callback - control failed: -2 [ 105.205148][ C0] usb 6-1: yurex_control_callback - control failed: -32 [ 105.209440][ T6011] usb 6-1: USB disconnect, device number 3 [ 105.213637][ T6011] yurex 6-1:64.0: USB YUREX #0 now disconnected [ 105.259301][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.268931][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.286427][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 105.298142][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 105.317046][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.653224][ T9445] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 105.653224][ T9445] program syz.0.1280 not setting count and/or reply_len properly [ 105.745043][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.878695][ T9455] syz_tun: entered allmulticast mode [ 105.881740][ T9453] syz_tun: left allmulticast mode [ 106.071100][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -EPROTO [ 106.075015][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 106.099302][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 106.109278][ T24] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71 [ 106.115107][ T24] usb 7-1: USB disconnect, device number 3 [ 106.176779][ T9472] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 106.176779][ T9472] program syz.0.1291 not setting count and/or reply_len properly [ 106.327104][ T9484] rdma_rxe: rxe_newlink: failed to add syz_tun [ 106.886145][ T9505] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 106.886145][ T9505] program syz.0.1303 not setting count and/or reply_len properly [ 106.985434][ T9512] netlink: 'syz.0.1306': attribute type 10 has an invalid length. [ 107.203340][ T9512] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.206398][ T9512] bond0: entered allmulticast mode [ 107.208626][ T9512] team0: Port device bond0 added [ 107.213556][ T9513] bond0: left allmulticast mode [ 107.221051][ T9513] team0: Port device bond0 removed [ 107.230600][ T9513] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 107.380349][ T9527] __nla_validate_parse: 4 callbacks suppressed [ 107.380365][ T9527] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1312'. [ 107.389643][ T9527] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1312'. [ 107.507900][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 107.513295][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 107.878075][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 107.899073][ T9545] netlink: 'syz.3.1319': attribute type 10 has an invalid length. [ 107.902474][ T9545] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.906180][ T9545] team0: Port device bond0 added [ 107.913126][ T9545] team0: Port device bond0 removed [ 107.919172][ T9545] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 108.288072][ T24] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 108.413987][ T9562] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1325'. [ 108.432216][ T24] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 108.435808][ T24] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 108.451187][ T24] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 108.454164][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.457133][ T24] usb 8-1: Product: syz [ 108.458912][ T24] usb 8-1: Manufacturer: syz [ 108.461094][ T24] usb 8-1: SerialNumber: syz [ 108.472551][ T24] cdc_mbim 8-1:1.0: skipping garbage [ 108.681286][ T9555] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 108.907190][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.240997][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.278103][ T9555] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 109.281188][ T24] cdc_mbim 8-1:1.0: setting tx_max = 16384 [ 109.284769][ T24] cdc_mbim 8-1:1.0: cdc-wdm0: USB WDM device [ 109.290166][ T24] wwan wwan0: port wwan0mbim0 attached [ 109.295567][ T9593] process 'syz.1.1335' launched '/dev/fd/8' with NULL argv: empty string added [ 109.300347][ T24] cdc_mbim 8-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 26:71:8b:a9:d1:08 [ 109.308918][ T9578] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1332'. [ 109.483274][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.485636][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.489333][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.491514][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.493706][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.496126][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.498371][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.500815][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.503750][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.506516][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.508781][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.510982][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.513199][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.515836][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.518463][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.520634][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.522849][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.525394][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.536044][ C2] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 109.538996][ C2] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 109.546458][ T34] usb 8-1: USB disconnect, device number 2 [ 109.549707][ T34] cdc_mbim 8-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM [ 109.583584][ T5652] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 109.690710][ T9612] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1339'. [ 109.730263][ T34] wwan wwan0: port wwan0mbim0 disconnected [ 110.794296][ T9656] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1351'. [ 110.980713][ T9671] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1359'. [ 110.987099][ T9671] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1359'. [ 111.734162][ T9702] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1371'. [ 111.810540][ T9708] netlink: 'syz.3.1372': attribute type 10 has an invalid length. [ 111.815074][ T9708] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.819564][ T9708] team0: Port device bond0 added [ 111.832028][ T9708] team0: Port device bond0 removed [ 111.838448][ T9708] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 112.259254][ T9726] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 112.539461][ T9738] netlink: 'syz.3.1385': attribute type 10 has an invalid length. [ 112.547265][ T9738] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.551708][ T9738] team0: Port device bond0 added [ 112.561957][ T9738] team0: Port device bond0 removed [ 112.572237][ T9738] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 113.051408][ T9757] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer. [ 113.328548][ T9772] ubi31: attaching mtd0 [ 113.343740][ T9772] ubi31: scanning is finished [ 113.346247][ T9772] ubi31: empty MTD device detected [ 113.486174][ T9772] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 113.492739][ T9772] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 113.495508][ T9772] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 113.499009][ T9772] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 113.501698][ T9772] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 113.504181][ T9772] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 113.519663][ T9772] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3251243556 [ 113.530534][ T9772] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 113.545997][ T9775] ubi31: background thread "ubi_bgt31d" started, PID 9775 [ 113.908825][ T9778] netlink: 'syz.2.1399': attribute type 10 has an invalid length. [ 113.919664][ T9778] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.924234][ T9778] team0: Port device bond0 added [ 113.933071][ T9778] syz_tun: left promiscuous mode [ 113.935488][ T9778] bridge0: port 3(syz_tun) entered disabled state [ 113.945016][ T9778] team0: Port device bond0 removed [ 113.951925][ T9778] bridge_slave_0: left allmulticast mode [ 113.954343][ T9778] bridge_slave_0: left promiscuous mode [ 113.957567][ T9778] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.963640][ T9778] bridge_slave_1: left allmulticast mode [ 113.966483][ T9778] bridge_slave_1: left promiscuous mode [ 113.968508][ T9778] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.985764][ T9778] bond0: (slave bond_slave_0): Releasing backup interface [ 113.992057][ T9778] bond0: (slave bond_slave_1): Releasing backup interface [ 114.002914][ T9778] team0: Port device team_slave_0 removed [ 114.009427][ T9778] team0: Port device team_slave_1 removed [ 114.012780][ T9778] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 114.016206][ T9778] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 114.020421][ T9778] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 114.025001][ T9778] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.030011][ T9778] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 114.212023][ T34] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 114.258759][ T9789] syz_tun: entered allmulticast mode [ 114.268392][ T9788] syz_tun: left allmulticast mode [ 114.376274][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 114.380205][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.385119][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.388863][ T34] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 114.400237][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.407169][ T34] usb 6-1: config 0 descriptor?? [ 114.408310][ T9801] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 114.408310][ T9801] program syz.2.1411 not setting count and/or reply_len properly [ 114.409222][ T9799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1410'. [ 114.422485][ T9799] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1410'. [ 114.707246][ T9813] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1416'. [ 114.829005][ T34] savu 0003:1E7D:2D5A.0003: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 114.850505][ T9824] syz_tun: entered allmulticast mode [ 114.857558][ T9823] syz_tun: left allmulticast mode [ 115.063035][ T6011] usb 6-1: USB disconnect, device number 4 [ 115.789607][ T9869] rdma_rxe: rxe_newlink: failed to add syz_tun [ 115.794599][ T9868] netlink: 'syz.2.1438': attribute type 10 has an invalid length. [ 115.801445][ T9868] 8021q: adding VLAN 0 to HW filter on device bond0 [ 115.809891][ T9868] team0: Port device bond0 added [ 115.824059][ T9868] team0: Port device bond0 removed [ 115.833163][ T9868] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 116.018364][ T9887] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1447'. [ 116.022365][ T9887] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1447'. [ 116.294795][ T9901] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 116.294795][ T9901] program syz.0.1452 not setting count and/or reply_len properly [ 116.646956][ T9908] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1455'. [ 117.063550][ T9931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1464'. [ 117.066573][ T9931] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1464'. [ 117.181920][ T9940] netlink: 'syz.0.1468': attribute type 10 has an invalid length. [ 117.186137][ T9940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.188942][ T9940] bond0: entered allmulticast mode [ 117.192019][ T9940] team0: Port device bond0 added [ 117.199346][ T9940] bond0: left allmulticast mode [ 117.206771][ T9940] team0: Port device bond0 removed [ 117.217694][ T9940] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 117.330788][ T9956] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1476'. [ 117.335918][ T9956] syz.1.1476: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 117.345072][ T9956] CPU: 2 UID: 0 PID: 9956 Comm: syz.1.1476 Not tainted syzkaller #0 PREEMPT(full) [ 117.345100][ T9956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 117.345113][ T9956] Call Trace: [ 117.345120][ T9956] [ 117.345128][ T9956] dump_stack_lvl+0x16c/0x1f0 [ 117.345162][ T9956] warn_alloc+0x248/0x3a0 [ 117.345190][ T9956] ? __pfx_warn_alloc+0x10/0x10 [ 117.345213][ T9956] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 117.345240][ T9956] ? lockdep_hardirqs_on+0x7c/0x110 [ 117.345270][ T9956] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 117.345305][ T9956] ? kasan_save_stack+0x42/0x60 [ 117.345331][ T9956] ? kasan_save_stack+0x33/0x60 [ 117.345356][ T9956] ? kasan_save_track+0x14/0x30 [ 117.345384][ T9956] ? xskq_create+0xfb/0x1d0 [ 117.345428][ T9956] __vmalloc_node_range_noprof+0x12c2/0x16b0 [ 117.345458][ T9956] ? xskq_create+0xfb/0x1d0 [ 117.345487][ T9956] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 117.345519][ T9956] ? xskq_create+0xfb/0x1d0 [ 117.345542][ T9956] vmalloc_user_noprof+0x9e/0xe0 [ 117.345562][ T9956] ? xskq_create+0xfb/0x1d0 [ 117.345585][ T9956] xskq_create+0xfb/0x1d0 [ 117.345610][ T9956] xsk_setsockopt+0x932/0xc00 [ 117.345640][ T9956] ? __pfx_xsk_setsockopt+0x10/0x10 [ 117.345669][ T9956] ? aa_sock_opt_perm+0xfd/0x1b0 [ 117.345702][ T9956] ? __pfx_xsk_setsockopt+0x10/0x10 [ 117.345726][ T9956] do_sock_setsockopt+0xf3/0x1d0 [ 117.345761][ T9956] __sys_setsockopt+0x120/0x1a0 [ 117.345788][ T9956] __ia32_sys_setsockopt+0xbc/0x160 [ 117.345809][ T9956] ? __do_fast_syscall_32+0x9a/0x680 [ 117.345838][ T9956] ? lockdep_hardirqs_on+0x7c/0x110 [ 117.345865][ T9956] __do_fast_syscall_32+0xe8/0x680 [ 117.345896][ T9956] do_fast_syscall_32+0x32/0x80 [ 117.345926][ T9956] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 117.345950][ T9956] RIP: 0023:0xf70bd579 [ 117.345965][ T9956] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 117.345983][ T9956] RSP: 002b:00000000f54ad55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 117.346002][ T9956] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 117.346014][ T9956] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004 [ 117.346025][ T9956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 117.346035][ T9956] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 117.346045][ T9956] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 117.346071][ T9956] [ 117.353669][ T9960] rdma_rxe: rxe_newlink: failed to add syz_tun [ 117.354969][ T9956] Mem-Info: [ 117.355022][ T9956] active_anon:718 inactive_anon:2782 isolated_anon:0 [ 117.355022][ T9956] active_file:2727 inactive_file:9685 isolated_file:0 [ 117.355022][ T9956] unevictable:48872 dirty:329 writeback:0 [ 117.355022][ T9956] slab_reclaimable:5836 slab_unreclaimable:56783 [ 117.355022][ T9956] mapped:22777 shmem:49074 pagetables:1232 [ 117.355022][ T9956] sec_pagetables:311 bounce:0 [ 117.355022][ T9956] kernel_misc_reclaimable:0 [ 117.355022][ T9956] free:40576 free_pcp:8580 free_cma:0 [ 117.355102][ T9956] Node 0 active_anon:0kB inactive_anon:0kB active_file:12kB inactive_file:16kB unevictable:10124kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:16kB writeback:0kB shmem:10124kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8564kB pagetables:1816kB sec_pagetables:1140kB all_unreclaimable? yes Balloon:0kB [ 117.355182][ T9956] Node 1 active_anon:2872kB inactive_anon:11128kB active_file:10896kB inactive_file:38724kB unevictable:185364kB isolated(anon):0kB isolated(file):0kB mapped:91084kB dirty:1300kB writeback:0kB shmem:186172kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6344kB pagetables:3112kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB [ 117.355232][ T9956] Node 0 DMA free:1812kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:492kB local_pcp:4kB free_cma:0kB [ 117.507855][ T9956] lowmem_reserve[]: 0 289 289 289 289 [ 117.509812][ T9956] Node 0 DMA32 free:13496kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:196KB active_anon:0kB inactive_anon:0kB active_file:12kB inactive_file:16kB unevictable:10124kB writepending:16kB zspages:1092kB present:1032196kB managed:296812kB mlocked:0kB bounce:0kB free_pcp:8456kB local_pcp:2220kB free_cma:0kB [ 117.521006][ T9956] lowmem_reserve[]: 0 0 0 0 0 [ 117.522681][ T9956] Node 1 DMA32 free:122096kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:14472kB inactive_anon:11128kB active_file:10896kB inactive_file:38724kB unevictable:191064kB writepending:1300kB zspages:3740kB present:1048432kB managed:948212kB mlocked:5800kB bounce:0kB free_pcp:33552kB local_pcp:7476kB free_cma:0kB [ 117.535685][ T9956] lowmem_reserve[]: 0 0 0 0 0 [ 117.538133][ T9956] Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (M) 2*32kB (UM) 3*64kB (U) 0*128kB 2*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1812kB [ 117.544117][ T9956] Node 0 DMA32: 16*4kB (UEH) 15*8kB (UEH) 38*16kB (UEH) 133*32kB (UMEH) 32*64kB (UME) 10*128kB (UME) 4*256kB (UM) 2*512kB (ME) 3*1024kB (UM) 0*2048kB 0*4096kB = 13496kB [ 117.552437][ T9956] Node 1 DMA32: 1533*4kB (UME) 1105*8kB (UE) 874*16kB (UME) 206*32kB (UME) 139*64kB (UME) 108*128kB (UME) 62*256kB (UME) 26*512kB (UME) 8*1024kB (UM) 7*2048kB (UM) 2*4096kB (UM) = 118172kB [ 117.561385][ T9956] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 117.565849][ T9956] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 117.570039][ T9956] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 117.574439][ T9956] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 117.578427][ T9956] 68058 total pagecache pages [ 117.580277][ T9956] 926 pages in swap cache [ 117.582046][ T9956] Free swap = 108752kB [ 117.583774][ T9956] Total swap = 124996kB [ 117.585432][ T9956] 524155 pages RAM [ 117.587512][ T9956] 0 pages HighMem/MovableOnly [ 117.589463][ T9956] 209059 pages reserved [ 117.590924][ T9956] 0 pages cma reserved [ 119.129148][ T9994] syz1: rxe_newlink: already configured on syz_tun [ 120.279764][T10008] syz_tun: entered allmulticast mode [ 120.302636][T10006] syz_tun: left allmulticast mode [ 121.291188][T10046] rdma_rxe: rxe_newlink: failed to add syz_tun [ 122.547332][ T40] kauditd_printk_skb: 193 callbacks suppressed [ 122.547346][ T40] audit: type=1804 audit(1767129587.839:855): pid=10067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1509" name="/newroot/396/file0" dev="tmpfs" ino=2026 res=1 errno=0 [ 122.687651][T10077] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 123.431979][ T6075] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 123.570216][T10106] rdma_rxe: rxe_newlink: failed to add syz_tun [ 123.575628][ T6075] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 123.580137][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.583963][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.588999][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.592379][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.596686][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.601344][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.605286][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.609225][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.614124][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.618211][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.622420][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.627113][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.630896][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.635027][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.639730][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.645188][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.648935][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.653835][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.657659][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.661840][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.666611][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.670237][ T6075] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 123.673378][ T6075] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 123.677266][ T6075] usb 7-1: config 64 interface 0 has no altsetting 0 [ 123.681729][ T6075] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 123.685154][ T6075] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 123.688316][ T6075] usb 7-1: Product: syz [ 123.689888][ T6075] usb 7-1: Manufacturer: syz [ 123.691537][ T6075] usb 7-1: SerialNumber: syz [ 123.710646][ T6075] yurex 7-1:64.0: USB YUREX device now attached to Yurex #0 [ 125.205978][T10142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1538'. [ 125.401123][T10151] bond0: (slave syz_tun): Releasing backup interface [ 125.416107][T10151] bond0: left allmulticast mode [ 125.417791][T10151] bond_slave_0: left allmulticast mode [ 125.419605][T10151] bond_slave_1: left allmulticast mode [ 125.425792][T10151] team0: Port device bond0 removed [ 125.431494][T10151] bridge_slave_0: left allmulticast mode [ 125.436989][T10151] bridge_slave_0: left promiscuous mode [ 125.439469][T10151] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.444963][T10151] bridge_slave_1: left allmulticast mode [ 125.446907][T10151] bridge_slave_1: left promiscuous mode [ 125.449246][T10151] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.462974][T10151] bond0: (slave bond_slave_0): Releasing backup interface [ 125.472763][T10151] bond0: (slave bond_slave_1): Releasing backup interface [ 125.478427][T10151] team_slave_0: left allmulticast mode [ 125.485119][T10151] team0: Port device team_slave_0 removed [ 125.487900][T10151] team_slave_1: left allmulticast mode [ 125.497368][T10151] team0: Port device team_slave_1 removed [ 125.501007][T10151] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 125.851081][ C3] usb 7-1: yurex_control_callback - control failed: -2 [ 125.854947][ C3] usb 7-1: yurex_control_callback - control failed: -32 [ 125.859178][ T34] usb 7-1: USB disconnect, device number 4 [ 125.866988][ T34] yurex 7-1:64.0: USB YUREX #0 now disconnected [ 126.049338][T10164] rdma_rxe: rxe_newlink: failed to add syz_tun [ 126.812962][T10199] Bluetooth: MGMT ver 1.23 [ 127.052188][T10215] bridge0: entered allmulticast mode [ 127.080202][T10215] netlink: 'syz.1.1565': attribute type 2 has an invalid length. [ 127.695276][T10229] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 127.881368][T10242] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.993995][T10249] random: crng reseeded on system resumption [ 128.209730][T10258] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 128.352692][T10262] syz1: rxe_newlink: already configured on syz_tun [ 128.961892][T10274] random: crng reseeded on system resumption [ 129.241570][ T6011] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 129.285403][T10284] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1595'. [ 129.366180][ T6011] usb 6-1: device descriptor read/64, error -71 [ 129.632805][ T6011] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 129.736368][T10299] x_tables: ip6_tables: NETMAP target: only valid in nat table, not syz1 [ 129.765330][ T6011] usb 6-1: device descriptor read/64, error -71 [ 129.872880][ T6011] usb usb6-port1: attempt power cycle [ 130.213499][ T6011] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 130.261847][ T6011] usb 6-1: device descriptor read/8, error -71 [ 130.508649][ T6011] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 130.537963][ T6011] usb 6-1: device descriptor read/8, error -71 [ 130.642855][ T6011] usb usb6-port1: unable to enumerate USB device [ 130.931897][T10322] loop6: detected capacity change from 0 to 7 [ 130.940351][T10322] Dev loop6: unable to read RDB block 7 [ 130.942410][T10322] loop6: unable to read partition table [ 130.944565][T10322] loop6: partition table beyond EOD, truncated [ 130.956611][T10322] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5) [ 131.290046][T10339] random: crng reseeded on system resumption [ 131.297680][T10339] Restarting kernel threads ... [ 131.300779][T10339] Done restarting kernel threads. [ 131.306235][T10339] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1612'. [ 131.530332][T10344] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 131.886870][T10364] random: crng reseeded on system resumption [ 133.666482][T10384] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 134.051511][T10393] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1634'. [ 134.344368][T10400] random: crng reseeded on system resumption [ 134.455656][T10411] rdma_rxe: rxe_newlink: failed to add syz_tun [ 134.549410][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 134.552239][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.474229][T10448] rdma_rxe: rxe_newlink: failed to add syz_tun [ 135.788991][ T24] Process accounting resumed [ 135.807570][T10451] Process accounting resumed [ 135.961180][ T24] kernel write not supported for file /ppp (pid: 24 comm: kworker/2:0) [ 135.972162][T10464] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1660'. [ 136.039512][T10464] faux_driver vgem: [drm] Unknown color mode 13; guessing buffer size. [ 136.843860][T10484] rdma_rxe: rxe_newlink: failed to add syz_tun [ 137.185441][ T34] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 137.217069][T10493] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1672'. [ 137.337833][ T34] usb 6-1: Using ep0 maxpacket: 16 [ 137.342327][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 137.348971][ T34] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 137.353401][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.357046][ T34] usb 6-1: Product: syz [ 137.358834][ T34] usb 6-1: Manufacturer: syz [ 137.360952][ T34] usb 6-1: SerialNumber: syz [ 137.366736][ T34] usb 6-1: config 0 descriptor?? [ 137.372568][ T34] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 137.377348][ T34] em28xx 6-1:0.0: DVB interface 0 found: bulk [ 137.580210][T10501] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd [ 137.904200][T10512] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1679'. [ 137.960860][ T34] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 138.321144][T10516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1681'. [ 138.356971][ T34] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 138.362301][ T34] em28xx 6-1:0.0: board has no eeprom [ 138.443828][T10524] rdma_rxe: rxe_newlink: failed to add syz_tun [ 138.699998][ T34] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 138.703846][ T34] em28xx 6-1:0.0: dvb set to bulk mode. [ 138.707375][ T6075] em28xx 6-1:0.0: Binding DVB extension [ 138.815026][T10490] em28xx 6-1:0.0: reading from i2c device at 0xfffe failed (error=-5) [ 138.820238][ T6011] usb 6-1: USB disconnect, device number 9 [ 138.826325][ T6011] em28xx 6-1:0.0: Disconnecting em28xx [ 138.848250][ T6075] em28xx 6-1:0.0: Registering input extension [ 138.854121][ T6011] em28xx 6-1:0.0: Closing input extension [ 138.879675][ T6011] em28xx 6-1:0.0: Freeing device [ 138.918837][ T909] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 139.062557][ T909] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 139.066929][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.070941][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.075316][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.078707][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.082763][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.087145][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.090759][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.094514][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.100187][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.103657][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.107316][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.111933][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.115325][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.119063][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.123554][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.126840][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.130541][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.135184][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.139127][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.142650][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.147608][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.150907][T10539] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1689'. [ 139.154154][ T909] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 139.157237][ T909] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.160981][ T909] usb 7-1: config 64 interface 0 has no altsetting 0 [ 139.167017][ T909] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 139.170560][ T909] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 139.173314][ T909] usb 7-1: Product: syz [ 139.174699][ T909] usb 7-1: Manufacturer: syz [ 139.179054][ T909] usb 7-1: SerialNumber: syz [ 139.187686][ T909] yurex 7-1:64.0: USB YUREX device now attached to Yurex #0 [ 139.198364][T10539] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1689'. [ 139.351111][T10546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1692'. [ 139.378450][ T6075] usb 7-1: USB disconnect, device number 5 [ 139.389071][ T6075] yurex 7-1:64.0: USB YUREX #0 now disconnected [ 139.510524][T10560] rdma_rxe: rxe_newlink: failed to add syz_tun [ 139.680616][ T34] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 139.862822][ T34] usb 8-1: config 0 has an invalid interface number: 3 but max is 2 [ 139.866508][ T34] usb 8-1: config 0 has an invalid interface number: 176 but max is 2 [ 139.870285][ T34] usb 8-1: config 0 has no interface number 1 [ 139.873786][ T34] usb 8-1: config 0 has no interface number 2 [ 139.876555][ T34] usb 8-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 139.880399][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.887930][ T34] usb 8-1: config 0 descriptor?? [ 140.048180][T10582] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1707'. [ 140.096772][ T34] qcserial 8-1:0.3: Qualcomm USB modem converter detected [ 140.288355][ T34] usb 8-1: USB disconnect, device number 3 [ 140.293208][ T34] qcserial 8-1:0.3: device disconnected [ 140.433108][ T6011] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 140.605030][ T6011] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 140.608893][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.613024][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.617128][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.621348][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.625569][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.630529][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.634867][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.638296][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.642835][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.647459][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.651552][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.656132][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.659229][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.663148][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.667672][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.672106][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.676099][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.680060][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.684290][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.688273][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.694997][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.698588][ T6011] usb 7-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 140.702506][ T6011] usb 7-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 140.707432][ T6011] usb 7-1: config 64 interface 0 has no altsetting 0 [ 140.712707][ T6011] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 140.716586][ T6011] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 140.720063][ T6011] usb 7-1: Product: syz [ 140.721570][ T6011] usb 7-1: Manufacturer: syz [ 140.723692][ T6011] usb 7-1: SerialNumber: syz [ 140.733768][ T6011] yurex 7-1:64.0: USB YUREX device now attached to Yurex #0 [ 140.908469][T10608] random: crng reseeded on system resumption [ 140.924048][ T34] usb 7-1: USB disconnect, device number 6 [ 140.935300][ T34] yurex 7-1:64.0: USB YUREX #0 now disconnected [ 140.998410][T10612] rdma_rxe: rxe_newlink: failed to add syz_tun [ 141.842633][ T24] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 141.987822][ T24] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 141.992067][ T24] usb 7-1: config 4 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 141.996743][ T24] usb 7-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 142.005689][ T24] usb 7-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40 [ 142.009768][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.013194][ T24] usb 7-1: Product: syz [ 142.015238][ T24] usb 7-1: Manufacturer: syz [ 142.017372][ T24] usb 7-1: SerialNumber: syz [ 142.027404][ T24] usblp0: Disabling reads from problematic bidirectional printer [ 142.321530][T10632] random: crng reseeded on system resumption [ 142.390693][T10634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 142.395694][T10634] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 142.410264][ T24] usblp 7-1:4.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004 [ 143.672223][T10661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1740'. [ 144.035719][T10673] tipc: Started in network mode [ 144.037677][T10673] tipc: Node identity ca62776582dd, cluster identity 4711 [ 144.040125][T10673] tipc: Enabled bearer , priority 0 [ 144.045579][T10673] syzkaller0: entered promiscuous mode [ 144.052779][T10673] syzkaller0: entered allmulticast mode [ 144.098928][T10673] tipc: Resetting bearer [ 144.103770][T10676] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1747'. [ 144.111912][T10672] tipc: Resetting bearer [ 144.134636][T10672] tipc: Disabling bearer [ 144.288963][T10690] rdma_rxe: rxe_newlink: failed to add syz_tun [ 144.477675][ T24] hid_parser_main: 91 callbacks suppressed [ 144.477693][ T24] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 144.485172][ T909] usb 7-1: USB disconnect, device number 7 [ 144.500489][ T909] usblp0: removed [ 144.503839][ T24] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz1] on syz0 [ 144.721349][T10723] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1767'. [ 144.791746][T10725] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1767'. [ 145.756818][T10734] could not allocate digest TFM handle cryptd(blake2b-160) [ 145.857335][T10734] qnx4: no qnx4 filesystem (no root dir). [ 146.542723][T10771] netlink: 'syz.0.1780': attribute type 4 has an invalid length. [ 146.633986][T10774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1781'. [ 146.639747][T10774] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1781'. [ 146.792678][T10780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1783'. [ 146.798271][T10780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1783'. [ 147.633025][T10803] tipc: Enabled bearer , priority 0 [ 147.647332][T10803] syzkaller0: entered promiscuous mode [ 147.649684][T10803] syzkaller0: entered allmulticast mode [ 147.721734][T10813] tipc: Resetting bearer [ 147.733883][T10802] tipc: Resetting bearer [ 147.758142][T10802] tipc: Disabling bearer [ 147.996053][T10824] rdma_rxe: rxe_newlink: failed to add syz_tun [ 148.023689][T10825] Process accounting resumed [ 151.074292][T10891] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 151.077706][T10891] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 151.093965][T10891] vhci_hcd vhci_hcd.0: Device attached [ 151.132708][ T6011] syz1: Port: 1 Link DOWN [ 151.132736][ T7579] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.132783][ T7579] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.140669][ T7579] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.143847][ T7579] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.319850][ T6075] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 151.329409][ T34] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 151.473908][ T34] usb 8-1: config 0 has no interfaces? [ 151.476527][ T34] usb 8-1: New USB device found, idVendor=05ac, idProduct=0259, bcdDevice=f0.b2 [ 151.480614][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.486440][ T34] usb 8-1: config 0 descriptor?? [ 151.687030][ T34] usb 8-1: USB disconnect, device number 4 [ 151.693665][T10892] usb 43-1: recv xbuf, 0 [ 151.705467][ T7600] vhci_hcd vhci_hcd.3: stop threads [ 151.707570][ T7600] vhci_hcd vhci_hcd.3: release socket [ 151.711519][ T7600] vhci_hcd vhci_hcd.3: disconnect device [ 151.767186][ T6075] vhci_hcd vhci_hcd.3: vhci_device speed not set [ 152.001019][T10913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1832'. [ 152.004166][T10913] netlink: 'syz.2.1832': attribute type 5 has an invalid length. [ 152.007182][T10913] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1832'. [ 152.015357][T10913] geneve2: entered promiscuous mode [ 152.017137][T10913] geneve2: entered allmulticast mode [ 152.019832][ T7600] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 256 - 0 [ 152.024256][ T7600] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 256 - 0 [ 152.027104][ T7600] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 256 - 0 [ 152.029917][ T7600] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 256 - 0 [ 152.692926][T10931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1841'. [ 153.671627][T10960] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1852'. [ 154.386784][ T6075] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 154.540343][ T6075] usb 6-1: config 1 has an invalid interface number: 81 but max is 0 [ 154.542971][ T6075] usb 6-1: config 1 has no interface number 0 [ 154.546539][ T6075] usb 6-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=78.61 [ 154.549679][ T6075] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.552289][ T6075] usb 6-1: Product: syz [ 154.553701][ T6075] usb 6-1: Manufacturer: syz [ 154.555276][ T6075] usb 6-1: SerialNumber: syz [ 154.561950][ T6075] ttusbir 6-1:1.81: cannot find expected altsetting [ 154.884715][T10985] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1863'. [ 155.162810][T10991] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1864'. [ 157.270779][T11029] rdma_rxe: rxe_newlink: failed to add syz_tun [ 157.352798][ T909] usb 6-1: USB disconnect, device number 10 [ 157.916686][T11038] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1879'. [ 159.730063][ T59] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 159.872879][ T59] usb 7-1: Using ep0 maxpacket: 8 [ 159.883550][ T59] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 159.887154][ T59] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 159.901462][ T59] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 159.905760][ T59] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 159.910057][ T59] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 159.929695][ T59] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 159.933656][ T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.201666][T11080] tipc: Enabled bearer , priority 0 [ 160.227791][T11080] syzkaller0: entered promiscuous mode [ 160.235539][T11080] syzkaller0: entered allmulticast mode [ 160.253896][T11080] tipc: Resetting bearer [ 160.268446][T11079] tipc: Resetting bearer [ 160.293333][T11079] tipc: Disabling bearer [ 160.497884][T11084] rdma_rxe: rxe_newlink: failed to add syz_tun [ 160.696973][T11085] usbtmc 7-1:16.0: simple control status returned 0 [ 160.893815][ T59] usb 7-1: USB disconnect, device number 8 [ 161.711104][ T909] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 161.843973][ T909] usb 7-1: device descriptor read/64, error -71 [ 162.101340][ T909] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 162.244941][ T909] usb 7-1: device descriptor read/64, error -71 [ 162.359072][ T909] usb usb7-port1: attempt power cycle [ 162.659292][T11109] tipc: Enabled bearer , priority 0 [ 162.662288][T11109] syzkaller0: entered promiscuous mode [ 162.664485][T11109] syzkaller0: entered allmulticast mode [ 162.679125][T11109] tipc: Resetting bearer [ 162.683439][T11108] tipc: Resetting bearer [ 162.694671][T11108] tipc: Disabling bearer [ 162.701496][ T909] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 162.732254][ T909] usb 7-1: device descriptor read/8, error -71 [ 162.979290][ T909] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 163.006658][ T909] usb 7-1: device descriptor read/8, error -71 [ 163.121596][ T909] usb usb7-port1: unable to enumerate USB device [ 163.341777][T11127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1908'. [ 163.654668][T11135] bridge0: entered allmulticast mode [ 163.678721][T11135] netlink: 'syz.0.1910': attribute type 2 has an invalid length. [ 165.798048][ T34] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 165.930636][ T34] usb 7-1: device descriptor read/64, error -71 [ 166.036224][T11203] netlink: 8168 bytes leftover after parsing attributes in process `syz.1.1937'. [ 166.168391][ T34] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 166.292459][ T34] usb 7-1: device descriptor read/64, error -71 [ 166.320715][ T59] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 166.397543][ T34] usb usb7-port1: attempt power cycle [ 166.463429][ T59] usb 6-1: Using ep0 maxpacket: 8 [ 166.466792][ T59] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.470621][ T59] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 166.473955][ T59] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 166.477120][ T59] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 166.481185][ T59] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 166.484123][ T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 166.486751][ T59] usb 6-1: SerialNumber: syz [ 166.490231][T11206] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 166.494816][ T59] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22 [ 166.497806][ T59] usb-storage 6-1:1.0: USB Mass Storage device detected [ 166.505203][ T59] usb-storage 6-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 166.508315][ T59] scsi host6: usb-storage 6-1:1.0 [ 166.688348][ T59] usb 6-1: USB disconnect, device number 11 [ 166.721080][ T34] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 166.740584][ T34] usb 7-1: device descriptor read/8, error -71 [ 166.978195][ T34] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 166.998104][ T34] usb 7-1: device descriptor read/8, error -71 [ 167.102192][ T34] usb usb7-port1: unable to enumerate USB device [ 168.825625][ T24] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 169.042765][T11252] binder: 11249:11252 ioctl c0306201 0 returned -14 [ 169.065566][ T24] usb 7-1: config 1 has an invalid interface number: 7 but max is 0 [ 169.069140][ T24] usb 7-1: config 1 has no interface number 0 [ 169.071877][ T24] usb 7-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 169.077965][ T24] usb 7-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 169.078618][T11252] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1953'. [ 169.082258][ T24] usb 7-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.091924][ T24] usb 7-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 169.096452][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.099970][ T24] usb 7-1: Product: syz [ 169.101884][ T24] usb 7-1: Manufacturer: syz [ 169.104630][ T24] usb 7-1: SerialNumber: syz [ 169.109698][T11244] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 169.300688][T11224] Set syz1 is full, maxelem 65536 reached [ 169.316899][T11244] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 169.511833][ T24] usb 7-1: Incompatible driver and firmware versions [ 169.705203][ T24] usb 7-1: USB disconnect, device number 17 [ 169.996991][ T59] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 170.149864][ T59] usb 6-1: Using ep0 maxpacket: 16 [ 170.155663][ T59] usb 6-1: config 0 has no interfaces? [ 170.159128][ T59] usb 6-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 170.168690][ T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.171416][ T59] usb 6-1: Product: syz [ 170.172880][ T59] usb 6-1: Manufacturer: syz [ 170.174416][ T59] usb 6-1: SerialNumber: syz [ 170.177284][ T59] usb 6-1: config 0 descriptor?? [ 170.366994][T11282] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1965'. [ 170.390436][ T909] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 170.491649][ T9] usb 6-1: USB disconnect, device number 12 [ 170.540522][ T909] usb 8-1: Using ep0 maxpacket: 8 [ 170.553065][ T909] usb 8-1: unable to get BOS descriptor or descriptor too short [ 170.556476][ T909] usb 8-1: config 8 has an invalid interface number: 255 but max is 8 [ 170.560305][ T909] usb 8-1: config 8 has 1 interface, different from the descriptor's value: 9 [ 170.563508][ T909] usb 8-1: config 8 has no interface number 0 [ 170.565597][ T909] usb 8-1: config 8 interface 255 has no altsetting 0 [ 170.571183][ T909] usb 8-1: New USB device found, idVendor=0423, idProduct=000a, bcdDevice= 0.00 [ 170.574223][ T909] usb 8-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3 [ 170.576996][ T909] usb 8-1: Product: syz [ 170.578493][ T909] usb 8-1: Manufacturer: syz [ 170.580074][ T909] usb 8-1: SerialNumber: syz [ 170.792200][ T909] catc 8-1:8.255: Can't set altsetting 1. [ 170.795025][ T909] catc 8-1:8.255: probe with driver catc failed with error -5 [ 170.800252][ T909] usb 8-1: USB disconnect, device number 5 [ 171.749527][ T1326] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 171.881403][ T1326] usb 7-1: device descriptor read/64, error -71 [ 172.112001][ T1326] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 172.177052][T11327] tipc: Enabled bearer , priority 0 [ 172.182833][T11327] tipc: Resetting bearer [ 172.191064][T11326] tipc: Disabling bearer [ 172.235761][ T1326] usb 7-1: device descriptor read/64, error -71 [ 172.341333][ T1326] usb usb7-port1: attempt power cycle [ 172.702361][ T1326] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 172.722140][ T1326] usb 7-1: device descriptor read/8, error -71 [ 172.950277][ T1326] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 172.969619][ T1326] usb 7-1: device descriptor read/8, error -71 [ 173.083631][ T1326] usb usb7-port1: unable to enumerate USB device [ 173.368449][T11364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1999'. [ 175.636020][ T34] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 175.778809][ T34] usb 6-1: device descriptor read/64, error -71 [ 175.853283][T11415] bridge0: entered allmulticast mode [ 175.874966][T11415] netlink: 'syz.3.2017': attribute type 2 has an invalid length. [ 176.026489][ T34] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 176.159747][ T34] usb 6-1: device descriptor read/64, error -71 [ 176.265113][ T34] usb usb6-port1: attempt power cycle [ 176.588403][ T34] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 176.608729][ T34] usb 6-1: device descriptor read/8, error -71 [ 176.845668][ T34] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 176.865713][ T34] usb 6-1: device descriptor read/8, error -71 [ 176.970198][ T34] usb usb6-port1: unable to enumerate USB device [ 177.524454][T11434] binder: 11430:11434 ioctl c0306201 80000540 returned -22 [ 177.539283][T11438] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2024'. [ 178.336177][T11460] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2032'. [ 178.447570][T11463] binder: 11462:11463 ioctl c0306201 80000540 returned -22 [ 179.041172][T11484] syzkaller0: entered promiscuous mode [ 179.043095][T11484] syzkaller0: entered allmulticast mode [ 179.521445][T11504] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2051'. [ 179.579123][ T34] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 179.702591][ T34] usb 8-1: device descriptor read/64, error -71 [ 179.931111][ T34] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 180.055373][ T34] usb 8-1: device descriptor read/64, error -71 [ 180.160387][ T34] usb usb8-port1: attempt power cycle [ 180.502948][ T34] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 180.522624][ T34] usb 8-1: device descriptor read/8, error -71 [ 180.778972][ T34] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 180.808334][ T34] usb 8-1: device descriptor read/8, error -71 [ 180.915917][ T34] usb usb8-port1: unable to enumerate USB device [ 181.776927][T11537] sctp: [Deprecated]: syz.2.2063 (pid 11537) Use of int in maxseg socket option. [ 181.776927][T11537] Use struct sctp_assoc_value instead [ 182.253207][ T34] IPVS: starting estimator thread 0... [ 182.341165][T11542] IPVS: using max 23 ests per chain, 55200 per kthread [ 183.464532][T11568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2073'. [ 183.749209][T11573] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2075'. [ 184.781145][T11596] dlm: no locking on control device [ 185.646824][T11608] tipc: Enabled bearer , priority 0 [ 185.658608][T11608] tipc: Resetting bearer [ 185.674854][T11607] tipc: Disabling bearer [ 186.113563][T11621] rdma_rxe: rxe_newlink: failed to add syz_tun [ 187.581399][T11637] syzkaller0: entered promiscuous mode [ 187.583864][T11637] syzkaller0: entered allmulticast mode [ 188.248414][T11664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2102'. [ 188.711881][T11674] syz1: rxe_newlink: already configured on syz_tun [ 190.767202][T11706] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2114'. [ 190.976780][T11709] syzkaller0: entered promiscuous mode [ 190.978695][T11709] syzkaller0: entered allmulticast mode [ 192.508116][T11735] Invalid ELF header magic: != ELF [ 193.071414][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.074357][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.637153][ T24] usb 6-1: new full-speed USB device number 17 using dummy_hcd [ 193.729477][T11755] binder: 11752:11755 ioctl c0306201 0 returned -14 [ 193.733793][T11755] binder: 11752:11755 ioctl c0306201 0 returned -14 [ 193.782145][ T24] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4 [ 193.787059][ T24] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023 [ 193.791928][ T24] usb 6-1: config 0 interface 0 has no altsetting 0 [ 193.797273][ T24] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 193.801660][ T24] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 193.805348][ T24] usb 6-1: Product: syz [ 193.807164][ T24] usb 6-1: Manufacturer: syz [ 193.809272][ T24] usb 6-1: SerialNumber: syz [ 193.819335][ T24] usb 6-1: config 0 descriptor?? [ 193.833528][ T24] usb 6-1: selecting invalid altsetting 0 [ 194.157227][T11761] tipc: Enabling of bearer rejected, failed to enable media [ 194.579915][ T9] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 194.741905][ T9] usb 7-1: Using ep0 maxpacket: 8 [ 194.754005][ T9] usb 7-1: unable to get BOS descriptor or descriptor too short [ 194.759029][ T9] usb 7-1: no configurations [ 194.761112][ T9] usb 7-1: can't read configurations, error -22 [ 195.334515][T11782] netlink: 'syz.3.2137': attribute type 2 has an invalid length. [ 195.570498][ T9] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 195.717048][ T9] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 195.720179][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.724893][ T9] usb 7-1: config 0 descriptor?? [ 196.024938][T11745] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 196.029407][ T5975] usb 6-1: USB disconnect, device number 17 [ 196.422747][T11792] syz_tun: left promiscuous mode [ 196.426652][T11792] bridge0: left allmulticast mode [ 196.432693][T11792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.443041][T11792] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 196.666728][T11795] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2140'. [ 196.997746][ T9] usb 7-1: Cannot set autoneg [ 197.000132][ T9] MOSCHIP usb-ethernet driver 7-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 197.057624][ T9] usb 7-1: USB disconnect, device number 23 [ 197.272977][T11805] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 197.277887][T11805] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2142'. [ 197.335375][T11807] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2143'. [ 198.938727][T11831] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2152'. [ 199.322530][T11840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2155'. [ 199.326710][T11840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2155'. [ 199.374910][ T40] audit: type=1326 audit(1767129668.504:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.384235][ T40] audit: type=1326 audit(1767129668.515:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.393374][ T40] audit: type=1326 audit(1767129668.525:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.405672][ T40] audit: type=1326 audit(1767129668.525:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.415399][ T40] audit: type=1326 audit(1767129668.525:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.426541][ T40] audit: type=1326 audit(1767129668.525:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.434359][ T40] audit: type=1326 audit(1767129668.525:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.442737][ T40] audit: type=1326 audit(1767129668.525:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.451570][ T40] audit: type=1326 audit(1767129668.525:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.466099][ T40] audit: type=1326 audit(1767129668.525:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11843 comm="syz.1.2158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd579 code=0x7ffc0000 [ 199.492351][T11847] netlink: zone id is out of range [ 199.494750][T11847] netlink: zone id is out of range [ 199.496709][T11847] netlink: zone id is out of range [ 199.496728][T11847] netlink: zone id is out of range [ 199.496733][T11847] netlink: zone id is out of range [ 199.496738][T11847] netlink: zone id is out of range [ 199.496742][T11847] netlink: zone id is out of range [ 199.496746][T11847] netlink: zone id is out of range [ 199.496750][T11847] netlink: zone id is out of range [ 199.515209][T11847] batadv_slave_0: entered promiscuous mode [ 199.526513][T11847] batadv_slave_0: left promiscuous mode [ 199.798901][T11856] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2161'. [ 200.179376][T11864] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2164'. [ 200.450723][T11874] tipc: Enabled bearer , priority 0 [ 200.454400][T11874] syzkaller0: entered promiscuous mode [ 200.456407][T11874] syzkaller0: entered allmulticast mode [ 200.474764][T11874] tipc: Resetting bearer [ 200.480132][T11873] tipc: Resetting bearer [ 200.490667][T11873] tipc: Disabling bearer [ 201.306658][T11896] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2178'. [ 201.310060][T11906] tipc: Enabling of bearer rejected, failed to enable media [ 201.533553][T11915] hfs: unable to load iocharset "io#harset" [ 203.245336][T11947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2190'. [ 204.643933][T11960] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 207.132490][T11989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2199'. [ 208.378575][T12007] bridge0: entered allmulticast mode [ 211.235923][T12037] tmpfs: Unknown parameter '' [ 211.341659][T12039] futex_wake_op: syz.1.2214 tries to shift op by 144; fix this program [ 212.036453][T12046] syzkaller0: entered promiscuous mode [ 212.039096][T12046] syzkaller0: entered allmulticast mode [ 212.435401][ T6075] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 212.445910][ T6075] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz1] on syz0 [ 212.575124][T12057] fido_id[12057]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 213.688179][T12066] tipc: Enabled bearer , priority 0 [ 213.694258][T12066] tipc: Resetting bearer [ 213.718437][T12065] tipc: Disabling bearer [ 214.126408][T12083] random: crng reseeded on system resumption [ 214.406832][T12093] tipc: Enabled bearer , priority 0 [ 214.415298][T12093] tipc: Resetting bearer [ 214.425449][T12092] tipc: Disabling bearer [ 214.791224][ T24] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 214.947557][ T24] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 214.952017][ T24] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 214.957127][ T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 214.961371][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 214.966870][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 214.978030][ T24] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 214.982804][ T24] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 214.986616][ T24] usb 6-1: Product: syz [ 214.988718][ T24] usb 6-1: Manufacturer: syz [ 214.997411][ T24] cdc_wdm 6-1:1.0: skipping garbage [ 215.000471][ T24] cdc_wdm 6-1:1.0: skipping garbage [ 215.005004][ T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 215.007858][ T24] cdc_wdm 6-1:1.0: Unknown control protocol [ 215.730861][ T24] usb 6-1: USB disconnect, device number 18 [ 216.098486][T12138] binder: 12131:12138 ioctl c0306201 80000600 returned -14 [ 216.201944][T12138] syz.2.2246 (12138) used greatest stack depth: 18600 bytes left [ 216.437473][T12157] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2250'. [ 216.488782][T12157] tipc: Enabled bearer , priority 10 [ 217.164825][T12163] 9p: Bad value for 'rfdno' [ 217.573092][ T29] tipc: Node number set to 744673674 [ 217.633092][T12173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2258'. [ 217.713578][T12175] overlayfs: failed to resolve './file1': -2 [ 218.268028][ T1326] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 220.222963][T12251] 9pnet_fd: p9_fd_create_tcp (12251): problem connecting socket to 127.0.0.1 [ 220.665902][ T1326] usb 6-1: unable to get BOS descriptor or descriptor too short [ 220.674918][ T1326] usb 6-1: too many configurations: 238, using maximum allowed: 8 [ 220.683037][ T1326] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 220.685788][ T1326] usb 6-1: can't read configurations, error -71 [ 221.277352][ T1326] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 221.420949][ T1326] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 221.425292][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.429130][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.437540][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.441297][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.445348][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.449196][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.452247][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.455526][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.459285][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.462528][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.466307][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.471149][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.477223][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.481006][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.484749][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.490193][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.496810][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.505869][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.510576][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.519949][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.524200][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.528112][ T1326] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9 [ 221.531130][ T1326] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.539694][ T1326] usb 6-1: config 64 interface 0 has no altsetting 0 [ 221.544778][ T1326] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 221.549677][ T1326] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 221.559667][ T1326] usb 6-1: Product: syz [ 221.561805][ T1326] usb 6-1: Manufacturer: syz [ 221.568131][ T1326] usb 6-1: SerialNumber: syz [ 221.594706][ T1326] yurex 6-1:64.0: USB YUREX device now attached to Yurex #0 [ 221.788808][T12275] binder: 12274:12275 ioctl c0306201 0 returned -14 [ 221.847898][T12272] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 221.852022][T12277] syzkaller0: entered promiscuous mode [ 221.854618][T12277] syzkaller0: entered allmulticast mode [ 222.450540][T12289] netlink: 8184 bytes leftover after parsing attributes in process `syz.2.2285'. [ 223.692089][ C1] usb 6-1: yurex_control_callback - control failed: -2 [ 223.730383][ T6028] usb 6-1: USB disconnect, device number 20 [ 223.735295][ T6028] yurex 6-1:64.0: USB YUREX #0 now disconnected [ 224.051952][T12310] bridge0: left allmulticast mode [ 224.073505][T12310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.154534][T12310] net_ratelimit: 13 callbacks suppressed [ 224.154547][T12310] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 224.910528][T12318] Bluetooth: hci0: Opcode 0x0401 failed: -22 [ 228.864302][ T5942] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 228.870452][ T5942] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 228.875673][ T5942] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 228.883068][ T5942] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 228.886886][ T5942] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 228.966457][T12344] syz_tun (unregistering): left allmulticast mode [ 228.971074][ T7597] smc: removing ib device syz1 [ 228.974500][ T5949] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 228.989311][ T5949] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 228.993151][ T5949] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 229.001376][ T5949] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 229.005426][ T5949] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 229.510179][T12380] chnl_net:caif_netlink_parms(): no params data found [ 229.544908][ T7597] ------------[ cut here ]------------ [ 229.546823][ T7597] GID entry ref leak for dev syz1 index 2 ref=2 [ 229.548880][ T7597] WARNING: drivers/infiniband/core/cache.c:806 at gid_table_release_one+0x1ad/0x450, CPU#2: kworker/u32:54/7597 [ 229.552689][ T7597] Modules linked in: [ 229.554876][ T7597] CPU: 2 UID: 0 PID: 7597 Comm: kworker/u32:54 Tainted: G L syzkaller #0 PREEMPT(full) [ 229.558504][ T7597] Tainted: [L]=SOFTLOCKUP [ 229.559940][ T7597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 229.563433][ T7597] Workqueue: ib-unreg-wq ib_unregister_work [ 229.565684][ T7597] RIP: 0010:gid_table_release_one+0x1b6/0x450 [ 229.567712][ T7597] Code: 4c 24 38 48 c1 e8 03 4d 01 fc 48 89 44 24 08 eb 54 48 89 34 24 e8 2a 69 4f f9 48 8d 3d d3 89 26 08 48 8b 34 24 89 e9 44 89 f2 <67> 48 0f b9 3a e8 10 69 4f f9 48 89 d8 41 83 c6 01 48 c1 e8 03 42 [ 229.574185][ T7597] RSP: 0018:ffffc900266afac8 EFLAGS: 00010293 [ 229.576208][ T7597] RAX: 0000000000000000 RBX: ffff888069a8b000 RCX: 0000000000000002 [ 229.578798][ T7597] RDX: 0000000000000002 RSI: ffff88802a57fe20 RDI: ffffffff90958ba0 [ 229.581372][ T7597] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffed1009a1f340 [ 229.584314][ T7597] R10: ffff88804d0f9a03 R11: ffff88802182aff0 R12: ffffed100d35161b [ 229.586896][ T7597] R13: ffff88804abdc000 R14: 0000000000000002 R15: dffffc0000000000 [ 229.589494][ T7597] FS: 0000000000000000(0000) GS:ffff8880978fc000(0000) knlGS:0000000000000000 [ 229.592687][ T7597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.595137][ T7597] CR2: 00000000f7193df0 CR3: 000000004ba0a000 CR4: 0000000000352ef0 [ 229.597767][ T7597] Call Trace: [ 229.598888][ T7597] [ 229.599907][ T7597] ib_device_release+0xef/0x1e0 [ 229.601547][ T7597] ? __pfx_ib_device_release+0x10/0x10 [ 229.603981][ T7597] device_release+0xa4/0x240 [ 229.605543][ T7597] kobject_put+0x1ef/0x6f0 [ 229.607044][ T7597] put_device+0x1f/0x30 [ 229.608455][ T7597] process_one_work+0x9ba/0x1b20 [ 229.610098][ T7597] ? __pfx_process_one_work+0x10/0x10 [ 229.612178][ T7597] ? assign_work+0x1a0/0x250 [ 229.613740][ T7597] worker_thread+0x6c8/0xf10 [ 229.615449][ T7597] ? __pfx_worker_thread+0x10/0x10 [ 229.617202][ T7597] kthread+0x3c5/0x780 [ 229.618550][T12380] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.618576][ T7597] ? __pfx_kthread+0x10/0x10 [ 229.623051][ T7597] ? rcu_is_watching+0x12/0xc0 [ 229.624861][ T7597] ? __pfx_kthread+0x10/0x10 [ 229.626420][ T7597] ret_from_fork+0x983/0xb10 [ 229.628118][ T7597] ? __pfx_ret_from_fork+0x10/0x10 [ 229.629818][ T7597] ? __switch_to+0x7af/0x10d0 [ 229.630842][T12380] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.631841][ T7597] ? __pfx_kthread+0x10/0x10 [ 229.633917][T12380] bridge_slave_0: entered allmulticast mode [ 229.635326][ T7597] ret_from_fork_asm+0x1a/0x30 [ 229.639154][T12380] bridge_slave_0: entered promiscuous mode [ 229.639315][ T7597] [ 229.643137][ T7597] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 229.645601][ T7597] CPU: 2 UID: 0 PID: 7597 Comm: kworker/u32:54 Tainted: G L syzkaller #0 PREEMPT(full) [ 229.649217][ T7597] Tainted: [L]=SOFTLOCKUP [ 229.650682][ T7597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 229.653929][ T7597] Workqueue: ib-unreg-wq ib_unregister_work [ 229.655925][ T7597] Call Trace: [ 229.657051][ T7597] [ 229.658048][ T7597] dump_stack_lvl+0x3d/0x1f0 [ 229.659605][ T7597] vpanic+0x640/0x6f0 [ 229.660956][ T7597] ? gid_table_release_one+0x1ad/0x450 [ 229.662766][ T7597] panic+0xca/0xd0 [ 229.664069][ T7597] ? __pfx_panic+0x10/0x10 [ 229.665624][ T7597] ? check_panic_on_warn+0x1f/0xb0 [ 229.667326][ T7597] check_panic_on_warn+0xab/0xb0 [ 229.668982][ T7597] __warn+0x108/0x3c0 [ 229.670308][ T7597] __report_bug+0x2a0/0x520 [ 229.671791][ T7597] ? gid_table_release_one+0x1ad/0x450 [ 229.673572][ T7597] ? __pfx___report_bug+0x10/0x10 [ 229.675262][ T7597] ? lockdep_hardirqs_on+0x7c/0x110 [ 229.677015][ T7597] ? gid_table_release_one+0x1b6/0x450 [ 229.678823][ T7597] report_bug_entry+0xe1/0x290 [ 229.680432][ T7597] ? gid_table_release_one+0x1b6/0x450 [ 229.682232][ T7597] handle_bug+0x18a/0x260 [ 229.683701][ T7597] exc_invalid_op+0x17/0x50 [ 229.685266][ T7597] asm_exc_invalid_op+0x1a/0x20 [ 229.686864][ T7597] RIP: 0010:gid_table_release_one+0x1b6/0x450 [ 229.688866][ T7597] Code: 4c 24 38 48 c1 e8 03 4d 01 fc 48 89 44 24 08 eb 54 48 89 34 24 e8 2a 69 4f f9 48 8d 3d d3 89 26 08 48 8b 34 24 89 e9 44 89 f2 <67> 48 0f b9 3a e8 10 69 4f f9 48 89 d8 41 83 c6 01 48 c1 e8 03 42 [ 229.695230][ T7597] RSP: 0018:ffffc900266afac8 EFLAGS: 00010293 [ 229.697263][ T7597] RAX: 0000000000000000 RBX: ffff888069a8b000 RCX: 0000000000000002 [ 229.699852][ T7597] RDX: 0000000000000002 RSI: ffff88802a57fe20 RDI: ffffffff90958ba0 [ 229.702459][ T7597] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffed1009a1f340 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 229.705175][ T7597] R10: ffff88804d0f9a03 R11: ffff88802182aff0 R12: ffffed100d35161b [ 229.707907][ T7597] R13: ffff88804abdc000 R14: 0000000000000002 R15: dffffc0000000000 [ 229.710497][ T7597] ? gid_table_release_one+0x1a6/0x450 [ 229.712337][ T7597] ib_device_release+0xef/0x1e0 [ 229.713989][ T7597] ? __pfx_ib_device_release+0x10/0x10 [ 229.715836][ T7597] device_release+0xa4/0x240 [ 229.717385][ T7597] kobject_put+0x1ef/0x6f0 [ 229.718871][ T7597] put_device+0x1f/0x30 [ 229.720313][ T7597] process_one_work+0x9ba/0x1b20 [ 229.722014][ T7597] ? __pfx_process_one_work+0x10/0x10 [ 229.723815][ T7597] ? assign_work+0x1a0/0x250 [ 229.725388][ T7597] worker_thread+0x6c8/0xf10 [ 229.726934][ T7597] ? __pfx_worker_thread+0x10/0x10 [ 229.728649][ T7597] kthread+0x3c5/0x780 [ 229.730021][ T7597] ? __pfx_kthread+0x10/0x10 [ 229.731549][ T7597] ? rcu_is_watching+0x12/0xc0 [ 229.733184][ T7597] ? __pfx_kthread+0x10/0x10 [ 229.734763][ T7597] ret_from_fork+0x983/0xb10 [ 229.736339][ T7597] ? __pfx_ret_from_fork+0x10/0x10 [ 229.738027][ T7597] ? __switch_to+0x7af/0x10d0 [ 229.739601][ T7597] ? __pfx_kthread+0x10/0x10 [ 229.741172][ T7597] ret_from_fork_asm+0x1a/0x30 [ 229.742794][ T7597] [ 229.744571][ T7597] Kernel Offset: disabled [ 229.745989][ T7597] Rebooting in 86400 seconds..