last executing test programs: 6m9.149485235s ago: executing program 0 (id=310): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000540)={0x1, 0x0, [{0x80000000, 0x0, 0x5, 0xffff6947, 0x2}]}) 6m8.653476178s ago: executing program 0 (id=318): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x100}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x6}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x68}, 0x1, 0x0, 0x0, 0x4048000}, 0x880) 6m8.233439308s ago: executing program 0 (id=325): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10) geteuid() 6m8.024593877s ago: executing program 0 (id=326): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x7, &(0x7f0000000280)=0x0) io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) shutdown(r1, 0x1) 6m7.03064965s ago: executing program 0 (id=334): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 6m6.784245937s ago: executing program 0 (id=337): pipe(&(0x7f0000000040)={0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x2, r0, 0x0}]) io_cancel(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x200, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x0) 5m51.63404621s ago: executing program 32 (id=337): pipe(&(0x7f0000000040)={0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x2, r0, 0x0}]) io_cancel(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x200, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x0) 3m41.165344406s ago: executing program 3 (id=2315): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x5, 0x8, 0x40, 0x42}, 0x48) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)="10", 0x33880}], 0x1, &(0x7f00000004c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x18, 0x1, 0x1, [r0]}}], 0x38}, 0x8841) 3m40.922265723s ago: executing program 3 (id=2318): ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"}) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x5) r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_opts(r0, 0x84, 0x1c, 0xfffffffffffffffe, &(0x7f0000000100)=0x40) 3m40.685689647s ago: executing program 3 (id=2322): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x3}]}, 0x10) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r1, &(0x7f0000000440)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x800, @mcast2}, 0x1c, 0x0}}], 0x1, 0x60044004) 3m40.451734501s ago: executing program 3 (id=2327): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 3m40.346099285s ago: executing program 3 (id=2330): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x110, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x4e23, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xffffffffffffffff}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x34}, [@coaddr={0x14, 0xe, @in6=@remote}, @mark={0xc, 0x15, {0x35075b, 0x3b}}]}, 0x110}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x70bd2a, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast1, 0xffff, 0x0, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x0, 0x60000}, {0x9, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) 3m39.537928152s ago: executing program 3 (id=2348): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'}) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44080) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 3m39.228769575s ago: executing program 33 (id=2348): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'}) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44080) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 2m49.542554569s ago: executing program 4 (id=3122): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x2c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x2c}}, 0x0) 2m49.161834773s ago: executing program 4 (id=3130): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) process_madvise(r1, &(0x7f00000001c0)=[{&(0x7f0000000000)="a0", 0x1}], 0x1, 0x4, 0x0) 2m48.96925475s ago: executing program 4 (id=3135): write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x0) 2m48.762471601s ago: executing program 4 (id=3142): unshare(0x400) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x4006}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, 0x0, 0x0) 2m48.521658504s ago: executing program 4 (id=3147): mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 2m48.403952793s ago: executing program 4 (id=3150): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)={0x8, 0x0, [{0xc0000102, 0x0, 0x7}, {0x248, 0x0, 0x200000}, {0xb79, 0x0, 0xfffffffffffffffe}, {0x25f, 0x0, 0x3}, {0x2df, 0x0, 0x2}, {0x2aa, 0x0, 0x3}, {0x2f6, 0x0, 0x100000000}, {0xab5, 0x0, 0xfffffffffffffffe}]}) 2m33.27375925s ago: executing program 34 (id=3150): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)={0x8, 0x0, [{0xc0000102, 0x0, 0x7}, {0x248, 0x0, 0x200000}, {0xb79, 0x0, 0xfffffffffffffffe}, {0x25f, 0x0, 0x3}, {0x2df, 0x0, 0x2}, {0x2aa, 0x0, 0x3}, {0x2f6, 0x0, 0x100000000}, {0xab5, 0x0, 0xfffffffffffffffe}]}) 22.503671477s ago: executing program 1 (id=4953): r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x1809, 0x10100, 0x0, 0x1}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) r3 = socket(0x10, 0x3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r3, 0x0, 0x0, 0xfffffd49, 0x20044080, 0x1}) io_uring_enter(r0, 0x27e2, 0x0, 0x0, 0x0, 0x0) 22.455876322s ago: executing program 1 (id=4954): mknod(&(0x7f0000000040)='./file0\x00', 0x8000, 0x0) r0 = landlock_create_ruleset(&(0x7f0000000000)={0xb001, 0x3, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0xc000, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2) 22.420267881s ago: executing program 1 (id=4955): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x8, "c94ffb00"}]}}, 0x0}, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603) ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000000)={&(0x7f0000000200)=[{0x1, 0x7801, 0x0, 0x0}], 0x1}) 20.549968895s ago: executing program 1 (id=4979): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000bc0)={{0x12, 0x1, 0x0, 0xa0, 0x11, 0xaa, 0x10, 0x2001, 0x4002, 0xdfbf, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0xe6, 0xce}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000780)={0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="000001"], 0x0, 0x0}) 20.453553513s ago: executing program 6 (id=4982): socket$tipc(0x1e, 0x2, 0x0) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x3c00, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x1223}}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 20.361873176s ago: executing program 7 (id=4985): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast1, @remote, @local}, 0xc) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f00000001c0)={0x8, {{0x2, 0x4e20, @multicast2}}, {{0x2, 0x4e22, @empty}}}, 0x108) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1, @loopback}, 0xc) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)=""/102, &(0x7f0000000080)=0x66) 20.23398391s ago: executing program 7 (id=4987): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000003c0)={@in={{0x2, 0x4e20, @multicast2}}, 0x0, 0x0, 0x3a, 0x0, "33d080577968b3107694c2858f48c27f17ef54caf822abcfad9399c494d846140482c7e40195d5f034a72c69ed7330f3000f530ff9525fad6b3db9851a4354d70cc3734d319f852c370cbc9e69c75987"}, 0xd8) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000002c0)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x1c, 0x0, "246575a4000000004fb62fe6bce0eef5607264c7f28557a8046964d292934c2a2bb1dcc5a80c0107040000000000001e0000009000000000000800"}, 0xf0) setsockopt$inet_tcp_int(r0, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6) 20.115072552s ago: executing program 7 (id=4990): ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000000)={0x7, 0xfff, 0x8, 0x8, 0x5, 0x729}) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x12}, 0x9}]}, &(0x7f00000002c0)=0x10) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) 20.062100607s ago: executing program 6 (id=4992): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000400000004040000f4"], 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x3, 0x4, 0x801, 0x41, r0, 0x15b4}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000480), &(0x7f0000000880)=r0}, 0x20) close(r0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f0000000900)}, 0x20) 19.663874061s ago: executing program 6 (id=4996): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000007300)=[{{0x0, 0x0, &(0x7f0000002280)=[{&(0x7f0000007600)=""/170, 0xaa}], 0x1}, 0x3}], 0x1, 0x100, 0x0) 19.617945684s ago: executing program 7 (id=4997): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x3, 0x3}}]}}}]}, 0x40}}, 0x0) 19.427701031s ago: executing program 6 (id=4998): r0 = syz_open_dev$loop(&(0x7f0000000000), 0xf01c, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file1/../file0/file0', [], 0xa, "b524be350e7611b133a163b4ab1b0400000024e974e8a21afa278685f8b184319a8c7bb520df76b782000000000000000748f0998fc48ca49ae39016047f988925afe412f017f895e926610850ea98959add30eecdfbf7ec4c6c186cb815e1624da98fa6e2ed7aaa2ad48833d360600f5c0cd0f84c3de872eb0d16884f3d17349d996c"}, 0x9d) write$UHID_INPUT(r1, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf0e3a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b1794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746063d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c5169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a60000564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9de9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc549000000000000000015a34abef947b5b9a950e780662de18873e55899c92db3ad00437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb00800000000000000ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c040000002b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e400", 0x1000}}, 0x1006) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000480)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8, 0x10000000000, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3e06e00d96072081000000000000002000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a03c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6, 0x200000000]}}) 19.259672319s ago: executing program 6 (id=5001): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$IOMMU_IOAS_COPY(0xffffffffffffffff, 0x3b83, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0xa) 19.076188906s ago: executing program 7 (id=5005): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000700)={0x20, 0x11, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_PEC(r1, 0x708, 0x7) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000180)={0x1, 0x9, 0x7, &(0x7f0000000100)={0x8, "c6c1f7b51030c4b7c54bf28facb1ed3ee2dfe17a04bc517b5452b3b94bce47509d"}}) 18.88987613s ago: executing program 6 (id=5007): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='rseq_update\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='rseq_update\x00', r1}, 0x18) rseq(&(0x7f0000000080), 0x20, 0x0, 0x0) 18.502758604s ago: executing program 1 (id=5008): r0 = mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) mq_timedsend(r0, &(0x7f0000000600)='m', 0x1, 0x6, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x28011, r1, 0x0) mq_timedreceive(r0, &(0x7f000001d600)=""/102376, 0x18fe8, 0x0, 0x0) 18.445946701s ago: executing program 1 (id=5009): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) 17.48218127s ago: executing program 5 (id=5012): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$int_in(r0, 0x5421, &(0x7f0000000140)=0x2f) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e24, 0x0, @dev, 0x4}, 0x1c) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100)={0x20004}, 0x8) close(r0) 17.362663353s ago: executing program 5 (id=5013): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x12, 0x117, 0x4, 0xfffffffa}, @op={0x18}, @iv={0x28, 0x117, 0x2, 0xf, "dd216e7cfc286e88ce2e6f8cf4a817"}, @op], 0x130}, 0x0) 17.213974485s ago: executing program 5 (id=5014): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000380)=0x12000000) 17.1181392s ago: executing program 5 (id=5015): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x3ff, 0x204, 0x0, 0x64, r2}, &(0x7f0000000080)=0x10) 16.961641414s ago: executing program 5 (id=5017): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000000)=0xc77, 0x4) 16.467189798s ago: executing program 2 (id=5022): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000100)={0xa, 0xfffe, 0x4, @mcast2={0xff, 0x3}}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendto$inet6(r0, &(0x7f0000000180)="ac0e0817f59418c4", 0x8, 0x800, 0x0, 0x0) 16.40416441s ago: executing program 2 (id=5023): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18) sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5) 15.875977569s ago: executing program 7 (id=5024): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000000000000000000100000a0900010073797a31000000000900030073797a3000000000a40003006272696467657fc5f7", @ANYRESDEC, @ANYRES16, @ANYRES64], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c000}, 0x20008800) 15.875203462s ago: executing program 5 (id=5025): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x0) r1 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001640)='@C\x00\x00', 0x4}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0) 15.474039518s ago: executing program 2 (id=5026): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 15.411728773s ago: executing program 2 (id=5027): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1020affff20c311df259149e300", 0x10) listen(r0, 0x0) ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0) shutdown(r0, 0x0) 15.269440041s ago: executing program 2 (id=5028): r0 = creat(&(0x7f0000000080)='./file0\x00', 0x8d) close(r0) socket$tipc(0x1e, 0x5, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 15.19711167s ago: executing program 2 (id=5029): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0x7}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa20000000000000702"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 3.61157233s ago: executing program 35 (id=5007): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='rseq_update\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='rseq_update\x00', r1}, 0x18) rseq(&(0x7f0000000080), 0x20, 0x0, 0x0) 3.079652278s ago: executing program 36 (id=5009): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) 614.315188ms ago: executing program 37 (id=5025): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x0) r1 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001640)='@C\x00\x00', 0x4}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0) 517.011467ms ago: executing program 38 (id=5024): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000000000000000000100000a0900010073797a31000000000900030073797a3000000000a40003006272696467657fc5f7", @ANYRESDEC, @ANYRES16, @ANYRES64], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c000}, 0x20008800) 0s ago: executing program 39 (id=5029): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0x7}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa20000000000000702"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) kernel console output (not intermixed with test programs): [ 312.603489][ T37] audit: type=1326 audit(312.435:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12745 comm="syz.1.2969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 312.603788][ T37] audit: type=1326 audit(312.435:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12745 comm="syz.1.2969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 312.604254][ T37] audit: type=1326 audit(312.435:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12745 comm="syz.1.2969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 312.604518][ T37] audit: type=1326 audit(312.435:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12745 comm="syz.1.2969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 312.604815][ T37] audit: type=1326 audit(312.435:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12745 comm="syz.1.2969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 312.605341][ T37] audit: type=1326 audit(312.435:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12745 comm="syz.1.2969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 313.112301][T12759] netlink: 'syz.1.2974': attribute type 3 has an invalid length. [ 313.112324][T12759] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2974'. [ 314.171407][ T10] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 314.315991][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 314.318398][ T10] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 314.334331][ T10] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 314.334357][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.334375][ T10] usb 3-1: Product: syz [ 314.334388][ T10] usb 3-1: Manufacturer: syz [ 314.334402][ T10] usb 3-1: SerialNumber: syz [ 314.340545][ T10] usb 3-1: config 0 descriptor?? [ 314.351891][ T10] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 314.354794][ T10] usb 3-1: Detected FT232R [ 314.589735][ T10] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 314.804331][ T10] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 315.013290][ T10] usb 3-1: USB disconnect, device number 14 [ 315.156203][ T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 315.156799][ T10] ftdi_sio 3-1:0.0: device disconnected [ 315.447076][T12811] netlink: 'syz.5.2995': attribute type 3 has an invalid length. [ 315.746017][ T991] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 315.896011][ T991] usb 2-1: Using ep0 maxpacket: 32 [ 315.898618][ T991] usb 2-1: config 0 has an invalid interface number: 188 but max is 0 [ 315.898642][ T991] usb 2-1: config 0 has no interface number 0 [ 315.898691][ T991] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 315.901796][ T991] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 315.901822][ T991] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.901841][ T991] usb 2-1: Product: syz [ 315.901855][ T991] usb 2-1: Manufacturer: syz [ 315.901869][ T991] usb 2-1: SerialNumber: syz [ 315.969028][ T991] usb 2-1: config 0 descriptor?? [ 315.970317][T12815] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 316.109729][T12836] Context (ID=0x1) not attached to queue pair (handle=0x1:0xfffffffe) [ 316.202441][T12815] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 316.471535][T12847] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 316.771368][T12862] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3020'. [ 316.827025][ T991] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 316.827310][ T991] asix 2-1:0.188: probe with driver asix failed with error -71 [ 316.856402][ T991] usb 2-1: USB disconnect, device number 21 [ 317.031991][T12871] netlink: 'syz.5.3023': attribute type 11 has an invalid length. [ 317.032012][T12871] netlink: 190972 bytes leftover after parsing attributes in process `syz.5.3023'. [ 317.113710][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.113780][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.019760][T12902] netlink: 666 bytes leftover after parsing attributes in process `syz.1.3037'. [ 318.698563][T12920] batadv_slave_0: entered promiscuous mode [ 318.700084][T12919] batadv_slave_0: left promiscuous mode [ 320.721092][T12960] netlink: 56 bytes leftover after parsing attributes in process `syz.6.3062'. [ 320.721115][T12973] team0: Device ipvlan1 is VLAN challenged and team device has VLAN set up [ 321.039066][T12992] netem: incorrect gi model size [ 321.039119][T12992] netem: change failed [ 321.126617][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.168900][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.169042][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.169646][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.169775][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.169904][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.170047][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.170520][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.170661][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 321.170796][T12996] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 322.169959][T13024] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3090'. [ 322.169984][T13024] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3090'. [ 322.170100][T13024] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3090'. [ 322.170307][T13024] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3090'. [ 322.170324][T13024] netlink: 'syz.6.3090': attribute type 6 has an invalid length. [ 322.335129][T13029] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 322.502400][ T991] kernel write not supported for file bpf-map (pid: 991 comm: kworker/1:2) [ 322.745242][T13054] bond0: option packets_per_slave: invalid value (18446744072268814746) [ 322.745266][T13054] bond0: option packets_per_slave: allowed values 0 - 65535 [ 322.782801][T13057] binder: 13053:13057 ioctl c018620c 200000000000 returned -22 [ 323.153069][T13068] lo: entered allmulticast mode [ 323.625314][T13094] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3125'. [ 324.169098][T13122] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 324.248598][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x1 [ 324.248634][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.248659][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.248685][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.248717][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.248740][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.248806][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.248830][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.248854][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x2 [ 324.248879][ T31] hid-generic 0000:40000000:0000.0014: unknown main item tag 0x0 [ 324.334453][ T31] hid-generic 0000:40000000:0000.0014: hidraw0: HID v8.00 Device [syz0] on syz0 [ 324.509851][T13138] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3146'. [ 324.719462][T13146] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3152'. [ 325.036217][T13154] pim6reg0: tun_chr_ioctl cmd 1074812118 [ 325.636066][ T31] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 325.788388][ T31] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 325.788417][ T31] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.793718][ T31] usb 6-1: config 0 descriptor?? [ 326.032894][ T31] udl 6-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 326.246103][ T31] [drm:udl_init] *ERROR* Selecting channel failed [ 326.275541][ T31] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2 [ 326.275565][ T31] [drm] Initialized udl on minor 2 [ 326.332743][ T31] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 326.360889][ T31] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 326.379754][ T5802] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 326.380294][ T5802] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 326.383908][ T31] usb 6-1: USB disconnect, device number 15 [ 326.806614][T13206] program syz.2.3177 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 328.046921][ T37] kauditd_printk_skb: 224 callbacks suppressed [ 328.046936][ T37] audit: type=1326 audit(327.885:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13247 comm="syz.1.3195" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7effad93f749 code=0x0 [ 328.065537][T13250] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3194'. [ 330.191129][T13311] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3222'. [ 330.650205][T13323] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 331.454105][T13354] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3242'. [ 331.454377][T13354] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 331.470898][T13355] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3243'. [ 331.521093][T13355] bridge_slave_1: left allmulticast mode [ 331.521121][T13355] bridge_slave_1: left promiscuous mode [ 331.521399][T13355] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.628756][T13355] bridge_slave_0: left allmulticast mode [ 331.628785][T13355] bridge_slave_0: left promiscuous mode [ 331.629054][T13355] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.475962][ T993] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 332.586003][ T10] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 332.632309][ T993] usb 6-1: Using ep0 maxpacket: 32 [ 332.651415][ T993] usb 6-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7 [ 332.651442][ T993] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.651462][ T993] usb 6-1: Product: syz [ 332.651476][ T993] usb 6-1: Manufacturer: syz [ 332.651490][ T993] usb 6-1: SerialNumber: syz [ 332.667924][ T993] usb 6-1: config 0 descriptor?? [ 332.746549][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 332.757731][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 332.757831][ T10] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 332.757854][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.783012][ T10] usb 2-1: config 0 descriptor?? [ 332.920008][ T993] usb 6-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II [ 333.250637][ T10] mcp2221 0003:04D8:00DD.0015: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 333.471743][ T993] usb 6-1: reset high-speed USB device number 16 using dummy_hcd [ 333.652305][ T10] usb 2-1: USB disconnect, device number 22 [ 333.933129][ T993] usb 6-1: [UEAGLE-ATM] interface 1 not found [ 333.933157][ T993] ueagle-atm 6-1:0.0: usbatm_usb_probe: bind failed: -19! [ 334.100167][T13390] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3259'. [ 334.162676][ T10] usb 6-1: USB disconnect, device number 16 [ 334.591359][T13401] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3264'. [ 334.977505][T13409] netlink: 92 bytes leftover after parsing attributes in process `syz.6.3268'. [ 335.961822][T13441] af_packet: tpacket_rcv: packet too big, clamped from 125 to 4294967286. macoff=82 [ 336.388040][ T5815] Bluetooth: hci0: command 0x0c1a tx timeout [ 336.445398][T13461] Bluetooth: MGMT ver 1.23 [ 337.668017][T13510] netlink: 212356 bytes leftover after parsing attributes in process `syz.6.3314'. [ 338.254973][T13532] program syz.5.3326 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 338.577144][T13546] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3331'. [ 338.706059][ T31] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 338.787877][T13551] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 338.856008][ T31] usb 2-1: Using ep0 maxpacket: 16 [ 338.860680][ T31] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 338.860703][ T31] usb 2-1: config 0 has no interface number 0 [ 338.895449][ T31] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 338.895476][ T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.895495][ T31] usb 2-1: Product: syz [ 338.895510][ T31] usb 2-1: Manufacturer: syz [ 338.895523][ T31] usb 2-1: SerialNumber: syz [ 338.938455][ T31] usb 2-1: config 0 descriptor?? [ 338.939385][T13557] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3335'. [ 338.943982][ T31] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 339.476199][T13574] delete_channel: no stack [ 339.502197][T13575] nbd: nbd5 already in use [ 339.757878][ T31] gspca_spca1528: reg_w err -71 [ 339.776040][ T31] spca1528 2-1:0.1: probe with driver spca1528 failed with error -71 [ 339.784159][ T31] usb 2-1: USB disconnect, device number 23 [ 340.655753][ T5815] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 340.671063][ T5815] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 340.682460][ T5815] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 340.698425][ T5815] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 340.699231][ T5815] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 341.650776][T13599] chnl_net:caif_netlink_parms(): no params data found [ 341.834044][ T3721] wlan1: Trigger new scan to find an IBSS to join [ 342.355403][ T37] audit: type=1326 audit(343.180:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 342.355778][ T37] audit: type=1326 audit(343.180:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 342.428876][ T37] audit: type=1326 audit(343.260:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 342.429183][ T37] audit: type=1326 audit(343.260:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 342.429672][ T37] audit: type=1326 audit(343.260:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 342.429937][ T37] audit: type=1326 audit(343.260:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 342.430777][ T37] audit: type=1326 audit(343.260:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 342.432284][ T37] audit: type=1326 audit(343.260:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effad8db829 code=0x7ffc0000 [ 342.434109][ T37] audit: type=1326 audit(343.260:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effad8db829 code=0x7ffc0000 [ 342.594206][ T37] audit: type=1326 audit(343.420:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13642 comm="syz.1.3371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effad8db829 code=0x7ffc0000 [ 342.730664][T13599] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.733379][T13599] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.733587][T13599] bridge_slave_0: entered allmulticast mode [ 342.752033][T13599] bridge_slave_0: entered promiscuous mode [ 342.760067][T13599] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.766047][T13599] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.766233][T13599] bridge_slave_1: entered allmulticast mode [ 342.770885][T13654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3375'. [ 342.780082][T13599] bridge_slave_1: entered promiscuous mode [ 342.786086][ T5815] Bluetooth: hci1: command tx timeout [ 343.030671][T13599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 343.068304][T13599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 343.344397][T13679] ptrace attach of "./syz-executor exec"[11386] was attempted by "./syz-executor exec"[13679] [ 343.441529][T13599] team0: Port device team_slave_0 added [ 343.445244][T13599] team0: Port device team_slave_1 added [ 343.709886][T13599] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 343.709904][T13599] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 343.709928][T13599] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.738545][T13599] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.738561][T13599] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 343.738586][T13599] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 344.266060][ T5802] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 344.340310][T13599] hsr_slave_0: entered promiscuous mode [ 344.344234][T13599] hsr_slave_1: entered promiscuous mode [ 344.346141][T13599] debugfs: 'hsr0' already exists in 'hsr' [ 344.346166][T13599] Cannot create hsr debugfs directory [ 344.415932][ T5802] usb 6-1: Using ep0 maxpacket: 8 [ 344.418565][ T5802] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 344.418591][ T5802] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.488170][ T5802] pvrusb2: Hardware description: Terratec Grabster AV400 [ 344.488189][ T5802] pvrusb2: ********** [ 344.488196][ T5802] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 344.488207][ T5802] pvrusb2: Important functionality might not be entirely working. [ 344.488217][ T5802] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 344.488228][ T5802] pvrusb2: ********** [ 344.667524][ T2365] pvrusb2: Invalid write control endpoint [ 344.690894][T13709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3398'. [ 344.834293][ T1181] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 344.869003][ T5815] Bluetooth: hci1: command tx timeout [ 344.895767][ T5891] usb 6-1: USB disconnect, device number 17 [ 344.918922][ T2365] pvrusb2: Invalid write control endpoint [ 344.918935][ T2365] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 344.918944][ T2365] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 344.918952][ T2365] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 344.918961][ T2365] pvrusb2: Device being rendered inoperable [ 344.925749][ T2365] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 344.974516][ T2365] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 344.988365][ T2365] pvrusb2: Attached sub-driver cx25840 [ 344.988377][ T2365] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 344.988387][ T2365] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 345.061264][ T1181] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 345.061302][ T1181] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 345.061329][ T1181] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 345.590658][T13728] pimreg1: tun_chr_ioctl cmd 2147767507 [ 345.912021][T13599] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 345.945608][T13599] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 346.017267][T13599] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 346.081677][T13599] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 346.085932][ T10] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 346.127401][T13746] netlink: 168 bytes leftover after parsing attributes in process `syz.1.3414'. [ 346.162166][T13749] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.3416'. [ 346.266514][ T10] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 346.266543][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 346.266563][ T10] usb 6-1: Product: syz [ 346.266576][ T10] usb 6-1: Manufacturer: syz [ 346.266588][ T10] usb 6-1: SerialNumber: syz [ 346.273013][ T10] usb 6-1: config 0 descriptor?? [ 346.495936][ T10] usb 6-1: USB disconnect, device number 18 [ 346.622942][T13599] 8021q: adding VLAN 0 to HW filter on device bond0 [ 346.653975][T13599] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.689237][ T3695] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.689446][ T3695] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.748914][ T3695] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.749049][ T3695] bridge0: port 2(bridge_slave_1) entered forwarding state [ 346.795730][ T13] wlan1: Trigger new scan to find an IBSS to join [ 346.946411][ T5815] Bluetooth: hci1: command tx timeout [ 346.965924][ T993] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 347.161547][ T993] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 347.161578][ T993] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.196120][ T993] usb 3-1: config 0 descriptor?? [ 347.301526][T13599] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 347.476774][ T993] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 347.482439][ T993] [drm:udl_init] *ERROR* Selecting channel failed [ 347.541753][ T993] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 347.541776][ T993] [drm] Initialized udl on minor 2 [ 347.577233][ T993] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 347.579775][ T993] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 347.630783][ T993] usb 3-1: USB disconnect, device number 15 [ 347.644836][ T5910] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 347.645288][ T5910] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 347.740361][ T12] wlan1: Creating new IBSS network, BSSID 02:31:b6:ae:f2:f5 [ 348.216714][ T37] kauditd_printk_skb: 118 callbacks suppressed [ 348.216730][ T37] audit: type=1326 audit(349.050:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.228315][ T37] audit: type=1326 audit(349.050:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.250383][ T37] audit: type=1326 audit(349.080:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.250428][ T37] audit: type=1326 audit(349.080:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.250466][ T37] audit: type=1326 audit(349.080:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.250503][ T37] audit: type=1326 audit(349.080:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.250539][ T37] audit: type=1326 audit(349.080:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.254134][ T37] audit: type=1326 audit(349.080:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.254178][ T37] audit: type=1326 audit(349.080:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.254217][ T37] audit: type=1326 audit(349.080:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13805 comm="syz.6.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 348.652137][T13599] veth0_vlan: entered promiscuous mode [ 348.668364][T13810] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3435'. [ 348.693456][T13599] veth1_vlan: entered promiscuous mode [ 348.906742][T13599] veth0_macvtap: entered promiscuous mode [ 348.926853][T13599] veth1_macvtap: entered promiscuous mode [ 349.027801][ T5815] Bluetooth: hci1: command tx timeout [ 349.057580][T13599] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.133129][T13599] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 349.187452][ T3721] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.189477][ T12] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.189990][ T3721] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.190400][ T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.625982][ T1128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 349.626002][ T1128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 349.697594][ T3695] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 349.697614][ T3695] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 349.717634][T13839] loop8: detected capacity change from 0 to 8 [ 349.738041][T13839] Dev loop8: unable to read RDB block 8 [ 349.738087][T13839] loop8: unable to read partition table [ 349.738309][T13839] loop8: partition table beyond EOD, truncated [ 349.738327][T13839] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 350.196007][ T5802] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 350.347309][ T5802] usb 2-1: Using ep0 maxpacket: 16 [ 350.367073][ T5802] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 350.367104][ T5802] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 350.367125][ T5802] usb 2-1: config 0 interface 0 has no altsetting 0 [ 350.367157][ T5802] usb 2-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00 [ 350.367178][ T5802] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.396850][ T5802] usb 2-1: config 0 descriptor?? [ 350.844714][ T5802] apple 0003:05AC:0247.0016: fixing up Magic Keyboard JIS report descriptor [ 350.849477][ T5802] hid_parser_main: 28 callbacks suppressed [ 350.849498][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849528][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849554][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849580][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849612][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849636][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849662][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849687][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849712][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.849737][ T5802] apple 0003:05AC:0247.0016: unknown main item tag 0x0 [ 350.890411][ T5802] apple 0003:05AC:0247.0016: unexpected long global item [ 350.891210][ T5802] apple 0003:05AC:0247.0016: parse failed [ 350.891318][ T5802] apple 0003:05AC:0247.0016: probe with driver apple failed with error -22 [ 350.952482][T13878] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 351.078748][ T5802] usb 2-1: USB disconnect, device number 24 [ 352.513844][T13941] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3496'. [ 352.513876][T13941] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3496'. [ 352.746074][ T5802] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 352.902236][ T5802] usb 2-1: Using ep0 maxpacket: 32 [ 352.904509][ T5802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 352.904538][ T5802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 352.904577][ T5802] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 352.904599][ T5802] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 352.910715][ T5802] usb 2-1: config 0 descriptor?? [ 353.160034][ T991] kernel read not supported for file /dsp (pid: 991 comm: kworker/1:2) [ 353.584223][ T5802] savu 0003:1E7D:2D5A.0017: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 353.686020][ T5802] usb 2-1: USB disconnect, device number 25 [ 354.105887][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 354.184512][T14010] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3513'. [ 354.454811][T14020] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3517'. [ 355.605715][T14075] tap0: tun_chr_ioctl cmd 1074025675 [ 355.605735][T14075] tap0: persist enabled [ 355.608531][T14075] tap0: tun_chr_ioctl cmd 1074025675 [ 355.608641][T14075] tap0: persist disabled [ 356.250290][T14087] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3550'. [ 358.084935][ C1] vkms_vblank_simulate: vblank timer overrun [ 358.568622][ T991] hid_parser_main: 825 callbacks suppressed [ 358.568645][ T991] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 358.636022][ T991] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz1] on syz0 [ 358.701364][T14156] netlink: 276 bytes leftover after parsing attributes in process `syz.2.3578'. [ 358.716221][T14156] netlink: 276 bytes leftover after parsing attributes in process `syz.2.3578'. [ 358.821652][ T5802] kernel read not supported for file /input/event2 (pid: 5802 comm: kworker/1:3) [ 359.825584][T14184] netlink: 'syz.2.3590': attribute type 1 has an invalid length. [ 360.585953][ T10] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 360.778725][ T10] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 360.778776][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.778887][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 360.778910][ T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 360.780384][ T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 360.780411][ T10] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 360.780430][ T10] usb 2-1: Manufacturer: syz [ 360.795094][ T10] usb 2-1: config 0 descriptor?? [ 361.322665][ T10] appleir 0003:05AC:8243.0019: unknown main item tag 0x0 [ 361.377247][ T10] appleir 0003:05AC:8243.0019: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 361.597418][ T7578] usb 2-1: USB disconnect, device number 26 [ 361.765947][ T10] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 361.926006][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 361.933844][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 361.933876][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 361.933913][ T10] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 361.933935][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.957644][ T10] usb 3-1: config 0 descriptor?? [ 362.403531][ T10] savu 0003:1E7D:2D5A.001A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 362.458345][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 362.458385][ T37] audit: type=1326 audit(619.290:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.459046][ T37] audit: type=1326 audit(619.290:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.459319][ T37] audit: type=1326 audit(619.290:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.462167][ T37] audit: type=1326 audit(619.290:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.462931][ T37] audit: type=1326 audit(619.290:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.463894][ T37] audit: type=1326 audit(619.290:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.468785][ T37] audit: type=1326 audit(619.290:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.470082][ T37] audit: type=1326 audit(619.290:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14272 comm="syz.6.3630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 362.537282][ T10] usb 2-1: new full-speed USB device number 27 using dummy_hcd [ 362.636462][ T9] usb 3-1: USB disconnect, device number 16 [ 362.662199][T14275] loop4: detected capacity change from 0 to 7 [ 362.679131][T14275] Dev loop4: unable to read RDB block 7 [ 362.679168][T14275] loop4: AHDI p1 p2 [ 362.679197][T14275] loop4: partition table partially beyond EOD, truncated [ 362.679303][T14275] loop4: p1 size 4261412863 extends beyond EOD, truncated [ 362.718936][ T10] usb 2-1: unable to get BOS descriptor or descriptor too short [ 362.721071][ T10] usb 2-1: not running at top speed; connect to a high speed hub [ 362.724488][ T10] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 362.724512][ T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 362.772946][ T10] usb 2-1: string descriptor 0 read error: -22 [ 362.773090][ T10] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 362.773111][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.832645][ T10] usb 2-1: 0:2 : does not exist [ 363.272354][T14288] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 363.272662][T14288] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 363.272931][T14288] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 363.432196][T14288] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 363.432366][T14288] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 363.462447][T14297] @: renamed from bond_slave_0 (while UP) [ 363.511960][T14288] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 363.531114][T14299] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3642'. [ 363.869811][ T10] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5) [ 363.878855][ T10] usb 2-1: 5:0: failed to get current value for ch 1 (-22) [ 363.902168][T14315] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3649'. [ 363.955000][ T10] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5) [ 363.978437][ T10] usb 2-1: USB disconnect, device number 27 [ 364.107252][T14325] batadv_slave_0: entered promiscuous mode [ 364.108969][T14324] batadv_slave_0: left promiscuous mode [ 364.351938][T14340] loop8: detected capacity change from 0 to 7 [ 364.353092][T14340] Dev loop8: unable to read RDB block 7 [ 364.353142][T14340] loop8: unable to read partition table [ 364.353370][T14340] loop8: partition table beyond EOD, truncated [ 364.353388][T14340] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 364.679908][ C0] vkms_vblank_simulate: vblank timer overrun [ 364.692038][ T991] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 364.837980][ T991] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 364.838013][ T991] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 364.838036][ T991] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 364.838062][ T991] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 364.838074][ T991] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.842401][ T991] usb 2-1: config 0 descriptor?? [ 365.295981][ T991] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 365.345996][ T5116] Bluetooth: hci0: command 0x0c1a tx timeout [ 365.346034][ T5116] Bluetooth: hci3: command 0x0406 tx timeout [ 365.346068][ T5116] Bluetooth: hci2: command 0x0406 tx timeout [ 365.506231][ T5815] Bluetooth: hci1: command 0x0c1a tx timeout [ 365.534847][ T5789] usb 2-1: USB disconnect, device number 28 [ 365.839689][T14399] vlan2: entered allmulticast mode [ 365.839996][T14399] bridge0: port 3(vlan2) entered blocking state [ 365.841434][T14399] bridge0: port 3(vlan2) entered disabled state [ 365.859166][T14399] vlan2: entered promiscuous mode [ 366.478804][T14419] binder: 14417:14419 ioctl c0306201 0 returned -14 [ 366.480859][T14419] binder: 14417:14419 ioctl 5429 0 returned -22 [ 366.936503][ T5802] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 367.089781][ T5802] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 367.089808][ T5802] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 367.091347][ T5802] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 367.091374][ T5802] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 367.091394][ T5802] usb 3-1: SerialNumber: syz [ 367.130020][ T5789] kernel write not supported for file /565/gid_map (pid: 5789 comm: kworker/0:3) [ 367.257928][T14453] netlink: 7 bytes leftover after parsing attributes in process `syz.5.3713'. [ 367.257993][T14453] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3713'. [ 367.258009][T14453] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3713'. [ 367.374104][ T5802] usb 3-1: 0:2 : does not exist [ 367.405288][ T5802] usb 3-1: USB disconnect, device number 17 [ 367.439447][T14459] loop9: detected capacity change from 0 to 7 [ 367.458683][T14459] Dev loop9: unable to read RDB block 7 [ 367.458712][T14459] loop9: AHDI p1 p2 [ 367.458741][T14459] loop9: partition table partially beyond EOD, truncated [ 367.458867][T14459] loop9: p1 start 1853095936 is beyond EOD, truncated [ 367.586001][ T5815] Bluetooth: hci1: command 0x0c1a tx timeout [ 368.713607][T14505] geneve2: entered promiscuous mode [ 368.713634][T14505] geneve2: entered allmulticast mode [ 369.666132][ T5815] Bluetooth: hci1: command 0x0c1a tx timeout [ 370.440074][T14548] pim6reg1: entered promiscuous mode [ 370.440102][T14548] pim6reg1: entered allmulticast mode [ 371.004884][T14574] overlay: filesystem on ./bus is read-only [ 371.745763][T14604] net_ratelimit: 2423 callbacks suppressed [ 371.745783][T14604] sock: sock_set_timeout: `syz.1.3775' (pid 14604) tries to set negative timeout [ 373.213862][T14648] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 373.330792][T14653] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3797'. [ 373.702607][T14671] overlayfs: workdir and upperdir must reside under the same mount [ 374.195992][ T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 374.358287][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 374.361833][ T9] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 374.361857][ T9] usb 3-1: config 0 has no interface number 0 [ 374.365264][ T9] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 374.365291][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 374.365310][ T9] usb 3-1: Product: syz [ 374.365324][ T9] usb 3-1: Manufacturer: syz [ 374.365337][ T9] usb 3-1: SerialNumber: syz [ 374.434480][ T9] usb 3-1: config 0 descriptor?? [ 374.440251][ T9] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 374.665378][ T9] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 374.684606][ T9] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 375.080248][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 375.081738][ T991] usb 3-1: USB disconnect, device number 18 [ 375.097216][ T991] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 375.104369][ T991] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 375.112582][ T991] quatech2 3-1:0.51: device disconnected [ 375.702310][ T5802] kernel read not supported for file /comedi4 (pid: 5802 comm: kworker/1:3) [ 376.365974][ T10] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 376.516183][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 376.518483][ T10] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 376.518510][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.523597][ T10] usb 3-1: config 0 descriptor?? [ 376.563164][ T10] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 376.817685][ T37] audit: type=1326 audit(633.650:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 376.817870][ T37] audit: type=1326 audit(633.650:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 376.871596][ T37] audit: type=1326 audit(633.700:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 376.872546][ T37] audit: type=1326 audit(633.700:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6166c565e7 code=0x7ffc0000 [ 376.872592][ T37] audit: type=1326 audit(633.700:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 376.873920][ T37] audit: type=1326 audit(633.700:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6166bfb829 code=0x7ffc0000 [ 376.873958][ T37] audit: type=1326 audit(633.700:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6166c565e7 code=0x7ffc0000 [ 376.874755][ T37] audit: type=1326 audit(633.700:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 376.874797][ T37] audit: type=1326 audit(633.700:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 376.879285][ T37] audit: type=1326 audit(633.700:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14762 comm="syz.6.3847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6166bfb829 code=0x7ffc0000 [ 376.942324][ T10] gspca_sonixj: reg_r err -71 [ 376.942418][ T10] sonixj 3-1:0.0: probe with driver sonixj failed with error -71 [ 377.067947][ T10] usb 3-1: USB disconnect, device number 19 [ 377.545991][ T5802] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 377.705941][ T5802] usb 6-1: Using ep0 maxpacket: 16 [ 377.709680][ T5802] usb 6-1: config 0 has an invalid interface number: 251 but max is 0 [ 377.709705][ T5802] usb 6-1: config 0 has no interface number 0 [ 377.709758][ T5802] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 377.709783][ T5802] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 377.714073][ T5802] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 377.714100][ T5802] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.714119][ T5802] usb 6-1: Product: syz [ 377.714133][ T5802] usb 6-1: Manufacturer: syz [ 377.714148][ T5802] usb 6-1: SerialNumber: syz [ 377.725648][ T5802] usb 6-1: config 0 descriptor?? [ 377.736527][T14778] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 377.736761][T14778] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 377.833828][ T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 377.996999][T14778] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 377.997126][T14778] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 378.315963][ T7578] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 378.476180][ T7578] usb 3-1: Using ep0 maxpacket: 16 [ 378.478694][ T7578] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.478724][ T7578] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 378.478746][ T7578] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 378.478787][ T7578] usb 3-1: New USB device found, idVendor=045e, idProduct=00da, bcdDevice= 0.90 [ 378.478809][ T7578] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.544069][ T7578] usb 3-1: config 0 descriptor?? [ 378.559301][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.560548][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.616164][ T5802] asix 6-1:0.251 (unnamed net_device) (uninitialized): Invalid PHY address 0x36 [ 378.823303][ T5891] usb 6-1: USB disconnect, device number 19 [ 379.033496][ T7578] hid-generic 0003:045E:00DA.001C: unknown main item tag 0x0 [ 379.033519][ T7578] hid-generic 0003:045E:00DA.001C: unknown main item tag 0x0 [ 379.033534][ T7578] hid-generic 0003:045E:00DA.001C: unknown main item tag 0x0 [ 379.033549][ T7578] hid-generic 0003:045E:00DA.001C: unknown main item tag 0x0 [ 379.033565][ T7578] hid-generic 0003:045E:00DA.001C: unknown main item tag 0x0 [ 379.033580][ T7578] hid-generic 0003:045E:00DA.001C: unknown main item tag 0x0 [ 379.033597][ T7578] hid-generic 0003:045E:00DA.001C: unknown main item tag 0x0 [ 379.033612][ T7578] hid-generic 0003:045E:00DA.001C: unbalanced collection at end of report description [ 379.034116][ T7578] hid-generic 0003:045E:00DA.001C: probe with driver hid-generic failed with error -22 [ 379.237800][ T991] usb 3-1: USB disconnect, device number 20 [ 379.551064][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880631e5400: rx timeout, send abort [ 379.551204][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880631e6000: rx timeout, send abort [ 379.551401][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880631e5400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 379.551538][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880631e6000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 380.178496][T14849] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3884'. [ 380.178533][T14849] netlink: 'syz.1.3884': attribute type 30 has an invalid length. [ 380.412806][T14856] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3885'. [ 380.412833][T14856] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3885'. [ 380.732523][ T5891] IPVS: starting estimator thread 0... [ 380.734476][T14866] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 380.820205][T14869] IPVS: using max 8 ests per chain, 19200 per kthread [ 381.047517][ T5891] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 381.838540][ T37] kauditd_printk_skb: 1007 callbacks suppressed [ 381.838563][ T37] audit: type=1326 audit(638.670:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb4331b829 code=0x7ffc0000 [ 381.838896][ T37] audit: type=1326 audit(638.670:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb4331b829 code=0x7ffc0000 [ 381.839280][ T37] audit: type=1326 audit(638.670:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb4331b829 code=0x7ffc0000 [ 381.842414][ T37] audit: type=1326 audit(638.670:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb4331b829 code=0x7ffc0000 [ 381.842460][ T37] audit: type=1326 audit(638.670:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x7ffc0000 [ 381.842500][ T37] audit: type=1326 audit(638.670:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x7ffc0000 [ 381.842539][ T37] audit: type=1326 audit(638.670:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x7ffc0000 [ 381.890219][ T37] audit: type=1326 audit(638.720:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb4331b829 code=0x7ffc0000 [ 381.896759][ T37] audit: type=1326 audit(638.720:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb4331b829 code=0x7ffc0000 [ 381.898098][ T37] audit: type=1326 audit(638.740:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14857 comm="syz.5.3888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb4331b829 code=0x7ffc0000 [ 383.428443][T14913] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 383.428630][T14913] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 383.434305][ T991] kernel write not supported for file bpf-prog (pid: 991 comm: kworker/1:2) [ 384.281504][T14960] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3934'. [ 384.365981][ T10] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 384.525933][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 384.528941][ T10] usb 2-1: config 0 has an invalid interface number: 105 but max is 0 [ 384.528966][ T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 384.528986][ T10] usb 2-1: config 0 has no interface number 0 [ 384.533095][ T10] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 384.533121][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 384.533141][ T10] usb 2-1: Product: syz [ 384.533154][ T10] usb 2-1: Manufacturer: syz [ 384.533168][ T10] usb 2-1: SerialNumber: syz [ 384.601101][ T10] usb 2-1: config 0 descriptor?? [ 384.810780][ T10] uvcvideo 2-1:0.105: Found UVC 0.00 device syz (046d:08f3) [ 384.810813][ T10] uvcvideo 2-1:0.105: No valid video chain found. [ 384.814051][ T10] usb 2-1: USB disconnect, device number 29 [ 384.820585][T14980] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 384.905944][ T5789] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 385.056087][ T5789] usb 6-1: Using ep0 maxpacket: 32 [ 385.059196][ T5789] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40 [ 385.059229][ T5789] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 385.094010][ T5789] usb 6-1: config 0 descriptor?? [ 385.310173][ T5789] dvb-usb: found a 'Elgato EyeTV DTT' in warm state. [ 385.328399][ T5789] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 385.329193][ T5789] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT) [ 385.329248][ T5789] usb 6-1: media controller created [ 385.393630][ T5789] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 385.482637][ T5789] DVB: Unable to find symbol dib7000p_attach() [ 385.482653][ T5789] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT' [ 385.605934][ T5789] rc_core: IR keymap rc-dib0700-rc5 not found [ 385.605955][ T5789] Registered IR keymap rc-empty [ 385.606251][ T5789] dvb-usb: could not initialize remote control. [ 385.606262][ T5789] dvb-usb: Elgato EyeTV DTT successfully initialized and connected. [ 385.726018][ T5891] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 385.771317][ T5789] usb 6-1: USB disconnect, device number 21 [ 385.849920][ T5789] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected. [ 385.898866][ T5891] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 385.898892][ T5891] usb 2-1: config 0 has no interface number 0 [ 385.903010][ T5891] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 385.903039][ T5891] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 385.903059][ T5891] usb 2-1: Product: syz [ 385.903073][ T5891] usb 2-1: Manufacturer: syz [ 385.903088][ T5891] usb 2-1: SerialNumber: syz [ 385.950541][ T5891] usb 2-1: config 0 descriptor?? [ 386.164809][ T5891] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 386.173293][ T5891] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 386.173683][ T5891] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 386.173731][ T5891] usb 2-1: media controller created [ 386.199113][ T5891] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 386.315964][ T991] usb 3-1: new full-speed USB device number 21 using dummy_hcd [ 386.469412][ T991] usb 3-1: config 150 has an invalid interface number: 204 but max is 2 [ 386.469440][ T991] usb 3-1: config 150 has 2 interfaces, different from the descriptor's value: 3 [ 386.469461][ T991] usb 3-1: config 150 has no interface number 0 [ 386.469564][ T991] usb 3-1: config 150 interface 204 has no altsetting 0 [ 386.473777][ T991] usb 3-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 386.473942][ T991] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.474013][ T991] usb 3-1: Product: syz [ 386.474028][ T991] usb 3-1: Manufacturer: syz [ 386.474041][ T991] usb 3-1: SerialNumber: syz [ 386.741818][ T991] xr_serial 3-1:150.204: skipping garbage [ 386.741878][ T991] xr_serial 3-1:150.204: xr_serial converter detected [ 386.784923][T15034] bridge0: port 2(bridge_slave_1) entered disabled state [ 386.798071][T15034] bridge0: port 1(bridge_slave_0) entered disabled state [ 387.098640][ T37] kauditd_printk_skb: 401 callbacks suppressed [ 387.098657][ T37] audit: type=1326 audit(643.930:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.102003][ T37] audit: type=1326 audit(643.930:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.102053][ T37] audit: type=1326 audit(643.930:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.102893][ T37] audit: type=1326 audit(643.930:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.102938][ T37] audit: type=1326 audit(643.930:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.102980][ T37] audit: type=1326 audit(643.930:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.103278][ T37] audit: type=1326 audit(643.930:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.103543][ T37] audit: type=1326 audit(643.930:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.104080][ T37] audit: type=1326 audit(643.930:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.105027][ T37] audit: type=1326 audit(643.930:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15038 comm="syz.6.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 387.274876][ T5891] i2c i2c-1: ec100: i2c rd failed=-110 reg=33 [ 387.342259][ T991] xr_serial ttyUSB0: Failed to set reg 0x0d: -71 [ 387.342317][ T991] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 387.395547][ T991] usb 3-1: USB disconnect, device number 21 [ 387.410484][ T991] xr_serial 3-1:150.204: device disconnected [ 387.449538][ T5891] usb 2-1: USB disconnect, device number 30 [ 387.468326][T15043] kvm: user requested TSC rate below hardware speed [ 387.751207][T15047] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3959'. [ 388.412291][T15065] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3968'. [ 388.412323][T15065] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3968'. [ 389.556310][T15095] IPVS: Scheduler module ip_vs_sip not found [ 390.047433][ T10] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 390.198785][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 390.198819][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 390.200294][ T10] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 390.200320][ T10] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 390.200339][ T10] usb 2-1: Manufacturer: syz [ 390.268029][ T10] usb 2-1: config 0 descriptor?? [ 391.116971][ T10] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.001D/input/input35 [ 391.209286][ T10] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.001D/input/input36 [ 391.233744][ T10] input: syz Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.001D/input/input37 [ 391.261737][ T10] input: syz Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.001D/input/input38 [ 391.288989][ T10] uclogic 0003:256C:006D.001D: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.1-1/input0 [ 391.329904][ T10] usb 2-1: USB disconnect, device number 31 [ 391.428407][ T5813] Bluetooth: hci4: command 0x1003 tx timeout [ 391.428556][ T5815] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 391.552355][T15150] input: syz1 as /devices/virtual/input/input39 [ 391.563142][T15150] input: failed to attach handler leds to device input39, error: -6 [ 391.704618][ T5815] Bluetooth: hci3: connection err: -111 [ 391.810017][T15159] kvm: user requested TSC rate below hardware speed [ 392.279636][ T37] kauditd_printk_skb: 19 callbacks suppressed [ 392.279653][ T37] audit: type=1800 audit(649.110:2153): pid=15172 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.4016" name="bus" dev="tmpfs" ino=4311 res=0 errno=0 [ 392.510251][ T37] audit: type=1326 audit(649.340:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15177 comm="syz.5.4019" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x0 [ 394.110418][T15212] ip6tnl1: entered promiscuous mode [ 394.110445][T15212] ip6tnl1: entered allmulticast mode [ 394.367356][T15219] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4035'. [ 394.484201][T15222] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 394.878594][T15235] loop5: detected capacity change from 0 to 863 [ 394.976550][T15237] loop5: detected capacity change from 863 to 975 [ 395.291742][T15245] sit0: entered promiscuous mode [ 395.291939][T15245] netlink: 'syz.2.4046': attribute type 1 has an invalid length. [ 395.291954][T15245] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4046'. [ 397.592151][ T5815] Bluetooth: hci1: command 0x0c1a tx timeout [ 397.994454][T15316] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4075'. [ 398.076345][ T5891] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 398.238357][ T5891] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 398.238407][ T5891] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 398.238434][ T5891] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 398.238456][ T5891] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 398.307840][ T5891] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 398.307870][ T5891] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 398.307891][ T5891] usb 6-1: Manufacturer: syz [ 398.344177][ T5891] usb 6-1: config 0 descriptor?? [ 398.596046][ T10] kernel read not supported for file /comedi4 (pid: 10 comm: kworker/0:1) [ 398.915271][ T5891] appleir 0003:05AC:8243.001E: unknown main item tag 0x0 [ 398.971672][ T5891] appleir 0003:05AC:8243.001E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 399.236336][ T5891] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 399.409886][ T5891] usb 3-1: config 0 has no interfaces? [ 399.464676][ T5891] usb 3-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72 [ 399.464706][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.464726][ T5891] usb 3-1: Product: syz [ 399.464740][ T5891] usb 3-1: Manufacturer: syz [ 399.464754][ T5891] usb 3-1: SerialNumber: syz [ 399.466263][ T991] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 399.580968][ T5891] usb 3-1: config 0 descriptor?? [ 399.716209][ T991] usb 2-1: Using ep0 maxpacket: 8 [ 399.770716][ T991] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 399.770777][ T991] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 399.770799][ T991] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 399.770822][ T991] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 399.770846][ T991] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 399.770889][ T991] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 399.770910][ T991] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.345671][ T991] usb 2-1: GET_CAPABILITIES returned 0 [ 400.345721][ T991] usbtmc 2-1:16.0: can't read capabilities [ 400.400933][ T10] usb 3-1: USB disconnect, device number 22 [ 400.570580][ T5789] usb 2-1: USB disconnect, device number 32 [ 401.215142][ T5891] usb 6-1: USB disconnect, device number 22 [ 401.536010][ T7578] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 401.694565][ T7578] usb 3-1: Using ep0 maxpacket: 16 [ 401.698559][ T7578] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 401.698583][ T7578] usb 3-1: config 0 has no interface number 0 [ 401.698630][ T7578] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 401.698655][ T7578] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 401.698689][ T7578] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 401.698711][ T7578] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.717110][ T7578] usb 3-1: config 0 descriptor?? [ 402.378511][ T7578] uclogic 0003:28BD:0071.001F: pen parameters not found [ 402.378535][ T7578] uclogic 0003:28BD:0071.001F: interface is invalid, ignoring [ 402.609207][ T7578] usb 3-1: USB disconnect, device number 23 [ 402.670155][T15393] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4111'. [ 403.013828][T15406] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4117'. [ 403.176007][ T991] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 403.326920][ T991] usb 6-1: Using ep0 maxpacket: 32 [ 403.330305][ T991] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 403.330333][ T991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.361658][ T991] usb 6-1: config 0 descriptor?? [ 403.456018][ T5891] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 403.545018][T15425] netlink: 'syz.2.4126': attribute type 4 has an invalid length. [ 403.567868][ T991] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 403.570242][ T991] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 403.570904][ T991] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 403.570936][ T991] usb 6-1: media controller created [ 403.615934][ T5891] usb 2-1: Using ep0 maxpacket: 16 [ 403.618198][ T5891] usb 2-1: config 0 interface 0 altsetting 235 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 403.618229][ T5891] usb 2-1: config 0 interface 0 altsetting 235 endpoint 0x81 has invalid wMaxPacketSize 0 [ 403.618252][ T5891] usb 2-1: config 0 interface 0 has no altsetting 0 [ 403.618284][ T5891] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 403.618307][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.640112][ T991] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 403.687937][ T5891] usb 2-1: config 0 descriptor?? [ 403.873047][T15430] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.4129'. [ 404.032214][T15435] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4131'. [ 404.112304][ T5891] mcp2221 0003:04D8:00DD.0020: unknown main item tag 0x0 [ 404.112339][ T5891] mcp2221 0003:04D8:00DD.0020: unknown main item tag 0x0 [ 404.112364][ T5891] mcp2221 0003:04D8:00DD.0020: unknown main item tag 0x0 [ 404.112389][ T5891] mcp2221 0003:04D8:00DD.0020: unknown main item tag 0x0 [ 404.112413][ T5891] mcp2221 0003:04D8:00DD.0020: unknown main item tag 0x0 [ 404.113405][ T5891] mcp2221 0003:04D8:00DD.0020: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 404.323010][ T31] usb 2-1: USB disconnect, device number 33 [ 404.389522][ T991] az6027: usb out operation failed. (-71) [ 404.389541][ T991] stb0899_attach: Driver disabled by Kconfig [ 404.389550][ T991] az6027: no front-end attached [ 404.389550][ T991] [ 404.391845][ T991] az6027: usb out operation failed. (-71) [ 404.391860][ T991] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 404.397980][ T991] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input40 [ 404.404011][ T7578] IPVS: starting estimator thread 0... [ 404.448832][ T991] dvb-usb: schedule remote query interval to 400 msecs. [ 404.448853][ T991] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 404.451673][ T991] usb 6-1: USB disconnect, device number 23 [ 404.486022][T15454] IPVS: using max 8 ests per chain, 19200 per kthread [ 404.569444][ T37] audit: type=1326 audit(661.400:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15457 comm="syz.6.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 404.570029][ T37] audit: type=1326 audit(661.400:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15457 comm="syz.6.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6166c5f749 code=0x7ffc0000 [ 404.830703][ T5116] Bluetooth: hci0: connection err: -111 [ 404.877367][ T991] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 406.102388][T15496] cgroup: fork rejected by pids controller in /syz6 [ 406.894929][ T991] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 406.922384][T15521] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 407.009717][ T37] audit: type=1326 audit(663.840:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.009766][ T37] audit: type=1326 audit(663.840:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.046108][ T991] usb 2-1: Using ep0 maxpacket: 16 [ 407.056208][ T991] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 407.056262][ T991] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 407.056288][ T991] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 407.056308][ T991] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 407.056330][ T991] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 407.076905][ T991] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 407.076932][ T991] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 407.076951][ T991] usb 2-1: Manufacturer: syz [ 407.082443][ T991] usb 2-1: config 0 descriptor?? [ 407.159032][ T37] audit: type=1326 audit(663.980:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.165408][ T37] audit: type=1326 audit(663.990:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.166024][ T37] audit: type=1326 audit(663.990:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.177557][ T37] audit: type=1326 audit(664.010:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.302319][ T37] audit: type=1326 audit(664.130:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.302369][ T37] audit: type=1326 audit(664.130:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15522 comm="syz.2.4173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e729f749 code=0x7ffc0000 [ 407.449740][ T991] rc_core: IR keymap rc-hauppauge not found [ 407.449761][ T991] Registered IR keymap rc-empty [ 407.449920][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.476168][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.497823][ T991] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 407.514300][ T991] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input41 [ 407.522322][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.540231][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.559469][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.576876][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.596307][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.616370][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.636174][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.666292][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.686440][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.707237][ T991] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 407.737941][ T991] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 407.737965][ T991] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 407.815951][ T5789] usb 2-1: USB disconnect, device number 34 acpid: input device has been disconnected, fd 3 [ 408.158716][ T5815] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 408.173515][ T5815] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 408.176495][ T3695] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 408.176525][ T3695] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.178166][ T5815] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 408.204343][ T5815] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 408.208016][ T5815] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 408.493104][T15551] loop2: detected capacity change from 0 to 1 [ 408.498885][T15551] Dev loop2: unable to read RDB block 1 [ 408.498927][T15551] loop2: unable to read partition table [ 408.499151][T15551] loop2: partition table beyond EOD, truncated [ 408.499169][T15551] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 408.764061][T15558] loop6: detected capacity change from 0 to 524287999 [ 408.862803][ T1128] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 409.029353][ T3695] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 409.029385][ T3695] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.162209][T15562] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4188'. [ 409.391547][ T3695] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 409.391580][ T3695] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.677460][T15558] loop6: unable to read partition table [ 409.678079][T15558] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 409.880312][ T3695] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 409.880345][ T3695] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 410.305996][ T5815] Bluetooth: hci0: command tx timeout [ 411.013120][T15541] chnl_net:caif_netlink_parms(): no params data found [ 411.037415][T15608] loop8: detected capacity change from 0 to 8 [ 411.045993][T15608] Dev loop8: unable to read RDB block 8 [ 411.046032][T15608] loop8: unable to read partition table [ 411.046252][T15608] loop8: partition table beyond EOD, truncated [ 411.046268][T15608] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 411.373601][ T3695] bridge_slave_1: left allmulticast mode [ 411.373628][ T3695] bridge_slave_1: left promiscuous mode [ 411.373874][ T3695] bridge0: port 2(bridge_slave_1) entered disabled state [ 411.458435][ T3695] bridge_slave_0: left allmulticast mode [ 411.458460][ T3695] bridge_slave_0: left promiscuous mode [ 411.458790][ T3695] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.066089][ T5815] Bluetooth: hci2: command 0x0406 tx timeout [ 412.386043][ T5116] Bluetooth: hci0: command tx timeout [ 413.686761][ T3695] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 413.751220][ T3695] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 413.788578][ T3695] bond0 (unregistering): Released all slaves [ 414.097191][T15663] netlink: 'syz.1.4226': attribute type 10 has an invalid length. [ 414.150746][T15664] netlink: 'syz.1.4226': attribute type 10 has an invalid length. [ 414.296387][ T3695] tipc: Left network mode [ 414.466075][ T5116] Bluetooth: hci0: command tx timeout [ 414.529423][T15663] team0: Port device dummy0 added [ 414.594336][T15664] team0: Port device dummy0 removed [ 414.609179][T15664] dummy0: entered promiscuous mode [ 414.612429][T15664] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 414.912814][T15690] sctp: [Deprecated]: syz.5.4237 (pid 15690) Use of struct sctp_assoc_value in delayed_ack socket option. [ 414.912814][T15690] Use struct sctp_sack_info instead [ 414.913006][T15690] sctp: [Deprecated]: syz.5.4237 (pid 15690) Use of struct sctp_assoc_value in delayed_ack socket option. [ 414.913006][T15690] Use struct sctp_sack_info instead [ 415.426531][T15685] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4235'. [ 415.426556][T15685] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4235'. [ 415.503061][T15541] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.503196][T15541] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.503439][T15541] bridge_slave_0: entered allmulticast mode [ 415.520134][T15541] bridge_slave_0: entered promiscuous mode [ 415.546932][T15541] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.547062][T15541] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.547257][T15541] bridge_slave_1: entered allmulticast mode [ 415.550743][T15541] bridge_slave_1: entered promiscuous mode [ 416.401885][T15731] binder: 15730:15731 ioctl c0306201 0 returned -14 [ 416.425916][ T9] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 416.528300][ T3695] hsr_slave_0: left promiscuous mode [ 416.547054][ T5116] Bluetooth: hci0: command tx timeout [ 416.576142][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 416.578501][ T9] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 416.578522][ T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 416.578540][ T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 416.581859][ T9] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 416.581885][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.581904][ T9] usb 6-1: Product: syz [ 416.581918][ T9] usb 6-1: Manufacturer: syz [ 416.581932][ T9] usb 6-1: SerialNumber: syz [ 416.618252][ T3695] hsr_slave_1: left promiscuous mode [ 416.656620][ T3695] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 416.656646][ T3695] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 416.688391][ T3695] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.688417][ T3695] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 417.023364][ T3695] veth1_macvtap: left promiscuous mode [ 417.023474][ T3695] veth0_macvtap: left promiscuous mode [ 417.023732][ T3695] veth1_vlan: left promiscuous mode [ 417.023942][ T3695] veth0_vlan: left promiscuous mode [ 417.124240][ T9] usb 6-1: 0:2 : does not exist [ 417.204921][ T37] kauditd_printk_skb: 1 callbacks suppressed [ 417.204939][ T37] audit: type=1326 audit(674.020:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15750 comm="syz.7.4261" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f6f680965e7 code=0x0 [ 417.591049][ C1] vkms_vblank_simulate: vblank timer overrun [ 417.786563][ T9] usb 6-1: 1:0: failed to get current value for ch 0 (-22) [ 417.809123][ C1] vkms_vblank_simulate: vblank timer overrun [ 417.833876][ T9] usb 6-1: USB disconnect, device number 24 [ 417.958108][ C1] vkms_vblank_simulate: vblank timer overrun [ 419.557031][ T3695] team0 (unregistering): Port device team_slave_1 removed [ 419.817583][ T3695] team0 (unregistering): Port device team_slave_0 removed [ 420.393287][ C1] vkms_vblank_simulate: vblank timer overrun [ 420.939488][ C1] vkms_vblank_simulate: vblank timer overrun [ 421.872405][T15541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 421.927844][T15541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 422.233067][T15541] team0: Port device team_slave_0 added [ 422.237677][T15541] team0: Port device team_slave_1 added [ 422.561791][T15541] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.561808][T15541] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.561832][T15541] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.564081][T15541] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.564094][T15541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.564117][T15541] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.961776][T15541] hsr_slave_0: entered promiscuous mode [ 422.971733][T15541] hsr_slave_1: entered promiscuous mode [ 422.981016][T15541] debugfs: 'hsr0' already exists in 'hsr' [ 422.981041][T15541] Cannot create hsr debugfs directory [ 423.158952][T15791] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 423.618714][ T3695] IPVS: stop unused estimator thread 0... [ 423.986267][ T7578] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 424.145989][ T7578] usb 2-1: Using ep0 maxpacket: 32 [ 424.168626][ T7578] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 424.168659][ T7578] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 424.168706][ T7578] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 424.168728][ T7578] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.270119][ T7578] usb 2-1: config 0 descriptor?? [ 424.735114][ T7578] savu 0003:1E7D:2D5A.0021: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 425.025396][ T37] audit: type=1326 audit(681.850:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15829 comm="syz.7.4295" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6f6809f749 code=0x0 [ 425.046633][ T7578] usb 2-1: USB disconnect, device number 35 [ 425.270038][T15835] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 425.347944][T15837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4299'. [ 425.755989][ T5116] Bluetooth: hci3: command 0x0406 tx timeout [ 425.901665][T15541] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 425.955516][T15541] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 426.059241][T15541] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 426.179290][T15541] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 426.923032][T15885] pim6reg: entered allmulticast mode [ 426.940054][T15541] 8021q: adding VLAN 0 to HW filter on device bond0 [ 426.943169][T15885] team0: entered allmulticast mode [ 426.943189][T15885] team_slave_0: entered allmulticast mode [ 426.943209][T15885] team_slave_1: entered allmulticast mode [ 426.969339][T15885] team0: left allmulticast mode [ 426.969355][T15885] team_slave_0: left allmulticast mode [ 426.969374][T15885] team_slave_1: left allmulticast mode [ 426.969514][T15885] pim6reg: left allmulticast mode [ 427.184845][T15541] 8021q: adding VLAN 0 to HW filter on device team0 [ 427.239840][ T1128] bridge0: port 1(bridge_slave_0) entered blocking state [ 427.240047][ T1128] bridge0: port 1(bridge_slave_0) entered forwarding state [ 427.275693][ T1128] bridge0: port 2(bridge_slave_1) entered blocking state [ 427.287378][ T1128] bridge0: port 2(bridge_slave_1) entered forwarding state [ 427.329804][T15903] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 427.359117][T15901] input: syz1 as /devices/virtual/input/input42 [ 427.675946][ T31] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 427.828430][ T31] usb 3-1: Using ep0 maxpacket: 32 [ 427.830672][ T31] usb 3-1: config 2 has an invalid interface number: 88 but max is 0 [ 427.830698][ T31] usb 3-1: config 2 has no interface number 0 [ 427.830749][ T31] usb 3-1: config 2 interface 88 has no altsetting 0 [ 427.833330][ T31] usb 3-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e [ 427.833355][ T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.833373][ T31] usb 3-1: Product: syz [ 427.833393][ T31] usb 3-1: Manufacturer: syz [ 427.833407][ T31] usb 3-1: SerialNumber: syz [ 428.055221][T15541] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 428.301664][T15941] sctp: [Deprecated]: syz.1.4342 (pid 15941) Use of int in max_burst socket option. [ 428.301664][T15941] Use struct sctp_assoc_value instead [ 428.650590][T15956] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4347'. [ 428.651822][T15953] loop8: detected capacity change from 0 to 8 [ 428.693962][T15953] Dev loop8: unable to read RDB block 8 [ 428.694008][T15953] loop8: unable to read partition table [ 428.694564][T15953] loop8: partition table beyond EOD, truncated [ 428.694584][T15953] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 428.744625][T15956] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4347'. [ 428.946385][ T31] asix 3-1:2.88 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 428.946419][ T31] asix 3-1:2.88 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9 [ 428.946695][ T31] asix 3-1:2.88: probe with driver asix failed with error -71 [ 428.981606][T15963] IPVS: Unknown mcast interface: vlan0 [ 428.991043][ T31] usb 3-1: USB disconnect, device number 24 [ 429.098928][T15965] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4352'. [ 429.098954][T15965] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4352'. [ 429.158934][T15541] veth0_vlan: entered promiscuous mode [ 429.215318][T15541] veth1_vlan: entered promiscuous mode [ 429.326168][T15541] veth0_macvtap: entered promiscuous mode [ 429.340612][T15541] veth1_macvtap: entered promiscuous mode [ 429.410328][T15541] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 429.516489][ T991] kernel write not supported for file /vcsu (pid: 991 comm: kworker/1:2) [ 429.708810][T15541] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 429.740839][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.741088][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.741124][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.741158][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 430.079975][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 430.079993][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 430.152932][ T3695] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 430.152951][ T3695] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 430.546034][ T5891] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 430.700263][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 430.700296][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 430.700317][ T5891] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 430.700359][ T5891] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 430.700381][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.703508][ T5891] usb 2-1: config 0 descriptor?? [ 431.142952][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.142989][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143014][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143056][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143082][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143108][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143134][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143160][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143185][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.143211][ T5891] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 431.156490][ T5891] plantronics 0003:047F:FFFF.0022: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 431.423338][ T5891] usb 2-1: USB disconnect, device number 36 [ 431.553860][T16039] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4382'. [ 431.955957][ T993] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 432.108308][ T993] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 432.112539][ T993] usb 6-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice= 9.99 [ 432.112560][ T993] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 432.112576][ T993] usb 6-1: Product: syz [ 432.112587][ T993] usb 6-1: Manufacturer: syz [ 432.112600][ T993] usb 6-1: SerialNumber: syz [ 432.178658][T16056] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.4390'. [ 432.178688][T16056] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 432.183184][ T993] usb 6-1: config 0 descriptor?? [ 432.553099][T16066] netlink: 'syz.6.4395': attribute type 9 has an invalid length. [ 432.553122][T16066] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4395'. [ 432.568373][T16066] hsr0: entered promiscuous mode [ 432.568841][T16066] macvlan2: entered promiscuous mode [ 432.569101][T16066] macvlan2: entered allmulticast mode [ 432.569114][T16066] hsr0: entered allmulticast mode [ 432.569125][T16066] hsr_slave_0: entered allmulticast mode [ 432.569141][T16066] hsr_slave_1: entered allmulticast mode [ 432.719792][ T31] usb 6-1: USB disconnect, device number 25 [ 432.729462][ T31] f81534a_ctrl 6-1:0.0: failed to set register 0x116: -19 [ 432.729486][ T31] f81534a_ctrl 6-1:0.0: failed to enable ports: -19 [ 432.785071][T16072] tipc: Started in network mode [ 432.785099][T16072] tipc: Node identity ac14140f, cluster identity 4711 [ 432.785419][T16072] tipc: New replicast peer: 255.255.255.255 [ 432.810427][T16072] tipc: Enabled bearer , priority 10 [ 433.906008][ T7578] tipc: Node number set to 2886997007 [ 434.919471][ T37] audit: type=1400 audit(691.750:2168): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="_" object="y" requested=w pid=16131 comm="syz.6.4426" saddr=fc01:: daddr=ff02::1 dest=3618 netif=wpan0 [ 436.043959][T16164] Bluetooth: MGMT ver 1.23 [ 437.369840][T16211] netlink: 'syz.2.4463': attribute type 12 has an invalid length. [ 437.369953][T16211] netlink: 'syz.2.4463': attribute type 29 has an invalid length. [ 437.369968][T16211] netlink: 148 bytes leftover after parsing attributes in process `syz.2.4463'. [ 438.115555][T16243] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4476'. [ 438.322795][T16252] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.4480'. [ 438.554924][T16263] syzkaller1: entered allmulticast mode [ 438.742141][ T37] audit: type=1326 audit(695.570:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16270 comm="syz.6.4489" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdf8775f749 code=0x0 [ 439.246025][ T991] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 439.393723][T16292] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4499'. [ 439.398811][ T991] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 439.398841][ T991] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 439.398862][ T991] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 439.398901][ T991] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 439.398922][ T991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.405400][ T991] usb 6-1: config 0 descriptor?? [ 439.823828][T16303] dummy0: entered promiscuous mode [ 439.832477][T16303] bond0: entered promiscuous mode [ 439.832497][T16303] bond_slave_0: entered promiscuous mode [ 439.833409][T16303] bond_slave_1: entered promiscuous mode [ 439.851991][T16303] debugfs: 'hsr1' already exists in 'hsr' [ 439.852017][T16303] Cannot create hsr debugfs directory [ 439.858206][T16303] hsr1: entered allmulticast mode [ 439.858225][T16303] dummy0: entered allmulticast mode [ 439.858244][T16303] bond0: entered allmulticast mode [ 439.858257][T16303] bond_slave_0: entered allmulticast mode [ 439.858274][T16303] bond_slave_1: entered allmulticast mode [ 439.884372][ T991] hid_parser_main: 5 callbacks suppressed [ 439.884392][ T991] plantronics 0003:047F:FFFF.0023: unknown main item tag 0x6 [ 439.936875][ T991] plantronics 0003:047F:FFFF.0023: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 439.996338][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.996410][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.269372][T16338] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4520'. [ 441.286033][T16338] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4520'. [ 441.779326][T16348] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4524'. [ 442.033809][ T991] usb 6-1: USB disconnect, device number 26 [ 443.301302][T16424] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4559'. [ 443.689800][T16437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4565'. [ 443.689825][T16437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4565'. [ 443.689839][T16437] netlink: 58 bytes leftover after parsing attributes in process `syz.1.4565'. [ 444.380861][T16467] netlink: 92 bytes leftover after parsing attributes in process `syz.5.4578'. [ 444.380928][T16467] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4578'. [ 445.168529][T16493] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 445.665838][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 446.292510][T16521] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4602'. [ 446.498113][T16523] netlink: 'syz.1.4603': attribute type 1 has an invalid length. [ 446.979981][T16538] loop8: detected capacity change from 0 to 7 [ 446.992116][T16538] Dev loop8: unable to read RDB block 7 [ 446.992159][T16538] loop8: unable to read partition table [ 446.992477][T16538] loop8: partition table beyond EOD, truncated [ 446.992496][T16538] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 447.041247][T16540] program syz.7.4611 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 447.439799][ T37] audit: type=1326 audit(704.270:2170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16526 comm="syz.5.4605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x7fc00000 [ 447.816280][ T5815] Bluetooth: hci3: unexpected cc 0x203d length: 65 > 1 [ 447.816314][ T5815] Bluetooth: hci3: unexpected event for opcode 0x203d [ 447.976571][ T991] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 448.128420][ T991] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 448.128453][ T991] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 448.128475][ T991] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 448.128515][ T991] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 448.128537][ T991] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.143402][ T991] usb 2-1: config 0 descriptor?? [ 448.560300][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560337][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560364][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560391][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560417][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560444][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560470][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560496][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560522][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.560548][ T991] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 448.619522][ T991] plantronics 0003:047F:FFFF.0024: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 448.819275][ T993] usb 2-1: USB disconnect, device number 37 [ 449.354206][T16610] trusted_key: syz.7.4644 sent an empty control message without MSG_MORE. [ 449.575967][ T5891] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 449.629570][T16623] netem: invalid attributes len -22 [ 449.629587][T16623] netem: change failed [ 449.725966][ T5891] usb 3-1: Using ep0 maxpacket: 16 [ 449.738790][ T5891] usb 3-1: config 1 has an invalid interface number: 105 but max is 0 [ 449.738815][ T5891] usb 3-1: config 1 has no interface number 0 [ 449.738862][ T5891] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 449.738885][ T5891] usb 3-1: config 1 interface 105 altsetting 2 endpoint 0x82 has invalid maxpacket 1224, setting to 1024 [ 449.738910][ T5891] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 1024 [ 449.738932][ T5891] usb 3-1: config 1 interface 105 has no altsetting 0 [ 449.767414][ T5891] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 449.767440][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.767459][ T5891] usb 3-1: Product: syz [ 449.767471][ T5891] usb 3-1: Manufacturer: syz [ 449.767484][ T5891] usb 3-1: SerialNumber: syz [ 449.789336][T16608] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 449.789515][T16608] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 450.207181][T16608] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 450.207417][T16608] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 450.543543][T16651] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 450.543696][ T10] IPVS: starting estimator thread 0... [ 450.610139][ T5891] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 450.610658][ T5891] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 450.616052][ T5891] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 450.649338][T16653] IPVS: using max 7 ests per chain, 16800 per kthread [ 450.681260][ T5891] aqc111 3-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, b2:08:d0:d4:14:f7 [ 450.699967][ T5891] usb 3-1: USB disconnect, device number 25 [ 450.703302][ T5891] aqc111 3-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 450.845031][T16659] loop2: detected capacity change from 0 to 7 [ 450.856829][T16659] Dev loop2: unable to read RDB block 7 [ 450.856858][T16659] loop2: AHDI p2 p3 [ 450.856886][T16659] loop2: partition table partially beyond EOD, truncated [ 450.857038][T16659] loop2: p2 start 13841266 is beyond EOD, truncated [ 450.960398][ T5891] aqc111 3-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 450.960543][ T5891] aqc111 3-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 450.960682][ T5891] aqc111 3-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 451.079468][T16665] veth0: entered promiscuous mode [ 451.080067][T16665] veth0: left promiscuous mode [ 451.725917][ T31] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 451.885966][ T31] usb 3-1: Using ep0 maxpacket: 32 [ 451.888277][ T31] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 451.888303][ T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 451.903084][ T31] usb 3-1: config 0 descriptor?? [ 452.249415][ T31] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 452.278958][ T31] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 452.282889][ T31] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 452.282944][ T31] usb 3-1: media controller created [ 452.454393][ T31] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 452.545324][ T31] az6027: usb out operation failed. (-71) [ 452.551232][ T31] az6027: usb out operation failed. (-71) [ 452.551249][ T31] stb0899_attach: Driver disabled by Kconfig [ 452.551258][ T31] az6027: no front-end attached [ 452.551258][ T31] [ 452.565391][ T31] az6027: usb out operation failed. (-71) [ 452.565408][ T31] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 452.577158][ T31] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input43 [ 452.600376][ T31] dvb-usb: schedule remote query interval to 400 msecs. [ 452.600395][ T31] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 452.611875][ T31] usb 3-1: USB disconnect, device number 26 [ 452.664853][T16733] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4685'. [ 452.774275][T16737] input: syz1 as /devices/virtual/input/input44 [ 452.849798][ T31] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 452.944598][T16745] loop8: detected capacity change from 0 to 8 [ 452.945559][T16745] Dev loop8: unable to read RDB block 8 [ 452.945601][T16745] loop8: unable to read partition table [ 452.965614][T16745] loop8: partition table beyond EOD, truncated [ 452.965635][T16745] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 453.021882][T16747] gretap0: entered promiscuous mode [ 453.340340][T16768] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4699'. [ 453.605608][T16783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4709'. [ 454.042392][ C0] vkms_vblank_simulate: vblank timer overrun [ 454.289823][T16804] team0: Device veth0_macvtap failed to register rx_handler [ 457.235905][ T5789] usb 3-1: new full-speed USB device number 27 using dummy_hcd [ 457.275955][ T31] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 457.388772][ T5789] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 457.388805][ T5789] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 457.388830][ T5789] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 457.388842][ T5789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.394165][T16886] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 457.394295][T16886] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 457.431724][ T31] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 457.431750][ T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.441877][ T31] usb 2-1: config 0 descriptor?? [ 457.446434][ T31] cp210x 2-1:0.0: cp210x converter detected [ 457.480092][ T5789] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 457.605919][ T991] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 457.696774][ T10] usb 3-1: USB disconnect, device number 27 [ 457.761252][ T991] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 457.761280][ T991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.803427][ T991] usb 6-1: config 0 descriptor?? [ 457.812747][ T991] cp210x 6-1:0.0: cp210x converter detected [ 457.868700][ T31] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 458.115967][ T31] usb 2-1: cp210x converter now attached to ttyUSB0 [ 458.232501][ T991] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 458.234509][ T991] cp210x 6-1:0.0: GPIO initialisation failed: -524 [ 458.241123][ T991] usb 6-1: cp210x converter now attached to ttyUSB1 [ 458.293079][ T5789] usb 2-1: USB disconnect, device number 38 [ 458.305608][ T5789] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 458.436226][ T5789] cp210x 2-1:0.0: device disconnected [ 458.459375][ T31] usb 6-1: USB disconnect, device number 27 [ 458.473141][ T31] cp210x ttyUSB1: cp210x converter now disconnected from ttyUSB1 [ 458.473644][ T31] cp210x 6-1:0.0: device disconnected [ 458.724084][T16935] o2cb: This node has not been configured. [ 458.724098][T16935] o2cb: Cluster check failed. Fix errors before retrying. [ 458.724148][T16935] (syz.2.4775,16935,1):user_dlm_register:674 ERROR: status = -22 [ 458.724172][T16935] (syz.2.4775,16935,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 458.945240][ T37] audit: type=1326 audit(715.770:2171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16942 comm="syz.2.4779" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f47e729f749 code=0x0 [ 459.144981][T16955] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4784'. [ 460.629571][ T37] audit: type=1326 audit(717.460:2172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.629838][ T37] audit: type=1326 audit(717.460:2173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.633745][ T37] audit: type=1326 audit(717.460:2174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.634248][ T37] audit: type=1326 audit(717.460:2175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.634765][ T37] audit: type=1326 audit(717.460:2176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.635040][ T37] audit: type=1326 audit(717.460:2177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.655959][ T5789] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 460.676845][ T37] audit: type=1326 audit(717.510:2178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.680332][ T37] audit: type=1326 audit(717.510:2179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.680375][ T37] audit: type=1326 audit(717.510:2180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16976 comm="syz.1.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effad93f749 code=0x7ffc0000 [ 460.818453][ T5789] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 460.818482][ T5789] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.841127][ T5789] usb 6-1: config 0 descriptor?? [ 460.851322][ T5789] cp210x 6-1:0.0: cp210x converter detected [ 461.292585][ T5789] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 461.312329][ T5789] usb 6-1: cp210x converter now attached to ttyUSB0 [ 461.526836][ T5789] usb 6-1: USB disconnect, device number 28 [ 461.552590][ T5789] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 461.591584][ T5815] Bluetooth: hci0: command tx timeout [ 461.680532][ T5789] cp210x 6-1:0.0: device disconnected [ 463.589308][T17080] loop8: detected capacity change from 0 to 8 [ 463.593392][T17080] Dev loop8: unable to read RDB block 8 [ 463.593435][T17080] loop8: unable to read partition table [ 463.593661][T17080] loop8: partition table beyond EOD, truncated [ 463.593677][T17080] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 465.652258][T17148] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4871'. [ 465.858165][T17156] loop8: detected capacity change from 0 to 7 [ 465.859234][T17156] Dev loop8: unable to read RDB block 7 [ 465.859276][T17156] loop8: unable to read partition table [ 465.859505][T17156] loop8: partition table beyond EOD, truncated [ 465.859521][T17156] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 466.689112][T17196] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 466.778045][T17201] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 467.272688][T17226] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4906'. [ 467.514234][T17240] IPv6: Can't replace route, no match found [ 468.056336][T17265] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4924'. [ 468.439672][T17283] cgroup: fork rejected by pids controller in /syz7 [ 468.695347][T17540] input: syz1 as /devices/virtual/input/input47 [ 469.183901][T17955] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4941'. [ 469.184049][T17955] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 469.236170][ T7578] hid_parser_main: 5 callbacks suppressed [ 469.236269][ T7578] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0 [ 469.246388][ T7578] hid-generic 0000:0000:0000.0025: hidraw0: HID v0.00 Device [syz1] on syz0 [ 469.600377][T17955] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 469.656870][T18009] netlink: 64 bytes leftover after parsing attributes in process `syz.7.4943'. [ 470.017533][T18009] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4943'. [ 470.486293][ T31] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 470.635924][ T31] usb 3-1: Using ep0 maxpacket: 16 [ 470.637690][ T31] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 470.637715][ T31] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 470.637735][ T31] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 470.637748][ T31] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 470.637758][ T31] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 470.637768][ T31] usb 3-1: config 0 has no interface number 0 [ 470.637796][ T31] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 470.637810][ T31] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 470.637821][ T31] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 470.637840][ T31] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 470.637853][ T31] usb 3-1: config 0 interface 125 has no altsetting 0 [ 470.637862][ T31] usb 3-1: config 0 interface 125 has no altsetting 2 [ 470.640035][ T31] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 470.640054][ T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 470.640064][ T31] usb 3-1: Product: syz [ 470.640071][ T31] usb 3-1: Manufacturer: syz [ 470.640078][ T31] usb 3-1: SerialNumber: syz [ 470.643320][ T31] usb 3-1: config 0 descriptor?? [ 470.801271][ T31] usb 3-1: selecting invalid altsetting 2 [ 470.875954][ T991] usb 6-1: new full-speed USB device number 29 using dummy_hcd [ 470.916132][ T5891] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 471.048680][ T991] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 471.048705][ T991] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 471.051631][ T991] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 471.051711][ T991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.051730][ T991] usb 6-1: Product: syz [ 471.051744][ T991] usb 6-1: Manufacturer: syz [ 471.051758][ T991] usb 6-1: SerialNumber: syz [ 471.076071][ T5891] usb 2-1: Using ep0 maxpacket: 16 [ 471.078505][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 471.078608][ T5891] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 471.078630][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 471.087993][ T5891] usb 2-1: config 0 descriptor?? [ 471.296271][ T991] usb 6-1: 0:2 : does not exist [ 471.378957][ T991] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 471.468904][ T991] usb 6-1: USB disconnect, device number 29 [ 471.523427][ T5891] mcp2221 0003:04D8:00DD.0026: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 471.681959][ T5891] usb 3-1: USB disconnect, device number 28 [ 471.723126][ T5789] usb 2-1: USB disconnect, device number 39 [ 472.645913][ T991] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 472.811992][ T991] usb 2-1: Using ep0 maxpacket: 16 [ 472.818977][ T991] usb 2-1: New USB device found, idVendor=2001, idProduct=4002, bcdDevice=df.bf [ 472.819004][ T991] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.833525][ T991] usb 2-1: config 0 descriptor?? [ 473.584278][T18134] loop8: detected capacity change from 0 to 8 [ 473.591941][T18134] Dev loop8: unable to read RDB block 8 [ 473.591987][T18134] loop8: unable to read partition table [ 473.592307][T18134] loop8: partition table beyond EOD, truncated [ 473.592403][T18134] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 473.862868][ T991] pegasus 2-1:0.0: probe with driver pegasus failed with error -71 [ 473.889889][ T991] usb 2-1: USB disconnect, device number 40 [ 473.900390][ T37] kauditd_printk_skb: 19 callbacks suppressed [ 473.900405][ T37] audit: type=1326 audit(730.730:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18145 comm="syz.5.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x7ffc0000 [ 473.900449][ T37] audit: type=1326 audit(730.730:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18145 comm="syz.5.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x7ffc0000 [ 473.901438][ T37] audit: type=1326 audit(730.730:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18145 comm="syz.5.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7feb4337f749 code=0x7ffc0000 [ 474.853439][ T37] audit: type=1326 audit(2000000000.000:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18145 comm="syz.5.5004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4337f749 code=0x7ffc0000 [ 475.139639][T18164] netlink: 75 bytes leftover after parsing attributes in process `syz.5.5011'. [ 476.546989][ T5815] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 489.673538][ T5815] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 489.689427][ T5815] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 489.690998][ T5815] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 489.692660][ T5815] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 489.693494][ T5815] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 490.606180][T18206] chnl_net:caif_netlink_parms(): no params data found [ 490.734960][ T5815] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 490.757521][ T5815] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 490.759069][ T5815] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 490.763740][ T5815] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 490.764648][ T5815] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 491.826503][ T5815] Bluetooth: hci6: command tx timeout [ 492.875922][ T5815] Bluetooth: hci7: command tx timeout [ 493.078066][ T5116] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 493.097531][ T5116] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 493.101051][ T5116] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 493.102214][ T5116] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 493.102994][ T5116] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 493.547458][ T5815] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 493.567961][ T5815] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 493.569535][ T5815] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 493.570708][ T5815] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 493.571469][ T5815] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 493.807956][ T5815] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 493.829643][ T5815] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 493.831198][ T5815] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 493.832904][ T5815] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 493.833741][ T5815] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 493.905903][ T5815] Bluetooth: hci6: command tx timeout [ 494.946358][ T5815] Bluetooth: hci7: command tx timeout [ 495.186876][ T5815] Bluetooth: hci8: command tx timeout [ 495.666916][ T5815] Bluetooth: hci9: command tx timeout [ 495.906380][ T5815] Bluetooth: hci10: command tx timeout [ 495.985918][ T5815] Bluetooth: hci6: command tx timeout [ 497.026469][ T5815] Bluetooth: hci7: command tx timeout [ 497.267688][ T5815] Bluetooth: hci8: command tx timeout [ 497.746492][ T5815] Bluetooth: hci9: command tx timeout [ 497.985908][ T5815] Bluetooth: hci10: command tx timeout [ 498.065909][ T5815] Bluetooth: hci6: command tx timeout [ 499.106200][ T5815] Bluetooth: hci7: command tx timeout [ 499.347072][ T5815] Bluetooth: hci8: command tx timeout [ 499.826549][ T5815] Bluetooth: hci9: command tx timeout [ 500.066005][ T5815] Bluetooth: hci10: command tx timeout [ 501.435845][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.438226][ T5815] Bluetooth: hci8: command tx timeout [ 501.906626][ T5116] Bluetooth: hci9: command tx timeout [ 502.146189][ T5116] Bluetooth: hci10: command tx timeout [ 549.788418][ T5815] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 549.792486][ T5815] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 549.794023][ T5815] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 549.795713][ T5815] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 549.828001][ T5815] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 550.762863][ T5815] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 550.783549][ T5815] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 550.794277][ T5815] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 550.795394][ T5815] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 550.814206][ T5815] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 551.905939][ T5116] Bluetooth: hci11: command tx timeout [ 552.748080][ T5815] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 552.768632][ T5815] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 552.770203][ T5815] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 552.772029][ T5815] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 552.773428][ T5815] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 552.874149][ T5815] Bluetooth: hci12: command tx timeout [ 553.234929][ T5116] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 553.258472][ T5116] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 553.260020][ T5116] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 553.261172][ T5116] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 553.261923][ T5116] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 553.725193][ T5815] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 553.749641][ T5815] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 553.751217][ T5815] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 553.753061][ T5815] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 553.753904][ T5815] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 553.986073][ T5815] Bluetooth: hci11: command tx timeout [ 554.866224][ T5815] Bluetooth: hci13: command tx timeout [ 554.946075][ T5815] Bluetooth: hci12: command tx timeout [ 555.346057][ T5815] Bluetooth: hci14: command tx timeout [ 555.826140][ T5815] Bluetooth: hci15: command tx timeout [ 556.065995][ T5815] Bluetooth: hci11: command tx timeout [ 556.945939][ T5815] Bluetooth: hci13: command tx timeout [ 557.026074][ T5815] Bluetooth: hci12: command tx timeout [ 557.425988][ T5815] Bluetooth: hci14: command tx timeout [ 557.905949][ T5815] Bluetooth: hci15: command tx timeout [ 558.145903][ T5815] Bluetooth: hci11: command tx timeout [ 559.035404][ T5815] Bluetooth: hci13: command tx timeout [ 559.106068][ T5116] Bluetooth: hci12: command tx timeout [ 559.505956][ T5116] Bluetooth: hci14: command tx timeout [ 559.986031][ T5116] Bluetooth: hci15: command tx timeout [ 561.106234][ T5116] Bluetooth: hci13: command tx timeout [ 561.585976][ T5116] Bluetooth: hci14: command tx timeout [ 562.066044][ T5116] Bluetooth: hci15: command tx timeout [ 562.870314][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 579.035747][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 579.035767][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P29 [ 579.035792][ C1] rcu: (detected by 1, t=10502 jiffies, g=61477, q=10448 ncpus=2) [ 579.035813][ C1] task:ktimers/1 state:R running task stack:20120 pid:29 tgid:29 ppid:2 task_flags:0x4208040 flags:0x00080000 [ 579.035858][ C1] Call Trace: [ 579.035868][ C1] [ 579.035875][ C1] sched_show_task+0x49d/0x630 [ 579.035898][ C1] ? __pfx_sched_show_task+0x10/0x10 [ 579.035910][ C1] ? rcu_dump_cpu_stacks+0x79/0x4e0 [ 579.035931][ C1] ? wq_watchdog_touch+0xef/0x180 [ 579.035948][ C1] print_other_cpu_stall+0xf78/0x1340 [ 579.035975][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 579.036007][ C1] rcu_sched_clock_irq+0xa47/0x11b0 [ 579.036019][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 579.036039][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 579.036059][ C1] update_process_times+0x235/0x2d0 [ 579.036078][ C1] tick_nohz_handler+0x39a/0x520 [ 579.036096][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 579.036110][ C1] __hrtimer_run_queues+0x506/0xd40 [ 579.036143][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 579.036159][ C1] ? read_tsc+0x9/0x20 [ 579.036180][ C1] hrtimer_interrupt+0x45d/0xa90 [ 579.036220][ C1] __sysvec_apic_timer_interrupt+0x10b/0x410 [ 579.036239][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 579.036263][ C1] [ 579.036267][ C1] [ 579.036273][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 579.036287][ C1] RIP: 0010:lock_release+0x2b5/0x3e0 [ 579.036304][ C1] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 db cf 06 10 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e [ 579.036315][ C1] RSP: 0018:ffffc90000a3f830 EFLAGS: 00000206 [ 579.036325][ C1] RAX: d7e4c43127893400 RBX: 0000000000000206 RCX: d7e4c43127893400 [ 579.036335][ C1] RDX: 0000000000000004 RSI: ffffffff8cf66031 RDI: ffffffff8b3ddfe0 [ 579.036343][ C1] RBP: ffff88801ba92a00 R08: 0000000000000000 R09: ffffffff8ac2fb41 [ 579.036352][ C1] R10: 0000000000000000 R11: ffffed100ba05011 R12: 0000000000000004 [ 579.036360][ C1] R13: 0000000000000004 R14: ffffffff8d5aa880 R15: ffff88801ba91e00 [ 579.036374][ C1] ? rt_spin_lock+0x1c1/0x3e0 [ 579.036397][ C1] ? rt_spin_unlock+0x150/0x200 [ 579.036416][ C1] rt_spin_unlock+0x15c/0x200 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 579.036433][ C1] advance_sched+0x9a8/0xc90 [ 579.036540][ C1] ? __pfx_advance_sched+0x10/0x10 [ 579.036551][ C1] __hrtimer_run_queues+0x552/0xd40 [ 579.036574][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 579.036585][ C1] ? ktime_get_update_offsets_now+0x3b2/0x3d0 [ 579.036601][ C1] hrtimer_run_softirq+0x1a3/0x2e0 [ 579.036612][ C1] handle_softirqs+0x22f/0x710 [ 579.036629][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 579.036645][ C1] run_ktimerd+0xcf/0x190 [ 579.036656][ C1] ? __pfx_run_ktimerd+0x10/0x10 [ 579.036666][ C1] ? schedule+0x91/0x360 [ 579.036681][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 579.036692][ C1] smpboot_thread_fn+0x542/0xa60 [ 579.036703][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 579.036718][ C1] kthread+0x711/0x8a0 [ 579.036732][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 579.036743][ C1] ? __pfx_kthread+0x10/0x10 [ 579.036753][ C1] ? rt_spin_unlock+0x150/0x200 [ 579.036766][ C1] ? rt_spin_unlock+0x161/0x200 [ 579.036774][ C1] ? __pfx_kthread+0x10/0x10 [ 579.036787][ C1] ret_from_fork+0x4bc/0x870 [ 579.036799][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 579.036814][ C1] ? __switch_to_asm+0x39/0x70 [ 579.036822][ C1] ? __switch_to_asm+0x33/0x70 [ 579.036830][ C1] ? __pfx_kthread+0x10/0x10 [ 579.036842][ C1] ret_from_fork_asm+0x1a/0x30 [ 579.036860][ C1] [ 600.794213][ T5116] Bluetooth: hci0: command 0x0406 tx timeout