last executing test programs: 4m3.419720601s ago: executing program 0 (id=18345): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x6, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000100000000000000010000850000007d000000b7080000000000007b8af8ff00000000b7080000001000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 4m3.117717657s ago: executing program 0 (id=18348): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000003040)={0x8, {"488085fddf7e1378d3ad4adb6e165913c1f7ae15c9b4ed75d7413838ff0d9381cead5adbe8228d9ba29fe815a6f64afca949ca64011b9d8c93b4272d6428962fe017b1cb68796b7b800b25eb3013496be2e3e973309e6842f2df0e5309a233d16ced2bc26cd6f7db616268621fe160c1644afc707a535571e0a936469f5dd6d60c6962109cd8de336fc0938bcd412788f01c1d84e33d5eaa3e140944ddefde0366395044cf0f095786b3f1fd27c0eaf2d0df657acf52c9220297bc28779a85ac06d4f14c31cbfced5519b61ddf599c08c7f10e385e4a6637e41e6d561c5118ad8e67516e0f2a504f05f23e00d9b04160dac7e52d6caacf617d94e200e9c97771d56fe7b2ad6b69247904463f36b11e74b41ea9e63e77ded5af1406fe0f01f2350e756fd41c94f9dee22f611720853d7f8fd755903f1c3e044bd704bd4255c570cc0c82cacec7b9b7720cd6d5b2cd96e583ff1ddb0ad39155daa2f29a4f61298b44ea802bbac9b1f552cf0279f52ff200178468b94b293f7052817d89adb9130a3eaec5ceeeb386a31a7d9807f069ad07e3488e99a0b7f7f92fc2a63226175432a93ae4dc820e702d21bdec10a773c7b3de3f0ec4b5f8af60a159aaa4231ed4e79883acf5d2eed3a0fd3445d46d7fbbd47f2c610d96d6435293b103db15b8e7383e63e9d672410f5248183d4e608e7aee4d9dbfd040fb3fae39faec3cc0f5410d0d479bc1b7addd255ba502a52fa858eb6574530fd16c01e1138b19258e1c40b9a29a8672f418159f663bc8fe634e3a0d23dde1ced471cfb1decc1a9464667771b795229b1906651e9e5e4402c7e75182b1432acb4b54c499358585aa83fca804fbdd12dfd3b9e95b0ac718cadb879a2898d86c4ed914a59918df6ba519de4599f662811202158e418cef0d103ed4e77833d4dea6e59f7fef1c86f818121655dd1b2cb3717c892a289797049911356b5dd5dc0c50caadd0dd0318994d730fd6e6953e01730fb2682ab3f7ca8b4d596574456f59b95f34ff6f79db68b495010b8816a7b55229b35a2790f25c42ef1efcc5271c66500fc285de61516fc401518ba1ae388f90b0a5760e01031ceed37d1eb8a792f4a196a9fa0ff1579358bfe5c63744027d1a01e0a4602c79c2fe727034a4d810f0a2c30dc5a4c122e510e4d6348774754bf1f924c1d5a31dccf345a6c752389cc38e46e968e3b2815e2ecc3e5827f198f5d836b5783e9d7cc5bc5ba1715d23a4c35157b28e997010c627cbcebda89d08ac88e3d2f387c87af78b2a565dd5704bf3c12e4019d91890ad4f660345b384b59fad6d9f56f1fcf35babe5a9fbd8dd3908be450edf05ca8a3154fb3ac1af485508c61a7ba322ac06928e7d660fee6bfef74c9c4f22bbab318077446163a3230a3d486ce6d71aed12e2581e4208eed1a540560921ac89e9372482594351a5ff0cf9e95e80f0a69c4d621638c9056ae0bdfc44895f061767aba8400da865b73b5488c690694af744372c00d87bba4664a60f13f1453337113055d7b659a87208c1e663e4d35f0ebcfe70459f5ec5812434468cec38d3fbcf90598de986b3d49ad45e7b3b230fc389b5278ed6242abe9c44a8c74438968cc9b7a253d89c5b14f7a917b86a6d51f5d5380f2a7606dbe1867fd781fab284d153e20f5bf1a2c8156b93e60dc8945eb8385d937537b785f6f6af81ea0131398c77819ddea78eadf6b6f019db772e69e9cde3540ddc95625987b4a4e1dbbf15bc0217abac6cc3ff0650ed11fa612b90afaab842be4c2bd9967702b023e8ecd5f4a0e62af56f7320241a8516bcdf344a4421eed035b8c5a126820c5dc3962f5df4bf369bd6260eb09aa8e1310bf6f28aba0e3236f699721daa26950de7fa8fd8c3d2adebc101e304d0ed1af839c74b6cc42a6d7244f6b31ed08f6f12f62569b2c0602cc371962bff74b9b3c5f6326247d4ffec7f2d0a073e5a678e76f4243533001b1c0de6739c5c6ec0195fa9a8e898c2068bb614c40c403324e84cdbc530121217ba49f300aa8d5056d170d0a6bc8827ee20d55401b9f401b12e212cf630781139978b5fb38fdf768fec87b79f7a70d6083c3df98019ebd09b7941708e06c8d9fa930a1fdb993e0061343c87b4cf47dd36f9a3d603ca986f5144af403b7b04a93f5808a8c192df5e4c17af1ec23eddd1e7fc91109e6a4cfe5e23435bcabf3915ce5242cb6f7974e97c8ad3773e3a510afa52c4193c36fd1b99a02ece5b19ad35eb8fa97b57fd1641b463de79cdd2aac5d5b4060a040ad1d5752d70015b74d556fb4ef0cc8747591edc8858707616104f0ec342fb3a9b95df31b6f84e56387aae80a72d8dd670be7aaeef54065d6e2d7837481ce5622ee3c115d02d50efdb20aaf25b636d6d6c7e49f50a4b30ae243ecf1187ffe851c52bb1859c5e5c0979b758b747aebfdab58d8fd60faa5d5005f401c661256183dd4e7cba38b4ccf03506398eab901595dc2de27ab231abdddffc9d120abd8025b77ac47f39b6373a38a09bc045559578ccdf0402385177d499333d06d2cd3f604689d50dcd01b04ffbcb545385da389e4b6102ee77febb8a34a906f822601e61d2d3fc9e206caf3753f65422a5ff31dc3b3c4d09aa9a90f9ebc858ee2e4df6a730948e436586c665a3c64aab00aa757d252eec5b8bea5035a5b9f644cb84a991286edc2a394cef9fd40ad085aa99680aea363dc163c2ef40e0f289e0b79dc600f31ae510bbd74f963632ff25230a1ec866fed0db0d0af59c5b9f4a18659f5a218c3d0db80700719a61e59efbd5f996145139e5654a9290bf504eb7453775b8c6190ff51d4c04ce9384060f1dd34799fee04c0f951ae15cb589f80dc544c05421d60f51cbc78df7dceff213575bfebe2bb307d196ef0a5cf3c2608fbb969a574e6dce9132246447a84cab6dd4923281cf40bc19c29585a02bc0d2d491907e5b528a1cfc7b2fe88dc2520ea49903423cb7a0d23530daa7217e7f312d4ec67c02fc74ab8d91b8ead50bfe9508b0f7d70e88868ee1a5f38349054374ae463d1148e0ca238c0f9fe7b40f6fba87498697f3220612ea66feb18a29f1df04234ac3d69e0706d0deef321d09ee16de188a32f4c41635cf48ee35a42140fc08b42c2e0e289a3c73fd4b0e656a72b29b99093127a17aaa199610787787abb0f4613dd03332a9306b9b5e98e9c839ffce5e72c44b288593bee47253613dc0fc3e583ab9aac7e1a161dfc36bd038d533eb6829b22dc1a01f055c16f83c1b1abe049b5744508456658c6df44c13d6ab1a18d76a55740cdcfca4a1dd81b54d9c4e71cef9f4b55f1ebc7751bf6ba3df31f9607f22a613377f6d96afaddbc66cbeef20ae578468f33265516ee711e2591e1af272a35bf5cedc78aec6e330bf6f3f3b9cdb7d373754125c9caea6a4d344d098c7332175b09441cc11040e5b71e9b975b2aaaaa5f8c5f502b00ad3ade9de204602aa227c9f11da55107b79802c09d246050c6580d92559a47935cfb59b47e88aa8095ea1ac34578697ffe89c440a2369f6661db2c24f1056d553e200184b927b359efba5db1e8ce7f2cf5e4dd9c9bbc3e085fc38c43f436aa47abcc1e9986fc0226262588110c5b27c6fe9b8072cd8204c500883d3b9feaed80d5d87929d01b9bad995ed58a1be3ccad600840c6424625f4f4c221c8e1cd11af1a5ac153954ac6b441692f296ac2d529233d317fecf3fbfa53f77c8ea47d1385e3ca4b8b55fd2467cac15af1bfa04fb41784305a4b9aed6880cfba9629d6dabd22b2bd90c1aad0f2e0dff0777112b1e313447cf9417a52a58b17cc73ab03d4841ec9b1dc3f75d0fb5ece65c99982b338bb2f42b68104d94c826247814bd68e7c9664e8b2a9fdaf7fde4730960b43a496cb818badfbc97d1e51aa7817657e49536e69cacb3c4abb27dfe10d5c962fabdd3056d290a2b969e7f61d144e22539c5e2027b57c8e099db6ab8f0fdda7412b393af60e3299478744e9071801c4c39b0c87d4f237ade73b955812f254e641844e985d40f3e4df51bf7a9c81f02d22ad8296fe94d4664f3c0d113974ba222dab68c4407e9d5359205a5fec059d4370e0d15fd040ced32baa7e8586d38680a4c2e4e5679c0d374636e9dc0fd9a06808671f08e8c19b0bed18540de8107855f410f8954e078755a8c7b0822c25e2534887c9593aa1e008e78244cfec5b347a847ecf61cb207dcb2170b663a54d98ffeea991a9d944e4a8302bf37231bf3558c6b2fcaf925becb663bb574341bc81bbc50e9f0108c5d8a7783caf25bcb3bc24368e8a4915785652877555d22f7d6cbcb12049180ee4c49502d41c0fb00e31f3835b53e622e85290ee5a641eb9215567fed4782484ba8ccb43d81d3ef3ca5d8a2e3389864c15946e3d5dad607447f35a5396c27e99e20a1b98393169d85e788e9c4f9367649b308094479bc0ad8d68f0dc655724e2d9f599557f567fe7fd11f87b37df7ce0530e40d7e0ab06c2b273716e2598bd6e816c18c2e3c038b199e58424a5d72759af13e121e21d263fa0f24577a32b4356919cc22c5d1929b15590a53861aaf68aaa9ed404d1e64c3c6b0fa19e0a5299bd46867aff993b87ce96fd493fa2b125ea23907f9598acc33cd7e90c2383d5af5d232d979766ac2743c93d947db811d38df20742fa1db7c6f2306ec008ca9d53faf1a7cc2372d42437f906ef6ff9db785ac575c97e4f568e57414a0881ffe1b8dee59240305e28ab5f4f2c990c959009b022a656386229c7a71b3fcbc381a1f3511751ef19653d8e7dd0de12f630c719413a84b385802f5e8e2680cc2afa7fbb1cd1193a1e5af32ad07b24ba1c05904d3325634d10aa685d97f9c1d58377cfa46f17f0f57c7d48ce0917a8b4f5bccdf60e52764b7a826e6ccab1b70821a74cc5cc2e15532d3ef346aaf9c31fe0e0776bb1e3f4f5f276bcf53f5ea9018609b18b47497dba8e73676d2fc2fba47472ffba25ba7ddca1e9754b516eff05a05eaba9e7752f8d97f99684e3a53ded2d2c1913a6e488c65f57f8d85d261c762c37015c756e0aeed54edda41236bae33ed83c688478bcd94ce9e67971c0f8e588f1a3a4cd3f7da5e571c1984d9c9a10bb7eaf8414cbabf5fb97a17a67d10ae1a7ab96a8df88da1e82e797e67b534f765a5dcac76bb769d9547f375cfbea8d9f434f48d60e05df8797919fef5cb01a04177ed092a37f71f7948279bc4c35e3239e943a1507cff0b7152dd95c27e573e0191cfe1bc9f3862e5329ddcd160c61fc5bb82b57d8086e1e74abfc36bb43404357c50eb150fcaea9aac90fa0c413ea9f8538055a45b77d5a7548f6a4f2414714495576a1de459a55ab298a2a2fa33459da0d205e4b91d340c0721226e546f323bb878605590b66516fa51fd635e5eaa580486f6fb543b6b5236871aa3dedcb44e7d73d9bf704420fc0bb9b1a0f21e848ed9161e9bf1ae3bc628861b5007f0a38884a178dc85dbf034e9234fe603698cda4811dfcb73253335ca7cee533957578a9b97f149ae6dbd43c4aae8a16da135830f7a1c5b913838d5c28936f45f2d9ed991ec7a3ab83df4dd6fe2ff720a6b8abf40927bf8835bfa25effb92eadea47ae1629193ee5707767b13771cb105f231be2af8380a85b9de42f682d22d17c926ccbe39ea3fa7a5d3c0f6b3dc7802b927a36cd04ade3e02bf8ce06a52585388fb8f49df4dda68e9eb426da9c0909d5b9cf4b16c2e3f78331c8683a1698033ea0b1ed4dd33edeecd89c4f14caf84d52336e500", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) rt_sigtimedwait(&(0x7f0000000000)={[0x604ceaf7]}, 0x0, &(0x7f0000000140)={0x0, 0x989680}, 0x8) 4m2.469503516s ago: executing program 0 (id=18353): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=@newtaction={0x140, 0x30, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [{0x98, 0x1, [@m_mirred={0x94, 0x6, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x1, 0xffffffffffffffff, 0x98, 0xc43}, 0x3}}]}, {0x45, 0x6, "cc81c7e04bd8de9bfd134ac033898f89eb6191b423db628fbaf263ee7f1fd41315f5ff44c44f55265e5568509433b8ad3dbf0f5605435806a2ab76ce546acf49a6"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, {0x94, 0x1, [@m_ct={0x90, 0x7, 0x0, 0x0, {{0x7}, {0x20, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x8}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @empty}]}, {0x49, 0x6, "0dde0a28dbe578d9bf197a257d096aceb9c058eca3e60edc993f85673806fbe63aa05db1dfb40420f2c37bed2a5f104a0953a01439b00e6312d162da3d8d8ac457d6e5d5fa"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x4008880}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 4m2.031174336s ago: executing program 0 (id=18356): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 4m1.404660939s ago: executing program 0 (id=18362): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000180)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='-4'], 0xc) 3m59.499035945s ago: executing program 0 (id=18379): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x11, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a0000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d40)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="0000ffffffffa000903626e43925", 0x0, 0x10c00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m58.83459469s ago: executing program 32 (id=18379): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x11, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a0000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d40)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="0000ffffffffa000903626e43925", 0x0, 0x10c00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m27.461915886s ago: executing program 3 (id=18743): socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$packet(0x11, 0x3, 0x300) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x42, 0x0) syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=0x0, @ANYRES16=r0], 0x0) 3m25.54618775s ago: executing program 3 (id=18761): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 3m25.411834544s ago: executing program 3 (id=18763): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f000026f000/0x1000)=nil) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil) 3m23.591711059s ago: executing program 3 (id=18776): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000600)={r0, r0, 0x8, 0x0, 0x0, 0x6, 0xff, 0x10cf, 0x5, 0x5, 0x2, 0x3, 'syz0\x00'}) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f0000000040)={0x2, &(0x7f00000006c0)=[{}, {}]}) 3m23.163020122s ago: executing program 3 (id=18781): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf37c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m22.844103648s ago: executing program 3 (id=18785): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x804000, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f022}) 3m19.435882749s ago: executing program 5 (id=18833): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELCHAIN={0x30, 0x5, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0x58}, 0x1, 0x0, 0x0, 0x8001}, 0x0) 3m19.263833829s ago: executing program 5 (id=18836): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0) open_by_handle_at(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0c0000000100010044"], 0x408100) 3m19.085828385s ago: executing program 5 (id=18840): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f00000012c0)=""/93, 0x5d}], 0x1, 0x30, 0x0) 3m18.983896288s ago: executing program 5 (id=18844): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f00000003c0)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0/file0\x00') 3m18.84169898s ago: executing program 5 (id=18848): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x102) syz_clone(0x1000200, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='children\x00') read$eventfd(r0, &(0x7f0000000040), 0x8) 3m17.80962266s ago: executing program 5 (id=18870): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/98, 0x62}], 0x1, 0x0, 0x0) socket$pppoe(0x18, 0x1, 0x0) 3m17.566913691s ago: executing program 33 (id=18870): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/98, 0x62}], 0x1, 0x0, 0x0) socket$pppoe(0x18, 0x1, 0x0) 3m6.43579625s ago: executing program 34 (id=18785): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x804000, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f022}) 2m14.290519041s ago: executing program 2 (id=19807): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @request_death], 0x0, 0x0, 0x0}) 2m13.564390497s ago: executing program 2 (id=19815): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000280)=0x3) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x8) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000300)="00214717a7070000000003060000000000000000aaa6721d5874f72cf86d73d32f46380feb56a2935706000000000000004d", 0x32}], 0x1, 0x7, 0x1) 2m13.172694176s ago: executing program 2 (id=19820): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xb4) mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0]) mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040)) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 2m13.007443728s ago: executing program 2 (id=19824): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000080)='configfs\x00', 0x200, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='./file0/file0\x00') 2m12.694298861s ago: executing program 2 (id=19829): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/69, 0x328000, 0x1000, 0x800, 0x3}, 0x20) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2) 2m11.581427675s ago: executing program 2 (id=19848): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) setresuid(0xee01, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0) 2m11.191995174s ago: executing program 35 (id=19848): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) setresuid(0xee01, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0) 21.552022103s ago: executing program 1 (id=21363): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000180)={0x1, 0x0, [{0xdddd1000, 0x35, &(0x7f0000000040)=""/53}]}) 21.425141281s ago: executing program 1 (id=21365): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) 21.303372084s ago: executing program 1 (id=21368): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x2000}, 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) mknodat$loop(0xffffffffffffffff, 0x0, 0x40, 0x0) sendmsg$NFT_BATCH(r1, 0x0, 0x20008844) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0) syz_emit_ethernet(0xe3, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000ad2ffffed2ce000000000000000000000000bbfe8800000000000000000000000000012421880b0000fffd000000210000"], 0x0) 21.202097672s ago: executing program 1 (id=21371): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2301091, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 21.042559006s ago: executing program 1 (id=21375): r0 = socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x12, r0, 0x852ac000) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x86, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000200)=0xb, 0x4) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000080)=0x1, 0x4) recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)=""/4110, 0x100e}, 0x7ffffffe}], 0x1, 0x40002000, 0x0) 16.137272365s ago: executing program 1 (id=21426): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = syz_io_uring_setup(0x18b0, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000340)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000240)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000002e00)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000001700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 15.83297928s ago: executing program 36 (id=21426): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = syz_io_uring_setup(0x18b0, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000340)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000240)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000002e00)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000001700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 6.464445004s ago: executing program 7 (id=21546): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-384\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r2 = fcntl$dupfd(r1, 0x0, r1) write$cgroup_pid(r2, &(0x7f00000003c0), 0xffffffa0) setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000780)=0xfffffffc, 0x4) 5.267065752s ago: executing program 6 (id=21556): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}, @op={0x18, 0x117, 0x3, 0x1}], 0x30}, 0x0) write$binfmt_script(r1, &(0x7f0000000600), 0xfec8) recvmmsg(r1, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/200, 0xfec8}, {&(0x7f0000000140)=""/9, 0x8}, {&(0x7f0000000300)=""/225, 0x2}, {&(0x7f0000000400)=""/41, 0xfeb2}, {&(0x7f0000000440)=""/123, 0x7b}, {&(0x7f00000004c0)=""/203, 0xcb}], 0x6, &(0x7f0000000dc0)=""/123, 0x7b, 0x2000000}}, {{&(0x7f00000006c0), 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/24, 0xffffffffffffffe0}}], 0x2, 0xcb, &(0x7f0000008000)={0x0, 0x989680}) 5.26125907s ago: executing program 7 (id=21557): sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0xd8, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x8000000}, 0x0) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="440100000103010100000000000000000300000280000b800800164000000003400004803c0003800800024000000009080003400000000905000100080000000800024000000eb30500010000000000080003400000800108000240000001e12c001980080001000000000008000200010000020000000000000000080001000000000008000200010800000800154000000001b0000f800c000a8008000140000000000800084000000001900003802c000180140003"], 0x144}, 0x1, 0x0, 0x0, 0x841}, 0x40050) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="40000000210a018800000000000000000a0000010900020073797a31000000000900010073797a310000000014000380100000800c"], 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) 5.002387306s ago: executing program 6 (id=21559): sched_setscheduler(0x0, 0x2, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x100, 0x0, 0x335}, &(0x7f0000000080)=0x0, &(0x7f0000000840)=0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001800)=""/200, 0xc8}, {0x0}], 0x2}) io_uring_enter(r1, 0x47ba, 0x636d, 0x0, 0x0, 0x0) 4.995785887s ago: executing program 7 (id=21560): r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c060000a13f010828bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000004200400140014007465616d5f736c6176655f300000000008"], 0x3c}}, 0x0) openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r2, 0x58, &(0x7f00000002c0)}, 0x10) 4.738917935s ago: executing program 6 (id=21565): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') readlinkat(r1, &(0x7f0000000380)='./mnt\x00', &(0x7f0000000080)=""/13, 0xd) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x32b, @tick=0x440, 0xff, {}, 0x0, 0x0, 0xfb}) 4.456324197s ago: executing program 6 (id=21568): syz_open_dev$sg(&(0x7f0000000040), 0x2000000000000, 0x40880) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@ccm_128={{0x304}, "25beb819521eb41d", "cae5e9937ba539347092dd17d39ed975", 'LP3F', "50f641306280c4e9"}, 0x28) setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000040), 0x44) 4.278108591s ago: executing program 6 (id=21571): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x4, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="58000000020603f7ff000000000000000700000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f7274"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90) 4.027629121s ago: executing program 7 (id=21573): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x14b440, 0x0) r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x3, 0x400, 0x0, 0x2111}, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x40, 0x4007, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0xfffc}}) io_uring_enter(r1, 0x47ba, 0x0, 0x3, 0x0, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r4, &(0x7f00000002c0)=[{&(0x7f0000000600)="705b79e09c88949ca29babf16f", 0xd}], 0x1) 3.441335573s ago: executing program 7 (id=21576): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x6}, 0x18) capset(&(0x7f0000000380)={0x20071026}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7, 0xb}) setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6}) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r1, &(0x7f0000000780)=[{{&(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804) 3.19419515s ago: executing program 7 (id=21578): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203010902fcff000000ac0009040000000206"], 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000380)=ANY=[@ANYBLOB="000a04000000d5620963"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.611046787s ago: executing program 8 (id=21585): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f00009a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000fef000/0x4000)=nil) mremap(&(0x7f0000678000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f000084c000/0x3000)=nil) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) 2.528262713s ago: executing program 9 (id=21587): r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r2, 0xc0884123, &(0x7f0000000300)={0x1, "244689261a3365eb47c14247a532ccbd3bf3b29282987c7cc12acb8ae6651cb5e0a3eeda1a7777d2fbd3428a0df873e1d58af8bf70c05fc6c43edcdaa8e7db07", {0x2, 0x1ff}}) 2.399286097s ago: executing program 8 (id=21589): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4004816}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076655468315f6d6163767461700000000900010073797a31000000002c000000050a01020000000000000000010020000c00024000000000000000010900010073797a310000000014000000110001"], 0xc8}}, 0x0) close(r1) 2.22269988s ago: executing program 8 (id=21592): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) pread64(r0, 0x0, 0x0, 0x2) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0) 2.140313954s ago: executing program 8 (id=21594): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'ip6gre0\x00', 0x2000004}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18) 1.885388971s ago: executing program 9 (id=21597): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8004, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000640)={0x11, 0x5}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000300)={{0xfec00000, 0xdddd0000, 0xd, 0x5, 0x3, 0xe8, 0x9, 0xc4, 0x0, 0x4, 0x4, 0xe}, {0x50000, 0x0, 0xd, 0x1, 0x5, 0x30, 0x7, 0x3, 0x4, 0xd, 0x0, 0x80}, {0xd000, 0x7000, 0xd, 0xfd, 0x0, 0x11, 0x4, 0x7, 0x8, 0xe1, 0x9, 0x83}, {0x8000000, 0xeeef0000, 0x0, 0x4, 0x1, 0xb, 0x0, 0x1, 0x1, 0x9, 0x6, 0x40}, {0x2, 0xeeee8000, 0xd, 0x0, 0x2, 0xd4, 0x2, 0xfd, 0x0, 0x1, 0x7, 0x8a}, {0xf000, 0x2000, 0x3, 0x10, 0x3, 0xe, 0x5, 0xf9, 0x6, 0x73, 0x9, 0x9}, {0x0, 0xb000, 0xe, 0xc, 0x7, 0x9, 0x3, 0x4, 0x2, 0xfb, 0x3, 0xb}, {0x5000, 0xffffffff, 0xe, 0x7, 0x2, 0x5, 0xf9, 0x7, 0x2, 0x0, 0x84, 0xd}, {0x7000, 0xff}, {0x80a0000, 0xfff9}, 0x40050002, 0x0, 0x25000, 0x242, 0xc, 0x3800, 0x1000, [0x1, 0x8, 0xfffffffffffffffb, 0x28]}) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f00000002c0)={0xed80000000000000, 0x70000, 0xfffffffffffffffd, 0x1, 0x2}) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000180)={0xa080000000000000, 0x2, 0x7092, 0x8, 0xd}) 1.82907832s ago: executing program 8 (id=21598): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f0000006e80)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x433, 0x0, 0x84, 0x1, 0x0, 0x0, 0x10, 0x3}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000000000)="03684a7b99a4fde940f3ec0d105ea2c8267323117153aa4a4f099c3835a607cd5cbd77b83cc33d13bbb6c6bcae59db739af84a4b5d34bffc145f3cc27ed3d4f9d9b3103699a1e1cc4ddfb6c1afd07ddfc18e358cd62649479724ce867fefc0a15041bee9f6084842fb982d5c2cf1488d668b741c64f0a6fd2643e729ac5a56462a6b64d5a0a751fda4fadf63ba0dc2fd14ecbf546918db77095545b41ab170e5d6e8ec8bf9ce9b8d53b832e90c701fe52af7999f8fd509577ead1be27891ada8564167f2c7d2eea1c1c9c65d8e151c58ddee43ec34e74d330ec50cbbb2bb21892c7ca995066e3cbea8a69d94dc6bcef5f3c0ef630e774d092ea58627f3e09c66a9c7d1abcf4f8f8af87f4269df288aca9bbf758275ce9695256e764d185a91a7570fca3aab16c75ecaff6b8dda371c3226d6ec6e55c5c4d8cfc5c33892bacc956a3613bcfa849da1b5e070a7911d7488b3e628d9339718e8b821f1bb5d5c45f0316bb563d0a442801412dfd5a4d61ca657e04d6686f7d5863d57954400aeee8e79be8f3cc4cbb3d4b91269df039c3d3543e500b90a2bdc6eb60cc7afab7b5187d88fbd76e6212ea29e872b73f925287bdc808b4a4f8ec7f8aa08bc90b29e217c3eef69d8deae4141f4f9bd110b7bde9320e7b45f422e9a6111bcaf99c9911e46e219d3bab477926bd5d2e78d4cd0eca133c232b1e863fd7799dbf609f3670b323e5518e8f4bd36e9b3da2c68a28eaec9cac688b4dd0b73adc24a8c7acc264399b7facbc2f43e8e40b6cae9f8e956d1dbfe259f12bae75ad362c354050ffdd6e954f2d7615fafce888bd6f672a81c9fd4318caba765069c0a425e898bf7611b77f0fe61c27d318159dba42f011900246c64557d27b77aef928ab04a147baca37863cf998a2ac30b903c0314449ddb218887c309ec7184c8c733f5d4e7b2d79516e9531c9a5becf8294d6ccd777f285b13160e1c949d3069c6c66c0daa62bac679bc9b69825398d1c290d765e882fa2c8708b20ccec885ab6785dc22696b61c109ff84bc5407932c3e5bf12069a68b8e3333a26d3dd390ef9bc01b86013fbcb5c28a1f4d2b8084f1502fccc4027a124c3629d8f4a8befd14b597cebda5f94f36050a31b95087cbac347788a71a90e87f2187fae600aa42719c05c2859cb30ae0fd58a7bba681f7a6027a00583071def2c9a94456e5d9acb9fd2d11fdea524582489c02377bf7f590948985c769b3822cb6366681d79113c6a6c752f2475caba77b7b2e8f293d7fd9b991f63e254c98dec94f4f3def4fee9cdb56ff3ba7fe6a718cbe9a7f04710e257ea8a49d6605266048fc122d4f3173d4b04b3e282bd3c5198d7fcb72ec38e0b07dd8a541b2807e601e5a0a01f07a281e0e1a261c65977088a54597efd0997c59647aeebb2605a89705eeff3ec780e302e24b23a0cbe4f81367c3f118545f01328d22eb8e802667389143166a9db9477c9b58eb5c76a19b8f8b2692b0d356003f08ae54dfc820d8e357ecbf91fb7e212cbef1262171abaf2f613a5bb59b783cad476fec50d16ca0ac13c08a59a3097e6e3fde700a4b987d10311fc22d4aa210956cd859799f78010e4c0f25b715876aa253df15009490f71be3b0022875161f537c70b14bdb9e2d87a5a11b414a1198533c7de6fc4d22228133bc26b19d9f1e7627b14c72e3c39d3fa2186a42e50a0d1867dc312f94c7209d51475ed4aa80b2ccb0557a40422bf7317de2fdf3296727723a2d23babd5e23f7c3edf4942bb485b95a122e6aba41b8f80f684f84605462448d5a4fd66dfe9bbf80590b9999b4780d4f4f189a20f4400b2975df85b584c8c8f9fa3095f13aede1f52dac98be358b0a0d72bed4df71cd23973e326179580268c4e5d1be4b2ae2e1e2dba913998faa6088af128fc8fd3ae26203a898882b67d86d63f6ee8f8e216337330db6d928facf9d0ca273845ee5b33a0a136aeb48b7c52d3b95fe73efaf06197ec8753ee0349f19db8730917d0f18a2de9602d3b887bc583ff64dfee67e2bdf4d5cc1c341b89acd3dd5176d2c15ec2a77120b8a49591ca438ae36c52845e5dca550e539da9ba2a2eda49be316f3d6d4b7c83666bd4759940347c29dedd273adac722630a940e104316b4806553ded47132be4e31a50600f5a4dd56825b245b7aae853f56f79e0ec31f7b5db945ee3bb92865acb0d8828598e77446ee50ecd8bf5e7ccbd963445a09e3be215709b0b3bff2e9d12e6549924338f236b4ff973682e2e03fbf6b167e3b3a0f8c3f3c1e8d0e21a71937c918cabab50dd74c011a1a5531cfcf88a5df5fa58f17715f7c7b3a64d9dab6f20a596288969191420ed71daccbae7c1ec88bf74811b5e1f4bd306f3d810c4f3600df2903ffdf8db40ac7153fd93327a1065cf2c4590c8ba9f9391eb6aa600cb42aff8793e4721afeb3d470beda45dad9adfc6f4fdb24eafc63792f5015c656ca37cee82b7ee382bda31d786d6e03d4c8611c4ca464e2360ca747815c9eebd38c8fc7d5eea2db96b29d771a96dc5c884029077125bcc31980564555d21ecce5d0388e1bc1e618c7dfb31b02b1a6730db7eda387dd4ceb96f65178bb088e81133e5086f73c458f84139685ef930945a51979faeab539e4964244709dcb8b38f575d3a3ec1328a0df65fb34241db7cb3250b8ae0dbc44670d2b5cc3a1785d8d281c05256ef2beee3b202d8bce053e55ce1fb2bb208e65d488ae24484b00c2e343fc3544ca546406688022db6e29ceca9539ec095a2a2cfc5f516230f75fc961c5de1e8d33222331f57db02cac5f9208029c6114d041bb1cc7f959f77511f5790a564600c018afc253e5ecd5010bd769b45a04296ca09e87fb63bf3d3b51dd8b3f6d4426a03c0944d09dff654c5718ab1fef063caba34029be6811502e8bb785011dd1e34b0c192915adeeb40faad0725a8f9a62acf61b944a271d20567f350cdee22d76e3cc5966ba742d9c43823af19ba74c60da0df0c5f4e7e26af7224147774a1f8ae09f929066e1769ffb3c40ba9fed13d2670b9e865a155426ed5c83648c0ad34e46f5308b455e0835730fe529668b606f3f52b0d04534d0e14bc0ff0f742359550e6980ac9978455adb3de0f292af12a3700453e035a49eafe98fc0d7f26e42a6c41f380448607b7c96291f98fa6bbd7e32c249a49171f8fa81762a490a1ce5c39d66d35c6ed6c0679440c06197c2e24d48e1de81c711164c02820816afb5393d3d6c801c3c062ac46d1494f52c45ca36faf94894eec9d71e1be6c7256f4aee8dc080156b28623c821ef8d1826ebf0a41332620f42589270e142561374c825e828e2bd9ae41fd34959db48319d54ffe7a1b58ae8f7361cbaee8e26e0e7e1b7f125f8cd99788825efd01c38ec987904190a0ad52bc20cd36cc7209f9269ac87b2fa44d2456661d3056d893cf912c69ae6b2b83d0c781a6d6c33df1910867b71257ab74e244e3ebbac07445069418fe2e440a384e16feedf8e3165676e67866430eb6a8a5334620d8c2cda15b0328bb0c50630886353f95241cf4f3b647a4ff812c70e1b074c4befdc70fbfdbf868bcc81652034b5bfa831f1b686724046dcd17ac91ace83711e9ec7465d14c9d508bce93676a58ef7dae37221436865ad34ac2fd691e3b3e12aee6736dbdeec9b1c05fcedf8b9ced547259a1a40471ebe8b4bfda69d2f884da025e2809fb9f159150bbcb331ca3c502012a7fe76b4fc2771976aeb624ad7f2d72c707f5f19d8ded84581ac5afa697ff99d27d88c9588fe769839c9cc9d6786a0f814667527c53b6253b1825bfe17e7d734d96d61da0ae7349d0922774fa9b4baf332a4568e32cafa417ec659c4ad72cd656a1e2c59c8dee38890ed3acd8b4f8657de41f670106c38c38ba1a553f0f589a57c61f5105d70e0c0953459383cb9337ca972cda1d2cd3056eb07f21c1f5b995a04997fecf501bb201c67fd2afe4d44fedea595969b6b3706087b0f59d2ddbb099d60436a94f0ba33282b29f6e914fe92add4b33cf70b680b905cfa2b2ccb00b9967f99806e8d69783fd35a2d7fbb424e9fde2647609aecb0208bc3864bf95f05e50ba12123edaca8de927b338dfcb3cc597947c606c08315061a7fec98c48f480e2febd26fcc8dc12289aeb0adefa2c2be1766a5bc74ef1aab6c2cdbdfbf1810d956bc889c8e614b7b933ff6e336bb208db5b592775fe71c3ebfad5f47e0d074e1c0cb36761481ec677794f23c3698bd35875719f242e3fc939bc3668f9723f31effe189dabdf4ebbed073eab952c88f13059eee22230bc7724d7266b15726a0b0898cdd274e3e56d0a356166b5d16456249e9e92e84e39f61c0ecdf99ec2cd230440c03fd21cf68f27306628d35ea47367775f39d20a07f3959b38d49e3674061fc1018b647047ad39f77027878badd29927c5806f95aebde5f070fed28ed34052550678d3c6b677a3b5a46f76a98264c42206bf62caa95df5437092b68e025ee9ce2ad733b6db3ec97fd33cdc3b2f77ee90dd86d8bd289ae1a437c86f4153ddcff5e846347bfecc1499bb42980e4fa91790faee1b1991dfead5d7c460348631f0469b2b9e8f65207a00985511e0c41f441d9a3154f5a0298c172fd7135d4bf95c11cdf1769db1cc55f392aec309037599327a7c53c10a56d1ace8ad19186a2fc75dfa9d657c114eae99c1c1a6b4a58440718bea82290bd1c2a67048938c381648ea2b2c7110d748c9c8d782f20430b1427b51d7036e55b0997c6f75717db67a82c88d3647ee036b49392f0467d6010b32f9de3e5e79ef082c5bb975d11d2bf76a97f7159c11a7753db8a065d3126ccda9abbebd2c54374e389942c24b27435868fadb45bb060d3c1084b211e2afa8dfaa2d8dab8dc47fe10e6c32afece7c4976176a7c66d704125c0948c238c843b41b0246be1f50f8e07884cfe7ae8885ca06339a339c8d5978b079e0eb78facfa1dc67ca70733dfefc6c868ca149e0661b70e0134870a3107c8c46711fed14f892d6fc66d95306838688f13b19e904416a8d161cc33527878b38ad10b1c08db21457b2075608be7300d39748e4fcebe02b190f3e8ed32a0ef734b11ca43a21f5f809bba795f5aa0ea01050021d0f5213620af5b08fda6421a42b7c82804a20a6ef6d471babf76f46538327f943476d1d109a3f0dc531233d6f93d8dc27f4745735085f92adf63d617b373fba24f289035710e69eb80da12d36e8eaec22620ffaabadfb824bd5fc309a2c74959505856b5b890bba8f22bc571a9d87e93ba3b9aba6dcf26f7076c0c2e271641835ea25fd49d96c69d4fb8bb8731bd2cbc75146aed10d269f9060462339cde8830b535920be3dbf143eace0f1ea9469b95a64fbd7e5057eb880d4422cbf97cfc3f7140251d4923580ca2113f345cf24a66499ceffd2e39dc4fd74cf448638962957b409f0d218c165c13ffe107aa1dd1d9a02092cd46cf2b353dd2d2ca7b8a7ae8eda0ee18bba269bbffed0c7d400497aee4da0896cf6329d76ccea098fbef9075412d1c2a3644cf0f202b884303d204314ae92c56217b2feb5e7c1e15a99fbdd655fb8f6bbc3ab1259bf03b2ee17c5b7e9443695177ec5040eeff3fc36ceafe143393d76a3d735cfe6c9b632e52dbe64dc1265961e8a27ee9f76c0add9e0581e474d7678214f5b64c932903715befc6b766611f1d7e495573b9a3e009cfcb0ffef7ac57c3561badbfa41c119e541180aa2364de61a601699cd1bf3de01d15794b728e1444efd6ffa1e57d95489c8df91fbc057b66dd6d9f3a01b19f36bc99f0b54ed1f9905067dd1608bce47f5ff1981a25184aacd39e331d8ff3dfa7c012d7e667a69249cb4803b23f7eeaab8ed29c69ba3d2a1b88821ffefc5825650c53b6364f38e0a178312f5d29d5375423cceabc8e1c4e51a566ba3f9b176b858c8860440ff8ebdde725640d2dff6b9160bb69f188755b0ff766b410704cda4c33e1ae2c73b5799a00d2f55de73109728b350302b64df2ce3eaf2e0c6561009b60c2701ac493076305e97ed20c3b42f40b2bc7f13bba4ab8181e2085b07930c6f5579205dff696902be824e65ddc774e886e8d261fe74712a31e406b0f7725b4559d7ad0f27a1a870261aa5bb8a720e7c89ba933770d48821416de070df1abcc6eee1147c20bda090d940aeee2bd48c0f3d94675d9b9cf1a62ba50e31a7af0714dd8325d5fb7142e88c4d22ddb8f0278ee6ba88e361524e291b6d000f6523ad4188b021da9ef4a634ed09eb2002b9c726746c9ffc32f261edb448106aa1e2daaed865255fd1d296fedbbb2de3f7c1f15935e52006492b632ad125aa1e000c9d71bdb945792668e16b26122a3fd7cba1a40db8083068c5c48fd2aaa621c87d9f5621bba442fc26839030dbe4e37fda4046d6503bb03e0f928de25d4cd4e2a40ec93c9021dfcbb25f6e2c943cc85eba8123340d6364949581e8c8c2913d59dafe4297672c0b9e7418485f00cbcf672a588904beb3c074bebf339815b91c7c374ceed5a701e1ade8f5d87ca536120116307ac259577a8e12958425317c482d2c7089bf3d83e12318d1526107a050f3c094492de7255b22e18ca2ff261b3ed197f2f8e67b71b1c5a6a04b99158b58e9baad75201aabe13254617d0de0a9073af62491c67fc18d1ccbf7686a85a99b39e9d7d9c85a0777e47c9fd0e10c932c20f13ef287b44b9b706ec818aa0c48a10caac58a9b8355e84bc820698c2501f0c12e1b67df701cfcbe72dc47a2c87d43753ebfdb24cc838507e241d9fcd3d4955a373209ccda903a3ffced05e4232f2cca9bba197fdba8a9357cb1d6da6d9b4095027dc03e17d59ebc2d358e171da0044df102b193c79390ebcb58023b40c621df71e064b0056bfcf1eaee1eca85357cd1ac78feaa54bbbd85596977ba85003ea60d8685f4e3b756e4f81453077396590fa214f672929e81569442023667b798c24e06ee20dbf64cfccb51b2bca4e2a5b0df137bb37ab3e2854dc7e1b879866a72a5809b563596cc9fd3e53abdbccfd5dbc60662252ddc5c290d72230d79b7504b40fdb45ded2f02e926652c1e04ea4c1c488025ad1098adeebe98e385ab1caec4b9eb4d3bbd5ef3ddf1fd0d72784604a989558fd37f6d4fee20609090b3331e254fec98414a2c54589ee01c9429b7cb574b9167efede1d966a227bf2a8e422f38680d77d3c555cf1117e7d7e804ad730c36a78b7846473d6481bd0839bd3e6982ed47246c370a90b76e5b88de202346fb20b8b6b5ecb6a90b8478d17b175a1821df75b48ecc34866fe5c8960bf64d5ff92831bb9357474bec65e0dd1699b0f0340ee5ac5e9e9d3df66edca20201371fc21ad80aacd49c6b0abcfee9c876c15edcfccde823b55b61cb7b254487ef8c8781a22043f4adaf25df34580a6b3904fd014b50c59fa90eff75fa5fd32aaec9aa10df8a2b9b824952e475c964533942bbe30f4167a11fc15d548e0a31f911030569722f0c67e79e90483f6f0bee1c7f80face1a1b0f940c891be688cb16394f6c07fd29b5f248c211d1f76ec1292755d8bd963e191b3a8851472fbbd2cb732f4fd9fef3a8fb29aea097328173fdeaf56fa2279e86fb954306b040c960d0b601b3a741c96cf1f0bd1172f848585cb3b57d7d2e2a84914526f5a6f9895cf5aa4425b4dbf9f59037756a0321bba204a737e36277e86fd268f6047921f4f8fab69dfee137c07874f12f89084e7117e2c9221690a27f880f17d08d56f9dbc96ffef3920b55fb773dde72e1ba35f3e0c9872e339508281426ab04941df4885f7e0293149f1642c2573e2b6594b8fd953ae2468cf917cdaa0692cf461e3628860935def39af78af5e1540147ab1c70c3ab7f7c76abea0d8541feb43e632d7a2cc7bef15a4700304048ecf135968d0a9644ce899aad05b186a2224bab3836248cc6137472203ebceb29b3e87610df12417ee722f309c54b2e65591d8b929440f3ec43ee9ff8f7b7710668e4312610d1591303d5270394da0ab61e4515af5215dc81137f0dc90f951972731f8d98ceb8b4ea38da7d8dc153ccbae5068781eaf9a4a7b11b4319090261b61aa65a8536292eb5392020eb285b2db07f81e7f764d65037050f1e3748593474c6c1dc11cfcb56e1c916157280098a437265e1c682cbfed717e7275bc6c3bb6c6ef7f0f9fdd19ef82ff2c82284c3a061f57b21d3705aff97710108a7d1217a7ea3feda021d20f1fdca94bbef67e0aeaa3db6ccc2d060f7b33707fe19cb2d0232f1239373bb38e666cbbbf3a697c6d0e957ec6730f56034440e789a7a37304d09eb742f21019a77c608cf578162a55d0aea113c051b110b5281ed8b6638d2b31604e965cb019f2f106bc4e96d1313c70612f1ff18afdce7926270dd242c49cc53792f160d1e143e04d7eb3ca40828b153fac466bc53a084281987b47b806a4ef668859eb9035ef68e9c20bd6bb790fdf6f921569b4e97fae5b7edc761b4944c1d6d90f4df40bc3203ed838d4c61cdeb7a9bbb68d59b2cc00125eecaf06b759ac1b9dd68028225d0a60efa499e4436962362727011eef6cc55962dd4ffe2fd3892907e837045883cc9ba8892ab265a31924f3055d4dee68feff05d9f10ebdf1e8c1c1e7001b5b02a7fe26b9c0641e054ae37854187fb1bb6e9fae05b09e85a1e0e14bc801f2d8b9a178a9a72b147e137e0d83192664a88a3aca4fb6a4f0c5787b20c31bc5975dfbc8bcff8987573bd14b1ca434d93452e67ed01c60be99e535bb3f848888d224520b61cfc1de2d6b2ebef9f24674c31aada52784a0b7b60f351653c71d546cf951e6b4a0d917ac6afd0a713f41833f9f74a3a7d3c19b523299666da2b48676ca7aafebadef05b3bbf4b6b62834046f51d3d4582fb4c9de27a3f5e992853368e4f17f9dba27c8c4438307fc7405f53fb27cc81c1521452a1a5edb0cabdf7a73b1cab0675b619fd5a0fadb7147776e74695c042d9d8bfda045bcef7542b42249f34c7590605d0201a762390f2fee5f3cdb488426609c663c9fc4dc2a5277f3f589a14e6dcc202dfcd89bb148a368ff1792d230c19934143d2c260dbdfb334af863b856e415febd22fba01c568d8f48dba6d92f493cd1164a376f006d55db609cc2c9532a9f56da3b06e3db2a05f797eed57892e2fb677541324bcd763cf4669e7a871e322d0cc6e21befe3c767976f058dbe7a059d673c94c7ac5d49178bf19d32907b6fe66a92cc8ea30a858da43f74354390d6e97021da50812c59a78915e5b33221531bfa054c594ce3a2300e5a7d712773181901dfcf6922e980566fa62b1f2b669a27fbecce29e9be6d22058463e350163f33d18ce92a72d1b470857b6a37998aec5672521a8f0d66ab2bd01de516036ec47d1f63b95b437dc6d5a0168189d5a963cb0a80a9a5f20b03515396e3525f0ab13b0c1e5dd051b4c930da6d57ab6f7dd94ab3e689e0355af0b34871296152a76cce170d7b14d471ee4d9daa93de4ed755f30d45344f724288c17e4b22583158f1305ff55fecf7d526e207fa609886e14c9a168bf364b049409f63590f18a5515de8c1fd8c5a9710b6e33d2ecd01466b799f14be787612b8f17df0c05483a16097c0a504880249e28f1e067663c640a550a8c7ad9d090f7b2e902c5c20936869a5f3d3a014817f90babf847b43cf67ec23f120ae4abc63a418d1d99f359fc2c33a5bb34e1f5780576111a88c5ede834bc41e498548ddd128f9e884f4cd3e1bf1aaa1204079ce74e709306f38f2d6859128fc35d3a74c534ff1dccadfc8fe41f1be9510349af8710eb6d2dbc758be12b65622dad1cf48abc2fc409f5ed6a3af8d0b6548643c46dfba9db4e5827475e6e317c9c018a4dd5de391cc9cca85ec527537e26949e5091baca4f0b563d4c3969f15115e5ccdeb9e40788fe12f9d32d9488a70ae53b819726e4483ea6bbcb76f99775ca5e4f93c76edae462c08d596209f985aa55ef5e786701edcee8d831dd6dc0fee9ad01b6bdd63e886a5e55bdc593390c81e18dfd8c685b81306bad6b7a19a86b2bab5cbf4754708422e99f8f2497d798b3db565e709bcbba4c376c1c60b22b994fe8fdcb25215d505511cc1927f6a35344023d5da0a3ac0830e6aa80f5f7f0d94a67c99c6b22717078aecba2a599daa2acc054cda25e3965172e5fef464ec19aa71de5e84b6de30cc673fbab8c441ea37bfb3fc321a504371bc0996702e9be38db762e339ad7ad66dc2caa887e4ab60272d7963f85b14c941d31e545b85c640427302efe7142f0e0897a8c623ce57da213fbc2d1f90677142fd48cafca0b2934e572833ed6473218d0513dd1f6ecc578e5a1109ddae552b3be0cfe7246d7682a59fe9ae783a0f318d1800d5c466c80c5fd3facd0340f455f081068dd2cda5cda744018d902217152b6c05d37c090f8348b0471053152c2a4570fbab3f6dc30c8e49a63b88a00b3aac75180a633692e35ea976821694e133eb8bb4d31237d002fce1dd2ce55528dafcef2f0e00690562d144bb0e19576ce6ab72deac22067d8edac916b1b07e4eb57ff0b885b1b79f37dcf88135eedc17ffd948b61e4df4985033bcf891dd5b1448c8668947a271d93d03ce31216810a6bb45a6c5a12e290d97a60ad4b5c7384cf19421ac1ca64d346b50771e0b50e5caf1d9dfe056e8da247aa502ff04c8e29ca810a1d3ec7a89bc17dba2936f03a80228171f7999b3f2768617970efe57b14011c80666ac4999a568ebef74e2ca14df0ff6f0fcd47c538be96aaca1e65b53b98447101e49672b48167c0afc1afffe669b0f9718bd3305805c292db9738740b362564e4691cbdf061db1ed3f9db1f8bed82939f835d14f46818e3eb4e25f7a8d77d9d0d7913c45d8a81115c1a5e37b1d3bd1b7b5e6afaaefc81d9700bf83506fbf15457bc0f59f7008cc803efdcb6d39e388f6b28e80d47134265cc5438804b12d50e61a489da829dca05792d2ac182ba747331e88a7118f7dd38067f7d38f37be362260effacbc33863bb47aeebbadeae648a1090718266eedd2ed5a2c23f168759198aa92b2ac45c2a68ff212f29260e641a38541b066d39df4e95cd1c8e7e6ffae1b8017e6f629db3910b07496c8a81e4e66ac2321fd9e7ebfecf5bf6e922d7a79fb710a2d42dad1916c9b186c2c50c818fdb1afa19be867d943ee98f732fe3a01364281c0f6d0eb64a278721dc7bff5316256b0f4251abbd9b8ba7c7c12a3bf02a1fbc9ca94b965588fbc82343d07df8e06eaa5ed2137fec129351d80a9048a7d78b31ffaf2e388864a763c4af7aa53000e0bb2eb8ac0e4272cbb79dc6a7d65890f125c523c7cfddacdedbe87938aca915c92c807dab26be7d748827d4e3188676312ef1ac8460b29e8e715f4075e33104ce82e6785aadf17a7cf82d2a705e9f2d0fd25810ba33d76e54b48eda3effc01f37c89db38af81922fadc8c3361fe74ed51eac5e4437108106ffdedb339b406c082d62a8bf718989846d23f966e1ea39103010f767b3a6f0a0a2041b1dafcb787e69ffad75ed2a0081b92a4136ad5ae557c55a4b6219a390103428181ab36f329ad182a92957495c", 0x2000, &(0x7f0000006dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006640)={0x90, 0x0, 0x6, {0x1, 0x0, 0x20, 0xfffffffffffffff9, 0x400, 0xc, {0x1, 0x5, 0x8, 0x1, 0x1, 0x4, 0x8, 0x10, 0xdab5, 0xc000, 0x0, r2, r3, 0x2000006, 0xffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$cgroup(0x0, &(0x7f0000002240)='./file0/file1\x00', 0x0, 0x81, 0x0) 1.491946127s ago: executing program 9 (id=21603): ppoll(&(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) r0 = syz_io_uring_setup(0xac9, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1103, 0x21e}, &(0x7f0000000240)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x0, 0x3938700}, 0x1, 0x8}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) io_uring_enter(r0, 0x122b, 0x83900, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f00000000c0)={0xffffffff, 0xffffffffffffffff, 0x35, {0x5, 0x5}, 0xfe}, 0x1) 1.477992442s ago: executing program 8 (id=21604): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x40000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB=' mO'], 0x0, 0x0, 0x0, 0x0}, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 937.432766ms ago: executing program 6 (id=21610): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0xcf47, 0x4cc, 0xffff, 0x9dff, 0xf, "800300"}) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0xfffffff9, 0x7fff, 0x16, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) 885.897447ms ago: executing program 4 (id=21611): r0 = epoll_create(0x10000e9) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r2 = memfd_create(&(0x7f0000001100)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03', 0x3) ftruncate(r2, 0xffff) fcntl$addseals(r2, 0x409, 0x7) r3 = ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000100)={r2, 0x0, 0x0, 0x1000}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000140)) 820.726467ms ago: executing program 4 (id=21612): r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x0) bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) 643.673716ms ago: executing program 4 (id=21613): r0 = syz_clone(0x84000000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb240580403500000000000010902"], 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0) syz_open_procfs(r0, &(0x7f0000000140)='net/ip_tables_targets\x00') 473.891148ms ago: executing program 4 (id=21614): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_dev$sndmidi(&(0x7f00000000c0), 0x2, 0x20002) 462.565305ms ago: executing program 9 (id=21615): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x7) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x8}, {0xfff1, 0xffff}, {0x6}}}, 0x24}}, 0x4000800) sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@gettclass={0x24, 0x2a, 0x1, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xfff2, 0xffff}, {0x7}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) 346.085666ms ago: executing program 4 (id=21616): r0 = openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r1, &(0x7f0000000000), 0x8) listen(r1, 0x3) accept4(r1, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 269.301573ms ago: executing program 9 (id=21617): ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x4048aec9, &(0x7f0000000080)={[{0xfffffffc, 0x0, 0x0, 0xc, 0x0, 0x81, 0xdb, 0x66, 0x0, 0x4, 0x80, 0xfe, 0x3}, {0xfffffffc, 0x3, 0x0, 0x3, 0x1b, 0x21, 0xfd, 0x0, 0x2, 0x0, 0x3, 0x3}, {0x200003, 0x9d, 0x22, 0x8, 0x40, 0x0, 0x5f, 0xfe, 0x0, 0x2, 0x0, 0x0, 0x8}], 0x1ffffff}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a"], 0x38}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0) 79.773642ms ago: executing program 4 (id=21618): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) unshare(0x22020680) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='smaps_rollup\x00') fchdir(r1) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) 0s ago: executing program 9 (id=21619): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x8024}, 0x20000010) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}, @TCA_FLOWER_KEY_SCTP_DST={0x6}]}}]}, 0x4c}}, 0x24004000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) kernel console output (not intermixed with test programs): t/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d071f749 code=0x7ffc0000 [ 1168.494107][ T37] audit: type=1326 audit(1128.776:4195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16291 comm="syz.2.17603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d071f749 code=0x7ffc0000 [ 1168.494387][ T37] audit: type=1326 audit(1128.776:4196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16291 comm="syz.2.17603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d071f749 code=0x7ffc0000 [ 1168.495805][ T37] audit: type=1326 audit(1128.776:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16291 comm="syz.2.17603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f48d071f749 code=0x7ffc0000 [ 1168.498151][ T37] audit: type=1326 audit(1128.776:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16291 comm="syz.2.17603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48d071f749 code=0x7ffc0000 [ 1172.388464][T13505] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 1172.550979][T13505] usb 3-1: Using ep0 maxpacket: 8 [ 1172.553409][T13505] usb 3-1: config index 0 descriptor too short (expected 74, got 45) [ 1172.553482][T13505] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 1172.553515][T13505] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1172.553545][T13505] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 1172.553577][T13505] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1172.553606][T13505] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1172.553654][T13505] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1172.553681][T13505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1172.790011][T13505] usb 3-1: usb_control_msg returned -32 [ 1172.790057][T13505] usbtmc 3-1:16.0: can't read capabilities [ 1172.844834][T13505] usb 3-1: USB disconnect, device number 54 [ 1174.122494][T13505] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 1174.307401][T13505] usb 4-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 1174.307435][T13505] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1174.307458][T13505] usb 4-1: Product: syz [ 1174.307474][T13505] usb 4-1: Manufacturer: syz [ 1174.307490][T13505] usb 4-1: SerialNumber: syz [ 1174.351191][T13505] usb 4-1: config 0 descriptor?? [ 1174.388745][T13505] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 1175.288224][T13505] gspca_sunplus: reg_r err -71 [ 1175.288354][T13505] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 1175.325023][T13505] usb 4-1: USB disconnect, device number 51 [ 1176.780138][T16532] loop8: detected capacity change from 0 to 1 [ 1176.829856][T16532] Dev loop8: unable to read RDB block 1 [ 1176.829910][T16532] loop8: unable to read partition table [ 1176.830186][T16532] loop8: partition table beyond EOD, truncated [ 1176.830224][T16532] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1177.092746][T15751] udevd[15751]: symlink '../../loop8' '/dev/disk/by-diskseq/75.tmp-b7:8' failed: Read-only file system [ 1177.964088][T15751] udevd[15751]: symlink '../../loop8' '/dev/disk/by-diskseq/75.tmp-b7:8' failed: Read-only file system [ 1178.171932][ T37] kauditd_printk_skb: 19 callbacks suppressed [ 1178.172048][ T37] audit: type=1326 audit(1137.702:4218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16577 comm="syz.2.17701" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f48d071f749 code=0x0 [ 1178.291985][T15751] udevd[15751]: symlink '../../loop8' '/dev/disk/by-diskseq/75.tmp-b7:8' failed: Read-only file system [ 1178.336608][T13505] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 1178.499025][T13505] usb 4-1: Using ep0 maxpacket: 8 [ 1178.502850][T13505] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1178.502889][T13505] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1178.502916][T13505] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1178.502956][T13505] usb 4-1: New USB device found, idVendor=1b96, idProduct=0004, bcdDevice= 0.00 [ 1178.502990][T13505] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1178.563239][T13505] usb 4-1: config 0 descriptor?? [ 1179.144079][T13505] ntrig 0003:1B96:0004.003A: unknown main item tag 0x0 [ 1179.144131][T13505] ntrig 0003:1B96:0004.003A: unknown main item tag 0x0 [ 1179.144164][T13505] ntrig 0003:1B96:0004.003A: unknown main item tag 0x0 [ 1179.144194][T13505] ntrig 0003:1B96:0004.003A: unknown main item tag 0x0 [ 1179.144226][T13505] ntrig 0003:1B96:0004.003A: unknown main item tag 0x0 [ 1179.205056][T13505] ntrig 0003:1B96:0004.003A: hidraw0: USB HID v0.00 Device [HID 1b96:0004] on usb-dummy_hcd.3-1/input0 [ 1179.355775][T13505] ntrig 0003:1B96:0004.003A: Firmware version: 2.15.3.18.7 (7c24 577a) [ 1179.617267][T13505] usb 4-1: USB disconnect, device number 52 [ 1179.781045][T16592] fido_id[16592]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 1180.042260][T16610] program syz.2.17709 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1183.223729][T16677] program syz.2.17737 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1183.550415][ T806] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 1183.775916][ T806] usb 2-1: Using ep0 maxpacket: 16 [ 1183.855969][T16693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17743'. [ 1184.059857][ T806] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1184.060009][ T806] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1184.060150][ T806] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1184.060359][ T806] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 1184.060502][ T806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1184.575064][ T806] usb 2-1: config 0 descriptor?? [ 1185.450892][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.451105][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.451303][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.451456][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.451597][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.451739][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.451881][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.452021][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.452167][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.452309][ T806] cougar 0003:060B:500A.003B: unknown main item tag 0x0 [ 1185.652538][ T806] cougar 0003:060B:500A.003B: unexpected long global item [ 1185.813642][ T806] cougar 0003:060B:500A.003B: parse failed [ 1185.815846][ T806] cougar 0003:060B:500A.003B: probe with driver cougar failed with error -22 [ 1186.074150][ T806] usb 2-1: USB disconnect, device number 40 [ 1188.471548][T16785] macvlan1: entered promiscuous mode [ 1188.473616][T16785] dummy0: entered promiscuous mode [ 1188.504581][T16785] hsr1: Slave A (macvlan1) is not up; please bring it up to get a fully working HSR network [ 1188.504613][T16785] hsr1: Slave B (dummy0) is not up; please bring it up to get a fully working HSR network [ 1188.505481][T16785] hsr1: entered promiscuous mode [ 1188.505522][T16785] hsr1: entered allmulticast mode [ 1188.505539][T16785] macvlan1: entered allmulticast mode [ 1188.505562][T16785] dummy0: entered allmulticast mode [ 1188.949225][T16802] bond0: option packets_per_slave: invalid value (18446744072268814746) [ 1188.949363][T16802] bond0: option packets_per_slave: allowed values 0 - 65535 [ 1189.010044][T16806] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 1190.334692][ T37] audit: type=1800 audit(1148.925:4219): pid=16837 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.17801" name="file0" dev="tmpfs" ino=15702 res=0 errno=0 [ 1191.942012][T16886] vivid-001: disconnect [ 1191.943775][T16886] vivid-001: reconnect [ 1193.846737][T16954] program syz.1.17851 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1193.887419][T16951] netlink: 200 bytes leftover after parsing attributes in process `syz.0.17845'. [ 1195.455007][T13505] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 1195.619640][T13505] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1195.619675][T13505] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1195.661333][T13505] usb 4-1: config 0 descriptor?? [ 1196.556722][T13505] usb 4-1: Cannot set autoneg [ 1196.557279][T13505] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 1196.590036][T13505] usb 4-1: USB disconnect, device number 53 [ 1196.621061][T17027] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17877'. [ 1199.461298][T17089] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17904'. [ 1199.461348][T17089] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17904'. [ 1200.065623][T17102] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17907'. [ 1200.065838][T17102] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17907'. [ 1200.229987][T17108] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17907'. [ 1200.230021][T17108] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17907'. [ 1202.382872][T17157] gtp1: entered promiscuous mode [ 1202.382903][T17157] gtp1: entered allmulticast mode [ 1204.081840][T17204] udevd[17204]: symlink '../../loop7' '/dev/disk/by-diskseq/77.tmp-b7:7' failed: Read-only file system [ 1204.221587][T17204] udevd[17204]: symlink '../../loop7' '/dev/disk/by-diskseq/77.tmp-b7:7' failed: Read-only file system [ 1204.394660][T17204] udevd[17204]: symlink '../../loop7' '/dev/disk/by-diskseq/77.tmp-b7:7' failed: Read-only file system [ 1205.335148][T17248] pimreg: entered allmulticast mode [ 1205.355855][T17254] pimreg: left allmulticast mode [ 1205.508809][T13505] usb 2-1: new full-speed USB device number 41 using dummy_hcd [ 1205.698258][T13505] usb 2-1: not running at top speed; connect to a high speed hub [ 1205.719734][T13505] usb 2-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1205.719775][T13505] usb 2-1: config 1 interface 0 has no altsetting 0 [ 1205.780128][T13505] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1205.780165][T13505] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1205.780190][T13505] usb 2-1: Product: syz [ 1205.780207][T13505] usb 2-1: Manufacturer: syz [ 1205.780225][T13505] usb 2-1: SerialNumber: syz [ 1206.429305][T13505] usb 2-1: USB disconnect, device number 41 [ 1207.253488][ T5893] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 1207.413556][T17309] tipc: Enabling of bearer rejected, already enabled [ 1207.445839][ T5893] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1207.446045][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1207.485488][T17311] netlink: 20 bytes leftover after parsing attributes in process `syz.1.17988'. [ 1207.485593][T17311] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17988'. [ 1207.652887][ T5893] usb 3-1: config 0 descriptor?? [ 1207.710199][T17317] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17994'. [ 1207.710227][T17317] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17994'. [ 1207.710257][T17317] netlink: 'syz.3.17994': attribute type 13 has an invalid length. [ 1207.710275][T17317] netlink: 'syz.3.17994': attribute type 11 has an invalid length. [ 1207.813888][T17320] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17996'. [ 1208.743933][T17351] input: syz0 as /devices/virtual/input/input105 [ 1208.836013][T17204] printk: udevd: 1 output lines suppressed due to ratelimiting [ 1209.398332][T24645] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 1209.560704][T24645] usb 4-1: Using ep0 maxpacket: 16 [ 1209.566785][T24645] usb 4-1: config 0 has an invalid interface number: 214 but max is 0 [ 1209.566815][T24645] usb 4-1: config 0 has no interface number 0 [ 1209.566869][T24645] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 1209.602767][T24645] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 1209.602801][T24645] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1209.602825][T24645] usb 4-1: Product: syz [ 1209.602842][T24645] usb 4-1: Manufacturer: syz [ 1209.602859][T24645] usb 4-1: SerialNumber: syz [ 1209.644665][T24645] usb 4-1: config 0 descriptor?? [ 1210.194233][ T5893] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 1210.198773][ T5893] [drm:udl_init] *ERROR* Selecting channel failed [ 1210.517825][T24645] usbtouchscreen 4-1:0.214: probe with driver usbtouchscreen failed with error -71 [ 1210.551869][T24645] usb 4-1: USB disconnect, device number 54 [ 1210.742577][T13505] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 1210.905230][T13505] usb 2-1: Using ep0 maxpacket: 8 [ 1210.908285][T13505] usb 2-1: config 0 has an invalid interface number: 55 but max is 0 [ 1210.908315][T13505] usb 2-1: config 0 has no interface number 0 [ 1210.908386][T13505] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1210.908414][T13505] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 1210.908445][T13505] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1210.908477][T13505] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1210.908526][T13505] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1210.908554][T13505] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1211.050575][T13505] usb 2-1: config 0 descriptor?? [ 1211.066030][T13505] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 1211.139923][ T5893] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 1211.140050][ T5893] [drm] Initialized udl on minor 2 [ 1211.285083][T13505] usb 2-1: USB disconnect, device number 42 [ 1211.294481][T13505] ldusb 2-1:0.55: LD USB Device #0 now disconnected [ 1211.476693][ T5893] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1211.488173][T17434] program syz.3.18027 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1211.558725][T17436] netem: change failed [ 1211.582914][ T5893] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 1211.741250][ T5893] usb 3-1: USB disconnect, device number 55 [ 1211.826668][ T8737] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 1212.950553][T17480] pimreg: entered allmulticast mode [ 1213.041740][T17480] pimreg: left allmulticast mode [ 1213.844512][T17504] netlink: 12 bytes leftover after parsing attributes in process `syz.2.18054'. [ 1215.472071][T17538] program syz.3.18068 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1218.304213][ T5893] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 1218.477394][ T5893] usb 2-1: Using ep0 maxpacket: 32 [ 1218.534125][ T5893] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 214, changing to 11 [ 1218.534761][ T5893] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1218.535336][ T5893] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1218.536540][ T5893] usb 2-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 1218.537035][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1218.931817][ T5893] usb 2-1: config 0 descriptor?? [ 1220.042377][ T5893] input: HID 28bd:0933 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28BD:0933.003C/input/input107 [ 1220.627651][ T5893] uclogic 0003:28BD:0933.003C: input,hidraw0: USB HID v5f.b2 Mouse [HID 28bd:0933] on usb-dummy_hcd.1-1/input0 [ 1220.786703][ T5893] usb 2-1: USB disconnect, device number 43 [ 1221.096633][T17677] netlink: 24 bytes leftover after parsing attributes in process `syz.3.18119'. [ 1221.260129][T17684] netlink: 16 bytes leftover after parsing attributes in process `syz.1.18124'. [ 1222.372737][T13505] kernel write not supported for file /snd/seq (pid: 13505 comm: kworker/1:1) [ 1224.902031][T13505] usb 3-1: new high-speed USB device number 56 using dummy_hcd [ 1225.069523][T13505] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1225.069579][T13505] usb 3-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00 [ 1225.069607][T13505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1225.113666][T13505] usb 3-1: config 0 descriptor?? [ 1225.839859][T17793] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.18164'. [ 1225.874955][T13505] razer 0003:1532:010E.003D: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.2-1/input0 [ 1226.094901][T13505] usb 3-1: USB disconnect, device number 56 [ 1227.511696][T17841] Invalid logical block size (65536) [ 1228.463220][T17880] program syz.1.18193 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1228.663180][T17883] program syz.3.18197 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1228.793138][T17887] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 1229.192034][T17896] program syz.3.18201 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1230.909634][T17923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18212'. [ 1232.755092][T13505] kernel read not supported for file /comedi4 (pid: 13505 comm: kworker/1:1) [ 1235.249022][T13505] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 1235.416347][T13505] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1235.416377][T13505] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1235.418995][T13505] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1235.419027][T13505] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1235.419051][T13505] usb 4-1: SerialNumber: syz [ 1235.715874][T13505] usb 4-1: 0:2 : does not exist [ 1235.815197][T13505] usb 4-1: USB disconnect, device number 55 [ 1237.029085][T18063] netlink: 20 bytes leftover after parsing attributes in process `syz.1.18261'. [ 1237.517229][T18063] nbd: socks must be embedded in a SOCK_ITEM attr [ 1240.352195][T18142] netlink: 'syz.1.18293': attribute type 2 has an invalid length. [ 1241.933124][T18172] netlink: 196 bytes leftover after parsing attributes in process `syz.0.18306'. [ 1242.317698][T18187] netlink: 'syz.2.18312': attribute type 10 has an invalid length. [ 1242.317745][T18187] batadv0: left promiscuous mode [ 1242.320448][T18187] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1242.363231][T18187] batadv0: entered promiscuous mode [ 1242.586923][T18187] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 1242.587495][T18188] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1242.587525][T18188] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1242.651925][T18188] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1242.651959][T18188] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1242.949247][T18188] bond0: (slave batadv0): Releasing backup interface [ 1242.981983][T18188] batadv0 (unregistering): left promiscuous mode [ 1248.017230][T13505] usb 3-1: new high-speed USB device number 57 using dummy_hcd [ 1248.185878][T13505] usb 3-1: Using ep0 maxpacket: 8 [ 1248.188332][T13505] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1248.188365][T13505] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1248.188395][T13505] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1248.188424][T13505] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1248.188472][T13505] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1248.188499][T13505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1248.451579][T13505] usb 3-1: GET_CAPABILITIES returned 0 [ 1248.451632][T13505] usbtmc 3-1:16.0: can't read capabilities [ 1248.677924][T13505] usb 3-1: USB disconnect, device number 57 [ 1249.338628][ T69] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1249.966957][ T69] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1250.598498][ T69] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1250.758904][ T5820] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1250.782348][ T5820] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1250.807581][ T5820] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1250.847392][ T5820] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1250.876071][ T5820] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1251.352510][ T69] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1251.687912][T18376] wlan0 speed is unknown, defaulting to 1000 [ 1252.888789][ T69] team0: left allmulticast mode [ 1252.888816][ T69] team_slave_0: left allmulticast mode [ 1252.889060][ T69] team_slave_1: left allmulticast mode [ 1252.889083][ T69] geneve0: left allmulticast mode [ 1252.896017][ T69] bridge0: port 2(team0) entered disabled state [ 1253.063689][ T69] bridge_slave_0: left allmulticast mode [ 1253.063722][ T69] bridge_slave_0: left promiscuous mode [ 1253.064007][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 1253.106544][ T5820] Bluetooth: hci2: command tx timeout [ 1253.732576][ T69] bridge_slave_1: left promiscuous mode [ 1255.357579][T15220] Bluetooth: hci2: command tx timeout [ 1256.165686][T18485] option changes via remount are deprecated (pid=18480 comm=syz.3.18425) [ 1256.165715][T18485] cgroup: option or name mismatch, new: 0x2 "nofavordynmods", old: 0x0 "" [ 1256.412073][ T5893] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 1256.603421][ T5893] usb 2-1: Using ep0 maxpacket: 16 [ 1256.645388][ T5893] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1256.645513][ T5893] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1256.645533][ T5893] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1256.645603][ T5893] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 1256.645661][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1256.880980][ T5893] usb 2-1: config 0 descriptor?? [ 1257.588526][ T5893] hid_parser_main: 449 callbacks suppressed [ 1257.588654][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.603299][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.603797][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.604140][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.604429][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.604858][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.605212][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.605500][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.605853][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.606206][ T5893] cougar 0003:060B:500A.003E: unknown main item tag 0x0 [ 1257.664142][ T5820] Bluetooth: hci2: command tx timeout [ 1257.690398][ T5893] cougar 0003:060B:500A.003E: unexpected long global item [ 1257.705880][ T5893] cougar 0003:060B:500A.003E: parse failed [ 1257.706244][ T5893] cougar 0003:060B:500A.003E: probe with driver cougar failed with error -22 [ 1257.738358][ T69] geneve0 (unregistering): left promiscuous mode [ 1257.774123][ T5893] usb 2-1: USB disconnect, device number 44 [ 1257.779555][ T69] team0: Port device geneve0 removed [ 1257.969814][ T69] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 1259.865162][ T5820] Bluetooth: hci2: command tx timeout [ 1260.734032][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1260.838396][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1260.927849][ T69] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface [ 1260.956106][ T69] bond0 (unregistering): Released all slaves [ 1262.405652][ T69] bond1 (unregistering): Released all slaves [ 1262.435730][ T69] bond2 (unregistering): Released all slaves [ 1262.460095][ T69] bond3 (unregistering): Released all slaves [ 1263.161832][T18631] loop4: detected capacity change from 0 to 7 [ 1263.167164][T18631] buffer_io_error: 138 callbacks suppressed [ 1263.167187][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167240][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167283][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167321][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167386][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167439][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167477][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167499][T18631] ldm_validate_partition_table(): Disk read failed. [ 1263.167532][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167569][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167607][T18631] Buffer I/O error on dev loop4, logical block 0, async page read [ 1263.167648][T18631] Dev loop4: unable to read RDB block 0 [ 1263.167730][T18631] loop4: unable to read partition table [ 1263.167957][T18631] loop4: partition table beyond EOD, truncated [ 1263.167979][T18631] loop_reread_partitions: partition scan of loop4 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 1263.733140][T18376] chnl_net:caif_netlink_parms(): no params data found [ 1264.541834][T18376] bridge0: port 1(bridge_slave_0) entered blocking state [ 1264.542069][T18376] bridge0: port 1(bridge_slave_0) entered disabled state [ 1264.542341][T18376] bridge_slave_0: entered allmulticast mode [ 1264.569535][T18376] bridge_slave_0: entered promiscuous mode [ 1264.574614][T18376] bridge0: port 2(bridge_slave_1) entered blocking state [ 1264.584757][T18376] bridge0: port 2(bridge_slave_1) entered disabled state [ 1264.585586][T18376] bridge_slave_1: entered allmulticast mode [ 1264.609662][T18376] bridge_slave_1: entered promiscuous mode [ 1264.761137][ T806] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 1264.988832][ T806] usb 2-1: Using ep0 maxpacket: 16 [ 1264.991821][ T806] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1264.991858][ T806] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1264.991886][ T806] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 1264.991918][ T806] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1264.991954][ T806] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 1264.991981][ T806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1264.996484][ T806] usb 2-1: config 0 descriptor?? [ 1265.157480][ T69] tipc: Disabling bearer [ 1265.172767][ T69] tipc: Left network mode [ 1265.178482][T18376] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1265.211547][T18376] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1265.458954][ T69] IPVS: stopping backup sync thread 2492 ... [ 1265.725797][ T806] usb 2-1: USB disconnect, device number 45 [ 1265.872908][T18376] team0: Port device team_slave_0 added [ 1265.883590][T18376] team0: Port device team_slave_1 added [ 1266.638604][T18376] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1266.638624][T18376] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1266.638655][T18376] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1266.641230][T18376] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1266.641247][T18376] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1266.641276][T18376] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1267.712885][T18376] hsr_slave_0: entered promiscuous mode [ 1267.717196][T18376] hsr_slave_1: entered promiscuous mode [ 1267.731850][T18376] debugfs: 'hsr0' already exists in 'hsr' [ 1267.731883][T18376] Cannot create hsr debugfs directory [ 1268.023780][T19053] vcan0: tx drop: invalid da for name 0x00000000000000c7 [ 1268.087330][ T5893] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 1268.249880][ T5893] usb 4-1: Using ep0 maxpacket: 8 [ 1268.252162][ T5893] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1268.252192][ T5893] usb 4-1: config 0 has no interfaces? [ 1268.254925][ T5893] usb 4-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64 [ 1268.254959][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1268.254983][ T5893] usb 4-1: Product: syz [ 1268.255001][ T5893] usb 4-1: Manufacturer: syz [ 1268.255030][ T5893] usb 4-1: SerialNumber: syz [ 1268.275010][ T5893] usb 4-1: config 0 descriptor?? [ 1268.488122][ T5893] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 1268.563054][T19032] ALSA: mixer_oss: invalid OSS volume '' [ 1268.563081][T19032] ALSA: mixer_oss: invalid index 1374389 [ 1268.581651][ T5932] usb 4-1: USB disconnect, device number 56 [ 1268.660725][ T5893] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1268.660780][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1268.660805][ T5893] usb 2-1: Product: syz [ 1268.660822][ T5893] usb 2-1: Manufacturer: syz [ 1268.660839][ T5893] usb 2-1: SerialNumber: syz [ 1268.711096][ T5893] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1268.858266][ T806] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1269.037761][T19119] netlink: 27 bytes leftover after parsing attributes in process `syz.2.18561'. [ 1269.681616][T19137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1269.682882][T19137] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1269.916702][T19171] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 1270.004994][ T806] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1270.005555][ T806] ath9k_htc: Failed to initialize the device [ 1270.168899][T19177] netlink: 52 bytes leftover after parsing attributes in process `syz.3.18574'. [ 1270.255484][T13505] kernel write not supported for file /zero (pid: 13505 comm: kworker/1:1) [ 1270.423861][ T806] usb 2-1: ath9k_htc: USB layer deinitialized [ 1270.592045][ T5992] usb 2-1: USB disconnect, device number 46 [ 1270.720287][T19207] input: syz0 as /devices/virtual/input/input109 [ 1271.041523][T18376] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1271.146505][T18376] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1271.218094][T18376] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1271.346121][T18376] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1271.576319][ T69] hsr_slave_0: left promiscuous mode [ 1271.620291][ T69] hsr_slave_1: left promiscuous mode [ 1271.621889][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1271.658944][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1275.018709][T19363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18652'. [ 1276.614535][ T69] team_slave_1 (unregistering): left promiscuous mode [ 1276.636371][ T69] team0 (unregistering): Port device team_slave_1 removed [ 1276.853492][ T69] team_slave_0 (unregistering): left promiscuous mode [ 1276.897009][ T69] team0 (unregistering): Port device team_slave_0 removed [ 1280.217902][T19519] kAFS: unable to lookup cell '(,' [ 1280.283645][T19363] hsr_slave_0: left promiscuous mode [ 1280.331029][T19363] hsr_slave_1: left promiscuous mode [ 1280.695981][T19547] loop5: detected capacity change from 0 to 7 [ 1280.741035][T19547] Dev loop5: unable to read RDB block 7 [ 1280.741074][T19547] loop5: AHDI p1 p2 p3 [ 1280.741102][T19547] loop5: partition table partially beyond EOD, truncated [ 1280.742027][T19547] loop5: p1 size 16318467 extends beyond EOD, truncated [ 1280.802994][T19547] loop5: p2 start 167772160 is beyond EOD, truncated [ 1280.852806][T18376] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1280.999537][T18376] 8021q: adding VLAN 0 to HW filter on device team0 [ 1281.045651][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1281.047000][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1281.130574][ T1469] bridge0: port 2(bridge_slave_1) entered blocking state [ 1281.130759][ T1469] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1281.391815][ T5893] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 1281.586704][ T5893] usb 4-1: Using ep0 maxpacket: 16 [ 1281.589235][ T5893] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1281.589267][ T5893] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1281.645456][ T5893] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1281.645489][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1281.645510][ T5893] usb 4-1: Product: syz [ 1281.645525][ T5893] usb 4-1: Manufacturer: syz [ 1281.645540][ T5893] usb 4-1: SerialNumber: syz [ 1281.961618][ T5893] usb 4-1: 0:2 : does not exist [ 1281.972389][ T5893] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 1282.013366][ T5893] usb 4-1: USB disconnect, device number 57 [ 1282.128679][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805c8e2c00: rx timeout, send abort [ 1282.134081][T18376] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1282.134171][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805c8e2c00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 1282.190116][ T69] IPVS: stop unused estimator thread 0... [ 1283.099379][T18376] veth0_vlan: entered promiscuous mode [ 1283.164348][T18376] veth1_vlan: entered promiscuous mode [ 1283.364949][T18376] veth0_macvtap: entered promiscuous mode [ 1283.387210][T18376] veth1_macvtap: entered promiscuous mode [ 1283.433015][T18376] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1283.495741][T18376] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1283.536903][ T5932] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 1283.556532][ T4828] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.556587][ T4828] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.556627][ T4828] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.556668][ T4828] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.701579][ T5932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1283.701610][ T5932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1283.701631][ T5932] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1283.701669][ T5932] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1283.701691][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1283.709494][ T5932] usb 2-1: config 0 descriptor?? [ 1284.251521][ T5932] hid_parser_main: 73 callbacks suppressed [ 1284.251551][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.251585][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.251612][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.251640][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.251669][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.251714][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.266839][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.266875][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.266902][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.266930][ T5932] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 1284.365702][ T5932] plantronics 0003:047F:FFFF.0040: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1284.494676][T13505] usb 2-1: USB disconnect, device number 47 [ 1284.538020][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1284.538044][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1284.768488][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1284.768513][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1284.908026][T19701] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input110 [ 1285.993490][T19740] netlink: 277 bytes leftover after parsing attributes in process `syz.1.18790'. [ 1287.950106][T13505] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 1288.111878][T13505] usb 3-1: Using ep0 maxpacket: 32 [ 1288.114480][T13505] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40 [ 1288.114513][T13505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1288.149239][T13505] usb 3-1: config 0 descriptor?? [ 1288.405963][T13505] dvb-usb: found a 'Elgato EyeTV DTT' in warm state. [ 1288.420341][T13505] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1288.421621][T13505] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT) [ 1288.421693][T13505] usb 3-1: media controller created [ 1288.484753][T13505] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1288.605455][T13505] DVB: Unable to find symbol dib7000p_attach() [ 1288.605475][T13505] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT' [ 1288.718990][T13505] rc_core: IR keymap rc-dib0700-rc5 not found [ 1288.719014][T13505] Registered IR keymap rc-empty [ 1288.719350][T13505] dvb-usb: could not initialize remote control. [ 1288.719363][T13505] dvb-usb: Elgato EyeTV DTT successfully initialized and connected. [ 1288.760871][T13505] usb 3-1: USB disconnect, device number 58 [ 1288.864028][T13505] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected. [ 1291.047462][T15220] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1291.095738][T15220] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1291.102057][T15220] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1291.123723][T15220] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1291.124856][T15220] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1291.200911][ T43] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1291.286353][T19950] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18874'. [ 1291.398534][T19954] wlan0 speed is unknown, defaulting to 1000 [ 1291.669439][ T43] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1292.010485][ T43] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1292.508502][ T43] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1293.103628][ T5932] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 1293.271916][ T5932] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1293.271944][ T5932] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1293.273034][ T5932] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1293.273060][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1293.273079][ T5932] usb 3-1: SerialNumber: syz [ 1293.362044][ T43] bridge_slave_1: left allmulticast mode [ 1293.362075][ T43] bridge_slave_1: left promiscuous mode [ 1293.362352][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 1293.406942][ T5820] Bluetooth: hci2: command tx timeout [ 1293.485319][ T43] bridge_slave_0: left allmulticast mode [ 1293.485352][ T43] bridge_slave_0: left promiscuous mode [ 1293.485618][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 1293.563790][ T5932] usb 3-1: 0:2 : does not exist [ 1293.603767][ T5932] usb 3-1: USB disconnect, device number 59 [ 1294.588943][ T5990] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 1294.775814][ T5990] usb 3-1: Using ep0 maxpacket: 8 [ 1294.781593][ T5990] usb 3-1: config index 0 descriptor too short (expected 74, got 45) [ 1294.781666][ T5990] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 1294.781697][ T5990] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1294.781725][ T5990] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 1294.781756][ T5990] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1294.781784][ T5990] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1294.781831][ T5990] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1294.781859][ T5990] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1295.154692][ T5990] usb 3-1: usb_control_msg returned -32 [ 1295.154745][ T5990] usbtmc 3-1:16.0: can't read capabilities [ 1295.671354][ T5820] Bluetooth: hci2: command tx timeout [ 1296.745764][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1296.809831][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1296.841142][ T43] bond0 (unregistering): Released all slaves [ 1297.565091][T13505] usb 3-1: USB disconnect, device number 60 [ 1297.913864][ T5820] Bluetooth: hci2: command tx timeout [ 1298.158668][T19954] chnl_net:caif_netlink_parms(): no params data found [ 1298.405109][T20321] loop8: detected capacity change from 0 to 8 [ 1298.427110][T20321] Dev loop8: unable to read RDB block 8 [ 1298.427146][T20321] loop8: unable to read partition table [ 1298.427301][T20321] loop8: partition table beyond EOD, truncated [ 1298.427316][T20321] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1299.270903][ T9117] Bluetooth: hci5: Frame reassembly failed (-84) [ 1299.271000][ T9117] Bluetooth: hci5: Frame reassembly failed (-84) [ 1299.271081][ T9117] Bluetooth: hci5: Frame reassembly failed (-84) [ 1299.271163][ T9117] Bluetooth: hci5: Frame reassembly failed (-84) [ 1299.271242][ T9117] Bluetooth: hci5: Frame reassembly failed (-84) [ 1299.271322][ T9117] Bluetooth: hci5: Frame reassembly failed (-84) [ 1299.894787][T19954] bridge0: port 1(bridge_slave_0) entered blocking state [ 1299.918436][T19954] bridge0: port 1(bridge_slave_0) entered disabled state [ 1299.918729][T19954] bridge_slave_0: entered allmulticast mode [ 1299.939332][T19954] bridge_slave_0: entered promiscuous mode [ 1299.998721][T19954] bridge0: port 2(bridge_slave_1) entered blocking state [ 1299.998858][T19954] bridge0: port 2(bridge_slave_1) entered disabled state [ 1299.999068][T19954] bridge_slave_1: entered allmulticast mode [ 1300.070825][T19954] bridge_slave_1: entered promiscuous mode [ 1300.179540][T15220] Bluetooth: hci2: command tx timeout [ 1300.473016][ T43] hsr_slave_0: left promiscuous mode [ 1300.516864][ T43] hsr_slave_1: left promiscuous mode [ 1300.519949][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1300.520309][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1300.582181][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1300.582213][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1300.750557][ T43] veth1_macvtap: left promiscuous mode [ 1300.750778][ T43] veth0_macvtap: left promiscuous mode [ 1300.751033][ T43] veth1_vlan: left promiscuous mode [ 1300.751332][ T43] veth0_vlan: left promiscuous mode [ 1301.502329][T15220] Bluetooth: hci5: command 0x1003 tx timeout [ 1301.535458][ T5820] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1302.276968][T15220] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1302.302039][T15220] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1302.307831][T15220] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1302.311990][T15220] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1302.343600][T15220] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1303.952079][T20567] loop5: detected capacity change from 0 to 7 [ 1303.960262][T20567] Dev loop5: unable to read RDB block 7 [ 1303.960324][T20567] loop5: unable to read partition table [ 1303.960575][T20567] loop5: partition table beyond EOD, truncated [ 1303.960596][T20567] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5) [ 1304.686782][T15220] Bluetooth: hci5: command tx timeout [ 1304.876479][T20594] input: syz1 as /devices/virtual/input/input112 [ 1306.420773][ T43] team0 (unregistering): Port device team_slave_1 removed [ 1306.907125][ T43] team0 (unregistering): Port device team_slave_0 removed [ 1306.963065][T15220] Bluetooth: hci5: command tx timeout [ 1309.193587][T15220] Bluetooth: hci5: command tx timeout [ 1309.517438][ T5932] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 1309.723419][ T5932] usb 2-1: Using ep0 maxpacket: 16 [ 1309.725948][ T5932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1309.725974][ T5932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1309.726003][ T5932] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1309.726021][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1309.729905][ T5932] usb 2-1: config 0 descriptor?? [ 1310.177535][ T5932] hid_parser_main: 28 callbacks suppressed [ 1310.177555][ T5932] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0 [ 1310.177578][ T5932] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0 [ 1310.177598][ T5932] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0 [ 1310.177618][ T5932] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0 [ 1310.177638][ T5932] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0 [ 1310.178971][ T5932] mcp2221 0003:04D8:00DD.0041: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 1310.430810][ T5932] usb 2-1: USB disconnect, device number 48 [ 1311.435830][T15220] Bluetooth: hci5: command tx timeout [ 1311.578352][T19954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1311.604381][T19954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1312.015815][T19954] team0: Port device team_slave_0 added [ 1312.073277][T19954] team0: Port device team_slave_1 added [ 1312.073362][T20506] wlan0 speed is unknown, defaulting to 1000 [ 1312.440765][T19954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1312.440784][T19954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1312.440813][T19954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1312.489706][T19954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1312.489726][T19954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1312.489757][T19954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1313.164301][T20981] netlink: 64 bytes leftover after parsing attributes in process `syz.1.19183'. [ 1313.164331][T20981] nbd: must specify at least one socket [ 1313.252301][T20987] netlink: 'syz.1.19184': attribute type 6 has an invalid length. [ 1313.293380][T19954] hsr_slave_0: entered promiscuous mode [ 1313.301018][T19954] hsr_slave_1: entered promiscuous mode [ 1313.328480][T19954] debugfs: 'hsr0' already exists in 'hsr' [ 1313.328505][T19954] Cannot create hsr debugfs directory [ 1313.557285][T21014] netlink: 3 bytes leftover after parsing attributes in process `syz.1.19187'. [ 1313.557308][T21014] netlink: 12 bytes leftover after parsing attributes in process `syz.1.19187'. [ 1313.986636][T21038] bridge6: entered promiscuous mode [ 1313.986665][T21038] bridge6: entered allmulticast mode [ 1314.006347][T21038] team0: Port device bridge6 added [ 1314.126210][T21047] bridge0: port 2(team0) entered blocking state [ 1314.130975][T21047] bridge0: port 2(team0) entered disabled state [ 1314.131284][T21047] team0: entered allmulticast mode [ 1314.131305][T21047] team_slave_0: entered allmulticast mode [ 1314.131420][T21047] team_slave_1: entered allmulticast mode [ 1314.131441][T21047] bond7: entered allmulticast mode [ 1314.333514][T21060] Bluetooth: MGMT ver 1.23 [ 1315.596558][T19954] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1315.746166][T19954] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1315.808844][T19954] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1315.862076][T19954] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1315.944775][T20506] chnl_net:caif_netlink_parms(): no params data found [ 1316.710317][T20506] bridge0: port 1(bridge_slave_0) entered blocking state [ 1316.710623][T20506] bridge0: port 1(bridge_slave_0) entered disabled state [ 1316.710855][T20506] bridge_slave_0: entered allmulticast mode [ 1316.736317][T20506] bridge_slave_0: entered promiscuous mode [ 1316.752126][T20506] bridge0: port 2(bridge_slave_1) entered blocking state [ 1316.752338][T20506] bridge0: port 2(bridge_slave_1) entered disabled state [ 1316.752625][T20506] bridge_slave_1: entered allmulticast mode [ 1316.756994][T20506] bridge_slave_1: entered promiscuous mode [ 1317.044290][T20506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1317.077015][T20506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1317.346346][T20506] team0: Port device team_slave_0 added [ 1317.354060][T20506] team0: Port device team_slave_1 added [ 1317.672561][T20506] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1317.672580][T20506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1317.672610][T20506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1317.727670][T20506] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1317.727689][T20506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1317.727723][T20506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1318.163784][ T5893] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 1318.323356][T20506] hsr_slave_0: entered promiscuous mode [ 1318.332962][T20506] hsr_slave_1: entered promiscuous mode [ 1318.334040][T20506] debugfs: 'hsr0' already exists in 'hsr' [ 1318.334061][ T5893] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1318.334069][T20506] Cannot create hsr debugfs directory [ 1318.334097][ T5893] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1318.336612][ T5893] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1318.336644][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1318.336669][ T5893] usb 2-1: SerialNumber: syz [ 1318.633797][ T5893] usb 2-1: 0:2 : does not exist [ 1318.699755][ T5893] usb 2-1: USB disconnect, device number 49 [ 1318.824577][T19954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1319.153528][T19954] 8021q: adding VLAN 0 to HW filter on device team0 [ 1319.206931][ T815] bridge0: port 1(bridge_slave_0) entered blocking state [ 1319.207147][ T815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1319.349532][ T9117] bridge0: port 2(bridge_slave_1) entered blocking state [ 1319.362128][ T9117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1319.406449][T21590] netlink: 256 bytes leftover after parsing attributes in process `syz.1.19272'. [ 1319.955422][T20506] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1320.132332][T20506] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1320.218299][T21628] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.19280'. [ 1320.291204][T20506] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1320.404061][T20506] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1320.814087][T19954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1321.059341][T20506] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1321.128837][T20506] 8021q: adding VLAN 0 to HW filter on device team0 [ 1321.152908][T21659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19290'. [ 1321.220807][ T815] bridge0: port 1(bridge_slave_0) entered blocking state [ 1321.220957][ T815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1321.274260][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1321.274408][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1322.056156][T20506] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1322.169958][T19954] veth0_vlan: entered promiscuous mode [ 1322.195947][T19954] veth1_vlan: entered promiscuous mode [ 1322.290215][T19954] veth0_macvtap: entered promiscuous mode [ 1322.367111][T19954] veth1_macvtap: entered promiscuous mode [ 1322.464311][ T5893] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 1322.494489][T19954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1322.576935][T19954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1322.619362][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1322.621530][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1322.622527][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1322.659825][ T815] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1322.665116][ T5893] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1322.665156][ T5893] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1322.665183][ T5893] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1322.665230][ T5893] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1322.665259][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1322.732421][ T5893] usb 2-1: config 0 descriptor?? [ 1323.272700][ T5893] plantronics 0003:047F:FFFF.0042: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1323.449744][T13505] usb 2-1: USB disconnect, device number 50 [ 1323.570789][T20506] veth0_vlan: entered promiscuous mode [ 1323.603769][T22734] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1323.603791][T22734] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1323.652974][T20506] veth1_vlan: entered promiscuous mode [ 1323.796499][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1323.796523][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1323.878279][T20506] veth0_macvtap: entered promiscuous mode [ 1323.929001][T20506] veth1_macvtap: entered promiscuous mode [ 1324.047935][T20506] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1324.140452][T20506] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1324.184897][ T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1324.185544][ T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1324.185599][ T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1324.218203][ T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1325.360068][ T1469] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1325.360093][ T1469] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1325.620472][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1325.620498][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1326.041840][T21820] input: syz0 as /devices/virtual/input/input115 [ 1326.256400][ T8737] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 1326.432393][ T8737] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1326.432423][ T8737] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1326.434663][ T8737] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1326.434691][ T8737] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1326.434713][ T8737] usb 2-1: SerialNumber: syz [ 1326.440456][T13505] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 1326.646231][T13505] usb 7-1: Using ep0 maxpacket: 8 [ 1326.648765][T13505] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 1326.648794][T13505] usb 7-1: config 179 has no interface number 0 [ 1326.648845][T13505] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1326.648877][T13505] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 1326.648910][T13505] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1326.648941][T13505] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 1326.648972][T13505] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1326.649021][T13505] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1326.649048][T13505] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1326.784849][T21831] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 1326.813683][ T8737] usb 2-1: 0:2 : does not exist [ 1326.972582][ T8737] usb 2-1: USB disconnect, device number 51 [ 1327.056664][T19666] usb 7-1: USB disconnect, device number 2 [ 1327.056787][ C1] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1327.056857][ C1] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1327.575283][T21901] input: syz0 as /devices/virtual/input/input116 [ 1328.071531][T21924] syzkaller1: entered promiscuous mode [ 1328.071561][T21924] syzkaller1: entered allmulticast mode [ 1328.553111][T24645] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 1328.745953][T24645] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1328.746033][T24645] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1328.746082][T24645] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1328.746113][T24645] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1328.796624][T24645] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1328.796662][T24645] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1328.796688][T24645] usb 2-1: Product: syz [ 1328.796705][T24645] usb 2-1: Manufacturer: syz [ 1328.796723][T24645] usb 2-1: SerialNumber: syz [ 1329.305913][ T5992] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 1329.506546][ T5992] usb 7-1: Using ep0 maxpacket: 32 [ 1329.508720][ T5992] usb 7-1: config index 0 descriptor too short (expected 164, got 36) [ 1329.508786][ T5992] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1329.508818][ T5992] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1329.508862][ T5992] usb 7-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 1329.508889][ T5992] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1329.513879][ T5992] usb 7-1: config 0 descriptor?? [ 1329.939052][T24645] cdc_ncm 2-1:1.0: bind() failure [ 1329.963509][ T5992] logitech 0003:046D:C29C.0043: unknown main item tag 0x0 [ 1329.963538][ T5992] logitech 0003:046D:C29C.0043: unknown main item tag 0x0 [ 1329.963558][ T5992] logitech 0003:046D:C29C.0043: unknown main item tag 0x0 [ 1329.963578][ T5992] logitech 0003:046D:C29C.0043: unknown main item tag 0x0 [ 1329.963598][ T5992] logitech 0003:046D:C29C.0043: unknown main item tag 0x0 [ 1329.971828][ T5992] logitech 0003:046D:C29C.0043: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.6-1/input0 [ 1330.021371][T24645] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71 [ 1330.023170][T24645] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71 [ 1330.026065][T24645] usbtest 2-1:1.1: probe with driver usbtest failed with error -71 [ 1330.063014][T24645] usb 2-1: USB disconnect, device number 52 [ 1330.394632][ T5992] logitech 0003:046D:C29C.0043: no inputs found [ 1330.418447][ T5992] usb 7-1: USB disconnect, device number 3 [ 1330.724392][T22062] loop8: detected capacity change from 0 to 7 [ 1330.725375][T22062] Dev loop8: unable to read RDB block 7 [ 1330.725422][T22062] loop8: unable to read partition table [ 1330.725646][T22062] loop8: partition table beyond EOD, truncated [ 1330.725670][T22062] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1331.104930][T22081] netlink: 20 bytes leftover after parsing attributes in process `syz.6.19423'. [ 1331.409844][T22095] sch_tbf: burst 0 is lower than device lo mtu (81) ! [ 1331.798924][T22122] GUP no longer grows the stack in syz.1.19437 (22122): 200000002000-200000005000 (200000001000) [ 1331.798970][T22122] CPU: 0 UID: 0 PID: 22122 Comm: syz.1.19437 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1331.799005][T22122] Tainted: [L]=SOFTLOCKUP [ 1331.799015][T22122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1331.799031][T22122] Call Trace: [ 1331.799042][T22122] [ 1331.799052][T22122] dump_stack_lvl+0xe8/0x150 [ 1331.799094][T22122] __get_user_pages+0x22c8/0x2830 [ 1331.799143][T22122] ? __gup_longterm_locked+0x307/0x1660 [ 1331.799186][T22122] ? try_get_folio+0xec/0x660 [ 1331.799232][T22122] __gup_longterm_locked+0x3dc/0x1660 [ 1331.799281][T22122] ? try_get_folio+0x633/0x660 [ 1331.799334][T22122] gup_fast_fallback+0x1c95/0x21f0 [ 1331.799402][T22122] ? __pfx_gup_fast_fallback+0x10/0x10 [ 1331.799436][T22122] ? rcu_is_watching+0x15/0xb0 [ 1331.799460][T22122] ? is_valid_gup_args+0x11f/0x200 [ 1331.799495][T22122] ? pin_user_pages_fast+0x4d/0xb0 [ 1331.799532][T22122] get_vaddr_frames+0x86/0x210 [ 1331.799568][T22122] vb2_create_framevec+0x58/0xd0 [ 1331.799594][T22122] vb2_vmalloc_get_userptr+0x108/0x450 [ 1331.799628][T22122] ? __pfx_vb2_vmalloc_get_userptr+0x10/0x10 [ 1331.799658][T22122] __buf_prepare+0xf49/0x4730 [ 1331.799706][T22122] ? __pfx___buf_prepare+0x10/0x10 [ 1331.799752][T22122] ? is_bpf_text_address+0x26/0x2b0 [ 1331.799791][T22122] ? is_bpf_text_address+0x292/0x2b0 [ 1331.799822][T22122] ? is_bpf_text_address+0x26/0x2b0 [ 1331.799853][T22122] ? tomoyo_path_number_perm+0x47a/0x5a0 [ 1331.799890][T22122] ? kernel_text_address+0xa5/0xe0 [ 1331.799932][T22122] ? __kernel_text_address+0xd/0x40 [ 1331.799968][T22122] ? unwind_get_return_address+0x4d/0x90 [ 1331.800000][T22122] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1331.800031][T22122] ? arch_stack_walk+0xfc/0x150 [ 1331.800077][T22122] ? stack_trace_save+0x9c/0xe0 [ 1331.800107][T22122] ? __pfx_stack_trace_save+0x10/0x10 [ 1331.800205][T22122] vb2_core_prepare_buf+0xad/0x2c0 [ 1331.800241][T22122] v4l2_m2m_ioctl_prepare_buf+0x160/0x440 [ 1331.800276][T22122] ? v4l_prepare_buf+0x71/0xd0 [ 1331.800317][T22122] __video_do_ioctl+0xa5c/0xc10 [ 1331.800358][T22122] ? __pfx___video_do_ioctl+0x10/0x10 [ 1331.800404][T22122] video_usercopy+0x82a/0x13f0 [ 1331.800445][T22122] ? __pfx___video_do_ioctl+0x10/0x10 [ 1331.800473][T22122] ? __pfx_video_usercopy+0x10/0x10 [ 1331.800500][T22122] ? smack_file_ioctl+0x2ac/0x340 [ 1331.800552][T22122] ? __fget_files+0x2a/0x420 [ 1331.800577][T22122] ? __fget_files+0x3a6/0x420 [ 1331.800607][T22122] v4l2_ioctl+0x190/0x1e0 [ 1331.800635][T22122] ? __pfx_v4l2_ioctl+0x10/0x10 [ 1331.800661][T22122] __se_sys_ioctl+0xff/0x170 [ 1331.800698][T22122] do_syscall_64+0xec/0xf80 [ 1331.800726][T22122] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1331.800750][T22122] ? trace_irq_disable+0x37/0x100 [ 1331.800775][T22122] ? clear_bhb_loop+0x60/0xb0 [ 1331.800826][T22122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1331.800850][T22122] RIP: 0033:0x7f506ca4f749 [ 1331.800874][T22122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1331.800896][T22122] RSP: 002b:00007f506acae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1331.800925][T22122] RAX: ffffffffffffffda RBX: 00007f506cca5fa0 RCX: 00007f506ca4f749 [ 1331.800944][T22122] RDX: 0000200000002dc0 RSI: 00000000c058565d RDI: 0000000000000003 [ 1331.800961][T22122] RBP: 00007f506cad3f91 R08: 0000000000000000 R09: 0000000000000000 [ 1331.800977][T22122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1331.800993][T22122] R13: 00007f506cca6038 R14: 00007f506cca5fa0 R15: 00007ffdaf478898 [ 1331.801033][T22122] [ 1332.284091][T22131] netlink: 36 bytes leftover after parsing attributes in process `syz.2.19441'. [ 1333.667623][T22199] input: syz0 as /devices/virtual/input/input117 [ 1334.603757][T22240] loop8: detected capacity change from 0 to 8 [ 1334.658737][T22240] Dev loop8: unable to read RDB block 8 [ 1334.658790][T22240] loop8: unable to read partition table [ 1334.659034][T22240] loop8: partition table beyond EOD, truncated [ 1334.659055][T22240] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1334.663400][ T37] audit: type=1326 audit(1282.142:4220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.697746][ T37] audit: type=1326 audit(1282.188:4221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.715598][ T37] audit: type=1326 audit(1282.188:4222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.768329][ T37] audit: type=1326 audit(1282.244:4223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.768450][ T37] audit: type=1326 audit(1282.244:4224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.814606][ T37] audit: type=1326 audit(1282.280:4225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.817022][ T37] audit: type=1326 audit(1282.299:4226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.817713][ T37] audit: type=1326 audit(1282.299:4227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1334.818186][ T37] audit: type=1326 audit(1282.299:4228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22242 comm="syz.7.19488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1335.010294][ T5820] Bluetooth: hci5: command 0x0405 tx timeout [ 1336.815607][T22330] netlink: 60 bytes leftover after parsing attributes in process `syz.2.19520'. [ 1336.815878][T22330] netlink: 60 bytes leftover after parsing attributes in process `syz.2.19520'. [ 1338.067170][T22396] loop8: detected capacity change from 0 to 8 [ 1338.119427][T22396] Dev loop8: unable to read RDB block 8 [ 1338.119482][T22396] loop8: unable to read partition table [ 1338.120921][T22396] loop8: partition table beyond EOD, truncated [ 1338.120980][T22396] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1338.250869][ T5992] usb 2-1: new high-speed USB device number 53 using dummy_hcd [ 1338.413301][ T5992] usb 2-1: Using ep0 maxpacket: 32 [ 1338.415794][ T5992] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1338.415829][ T5992] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1338.415873][ T5992] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 1338.415900][ T5992] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1338.421174][ T5992] usb 2-1: config 0 descriptor?? [ 1338.813590][ T37] audit: type=1326 audit(1285.972:4229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22418 comm="syz.2.19550" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f48d071f749 code=0x0 [ 1338.885756][ T5992] ft260 0003:0403:6030.0044: unknown main item tag 0x0 [ 1338.885798][ T5992] ft260 0003:0403:6030.0044: unknown main item tag 0x0 [ 1339.113663][ T5992] ft260 0003:0403:6030.0044: chip code: 0000 0000 [ 1339.181492][T24645] page_pool_release_retry() stalled pool shutdown: id 76, 1 inflight 60 sec [ 1339.587376][ T5992] usb 2-1: USB disconnect, device number 53 [ 1340.230305][T22501] Invalid argument reading file caps for ./file0 [ 1340.579084][T19666] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 1340.717731][ T37] audit: type=1326 audit(1287.735:4230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22478 comm="syz.7.19572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7fc00000 [ 1340.741627][T19666] usb 2-1: Using ep0 maxpacket: 16 [ 1340.754557][T19666] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1340.754599][T19666] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1340.754621][T19666] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1340.793594][T19666] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1340.793631][T19666] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1340.793657][T19666] usb 2-1: Product: syz [ 1340.793674][T19666] usb 2-1: Manufacturer: syz [ 1340.793692][T19666] usb 2-1: SerialNumber: syz [ 1341.109504][T22535] netlink: 20 bytes leftover after parsing attributes in process `syz.2.19597'. [ 1341.293624][T19666] usb 2-1: 0:2 : does not exist [ 1341.954098][T22562] tun0: tun_chr_ioctl cmd 1074025675 [ 1341.954135][T22562] tun0: persist enabled [ 1341.954651][T22562] tun0: tun_chr_ioctl cmd 1074025675 [ 1341.954672][T22562] tun0: persist enabled [ 1342.004262][T19666] usb 2-1: 1:0: failed to get current value for ch 0 (-22) [ 1342.074305][T19666] usb 2-1: USB disconnect, device number 54 [ 1342.250356][T22592] pim6reg1: entered promiscuous mode [ 1342.250385][T22592] pim6reg1: entered allmulticast mode [ 1343.874592][ T37] audit: type=1326 audit(1290.652:4231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.881557][ T37] audit: type=1326 audit(1290.652:4232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.881616][ T37] audit: type=1326 audit(1290.652:4233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.882119][ T37] audit: type=1326 audit(1290.652:4234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.882588][ T37] audit: type=1326 audit(1290.652:4235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.948435][ T37] audit: type=1326 audit(1290.698:4236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.948502][ T37] audit: type=1326 audit(1290.698:4237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.948539][ T37] audit: type=1326 audit(1290.698:4238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1343.948575][ T37] audit: type=1326 audit(1290.707:4239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22648 comm="syz.6.19638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1344.545342][ T5992] usb 3-1: new high-speed USB device number 61 using dummy_hcd [ 1344.712524][ T5992] usb 3-1: config index 0 descriptor too short (expected 45, got 36) [ 1344.712600][ T5992] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1344.712632][ T5992] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1344.712662][ T5992] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1344.712694][ T5992] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1344.712740][ T5992] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1344.712767][ T5992] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1344.799935][ T5992] usb 3-1: config 0 descriptor?? [ 1344.801269][T22661] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1345.252826][ T5992] plantronics 0003:047F:FFFF.0045: reserved main item tag 0xd [ 1345.287362][ T5992] plantronics 0003:047F:FFFF.0045: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 1345.291415][T13505] IPVS: starting estimator thread 0... [ 1345.400457][T22708] IPVS: using max 12 ests per chain, 28800 per kthread [ 1345.473487][ T5992] usb 3-1: USB disconnect, device number 61 [ 1346.638346][T19669] kernel write not supported for file bpf-prog (pid: 19669 comm: kworker/0:3) [ 1347.005269][T22796] netlink: 'syz.1.19695': attribute type 3 has an invalid length. [ 1347.005291][T22796] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19695'. [ 1347.310247][T22816] netlink: 'syz.7.19700': attribute type 11 has an invalid length. [ 1347.523823][T19666] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 1347.688946][T19666] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1347.689130][T19666] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 1347.689162][T19666] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 1347.689192][T19666] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 1347.689217][T19666] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1347.692328][T19666] usb 7-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 1347.692361][T19666] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 1347.692386][T19666] usb 7-1: Product: syz [ 1347.692404][T19666] usb 7-1: Manufacturer: syz [ 1347.692421][T19666] usb 7-1: SerialNumber: syz [ 1347.719811][T19666] usb 7-1: config 0 descriptor?? [ 1347.957749][T19666] radio-si470x 7-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 1347.957778][T19666] radio-si470x 7-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 1347.993569][ T806] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 1348.099945][T19669] usb 3-1: new high-speed USB device number 62 using dummy_hcd [ 1348.155782][ T806] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1348.155885][ T806] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1348.155913][ T806] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1348.155960][ T806] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1348.156050][ T806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1348.163645][T19666] radio-si470x 7-1:0.0: software version 0, hardware version 0 [ 1348.163721][T19666] radio-si470x 7-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 1348.163770][T19666] radio-si470x 7-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 1348.257244][ T806] usb 2-1: config 0 descriptor?? [ 1348.271997][T19669] usb 3-1: Using ep0 maxpacket: 16 [ 1348.278404][T19669] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1348.278497][T19669] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1348.278543][T19669] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 1348.278570][T19669] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1348.345411][T19669] usb 3-1: config 0 descriptor?? [ 1348.385450][T19666] radio-si470x 7-1:0.0: submitting int urb failed (-90) [ 1348.773722][ T806] plantronics 0003:047F:FFFF.0046: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1348.819770][T19666] radio-si470x 7-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1348.820301][T19666] radio-si470x 7-1:0.0: probe with driver radio-si470x failed with error -22 [ 1348.848202][T19666] usb 7-1: USB disconnect, device number 4 [ 1348.940617][ T806] usb 2-1: USB disconnect, device number 55 [ 1349.276487][T19669] letsketch 0003:6161:4D15.0047: Device info: ఁ [ 1349.531352][T19669] usb 3-1: Max retries (5) exceeded reading string descriptor 201 [ 1349.531452][T19669] letsketch 0003:6161:4D15.0047: probe with driver letsketch failed with error -71 [ 1349.564246][T19669] usb 3-1: USB disconnect, device number 62 [ 1349.694268][T22936] batadv_slave_1: entered promiscuous mode [ 1349.695256][T22936] netlink: 4 bytes leftover after parsing attributes in process `syz.1.19737'. [ 1349.932335][T22936] batadv_slave_1 (unregistering): left promiscuous mode [ 1349.932472][T22936] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1350.840148][ T806] usb 3-1: new high-speed USB device number 63 using dummy_hcd [ 1351.012929][ T806] usb 3-1: Using ep0 maxpacket: 8 [ 1351.030725][ T806] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 1351.030790][ T806] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1351.030818][ T806] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1351.030847][ T806] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1351.030876][ T806] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1351.030925][ T806] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1351.030951][ T806] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1352.031409][T23027] netlink: 28 bytes leftover after parsing attributes in process `syz.6.19773'. [ 1352.031461][T23027] netlink: 28 bytes leftover after parsing attributes in process `syz.6.19773'. [ 1352.086221][T13505] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 1352.165911][T23033] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1352.254346][T13505] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 1352.254382][T13505] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1352.254410][T13505] usb 2-1: Product: syz [ 1352.254422][T13505] usb 2-1: Manufacturer: syz [ 1352.254432][T13505] usb 2-1: SerialNumber: syz [ 1352.290896][T13505] usb 2-1: config 0 descriptor?? [ 1353.105916][T23070] netlink: 452 bytes leftover after parsing attributes in process `syz.7.19791'. [ 1353.411609][T13505] usb 2-1: Firmware version (0.0) predates our first public release. [ 1353.411641][T13505] usb 2-1: Please update to version 0.2 or newer [ 1353.519712][T13505] usb 2-1: USB disconnect, device number 56 [ 1353.855731][T19669] usb 3-1: USB disconnect, device number 63 [ 1354.119367][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 1354.119414][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 1356.117841][T23322] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19835'. [ 1357.266003][ T152] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1357.430189][T23381] ubi: mtd0 is already attached to ubi31 [ 1357.912606][T15220] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1357.969958][T15220] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1357.973656][T15220] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1357.974917][T15220] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1357.975779][T15220] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1358.150812][ T152] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1358.237772][T23403] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.19864'. [ 1358.318032][T23375] wlan0 speed is unknown, defaulting to 1000 [ 1358.703151][ T152] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1359.109557][ T152] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1359.191901][T23392] wlan0 speed is unknown, defaulting to 1000 [ 1360.043929][ T152] team0: left allmulticast mode [ 1360.043954][ T152] team_slave_0: left allmulticast mode [ 1360.043976][ T152] team_slave_1: left allmulticast mode [ 1360.043996][ T152] bond7: left allmulticast mode [ 1360.044558][ T152] bridge0: port 2(team0) entered disabled state [ 1360.184285][ T152] ip6gretap0: left allmulticast mode [ 1360.184584][ T152] bridge0: port 1(ip6gretap0) entered disabled state [ 1360.232451][ T5820] Bluetooth: hci1: command tx timeout [ 1362.486062][ T5820] Bluetooth: hci1: command tx timeout [ 1364.101883][ T152] team0: Port device bridge6 removed [ 1364.739559][ T5820] Bluetooth: hci1: command tx timeout [ 1364.816169][ T152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1364.861611][ T152] bond_slave_0: left promiscuous mode [ 1364.903308][ T152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1364.937227][ T152] bond_slave_1: left promiscuous mode [ 1364.941924][ T152] bond0 (unregistering): Released all slaves [ 1366.367938][ T152] bond1 (unregistering): Released all slaves [ 1366.411798][ T152] bond2 (unregistering): Released all slaves [ 1366.454534][ T152] bond3 (unregistering): Released all slaves [ 1366.491724][ T152] bond4 (unregistering): Released all slaves [ 1366.529173][ T152] bond5 (unregistering): Released all slaves [ 1366.584430][ T152] bond6 (unregistering): Released all slaves [ 1366.993188][ T5820] Bluetooth: hci1: command tx timeout [ 1367.882333][ T152] bond7 (unregistering): left promiscuous mode [ 1367.925620][ T152] team0: Port device bond7 removed [ 1367.928796][ T152] bond7 (unregistering): Released all slaves [ 1367.955108][ T152] bond8 (unregistering): Released all slaves [ 1368.475256][ T152] tipc: Disabling bearer [ 1368.625798][ T152] tipc: Left network mode [ 1369.907508][T23828] sctp: [Deprecated]: syz.6.20032 (pid 23828) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1369.907508][T23828] Use struct sctp_sack_info instead [ 1370.302702][ T37] kauditd_printk_skb: 15 callbacks suppressed [ 1370.302717][ T37] audit: type=1326 audit(1315.047:4255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23839 comm="syz.6.20035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1370.302756][ T37] audit: type=1326 audit(1315.047:4256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23839 comm="syz.6.20035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1370.302789][ T37] audit: type=1326 audit(1315.047:4257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23839 comm="syz.6.20035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1370.302821][ T37] audit: type=1326 audit(1315.047:4258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23839 comm="syz.6.20035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1370.302854][ T37] audit: type=1326 audit(1315.047:4259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23839 comm="syz.6.20035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016a37f749 code=0x7ffc0000 [ 1371.592792][T23967] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 1371.668071][T23967] overlayfs: NFS export requires an index dir, falling back to nfs_export=off. [ 1371.949706][T23392] chnl_net:caif_netlink_parms(): no params data found [ 1372.811042][ T152] hsr_slave_0: left promiscuous mode [ 1373.001544][ T152] veth1_macvtap: left promiscuous mode [ 1373.001654][ T152] veth0_macvtap: left promiscuous mode [ 1373.001928][ T152] veth1_vlan: left promiscuous mode [ 1373.724402][ T152] pim6reg (unregistering): left allmulticast mode [ 1374.483967][ T3518] tipc: Subscription rejected, illegal request [ 1376.008662][ T5990] usb 2-1: new full-speed USB device number 57 using dummy_hcd [ 1376.120722][ T152] smc: removing net device hsr0 with user defined pnetid SYZ2 [ 1376.207386][ T5990] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1376.207422][ T5990] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1376.207469][ T5990] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1376.207496][ T5990] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1376.377353][T24161] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input119 [ 1376.519752][ T5990] usb 2-1: usb_control_msg returned -32 [ 1376.519804][ T5990] usbtmc 2-1:16.0: can't read capabilities [ 1377.850694][ T152] team_slave_1 (unregistering): left promiscuous mode [ 1377.904072][ T152] team0 (unregistering): Port device team_slave_1 removed [ 1378.304627][ T152] team_slave_0 (unregistering): left promiscuous mode [ 1378.349716][ T152] team0 (unregistering): Port device team_slave_0 removed [ 1378.353101][ T1351] smc: removing ib device !yz! [ 1378.966001][ T5992] usb 2-1: USB disconnect, device number 57 [ 1383.216696][T24068] netlink: 192 bytes leftover after parsing attributes in process `syz.7.20082'. [ 1383.279131][T24305] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1383.719442][T23392] bridge0: port 1(bridge_slave_0) entered blocking state [ 1383.729242][T23392] bridge0: port 1(bridge_slave_0) entered disabled state [ 1383.730438][T23392] bridge_slave_0: entered allmulticast mode [ 1383.826988][T23392] bridge_slave_0: entered promiscuous mode [ 1383.859145][T23392] bridge0: port 2(bridge_slave_1) entered blocking state [ 1383.863163][T23392] bridge0: port 2(bridge_slave_1) entered disabled state [ 1383.863556][T23392] bridge_slave_1: entered allmulticast mode [ 1383.934195][T23392] bridge_slave_1: entered promiscuous mode [ 1384.744995][T24482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20235'. [ 1384.852081][T24482] netlink: 24 bytes leftover after parsing attributes in process `syz.1.20235'. [ 1384.906332][T23392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1384.936906][T23392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1385.671165][T23392] team0: Port device team_slave_0 added [ 1385.699870][T23392] team0: Port device team_slave_1 added [ 1386.275846][T23392] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1386.275863][T23392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1386.275888][T23392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1386.325543][T23392] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1386.325563][T23392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1386.325596][T23392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1386.674265][T24605] netlink: 8 bytes leftover after parsing attributes in process `syz.6.20262'. [ 1386.674306][T24605] netlink: 'syz.6.20262': attribute type 18 has an invalid length. [ 1386.674323][T24605] netlink: 4 bytes leftover after parsing attributes in process `syz.6.20262'. [ 1386.757023][T24605] netlink: 8 bytes leftover after parsing attributes in process `syz.6.20262'. [ 1386.757062][T24605] netlink: 'syz.6.20262': attribute type 18 has an invalid length. [ 1386.757078][T24605] netlink: 4 bytes leftover after parsing attributes in process `syz.6.20262'. [ 1386.940671][ T9117] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1386.962543][ T9117] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1387.072348][T23392] hsr_slave_0: entered promiscuous mode [ 1387.082609][T23392] hsr_slave_1: entered promiscuous mode [ 1387.085321][T23392] debugfs: 'hsr0' already exists in 'hsr' [ 1387.085395][T23392] Cannot create hsr debugfs directory [ 1387.085942][T23206] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1387.167806][ T43] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1388.852702][T23392] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1388.894421][T23392] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1388.975871][T23392] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1389.055469][T23392] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1389.129281][T24774] Invalid ELF header magic: != ELF [ 1389.362726][T23392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1389.448706][T23392] 8021q: adding VLAN 0 to HW filter on device team0 [ 1389.473628][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1389.495904][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1389.533836][T23702] bridge0: port 2(bridge_slave_1) entered blocking state [ 1389.546280][T23702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1390.142003][T23392] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1390.643648][T23392] veth0_vlan: entered promiscuous mode [ 1390.674209][T23392] veth1_vlan: entered promiscuous mode [ 1390.749638][T23392] veth0_macvtap: entered promiscuous mode [ 1390.790154][T23392] veth1_macvtap: entered promiscuous mode [ 1390.860460][T23392] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1390.928603][T23392] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1390.951519][ T13] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1390.951575][ T13] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1390.951617][ T13] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1390.951658][ T13] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1391.470942][T23717] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1391.470966][T23717] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1391.538599][T24871] overlayfs: failed lookup in lower (newroot/121, name='file1', err=-40): overlapping layers [ 1391.672590][ T1351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1391.672616][ T1351] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1391.945919][T24891] Invalid argument reading file caps for ./file0 [ 1395.695869][T25058] loop8: detected capacity change from 0 to 8 [ 1395.700823][T25058] Dev loop8: unable to read RDB block 8 [ 1395.700871][T25058] loop8: unable to read partition table [ 1395.701118][T25058] loop8: partition table beyond EOD, truncated [ 1395.701140][T25058] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1397.262383][T25129] netlink: 'syz.1.20426': attribute type 11 has an invalid length. [ 1399.020524][T13505] usb 2-1: new low-speed USB device number 58 using dummy_hcd [ 1399.194992][T13505] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1399.195054][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 1399.195085][T13505] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1399.195137][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 1399.195166][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 1399.196345][T13505] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1399.196402][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 1399.196435][T13505] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1399.196463][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 1399.196494][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 1399.201452][T13505] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1399.201516][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 1399.201549][T13505] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1399.201580][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 1399.201611][T13505] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 1399.211549][T13505] usb 2-1: string descriptor 0 read error: -22 [ 1399.211707][T13505] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1399.211737][T13505] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1399.430795][T13505] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1399.703739][ T806] usb 2-1: USB disconnect, device number 58 [ 1399.829668][T25254] kvm: MWAIT instruction emulated as NOP! [ 1402.401465][ T37] audit: type=1804 audit(1344.657:4260): pid=25328 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.1.20486" name="bus" dev="ramfs" ino=159451 res=1 errno=0 [ 1404.605682][ T37] audit: type=1326 audit(1346.706:4261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25410 comm="syz.7.20522" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x0 [ 1405.325387][ T8737] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 1405.487025][ T8737] usb 2-1: Using ep0 maxpacket: 32 [ 1405.490761][ T8737] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1405.490801][ T8737] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1405.490846][ T8737] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1405.490875][ T8737] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1405.495946][ T8737] usb 2-1: config 0 descriptor?? [ 1406.012235][ T8737] savu 0003:1E7D:2D5A.0048: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 1406.197380][ T5990] usb 2-1: USB disconnect, device number 59 [ 1406.946001][T25517] Invalid ELF header magic: != ELF [ 1409.891102][T25634] input: syz1 as /devices/virtual/input/input120 [ 1410.040777][T25645] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20604'. [ 1410.067427][ T9117] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1410.067797][ T9117] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1410.067842][ T9117] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1410.067883][ T9117] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1410.139872][T25652] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.20605'. [ 1411.455649][T25714] netlink: 156 bytes leftover after parsing attributes in process `syz.6.20633'. [ 1412.411096][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880339d8c00: rx timeout, send abort [ 1412.417316][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880339d8c00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 1413.355163][ T5990] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 1413.456589][T25803] vivid-000: disconnect [ 1413.548381][ T5990] usb 2-1: Using ep0 maxpacket: 32 [ 1413.550459][ T5990] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 1413.550489][ T5990] usb 2-1: config 0 has no interface number 0 [ 1413.550545][ T5990] usb 2-1: config 0 interface 12 has no altsetting 0 [ 1413.553062][ T5990] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 1413.553099][ T5990] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1413.553116][ T5990] usb 2-1: Product: syz [ 1413.553127][ T5990] usb 2-1: Manufacturer: syz [ 1413.553138][ T5990] usb 2-1: SerialNumber: syz [ 1413.573412][ T5990] usb 2-1: config 0 descriptor?? [ 1413.871945][ T5990] f81534 2-1:0.12: f81534_set_register: reg: 1002 data: 3 failed: -71 [ 1413.872043][ T5990] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71 [ 1413.872064][ T5990] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 1413.872161][ T5990] f81534 2-1:0.12: probe with driver f81534 failed with error -71 [ 1413.921139][ T5990] usb 2-1: USB disconnect, device number 60 [ 1414.849869][T25845] fuse: Bad value for 'fd' [ 1414.860303][T25845] netlink: 4 bytes leftover after parsing attributes in process `syz.8.20682'. [ 1415.305327][T25862] netlink: 12 bytes leftover after parsing attributes in process `syz.1.20690'. [ 1415.865256][T25801] vivid-000: reconnect [ 1415.869951][ T806] kernel read not supported for file /vcs (pid: 806 comm: kworker/0:2) [ 1417.935159][ T4828] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1418.022198][ T5990] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 1418.121479][ T37] audit: type=1326 audit(1359.185:4262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.121627][ T37] audit: type=1326 audit(1359.185:4263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.121904][ T37] audit: type=1326 audit(1359.185:4264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.124679][ T37] audit: type=1326 audit(1359.185:4265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.124870][ T37] audit: type=1326 audit(1359.185:4266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.125270][ T37] audit: type=1326 audit(1359.185:4267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.125415][ T37] audit: type=1326 audit(1359.185:4268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.125619][ T37] audit: type=1326 audit(1359.185:4269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.126573][ T37] audit: type=1326 audit(1359.185:4270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.126722][ T37] audit: type=1326 audit(1359.185:4271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25971 comm="syz.7.20732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1418.196714][ T5990] usb 2-1: Using ep0 maxpacket: 32 [ 1418.255261][ T5990] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 1418.255297][ T5990] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1418.387865][ T5990] usb 2-1: config 0 descriptor?? [ 1418.398903][ T5990] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 1418.879670][T25990] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1419.173376][ T4828] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1419.596412][ T4828] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1419.726689][ T5990] gspca_vc032x: reg_w err -71 [ 1419.726710][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726723][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726735][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726746][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726756][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726767][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726777][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726789][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726800][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726810][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726821][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726832][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726842][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726852][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726863][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726874][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726885][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726896][ T5990] gspca_vc032x: I2c Bus Busy Wait 00 [ 1419.726907][ T5990] gspca_vc032x: Unknown sensor... [ 1419.727002][ T5990] vc032x 2-1:0.0: probe with driver vc032x failed with error -22 [ 1419.732181][ T5990] usb 2-1: USB disconnect, device number 61 [ 1419.883717][T26023] netlink: 212348 bytes leftover after parsing attributes in process `syz.8.20747'. [ 1419.883879][T26023] netlink: Unknown conntrack attr (0) [ 1420.292070][ T4828] .`: (slave netdevsim0): Releasing backup interface [ 1420.367222][ T4828] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1420.431363][T26032] syz_tun: entered allmulticast mode [ 1421.385089][T26088] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.20769'. [ 1421.453157][ T4828] bridge_slave_1: left allmulticast mode [ 1421.453188][ T4828] bridge_slave_1: left promiscuous mode [ 1421.453428][ T4828] bridge0: port 2(bridge_slave_1) entered disabled state [ 1421.612537][ T4828] m~aW: left allmulticast mode [ 1421.612561][ T4828] m~aW: left promiscuous mode [ 1421.612782][ T4828] bridge0: port 1(1m~aW) entered disabled state [ 1422.155849][T26102] evm: overlay not supported [ 1423.470380][T26164] netlink: 212348 bytes leftover after parsing attributes in process `syz.6.20801'. [ 1423.470549][T26164] netlink: Conntrack attr has 4 unknown bytes [ 1428.272948][T26305] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1428.878088][T15220] Bluetooth: hci2: command 0x0406 tx timeout [ 1431.328733][ T4828] .` (unregistering): (slave bond_slave_0): Releasing backup interface [ 1431.470688][ T4828] .` (unregistering): (slave bond_slave_1): Releasing backup interface [ 1431.499452][ T4828] .` (unregistering): Released all slaves [ 1433.464525][ T4828] bond1 (unregistering): Released all slaves [ 1433.496684][ T4828] bond2 (unregistering): Released all slaves [ 1433.894615][ T4828] !9: left promiscuous mode [ 1434.112471][ T4828] : left promiscuous mode [ 1434.317581][ T4828] tipc: Left network mode [ 1434.847774][ T5990] usb 2-1: new high-speed USB device number 62 using dummy_hcd [ 1435.037276][ T5990] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1435.037316][ T5990] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1435.037344][ T5990] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1435.037392][ T5990] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1435.037420][ T5990] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1435.108175][ T5990] usb 2-1: config 0 descriptor?? [ 1435.676616][ T5990] plantronics 0003:047F:FFFF.0049: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1435.810672][ T8737] usb 2-1: USB disconnect, device number 62 [ 1436.072907][T15220] Bluetooth: hci0: command 0x1003 tx timeout [ 1436.073290][ T5820] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1437.564452][ T4828] macvlan1: left promiscuous mode [ 1437.715688][ T4828] dummy0: left promiscuous mode [ 1439.976542][ T5820] Bluetooth: hci5: command 0x0405 tx timeout [ 1441.813673][ T8737] hid-generic 0000:0000:0000.004A: unknown main item tag 0x0 [ 1441.840722][ T8737] hid-generic 0000:0000:0000.004A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1443.180210][ T4828] team0 (unregistering): Port device team_slave_1 removed [ 1443.685970][ T4828] team0 (unregistering): Port device team_slave_0 removed [ 1447.270395][T26895] netlink: 'syz.7.21101': attribute type 2 has an invalid length. [ 1449.586097][ T5990] usb 2-1: new high-speed USB device number 63 using dummy_hcd [ 1449.821048][ T5990] usb 2-1: Using ep0 maxpacket: 16 [ 1449.851615][ T5990] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1449.851646][ T5990] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1449.860870][ T5990] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1449.860907][ T5990] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1449.860991][ T5990] usb 2-1: Product: syz [ 1449.861009][ T5990] usb 2-1: Manufacturer: syz [ 1449.861026][ T5990] usb 2-1: SerialNumber: syz [ 1450.152978][ C1] raw-gadget.0 gadget.1: ignoring, device is not running [ 1450.154184][ T5990] usb 2-1: cannot find UAC_HEADER [ 1450.235657][ T5990] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1450.271733][ T5990] usb 2-1: USB disconnect, device number 63 [ 1450.660000][T27036] io-wq is not configured for unbound workers [ 1450.914579][T27043] netlink: 'syz.1.21155': attribute type 9 has an invalid length. [ 1450.914606][T27043] netlink: 'syz.1.21155': attribute type 11 has an invalid length. [ 1450.914622][T27043] netlink: 'syz.1.21155': attribute type 12 has an invalid length. [ 1450.914642][T27043] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.21155'. [ 1450.925783][ T806] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 1450.963029][ T37] kauditd_printk_skb: 29 callbacks suppressed [ 1450.963092][ T37] audit: type=1326 audit(1389.459:4301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.963628][ T37] audit: type=1326 audit(1389.468:4302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.963765][ T37] audit: type=1326 audit(1389.468:4303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.963896][ T37] audit: type=1326 audit(1389.468:4304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.964024][ T37] audit: type=1326 audit(1389.478:4305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.964138][ T37] audit: type=1326 audit(1389.478:4306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.964259][ T37] audit: type=1326 audit(1389.478:4307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.964389][ T37] audit: type=1326 audit(1389.478:4308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.964514][ T37] audit: type=1326 audit(1389.478:4309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1450.964645][ T37] audit: type=1326 audit(1389.478:4310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27041 comm="syz.7.21153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f85bcabf749 code=0x7ffc0000 [ 1451.120752][ T806] usb 9-1: Using ep0 maxpacket: 32 [ 1451.123734][ T806] usb 9-1: config 0 has an invalid interface number: 230 but max is 0 [ 1451.123765][ T806] usb 9-1: config 0 has no interface number 0 [ 1451.123817][ T806] usb 9-1: config 0 interface 230 has no altsetting 0 [ 1451.126980][ T806] usb 9-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05 [ 1451.127012][ T806] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1451.127036][ T806] usb 9-1: Product: syz [ 1451.127052][ T806] usb 9-1: Manufacturer: syz [ 1451.127069][ T806] usb 9-1: SerialNumber: syz [ 1451.166154][ T806] usb 9-1: config 0 descriptor?? [ 1451.261238][ T806] ums-usbat 9-1:0.230: USB Mass Storage device detected [ 1451.306940][T27043] netlink: 4 bytes leftover after parsing attributes in process `syz.1.21155'. [ 1451.322632][ T806] ums-usbat 9-1:0.230: Quirks match for vid 0781 pid 0005: 1 [ 1452.644880][ T4828] IPVS: stop unused estimator thread 0... [ 1452.936550][T27099] binder: 27098:27099 ioctl c0306201 2000000001c0 returned -22 [ 1453.333974][T27110] netlink: 48 bytes leftover after parsing attributes in process `syz.7.21182'. [ 1453.334448][T27110] ipvlan1: entered allmulticast mode [ 1453.334468][T27110] veth0_vlan: entered allmulticast mode [ 1453.592065][T27125] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1453.599087][T27125] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1453.734910][ T806] ums-usbat 9-1:0.230: probe with driver ums-usbat failed with error -5 [ 1453.899763][ T5790] usb 9-1: USB disconnect, device number 2 [ 1453.954485][T27142] binder: 27140:27142 unknown command 0 [ 1453.954512][T27142] binder: 27140:27142 ioctl c0306201 200000000a40 returned -22 [ 1456.779701][T27231] netlink: 4 bytes leftover after parsing attributes in process `syz.7.21228'. [ 1458.650415][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 1458.650628][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 1460.416866][T19669] usb 2-1: new full-speed USB device number 64 using dummy_hcd [ 1460.584199][T19669] usb 2-1: config 150 has an invalid interface number: 204 but max is 2 [ 1460.584286][T19669] usb 2-1: config 150 has 2 interfaces, different from the descriptor's value: 3 [ 1460.584320][T19669] usb 2-1: config 150 has no interface number 0 [ 1460.584372][T19669] usb 2-1: config 150 interface 204 has no altsetting 0 [ 1460.624314][T19669] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 1460.624348][T19669] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1460.624371][T19669] usb 2-1: Product: syz [ 1460.624386][T19669] usb 2-1: Manufacturer: syz [ 1460.624402][T19669] usb 2-1: SerialNumber: syz [ 1460.887966][T19669] xr_serial 2-1:150.204: skipping garbage [ 1460.888032][T19669] xr_serial 2-1:150.204: xr_serial converter detected [ 1461.658544][T27375] atomic_op ffff8880a7cb2218 conn xmit_atomic 0000000000000000 [ 1461.775426][T19669] usb 2-1: xr_serial converter now attached to ttyUSB0 [ 1462.003503][ T5990] usb 2-1: USB disconnect, device number 64 [ 1462.017511][ T5990] xr_serial ttyUSB0: xr_serial converter now disconnected from ttyUSB0 [ 1462.042202][ T5990] xr_serial 2-1:150.204: device disconnected [ 1463.635818][ T806] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 1463.801241][ T806] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1463.801279][ T806] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1463.801304][ T806] usb 9-1: Product: syz [ 1463.801321][ T806] usb 9-1: Manufacturer: syz [ 1463.801338][ T806] usb 9-1: SerialNumber: syz [ 1465.232351][ T806] cdc_ncm 9-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 1465.514119][ T806] cdc_ncm 9-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.8-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 1465.580017][ T806] usb 9-1: USB disconnect, device number 3 [ 1465.582441][ T806] cdc_ncm 9-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.8-1, CDC NCM (NO ZLP) [ 1467.834560][T27660] netlink: 4 bytes leftover after parsing attributes in process `syz.8.21381'. [ 1468.565003][ T152] smc: removing ib device syz2 [ 1468.788330][ T8737] syz2: Port: 1 Link DOWN [ 1469.563000][T27702] netlink: zone id is out of range [ 1469.563018][T27702] netlink: zone id is out of range [ 1469.563033][T27702] netlink: zone id is out of range [ 1469.563043][T27702] netlink: zone id is out of range [ 1469.563052][T27702] netlink: zone id is out of range [ 1469.563062][T27702] netlink: zone id is out of range [ 1469.563071][T27702] netlink: zone id is out of range [ 1469.563080][T27702] netlink: zone id is out of range [ 1469.563089][T27702] netlink: zone id is out of range [ 1469.563099][T27702] netlink: zone id is out of range [ 1470.689576][T27729] netlink: 'syz.6.21411': attribute type 10 has an invalid length. [ 1470.884777][T27729] 8021q: adding VLAN 0 to HW filter on device team0 [ 1470.891763][T27729] bond0: (slave team0): Enslaving as an active interface with an up link [ 1472.598326][T27779] loop2: detected capacity change from 0 to 7 [ 1472.654942][T27779] loop2: [ 1472.654985][T27779] loop2: partition table partially beyond EOD, truncated [ 1472.741318][T27790] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1472.796848][T27790] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1472.811362][T27790] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1472.813589][T27790] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1472.814353][T27790] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1473.719234][T27786] chnl_net:caif_netlink_parms(): no params data found [ 1474.232890][T27786] bridge0: port 1(bridge_slave_0) entered blocking state [ 1474.248775][T27786] bridge0: port 1(bridge_slave_0) entered disabled state [ 1474.249056][T27786] bridge_slave_0: entered allmulticast mode [ 1474.267427][T27786] bridge_slave_0: entered promiscuous mode [ 1474.271106][T27786] bridge0: port 2(bridge_slave_1) entered blocking state [ 1474.271339][T27786] bridge0: port 2(bridge_slave_1) entered disabled state [ 1474.271554][T27786] bridge_slave_1: entered allmulticast mode [ 1474.300458][T27786] bridge_slave_1: entered promiscuous mode [ 1474.621665][T27786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1474.628491][T27786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1475.030121][T27786] team0: Port device team_slave_0 added [ 1475.059585][T27786] team0: Port device team_slave_1 added [ 1475.079020][T15220] Bluetooth: hci0: command tx timeout [ 1475.349555][T27786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1475.349576][T27786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1475.349607][T27786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1475.352025][T27786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1475.352042][T27786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1475.352072][T27786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1475.539891][T28113] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21474'. [ 1476.024647][ T37] kauditd_printk_skb: 49 callbacks suppressed [ 1476.024668][ T37] audit: type=1800 audit(2000000017.573:4360): pid=28138 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.8.21478" name="bus" dev="overlay" ino=688 res=0 errno=0 [ 1476.116742][T27786] hsr_slave_0: entered promiscuous mode [ 1476.118230][T27786] hsr_slave_1: entered promiscuous mode [ 1476.119232][T27786] debugfs: 'hsr0' already exists in 'hsr' [ 1476.119259][T27786] Cannot create hsr debugfs directory [ 1476.374711][T28170] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1476.497227][T28200] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1477.055066][T27786] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1477.100944][T27786] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1477.171185][T27786] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1477.241357][T27786] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1477.341055][T15220] Bluetooth: hci0: command tx timeout [ 1477.555887][T27786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1477.598015][T27786] 8021q: adding VLAN 0 to HW filter on device team0 [ 1477.624627][T27862] bridge0: port 1(bridge_slave_0) entered blocking state [ 1477.624773][T27862] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1477.660521][T27862] bridge0: port 2(bridge_slave_1) entered blocking state [ 1477.664671][T27862] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1478.169365][T27786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1478.683005][T27786] veth0_vlan: entered promiscuous mode [ 1478.703218][T27786] veth1_vlan: entered promiscuous mode [ 1478.766043][T27786] veth0_macvtap: entered promiscuous mode [ 1478.802745][T27786] veth1_macvtap: entered promiscuous mode [ 1478.856045][T27786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1478.894220][T27786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1478.955855][ T43] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1478.963654][ T43] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1478.985495][ T43] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1478.995904][T23702] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1479.612200][T15220] Bluetooth: hci0: command tx timeout [ 1479.756779][T22734] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1479.756806][T22734] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1479.909004][T23717] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1479.909028][T23717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1481.092246][T28385] netlink: 'syz.9.21533': attribute type 2 has an invalid length. [ 1481.366910][T28390] Bluetooth: MGMT ver 1.23 [ 1481.835794][T15220] Bluetooth: hci0: command tx timeout [ 1483.133840][T28440] trusted_key: syz.6.21556 sent an empty control message without MSG_MORE. [ 1483.153859][T28441] netlink: 'syz.7.21557': attribute type 3 has an invalid length. [ 1483.153890][T28441] netlink: 'syz.7.21557': attribute type 3 has an invalid length. [ 1486.278363][T28532] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 33554436, id = 0 [ 1486.279820][T28530] IPVS: stopping master sync thread 28532 ... [ 1487.032568][T28563] random: crng reseeded on system resumption [ 1487.370728][ T806] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 1487.534585][ T806] usb 9-1: Using ep0 maxpacket: 16 [ 1487.537088][ T806] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1487.537127][ T806] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1487.537152][ T806] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1487.537198][ T806] usb 9-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 1487.537226][ T806] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1487.605651][ T806] usb 9-1: config 0 descriptor?? [ 1488.050716][ T806] shield 0003:0955:7214.004B: unknown main item tag 0x0 [ 1488.050758][ T806] shield 0003:0955:7214.004B: unknown main item tag 0x0 [ 1488.050789][ T806] shield 0003:0955:7214.004B: unknown main item tag 0x0 [ 1488.050818][ T806] shield 0003:0955:7214.004B: unknown main item tag 0x0 [ 1488.050848][ T806] shield 0003:0955:7214.004B: unknown main item tag 0x0 [ 1488.092328][ T806] input: HID 0955:7214 Haptics as /devices/virtual/input/input121 [ 1488.146515][ T806] shield 0003:0955:7214.004B: Registered Thunderstrike controller [ 1488.146888][ T806] shield 0003:0955:7214.004B: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.8-1/input0 [ 1488.274757][ T5893] shield 0003:0955:7214.004B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 1488.278868][ T5893] shield 0003:0955:7214.004B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 1488.279207][ T5893] shield 0003:0955:7214.004B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 1488.279829][ T5893] shield 0003:0955:7214.004B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 1488.336450][T21732] usb 9-1: USB disconnect, device number 4 [ 1488.465216][T21732] ------------[ cut here ]------------ [ 1488.465237][T21732] workqueue: work disable count underflowed [ 1488.465252][T21732] WARNING: kernel/workqueue.c:4359 at enable_work+0x1b3/0x220, CPU#1: kworker/1:3/21732 [ 1488.465312][T21732] Modules linked in: [ 1488.465339][T21732] CPU: 1 UID: 0 PID: 21732 Comm: kworker/1:3 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1488.465374][T21732] Tainted: [L]=SOFTLOCKUP [ 1488.465384][T21732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1488.465401][T21732] Workqueue: usb_hub_wq hub_event [ 1488.465438][T21732] RIP: 0010:enable_work+0x1b3/0x220 [ 1488.465472][T21732] Code: c3 14 35 00 4d 85 f6 75 48 e8 b9 14 35 00 eb 47 e8 b2 14 35 00 90 0f 0b 90 e9 d0 fe ff ff e8 a4 14 35 00 48 8d 3d bd 67 53 0d <67> 48 0f b9 3a e9 e6 fe ff ff e8 8e 14 35 00 90 0f 0b 90 e9 1a ff [ 1488.465496][T21732] RSP: 0018:ffffc9000ca870e0 EFLAGS: 00010087 [ 1488.465517][T21732] RAX: ffffffff818a98bc RBX: 0000000000000000 RCX: 0000000000100000 [ 1488.465535][T21732] RDX: ffffc9001ab2e000 RSI: 0000000000006894 RDI: ffffffff8ede0080 [ 1488.465553][T21732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1488.465569][T21732] R10: dffffc0000000000 R11: ffffed100c043d04 R12: 1ffff1100c043d03 [ 1488.465588][T21732] R13: 001fffffffc00001 R14: ffff88806021e818 R15: dffffc0000000000 [ 1488.465607][T21732] FS: 0000000000000000(0000) GS:ffff888126deb000(0000) knlGS:0000000000000000 [ 1488.465627][T21732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1488.465644][T21732] CR2: 000000110c3f32ab CR3: 00000000349a6000 CR4: 00000000003526f0 [ 1488.465666][T21732] Call Trace: [ 1488.465676][T21732] [ 1488.465695][T21732] __cancel_work_sync+0xf7/0x110 [ 1488.465734][T21732] thermal_zone_device_unregister+0x23e/0x3f0 [ 1488.465769][T21732] power_supply_unregister+0xf9/0x140 [ 1488.465797][T21732] ? __pfx_shield_remove+0x10/0x10 [ 1488.465821][T21732] shield_remove+0x72/0x120 [ 1488.465847][T21732] hid_device_remove+0x22b/0x370 [ 1488.465887][T21732] ? __pfx_hid_device_remove+0x10/0x10 [ 1488.465936][T21732] device_release_driver_internal+0x46f/0x800 [ 1488.465980][T21732] bus_remove_device+0x355/0x450 [ 1488.466013][T21732] device_del+0x515/0x8e0 [ 1488.466045][T21732] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1488.466080][T21732] ? rt_spin_lock+0x1c1/0x3e0 [ 1488.466117][T21732] ? __pfx_device_del+0x10/0x10 [ 1488.466150][T21732] ? rt_spin_unlock+0x150/0x200 [ 1488.466189][T21732] hid_destroy_device+0x6b/0x1b0 [ 1488.466231][T21732] usbhid_disconnect+0x9f/0xc0 [ 1488.466262][T21732] usb_unbind_interface+0x26e/0x910 [ 1488.466303][T21732] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1488.466334][T21732] ? __pfx_usb_unbind_interface+0x10/0x10 [ 1488.466374][T21732] device_release_driver_internal+0x4d9/0x800 [ 1488.466415][T21732] bus_remove_device+0x355/0x450 [ 1488.466446][T21732] device_del+0x515/0x8e0 [ 1488.466478][T21732] ? kobject_put+0x26d/0x570 [ 1488.466511][T21732] ? __pfx_device_del+0x10/0x10 [ 1488.466539][T21732] ? kobject_put+0x531/0x570 [ 1488.466580][T21732] usb_disable_device+0x3d4/0x8e0 [ 1488.466626][T21732] usb_disconnect+0x315/0x970 [ 1488.466669][T21732] hub_event+0x1cd9/0x4f30 [ 1488.466718][T21732] ? __lock_acquire+0x6b6/0x2cf0 [ 1488.466777][T21732] ? finish_task_switch+0x162/0x940 [ 1488.466833][T21732] ? __pfx_hub_event+0x10/0x10 [ 1488.466869][T21732] ? process_scheduled_works+0x9ef/0x1770 [ 1488.466913][T21732] ? process_scheduled_works+0x9ef/0x1770 [ 1488.466941][T21732] ? process_scheduled_works+0x9ef/0x1770 [ 1488.466971][T21732] process_scheduled_works+0xad1/0x1770 [ 1488.467036][T21732] ? __pfx_process_scheduled_works+0x10/0x10 [ 1488.467062][T21732] ? do_raw_spin_lock+0x121/0x290 [ 1488.467111][T21732] worker_thread+0x8a0/0xda0 [ 1488.467157][T21732] ? __kthread_parkme+0x7b/0x200 [ 1488.467201][T21732] kthread+0x711/0x8a0 [ 1488.467240][T21732] ? __pfx_worker_thread+0x10/0x10 [ 1488.467269][T21732] ? __pfx_kthread+0x10/0x10 [ 1488.467300][T21732] ? rt_spin_unlock+0x150/0x200 [ 1488.467342][T21732] ? rt_spin_unlock+0x161/0x200 [ 1488.467376][T21732] ? __pfx_kthread+0x10/0x10 [ 1488.467412][T21732] ret_from_fork+0x510/0xa50 [ 1488.467443][T21732] ? __pfx_ret_from_fork+0x10/0x10 [ 1488.467468][T21732] ? __switch_to+0xc9e/0x1480 [ 1488.467511][T21732] ? __pfx_kthread+0x10/0x10 [ 1488.467568][T21732] ret_from_fork_asm+0x1a/0x30 [ 1488.467628][T21732] [ 1488.467655][T21732] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1488.467677][T21732] CPU: 1 UID: 0 PID: 21732 Comm: kworker/1:3 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1488.467709][T21732] Tainted: [L]=SOFTLOCKUP [ 1488.467719][T21732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1488.467737][T21732] Workqueue: usb_hub_wq hub_event [ 1488.467773][T21732] Call Trace: [ 1488.467784][T21732] [ 1488.467795][T21732] vpanic+0x1e0/0x670 [ 1488.467834][T21732] panic+0xb9/0xc0 [ 1488.467869][T21732] ? __pfx_panic+0x10/0x10 [ 1488.467940][T21732] ? ret_from_fork_asm+0x1a/0x30 [ 1488.467983][T21732] __warn+0x317/0x4b0 [ 1488.468017][T21732] ? enable_work+0x1b3/0x220 [ 1488.468054][T21732] ? enable_work+0x1b3/0x220 [ 1488.468086][T21732] __report_bug+0x288/0x500 [ 1488.468112][T21732] ? __free_object+0x442/0x5e0 [ 1488.468145][T21732] ? enable_work+0x1b3/0x220 [ 1488.468186][T21732] ? __pfx___report_bug+0x10/0x10 [ 1488.468221][T21732] ? __flush_work+0x9d5/0xd20 [ 1488.468257][T21732] ? __flush_work+0xce/0xd20 [ 1488.468296][T21732] report_bug_entry+0x19a/0x290 [ 1488.468323][T21732] ? enable_work+0x1b3/0x220 [ 1488.468355][T21732] ? enable_work+0x1b8/0x220 [ 1488.468388][T21732] handle_bug+0xca/0x200 [ 1488.468421][T21732] exc_invalid_op+0x1a/0x50 [ 1488.468453][T21732] asm_exc_invalid_op+0x1a/0x20 [ 1488.468477][T21732] RIP: 0010:enable_work+0x1b3/0x220 [ 1488.468511][T21732] Code: c3 14 35 00 4d 85 f6 75 48 e8 b9 14 35 00 eb 47 e8 b2 14 35 00 90 0f 0b 90 e9 d0 fe ff ff e8 a4 14 35 00 48 8d 3d bd 67 53 0d <67> 48 0f b9 3a e9 e6 fe ff ff e8 8e 14 35 00 90 0f 0b 90 e9 1a ff [ 1488.468535][T21732] RSP: 0018:ffffc9000ca870e0 EFLAGS: 00010087 [ 1488.468556][T21732] RAX: ffffffff818a98bc RBX: 0000000000000000 RCX: 0000000000100000 [ 1488.468575][T21732] RDX: ffffc9001ab2e000 RSI: 0000000000006894 RDI: ffffffff8ede0080 [ 1488.468595][T21732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1488.468611][T21732] R10: dffffc0000000000 R11: ffffed100c043d04 R12: 1ffff1100c043d03 [ 1488.468630][T21732] R13: 001fffffffc00001 R14: ffff88806021e818 R15: dffffc0000000000 [ 1488.468660][T21732] ? enable_work+0x1ac/0x220 [ 1488.468710][T21732] __cancel_work_sync+0xf7/0x110 [ 1488.468746][T21732] thermal_zone_device_unregister+0x23e/0x3f0 [ 1488.468782][T21732] power_supply_unregister+0xf9/0x140 [ 1488.468809][T21732] ? __pfx_shield_remove+0x10/0x10 [ 1488.468833][T21732] shield_remove+0x72/0x120 [ 1488.468859][T21732] hid_device_remove+0x22b/0x370 [ 1488.468900][T21732] ? __pfx_hid_device_remove+0x10/0x10 [ 1488.468948][T21732] device_release_driver_internal+0x46f/0x800 [ 1488.468992][T21732] bus_remove_device+0x355/0x450 [ 1488.469026][T21732] device_del+0x515/0x8e0 [ 1488.469054][T21732] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1488.469088][T21732] ? rt_spin_lock+0x1c1/0x3e0 [ 1488.469127][T21732] ? __pfx_device_del+0x10/0x10 [ 1488.469160][T21732] ? rt_spin_unlock+0x150/0x200 [ 1488.469202][T21732] hid_destroy_device+0x6b/0x1b0 [ 1488.469244][T21732] usbhid_disconnect+0x9f/0xc0 [ 1488.469276][T21732] usb_unbind_interface+0x26e/0x910 [ 1488.469318][T21732] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1488.469351][T21732] ? __pfx_usb_unbind_interface+0x10/0x10 [ 1488.469392][T21732] device_release_driver_internal+0x4d9/0x800 [ 1488.469435][T21732] bus_remove_device+0x355/0x450 [ 1488.469467][T21732] device_del+0x515/0x8e0 [ 1488.469502][T21732] ? kobject_put+0x26d/0x570 [ 1488.469535][T21732] ? __pfx_device_del+0x10/0x10 [ 1488.469564][T21732] ? kobject_put+0x531/0x570 [ 1488.469606][T21732] usb_disable_device+0x3d4/0x8e0 [ 1488.469653][T21732] usb_disconnect+0x315/0x970 [ 1488.469694][T21732] hub_event+0x1cd9/0x4f30 [ 1488.469742][T21732] ? __lock_acquire+0x6b6/0x2cf0 [ 1488.469801][T21732] ? finish_task_switch+0x162/0x940 [ 1488.469856][T21732] ? __pfx_hub_event+0x10/0x10 [ 1488.469890][T21732] ? process_scheduled_works+0x9ef/0x1770 [ 1488.469938][T21732] ? process_scheduled_works+0x9ef/0x1770 [ 1488.469966][T21732] ? process_scheduled_works+0x9ef/0x1770 [ 1488.469996][T21732] process_scheduled_works+0xad1/0x1770 [ 1488.470061][T21732] ? __pfx_process_scheduled_works+0x10/0x10 [ 1488.470087][T21732] ? do_raw_spin_lock+0x121/0x290 [ 1488.470137][T21732] worker_thread+0x8a0/0xda0 [ 1488.470181][T21732] ? __kthread_parkme+0x7b/0x200 [ 1488.470225][T21732] kthread+0x711/0x8a0 [ 1488.470264][T21732] ? __pfx_worker_thread+0x10/0x10 [ 1488.470292][T21732] ? __pfx_kthread+0x10/0x10 [ 1488.470323][T21732] ? rt_spin_unlock+0x150/0x200 [ 1488.470364][T21732] ? rt_spin_unlock+0x161/0x200 [ 1488.470397][T21732] ? __pfx_kthread+0x10/0x10 [ 1488.470433][T21732] ret_from_fork+0x510/0xa50 [ 1488.470464][T21732] ? __pfx_ret_from_fork+0x10/0x10 [ 1488.470490][T21732] ? __switch_to+0xc9e/0x1480 [ 1488.470533][T21732] ? __pfx_kthread+0x10/0x10 [ 1488.470569][T21732] ret_from_fork_asm+0x1a/0x30 [ 1488.470627][T21732] [ 1488.471263][T21732] Kernel Offset: disabled