last executing test programs: 21.560689651s ago: executing program 4 (id=1173): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15", 0x4) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) io_setup(0xff, &(0x7f0000000380)=0x0) sendmsg$alg(r1, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) io_submit(r2, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}]) 20.973881953s ago: executing program 4 (id=1176): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x80, 0x0, 0x7fffffff}]}) syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') socket$packet(0x11, 0x2, 0x300) symlink(0x0, &(0x7f0000000040)='./file0\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000700), 0x8) dup(r0) umount2(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x5) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) socket(0x1e, 0x1, 0x0) chdir(&(0x7f0000000100)='./file0\x00') sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0xae) r3 = socket$inet6(0xa, 0x3, 0x103) socket$vsock_stream(0x28, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000001700)=[{{0x0, 0x1000ffd8, 0x0, 0x0, 0x0, 0x0, 0xfc}, 0x1030000}], 0x40000000000039e, 0x0) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002c23b740c71b4010b1b501020301090224000100000000090400000212c71c000905a42e7fbb00000009058202"], 0x0) 15.078878528s ago: executing program 4 (id=1181): r0 = socket$pppoe(0x18, 0x1, 0x0) ioctl$TIOCMSET(0xffffffffffffffff, 0x5418, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd2(0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x0, r3}) close_range(r0, 0xffffffffffffffff, 0x0) 14.112817432s ago: executing program 4 (id=1183): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ptrace$PTRACE_GETSIGMASK(0x420a, r1, 0x8, &(0x7f0000000300)) landlock_create_ruleset(&(0x7f00000000c0), 0x10, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x101641) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 12.41314819s ago: executing program 2 (id=1189): r0 = socket$netlink(0x10, 0x3, 0x10) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000300)=0x1, 0x4) 12.024178117s ago: executing program 2 (id=1194): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) openat$kvm(0xffffffffffffff9c, &(0x7f0000019400), 0x44000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) connect$inet(r0, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000019480), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, 0x0, 0x40) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) sendto(r0, &(0x7f00000002c0)="25bc9f2ab43121ab37673bf1e4cf83a0b5423ac76f34b700547b4146cc414035dd4c1a68004a93ac0fd6fdd75a3834e256d5f00de3320c14b295a3f7831c630f580c7607dec85919d3bfdd3b8aeb0d96f34026ede7ceae02084f7d6e59d597f05d5d3d1ccddc8dc6e6ad35464333cb8163e3ace41beabb68e28cd0323513bc4117bf6281645efbc166a1c5911250cd98647539270a04902adb803bfbf48b029e7f80efea175f906914a947f5d7c17aa07736d259da620f289ad9a6e3b2dc8bd9dbf8cec1f1d1841bb467ee18323a77d1fe0f8204cee4b5f11d18fdddb973cf611b3e5a0a7ad1900a2700e59d23c6c579734798b26411574ee569e8eafc2d7bb03fa3243bd6573b999366b1698b8602f05aa174626891f365694b10a62839c42a84594f04a43a8fd203e91ab1a40060fea74b770f4f6a5c98a1d4af00185fa96c8bb481b7e87682734af43f8d6d73031639eef99723f15422476b05459fa615cef473bdd33a2ba8743f713b35d0ad1a86d697c125ace8f2c6004692bee0a31cae7c69b31ddcd48ef23e8b2c1de528fefa84f554c56e1f90ddd8d5fa8d77eb18dc542f40b97aa2ee389414cd35708da8439fce8b66b3eed465abc5841ce91278189c27e5dba0757c34a686cba59b759e282da46f8ef2adc7c72de8822edc7491025caf15de5177da9c94eb0324880ef429fe5876122685c1d2f222671eb394c633298b1ab8f149c0b30865cbe1867e3119dc9828e1f62cc7d7d1d4a52fb10a598e467ae5f93c9651a79dfea181bbf202323505c0d60aafed39e9022f30a95c6df926f2d8be527b6ff403437b9b1c798025ada54a06df472cf03035c3a875909828d2d918aec8449c8c89835dea152247cb102f3a2d07f12bfcef80b8087611e2f7d2f100c2703f94019dfd1dedf6148673846c779650e8e94088e182af3948375607fafd338ec838649db511857985810b1c7a1d278829a4f6881282260a087e06a1ddeb594241b4bb13e00bc84fb493dbfb490b01c55cdd5ec177b801b857b7b6e78f26d3ecee6e2e68f279957eaa0cf67895d720e3e2a1b51dcfe7f8b08aac74a9ee428d71b7efd57b39173fe02d353e6afce4f51b01725a8caf497ebe11570d11aa5a1ab37b487b3fbfedd76a29dc579dc87fb4def1876fbf9bdc5af48b531d7090103aa79bb91539cfa053f76ed6e040bea43cd0aac9545eeb2e78c8982abfc8d1e0205e1be1bf56e19f4f2e7780f2ca473b8140bca905d7992a8523d94ccb245f34df6896c42fe609325c09d70f8a4349004f2cccd735d64dfe354ca080112805245f0dd25b3435c86fef233d5e704500912024e3ea80cfa3fbb02c8e53767eda4d5752319de368c34753d4258e549d630297413407b501a69eeb6c6c621045af67e7d6534e1beaed949e29b6523cab3c5595f37dcc46046380f18196866025b84f51c3d11a36caea05578659ce4c423554f67b461c9a9a005501515845d2654fd7856a973618e05854e4f45d3a84b181384cc77a427564c1eeca4cfb2b3807b3a7d12bb88e1c5ac3c06568e9b45276e6a337c0696dab37a1ee53e7bda2ff6c5b779686905dd2b92acdb5f6fab10657f1b3d74d25f2b294fc11515a8805c76daf40781891634704781ae578250c82d1e4363e8e56d0ad32163adbb976d0367c1c0853cb9bc1db7852e81baeccc52eb7720c04a73ac38c69f970e47fbb66314a5eaf5a65c16f73032d8d11d3735a64a6b90755497e2e8c6421ccbd65b71d60469d2572d7d536a5b31e939500f2e0e67dbc46b7d0bf94d6fc6d9dcee6610d5a37a970e45d2ce169fc15e9f97603a2a3db43dfd87a68c8a2484d110f5f045f6f2a2e8e973730012f7ba5c9a5b5e534411b71519de248f6f89099590c3cac132214d855253a36a9ab67dd576c7459f2a3ceded38ab3cd6eaceb41bc70f0155d5d41b97414eeaf3ee8e44fe0ce811dfc0cfb51509298f8ebea8103a88bc64e07c3b1", 0x581, 0x0, 0x0, 0x0) r1 = socket(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000300)=""/102373, 0x18fe5}], 0x1, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r1) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0) r3 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r3, 0x2def, 0xf510, 0x8, 0x0, 0x0) sendto$inet(r0, &(0x7f00000026c0)='?', 0x1, 0x0, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000880)=""/4096, 0x1000, 0x0, 0x0}, &(0x7f0000000240)=0x40) 10.834652666s ago: executing program 2 (id=1198): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) inotify_init() 10.406519981s ago: executing program 1 (id=1200): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) memfd_create(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r4, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001740)=@base={0x5, 0x81, 0x1, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, r5) recvmmsg(r5, 0x0, 0x0, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) 10.363676507s ago: executing program 2 (id=1201): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15", 0x4) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) io_setup(0xff, &(0x7f0000000380)=0x0) sendmmsg$alg(r1, &(0x7f0000002dc0)=[{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000080)="4c2aa68e9f983c238da872", 0xb}], 0x1}], 0x1, 0x0) io_submit(r2, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}]) 9.879574351s ago: executing program 3 (id=1203): unshare(0x20000400) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, 0x0, 0x0) 9.63279828s ago: executing program 3 (id=1204): prlimit64(0x0, 0xe, &(0x7f00000005c0)={0x7, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0}) r3 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2) ioctl$VIDIOC_QUERY_EXT_CTRL(r3, 0xc0e85667, &(0x7f0000000440)={0x0, 0x102, "13544fa885f67d2c39a69ffeb6ae1687558e6fabf7f5872bce268657e1ca44f3", 0x7, 0x0, 0x1d0, 0x10, 0x3c00, 0x8, 0x3, 0x9, [0x7, 0x9, 0x7, 0x1000]}) ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000440)) 9.494156974s ago: executing program 2 (id=1205): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYBLOB], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f0000000240)=0x4, 0x4) bind$xdp(r4, 0x0, 0x0) getsockopt$XDP_STATISTICS(r4, 0x11b, 0x7, 0x0, &(0x7f0000000180)) mremap(&(0x7f0000186000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00000ad000/0x3000)=nil) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 8.761860019s ago: executing program 4 (id=1207): socket(0x10, 0x803, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000000f00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x9}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x4000001) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB='\t\x00', @ANYRES32=r0], 0x1000f) 8.279627289s ago: executing program 4 (id=1209): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[0x0], 0x0, 0x0, 0x0, 0x1}) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x2f, 0x8, 0x1, 0x1, 0x52, @dev={0xfe, 0x80, '\x00', 0x30}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8000, 0x10, 0x0, 0x5a}}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x982, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}) preadv2(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000001740)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0xb0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], 0x0, 0x40000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 7.246104278s ago: executing program 0 (id=1210): socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x10, 0x3, 0x0) openat$ptmx(0xffffff9c, &(0x7f0000000140), 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_usb_connect(0x2, 0x52, &(0x7f00000022c0)=ANY=[@ANYBLOB="120100038fb2ae40"], 0x0) socket(0x2a, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r0}) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1) 5.654280251s ago: executing program 0 (id=1211): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) syz_open_dev$vim2m(0x0, 0x0, 0x2) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) bpf$BPF_MAP_FREEZE(0x16, 0x0, 0x0) socket(0x40000000015, 0x5, 0x0) syz_open_dev$vim2m(0x0, 0x20000000204, 0x2) io_uring_setup(0xefe, &(0x7f0000000180)={0x0, 0xdbbe, 0x400, 0x1, 0x25}) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000078000000030a01010000000000000000010000000900030073797a310000000028000480080002400000000008000140000000051400030076657468315f746f5f626174616476000900010073797a300000000008000a40000000021c0008800c0001"], 0xc0}}, 0x0) 5.347875883s ago: executing program 2 (id=1212): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349bfd2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) close(r1) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, 0x0, 0x0) r3 = socket(0x10, 0x803, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'bridge_slave_1\x00', 0x400}) sendfile(r3, r3, 0x0, 0x1) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x4a) 5.055137735s ago: executing program 1 (id=1213): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000002e00)=ANY=[@ANYBLOB="620af8ff0c011021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c767056a982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf9943134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2eed44d69fe32b0142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000070000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6a04006bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17690158969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583584acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb4d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f8957727da5122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0ae500000000000000dc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6eada31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000d58c08acaf30235b918a31d2eca55f74a23641f6022d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7c48de61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e4000000000d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb8434503680300383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718fd02cde45eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff1500000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9ab48620f144ff72ac579e4a5240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df651bc25070b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5500ff49d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e9611d2e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b08faa4bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef6853f35c28bc57665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b0504789d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c5100000000000000000000000000000000000000000000000070a45784f793e88e477e48f7d87acf12a6731eb5350831f500461ed55897f517923c73f731c139464c6383e580ce222a3250dd12ba25f71de8c94f56f418460dff5678c7c3f51ab4ddc29ffdf496bd8c579401c734fd5ac11a1008ce1d63f5b516d92bf5d718b267017b3ecd7200a7db0ef6b3a8e1f22186961f8c86c29b3144aa71d1623f9053dcf2a445c69d0f14b24884e83a94ad02647b8959c4eef7516546040c83e04484d7f2b65456e2da0dcc7f5a9024b8f4d35cbb03da118cb5f25b97894eafca8140fadcac67c5b17efea5a65b9a66cedb68619f2622733254650fe28f8233f40bed514bdfb199bf21cf421f2f70b1a285e86b542947cba56e23c3ae82d62e99d20d803bab995faae7389946ac0773194a5c2dcb3b57f6dcc6cb564e1dc7f0499df2b10bb50b470197ea7e8892c600"/4141], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r4, 0x701}, 0x14}}, 0x0) 3.966981733s ago: executing program 3 (id=1214): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f5050102030109022c00010000000009040000016f2bae000819020100000000092402020000000000090585da20"], 0x0) 1.94442784s ago: executing program 3 (id=1215): ioprio_set$pid(0x1, 0x0, 0x0) msgget$private(0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT], 0x2000, 0x0) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x8, 0x0) msgrcv(0x0, 0x0, 0x0, 0x1, 0x0) msgctl$IPC_RMID(0x0, 0x0) 1.838536451s ago: executing program 0 (id=1216): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000009c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x404c534a, &(0x7f0000000e40)={0x0, 0x0, 0xeac7}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x404c534a, &(0x7f00000000c0)={0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x7}}) 1.612033826s ago: executing program 0 (id=1217): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000340), 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mbind(&(0x7f000012c000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x8006, 0x86, 0x3) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000580)=ANY=[]) 1.556003668s ago: executing program 3 (id=1218): r0 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xf, r0, 0xfffffffffffffffd, &(0x7f0000000780)="1860765114297b10b4026fbbdc163b2750fc3c8f589df2dbb5d7a8ad") 1.329807784s ago: executing program 0 (id=1219): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={r1, @empty, @remote}, 0xc) sendto$inet(r0, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10) recvmmsg(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 1.259595678s ago: executing program 3 (id=1220): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_PLINK_STATE={0x5}]}, 0x30}}, 0x0) 1.059276716s ago: executing program 0 (id=1221): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003540)={0xf4, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3a, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1, 0x8c}, @void, @val={0x6, 0x2}, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7, {0x0, 0xffffffffffffffff}}, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_PROBE_RESP={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0xa, 0x80, [@ext_channel_switch={0x3c, 0x4, {0x0, 0xe8, 0x2f}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}, @NL80211_ATTR_BEACON_TAIL={0x20, 0xf, [@ht={0x2d, 0x1a, {0x4000, 0x0, 0x0, 0x0, {0x5b, 0x8, 0x0, 0x3fc, 0x0, 0x1, 0x0, 0x2}, 0x1, 0x6, 0xfd}}]}, @NL80211_ATTR_IE={0x4f, 0x2a, [@prep={0x83, 0x25, {{0x0, 0x1}, 0x5, 0x7, @device_a, 0x5a61, @value, 0x6000, 0x5, @device_a, 0x7}}, @sec_chan_ofs={0x3e, 0x1, 0x2}, @prep={0x83, 0x1f, {{}, 0x7f, 0x2, @device_b, 0x8, @void, 0x1, 0x1ff, @broadcast, 0x5}}]}]]}, 0xf4}}, 0x0) 730.795163ms ago: executing program 1 (id=1222): socket(0x22, 0x800, 0x1) bind$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24, 0x2}, 0x1c) r1 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 207.787321ms ago: executing program 1 (id=1223): ioperm(0x0, 0x9, 0x5) r0 = socket(0x2, 0x80805, 0x0) dup2(r0, 0xffffffffffffffff) 73.214705ms ago: executing program 1 (id=1224): socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xc0}}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet(0x2, 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000001c0)={{r0}, 0x20000000008}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) 0s ago: executing program 1 (id=1225): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000100)=0xfffffffe, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x30, r2, 0x201, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x30}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)) socket$netlink(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000000)=[{&(0x7f0000000400)="580000001400192340835980040d8c560a067f9e45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd000008100001000308080041491f4002040800", 0x58}], 0x1) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r9, 0x8933, &(0x7f0000001880)={'wg1\x00', 0x0}) r11 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r8, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001000)=ANY=[@ANYBLOB="84000000", @ANYRES16=r11, @ANYBLOB="1c0a00000000000000000100000008000100", @ANYRES32=r10, @ANYBLOB="68000880640000803c0009801c0000800600010002000000080002000000000005000300000000001c000080060001000200000008000200ac141400050003000100000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c"], 0x84}}, 0x0) sendmsg$WG_CMD_SET_DEVICE(r8, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f00000014c0)={0x58, r11, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r10}, @WGDEVICE_A_FLAGS={0x8}]}, 0x58}}, 0x0) sendmmsg$inet(r5, 0x0, 0x0, 0x0) r12 = accept4(r4, 0x0, 0x0, 0x0) recvmmsg(r12, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000080), &(0x7f00000000c0)=r3}, 0x20) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)) syz_genetlink_get_family_id$nl80211(0x0, r8) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x20}, 0x0) kernel console output (not intermixed with test programs): 20 [ 360.873639][ T5284] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 360.874530][T14641] ? validate_chain+0x11e/0x5920 [ 360.874563][T14641] ? __pfx_lock_acquire+0x10/0x10 [ 360.892123][T14641] ? __pfx_validate_chain+0x10/0x10 [ 360.897391][T14641] ? mark_lock+0x9a/0x360 [ 360.901824][T14641] ? __lock_acquire+0x1384/0x2050 [ 360.906931][T14641] ? mark_lock+0x9a/0x360 [ 360.911307][T14641] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 360.917446][T14641] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 360.923840][T14641] ? __local_bh_enable_ip+0x168/0x200 [ 360.929345][T14641] ? tipc_sendmsg+0x47/0x70 [ 360.933887][T14641] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 360.939656][T14641] ? do_raw_spin_unlock+0x13c/0x8b0 [ 360.944911][T14641] ? __pfx_tipc_sendmsg+0x10/0x10 [ 360.949975][T14641] tipc_sendmsg+0x55/0x70 [ 360.954352][T14641] __sock_sendmsg+0x221/0x270 [ 360.959072][T14641] ____sys_sendmsg+0x52a/0x7e0 [ 360.963874][T14641] ? __pfx_____sys_sendmsg+0x10/0x10 [ 360.969213][T14641] __sys_sendmsg+0x292/0x380 [ 360.973847][T14641] ? __pfx___sys_sendmsg+0x10/0x10 [ 360.979169][T14641] ? __pfx_vfs_write+0x10/0x10 [ 360.983952][T14641] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 360.990304][T14641] ? do_syscall_64+0x100/0x230 [ 360.995094][T14641] ? do_syscall_64+0xb6/0x230 [ 360.999873][T14641] do_syscall_64+0xf3/0x230 [ 361.004393][T14641] ? clear_bhb_loop+0x35/0x90 [ 361.009109][T14641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.015035][T14641] RIP: 0033:0x7f745997dff9 [ 361.019464][T14641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 361.039186][T14641] RSP: 002b:00007f745a710038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 361.047624][T14641] RAX: ffffffffffffffda RBX: 00007f7459b36058 RCX: 00007f745997dff9 [ 361.055623][T14641] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000006 [ 361.063626][T14641] RBP: 00007f745a710090 R08: 0000000000000000 R09: 0000000000000000 [ 361.071654][T14641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 361.079655][T14641] R13: 0000000000000000 R14: 00007f7459b36058 R15: 00007f7459c5fa28 [ 361.087670][T14641] [ 361.102608][ T5284] usb 4-1: too many configurations: 239, using maximum allowed: 8 [ 361.133316][ T5284] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 160 [ 361.149009][ T46] usb 1-1: USB disconnect, device number 67 [ 361.165376][ T5284] usb 4-1: can't read configurations, error -22 [ 361.197381][ T5284] usb usb4-port1: attempt power cycle [ 361.477994][ T5242] Bluetooth: hci1: command tx timeout [ 361.578002][ T5284] usb 4-1: new high-speed USB device number 69 using dummy_hcd [ 361.579143][ T35] team0 (unregistering): Port device team_slave_1 removed [ 361.620942][ T5284] usb 4-1: too many configurations: 239, using maximum allowed: 8 [ 361.630301][ T5284] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 160 [ 361.649118][ T5284] usb 4-1: can't read configurations, error -22 [ 361.659704][ T35] team0 (unregistering): Port device team_slave_0 removed [ 361.788210][ T5284] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 361.839271][ T5284] usb 4-1: too many configurations: 239, using maximum allowed: 8 [ 361.855844][ T5284] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 160 [ 361.865777][ T5284] usb 4-1: can't read configurations, error -22 [ 361.882114][ T5284] usb usb4-port1: unable to enumerate USB device [ 362.513055][T14678] netlink: 'syz.2.962': attribute type 1 has an invalid length. [ 362.585467][T14679] netlink: 4 bytes leftover after parsing attributes in process `syz.4.961'. [ 363.180041][T14136] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 363.220032][T14136] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 363.286826][T14136] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 363.317668][T14136] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 363.399210][ T8] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 363.538254][T14136] 8021q: adding VLAN 0 to HW filter on device bond0 [ 363.557113][ T5242] Bluetooth: hci1: command tx timeout [ 363.569071][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 363.578955][ T8] usb 1-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5 [ 363.604511][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.618199][ T8] usb 1-1: Product: syz [ 363.622881][ T8] usb 1-1: Manufacturer: syz [ 363.628196][ T8] usb 1-1: SerialNumber: syz [ 363.645816][T14136] 8021q: adding VLAN 0 to HW filter on device team0 [ 363.683562][T14136] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 363.695283][ T8] usb 1-1: config 0 descriptor?? [ 363.700916][T14136] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 363.722296][ T1055] bridge0: port 1(bridge_slave_0) entered blocking state [ 363.729728][ T1055] bridge0: port 1(bridge_slave_0) entered forwarding state [ 363.743648][ T8] hub 1-1:0.0: bad descriptor, ignoring hub [ 363.744577][ T1055] bridge0: port 2(bridge_slave_1) entered blocking state [ 363.752201][ T8] hub 1-1:0.0: probe with driver hub failed with error -5 [ 363.756831][ T1055] bridge0: port 2(bridge_slave_1) entered forwarding state [ 363.768517][ T8] gspca_main: vc032x-2.14.0 probing 0ac8:c301 [ 363.848347][T14136] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 363.907961][ T5305] usb 5-1: new full-speed USB device number 66 using dummy_hcd [ 363.995807][T14136] veth0_vlan: entered promiscuous mode [ 364.035886][T14136] veth1_vlan: entered promiscuous mode [ 364.070628][ T5305] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 364.095317][ T5305] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 364.128097][ T5305] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 364.142286][T14136] veth0_macvtap: entered promiscuous mode [ 364.166757][ T5305] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 364.183855][T14136] veth1_macvtap: entered promiscuous mode [ 364.200718][ T5305] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 364.230431][ T5305] usb 5-1: Product: syz [ 364.245691][ T5305] usb 5-1: Manufacturer: syz [ 364.260443][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.271753][ T5305] usb 5-1: SerialNumber: syz [ 364.281112][ T5305] usb 5-1: config 0 descriptor?? [ 364.286950][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.288229][ T8] gspca_vc032x: reg_w err -110 [ 364.299291][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.312871][T14755] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 364.327939][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.345609][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.347181][ T5305] usb 5-1: ucan: probing device on interface #0 [ 364.358186][ T5305] usb 5-1: ucan: invalid endpoint configuration [ 364.364796][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.375410][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.386456][ T5305] usb 5-1: ucan: probe failed; try to update the device firmware [ 364.388223][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.412297][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.442202][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.445784][T14779] program syz.3.970 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 364.457667][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.471708][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.479113][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.484543][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.490306][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 364.502534][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.509803][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.523542][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.539789][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.554938][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.564155][T14136] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 364.575878][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.584450][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.603241][ T5282] usb 5-1: USB disconnect, device number 66 [ 364.613651][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 364.632075][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.649797][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.655154][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.660643][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.692062][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.697629][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 364.715399][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 364.721631][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.732172][ T8] gspca_vc032x: Unknown sensor... [ 364.746356][ T8] vc032x 1-1:0.0: probe with driver vc032x failed with error -22 [ 364.755620][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 364.783237][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.799012][ T8] usb 1-1: USB disconnect, device number 68 [ 364.809666][T14136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 364.834779][T14136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 364.871836][T14136] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 364.908647][T14136] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.917471][T14136] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.937836][T14136] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.948320][T14136] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.144192][ T5709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 365.172842][ T5709] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 365.214920][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 365.236396][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 365.588541][ T8] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 365.588751][T14823] UHID_CREATE from different security context by process 4 (syz.1.974), this is not allowed. [ 365.613991][ T8] hid-generic 0000:0000:0000.0022: hidraw0: HID v0.00 Device [syz1] on syz0 [ 365.869607][ T5305] usb 2-1: new high-speed USB device number 72 using dummy_hcd [ 365.987855][ T5284] usb 1-1: new high-speed USB device number 69 using dummy_hcd [ 366.028167][ T5305] usb 2-1: Using ep0 maxpacket: 8 [ 366.046231][ T5305] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 366.056146][ T5305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.066302][ T5305] usb 2-1: Product: syz [ 366.071875][ T5305] usb 2-1: Manufacturer: syz [ 366.076631][ T5305] usb 2-1: SerialNumber: syz [ 366.087428][ T5305] usb 2-1: config 0 descriptor?? [ 366.170958][ T5284] usb 1-1: Using ep0 maxpacket: 8 [ 366.192048][ T5284] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 366.205880][ T5284] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.215344][ T5284] usb 1-1: Product: syz [ 366.224582][ T5284] usb 1-1: Manufacturer: syz [ 366.234435][ T5284] usb 1-1: SerialNumber: syz [ 366.255282][ T5284] usb 1-1: config 0 descriptor?? [ 366.305924][ T5305] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 366.472314][ T5284] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 366.506717][T14823] netlink: 'syz.1.974': attribute type 18 has an invalid length. [ 366.526718][T14823] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 366.536087][T14823] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 366.545087][T14823] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 366.553918][T14823] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 366.567874][ T8] usb 5-1: new full-speed USB device number 67 using dummy_hcd [ 366.721453][ T8] usb 5-1: config 4 has an invalid interface number: 130 but max is 1 [ 366.735046][ T8] usb 5-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 366.745466][ T8] usb 5-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 366.754813][ T8] usb 5-1: config 4 has an invalid interface number: 227 but max is 1 [ 366.763831][ T8] usb 5-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 366.772677][ T8] usb 5-1: config 4 has an invalid descriptor of length 222, skipping remainder of the config [ 366.785424][ T8] usb 5-1: config 4 has no interface number 0 [ 366.791711][ T8] usb 5-1: config 4 has no interface number 1 [ 366.799781][ T8] usb 5-1: config 4 interface 130 altsetting 190 endpoint 0xC has an invalid bInterval 72, changing to 4 [ 366.811343][ T8] usb 5-1: config 4 interface 130 altsetting 190 has an endpoint descriptor with address 0xD6, changing to 0x86 [ 366.823447][ T8] usb 5-1: config 4 interface 130 altsetting 190 endpoint 0x86 has invalid maxpacket 22708, setting to 64 [ 366.835065][ T8] usb 5-1: config 4 interface 130 altsetting 190 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 366.847073][ T8] usb 5-1: config 4 interface 130 altsetting 190 endpoint 0xE has invalid maxpacket 1024, setting to 64 [ 366.859819][ T8] usb 5-1: config 4 interface 130 altsetting 190 endpoint 0x9 has invalid maxpacket 1040, setting to 64 [ 366.871284][ T8] usb 5-1: config 4 interface 130 altsetting 190 has a duplicate endpoint with address 0x5, skipping [ 366.882330][ T8] usb 5-1: config 4 interface 130 altsetting 190 has an invalid descriptor for endpoint zero, skipping [ 366.893632][ T8] usb 5-1: config 4 interface 130 altsetting 190 has a duplicate endpoint with address 0x9, skipping [ 366.906949][ T8] usb 5-1: config 4 interface 130 altsetting 190 has an invalid descriptor for endpoint zero, skipping [ 366.918706][ T8] usb 5-1: config 4 interface 130 altsetting 190 has 14 endpoint descriptors, different from the interface descriptor's value: 13 [ 366.932495][ T8] usb 5-1: config 4 interface 227 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 366.945723][ T8] usb 5-1: config 4 interface 130 has no altsetting 0 [ 366.952615][ T8] usb 5-1: config 4 interface 227 has no altsetting 0 [ 366.966904][ T8] usb 5-1: New USB device found, idVendor=0421, idProduct=069a, bcdDevice=4c.a5 [ 366.977942][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.986000][ T8] usb 5-1: Product: В [ 366.990725][ T8] usb 5-1: Manufacturer:  [ 366.995451][ T8] usb 5-1: SerialNumber: ꌇद폈㻲빦☠놧ᖍ쨦๽≔ᭀ᳓眍媁뇄፿豾㶃乏쐊ᆏ䵄搸䞋쏓 [ 367.026565][T14843] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 367.034715][T14843] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 367.042352][T14843] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 367.092273][ T5284] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 367.121700][ T5284] usb 1-1: USB disconnect, device number 69 [ 367.197236][T14823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 367.219034][T14823] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 367.240286][ T5305] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 367.262002][ T5305] usb 2-1: USB disconnect, device number 72 [ 368.884296][ T8] usb_serial_simple 5-1:4.130: nokia converter detected [ 368.896096][ T8] usb 5-1: nokia converter now attached to ttyUSB0 [ 368.914226][ T8] usb_serial_simple 5-1:4.227: nokia converter detected [ 368.925166][ T8] usb 5-1: nokia converter now attached to ttyUSB1 [ 368.938124][ T8] usb 5-1: USB disconnect, device number 67 [ 368.971689][ T8] nokia ttyUSB0: nokia converter now disconnected from ttyUSB0 [ 368.983319][ T8] usb_serial_simple 5-1:4.130: device disconnected [ 368.996813][ T8] nokia ttyUSB1: nokia converter now disconnected from ttyUSB1 [ 369.006600][ T8] usb_serial_simple 5-1:4.227: device disconnected [ 370.598068][ T5229] Bluetooth: hci0: command 0x0406 tx timeout [ 378.749966][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.756349][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.907278][T14921] netlink: 'syz.2.980': attribute type 3 has an invalid length. [ 385.919198][T14921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.980'. [ 385.984349][T14923] netlink: 'syz.0.978': attribute type 2 has an invalid length. [ 385.997783][T14923] netlink: 195592 bytes leftover after parsing attributes in process `syz.0.978'. [ 386.104400][T14923] loop2: detected capacity change from 0 to 53 [ 386.294577][T14951] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 386.313580][T14951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 386.335225][T14951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 386.343660][T14951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 386.355692][T14951] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 386.364249][T14951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 386.497861][ T8] usb 4-1: new high-speed USB device number 71 using dummy_hcd [ 386.518439][ T5282] usb 2-1: new high-speed USB device number 73 using dummy_hcd [ 386.573595][T14970] chnl_net:caif_netlink_parms(): no params data found [ 386.658432][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 386.684170][ T5282] usb 2-1: Using ep0 maxpacket: 16 [ 386.700176][ T8] usb 4-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5 [ 386.710539][ T5282] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 386.727856][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.736405][ T5282] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 386.746653][ T8] usb 4-1: Product: syz [ 386.751831][ T8] usb 4-1: Manufacturer: syz [ 386.757158][ T8] usb 4-1: SerialNumber: syz [ 386.762769][ T5282] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 386.774119][ T5282] usb 2-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 386.784197][ T8] usb 4-1: config 0 descriptor?? [ 386.784680][T14970] bridge0: port 1(bridge_slave_0) entered blocking state [ 386.789761][ T5282] usb 2-1: Product: syz [ 386.801363][ T5282] usb 2-1: Manufacturer: syz [ 386.806992][ T8] hub 4-1:0.0: bad descriptor, ignoring hub [ 386.815637][ T5282] usb 2-1: config 0 descriptor?? [ 386.821034][ T8] hub 4-1:0.0: probe with driver hub failed with error -5 [ 386.831659][T14970] bridge0: port 1(bridge_slave_0) entered disabled state [ 386.840620][ T8] gspca_main: vc032x-2.14.0 probing 0ac8:c301 [ 386.848546][T14970] bridge_slave_0: entered allmulticast mode [ 386.856611][T14970] bridge_slave_0: entered promiscuous mode [ 386.866402][T14970] bridge0: port 2(bridge_slave_1) entered blocking state [ 386.875702][T14970] bridge0: port 2(bridge_slave_1) entered disabled state [ 386.883790][T14970] bridge_slave_1: entered allmulticast mode [ 386.892190][T14970] bridge_slave_1: entered promiscuous mode [ 386.945110][T14970] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 386.974190][T14970] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 387.097627][T14970] team0: Port device team_slave_0 added [ 387.115086][T14970] team0: Port device team_slave_1 added [ 387.185817][T14970] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 387.204738][T14970] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 387.240061][ T5282] kovaplus 0003:1E7D:2D50.0023: unknown main item tag 0xd [ 387.250573][T14970] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 387.262310][ T5282] kovaplus 0003:1E7D:2D50.0023: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.1-1/input0 [ 387.277478][T14970] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 387.286065][T14970] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 387.325417][ T8] gspca_vc032x: reg_w err -71 [ 387.327787][T14970] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 387.337795][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.348815][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.354274][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.360872][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.367069][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.373467][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.393622][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.404812][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.421021][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.428410][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.434488][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.443047][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.448596][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.452931][T14970] hsr_slave_0: entered promiscuous mode [ 387.454190][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.466186][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.472110][T14970] hsr_slave_1: entered promiscuous mode [ 387.472432][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.488577][T14970] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 387.496751][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.504593][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.504752][T14970] Cannot create hsr debugfs directory [ 387.510718][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 387.522174][ T8] gspca_vc032x: Unknown sensor... [ 387.527344][ T8] vc032x 4-1:0.0: probe with driver vc032x failed with error -22 [ 387.569483][ T8] usb 4-1: USB disconnect, device number 71 [ 387.728355][ T937] usb 1-1: new full-speed USB device number 70 using dummy_hcd [ 387.753475][T14970] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.890822][ T937] usb 1-1: config 4 has an invalid interface number: 130 but max is 1 [ 387.910843][T14970] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.917900][ T937] usb 1-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 387.942379][ T937] usb 1-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 387.961024][ T937] usb 1-1: config 4 has an invalid interface number: 227 but max is 1 [ 387.977243][ T937] usb 1-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 387.997036][ T937] usb 1-1: config 4 has an invalid descriptor of length 222, skipping remainder of the config [ 388.028308][ T937] usb 1-1: config 4 has no interface number 0 [ 388.034515][ T937] usb 1-1: config 4 has no interface number 1 [ 388.047064][ T937] usb 1-1: config 4 interface 130 altsetting 190 endpoint 0xC has an invalid bInterval 72, changing to 4 [ 388.058898][ T937] usb 1-1: config 4 interface 130 altsetting 190 has an endpoint descriptor with address 0xD6, changing to 0x86 [ 388.072514][ T937] usb 1-1: config 4 interface 130 altsetting 190 endpoint 0x86 has invalid maxpacket 22708, setting to 64 [ 388.085721][ T937] usb 1-1: config 4 interface 130 altsetting 190 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 388.110698][T14970] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.118006][ T937] usb 1-1: config 4 interface 130 altsetting 190 endpoint 0xE has invalid maxpacket 1024, setting to 64 [ 388.153043][ T937] usb 1-1: config 4 interface 130 altsetting 190 endpoint 0x9 has invalid maxpacket 1040, setting to 64 [ 388.173392][ T937] usb 1-1: config 4 interface 130 altsetting 190 has a duplicate endpoint with address 0x5, skipping [ 388.187540][ T937] usb 1-1: config 4 interface 130 altsetting 190 has an invalid descriptor for endpoint zero, skipping [ 388.209545][ T937] usb 1-1: config 4 interface 130 altsetting 190 has a duplicate endpoint with address 0x9, skipping [ 388.229759][ T937] usb 1-1: config 4 interface 130 altsetting 190 has an invalid descriptor for endpoint zero, skipping [ 388.247447][ T937] usb 1-1: config 4 interface 130 altsetting 190 has 14 endpoint descriptors, different from the interface descriptor's value: 13 [ 388.263967][T14970] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.268504][ T937] usb 1-1: config 4 interface 227 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 388.297194][ T937] usb 1-1: config 4 interface 130 has no altsetting 0 [ 388.306870][ T937] usb 1-1: config 4 interface 227 has no altsetting 0 [ 388.327056][ T937] usb 1-1: New USB device found, idVendor=0421, idProduct=069a, bcdDevice=4c.a5 [ 388.337326][ T937] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 388.359496][ T937] usb 1-1: Product: В [ 388.363827][ T937] usb 1-1: Manufacturer:  [ 388.369727][ T937] usb 1-1: SerialNumber: ꌇद폈㻲빦☠놧ᖍ쨦๽≔ᭀ᳓眍媁뇄፿豾㶃乏쐊ᆏ䵄搸䞋쏓 [ 388.385699][T15318] FAULT_INJECTION: forcing a failure. [ 388.385699][T15318] name failslab, interval 1, probability 0, space 0, times 0 [ 388.398435][T15318] CPU: 1 UID: 0 PID: 15318 Comm: syz.3.989 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 388.400424][T15208] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 388.409152][T15318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 388.426469][T15318] Call Trace: [ 388.429793][T15318] [ 388.432767][T15318] dump_stack_lvl+0x241/0x360 [ 388.437503][T15318] ? __pfx_dump_stack_lvl+0x10/0x10 [ 388.442758][T15318] ? __pfx__printk+0x10/0x10 [ 388.447470][T15318] should_fail_ex+0x3b0/0x4e0 [ 388.452220][T15318] should_failslab+0xac/0x100 [ 388.456784][T15208] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 388.456930][T15318] ? tipc_nametbl_lookup_mcast_sockets+0x62f/0xd70 [ 388.470582][T15318] __kmalloc_cache_noprof+0x6c/0x2c0 [ 388.475775][T15208] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 388.475995][T15318] tipc_nametbl_lookup_mcast_sockets+0x62f/0xd70 [ 388.489489][T15318] ? tipc_nametbl_lookup_mcast_sockets+0x56/0xd70 [ 388.495973][T15318] tipc_sk_mcast_rcv+0x6ce/0x1400 [ 388.501080][T15318] ? __pfx_tipc_sk_mcast_rcv+0x10/0x10 [ 388.506637][T15318] ? __raw_spin_lock_init+0x45/0x100 [ 388.511988][T15318] tipc_mcast_xmit+0x12ad/0x19c0 [ 388.516979][T15318] ? __might_fault+0xc6/0x120 [ 388.517974][T14951] Bluetooth: hci2: command tx timeout [ 388.521684][T15318] ? __pfx_tipc_mcast_xmit+0x10/0x10 [ 388.521727][T15318] ? _copy_from_iter+0x31a/0x1d60 [ 388.521757][T15318] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 388.543146][T15318] ? __build_skb_around+0x245/0x3d0 [ 388.548414][T15318] ? __alloc_skb+0x2d5/0x440 [ 388.553071][T15318] ? __pfx__copy_from_iter+0x10/0x10 [ 388.558424][T15318] ? __pfx___alloc_skb+0x10/0x10 [ 388.563765][T15318] ? tipc_msg_build+0x42a/0x1070 [ 388.568764][T15318] ? __check_object_size+0x98/0x900 [ 388.574027][T15318] ? tipc_msg_build+0x4b3/0x1070 [ 388.579032][T15318] ? __pfx_lock_release+0x10/0x10 [ 388.584142][T15318] tipc_send_group_bcast+0x8bd/0xbd0 [ 388.589506][T15318] ? __pfx_tipc_send_group_bcast+0x10/0x10 [ 388.595377][T15318] ? validate_chain+0x11e/0x5920 [ 388.600375][T15318] ? __pfx_woken_wake_function+0x10/0x10 [ 388.606196][T15318] __tipc_sendmsg+0x363/0x35f0 [ 388.611019][T15318] ? __pfx_validate_chain+0x10/0x10 [ 388.616297][T15318] ? __pfx___tipc_sendmsg+0x10/0x10 [ 388.621551][T15318] ? validate_chain+0x11e/0x5920 [ 388.626542][T15318] ? validate_chain+0x11e/0x5920 [ 388.631534][T15318] ? __pfx_lock_acquire+0x10/0x10 [ 388.636613][T15318] ? __pfx_validate_chain+0x10/0x10 [ 388.641866][T15318] ? mark_lock+0x9a/0x360 [ 388.646256][T15318] ? __lock_acquire+0x1384/0x2050 [ 388.651364][T15318] ? mark_lock+0x9a/0x360 [ 388.655745][T15318] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 388.661792][T15318] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 388.668282][T15318] ? __local_bh_enable_ip+0x168/0x200 [ 388.673706][T15318] ? tipc_sendmsg+0x47/0x70 [ 388.678263][T15318] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 388.684040][T15318] ? do_raw_spin_unlock+0x13c/0x8b0 [ 388.689314][T15318] ? __pfx_tipc_sendmsg+0x10/0x10 [ 388.694388][T15318] tipc_sendmsg+0x55/0x70 [ 388.698782][T15318] __sock_sendmsg+0x221/0x270 [ 388.703605][T15318] ____sys_sendmsg+0x52a/0x7e0 [ 388.708436][T15318] ? __pfx_____sys_sendmsg+0x10/0x10 [ 388.713982][T15318] __sys_sendmsg+0x292/0x380 [ 388.718627][T15318] ? __pfx___sys_sendmsg+0x10/0x10 [ 388.723841][T15318] ? __pfx_vfs_write+0x10/0x10 [ 388.728698][T15318] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 388.735094][T15318] ? do_syscall_64+0x100/0x230 [ 388.739917][T15318] ? do_syscall_64+0xb6/0x230 [ 388.744649][T15318] do_syscall_64+0xf3/0x230 [ 388.749216][T15318] ? clear_bhb_loop+0x35/0x90 [ 388.753975][T15318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.759932][T15318] RIP: 0033:0x7f70cd97dff9 [ 388.764403][T15318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 388.784236][T15318] RSP: 002b:00007f70ce808038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 388.792715][T15318] RAX: ffffffffffffffda RBX: 00007f70cdb35f80 RCX: 00007f70cd97dff9 [ 388.800828][T15318] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000006 [ 388.809115][T15318] RBP: 00007f70ce808090 R08: 0000000000000000 R09: 0000000000000000 [ 388.817145][T15318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 388.825249][T15318] R13: 0000000000000000 R14: 00007f70cdb35f80 R15: 00007f70cdc5fa28 [ 388.833381][T15318] [ 388.893635][T14970] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 388.915385][T14970] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 388.934642][T14970] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 388.952660][T14970] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 389.110464][T14970] 8021q: adding VLAN 0 to HW filter on device bond0 [ 389.158507][ T5282] kovaplus 0003:1E7D:2D50.0023: couldn't init struct kovaplus_device [ 389.168254][ T5282] kovaplus 0003:1E7D:2D50.0023: couldn't install mouse [ 389.183772][T14970] 8021q: adding VLAN 0 to HW filter on device team0 [ 389.202437][ T5282] kovaplus 0003:1E7D:2D50.0023: probe with driver kovaplus failed with error -71 [ 389.255145][ T5282] usb 2-1: USB disconnect, device number 73 [ 389.270465][ T5709] bridge0: port 1(bridge_slave_0) entered blocking state [ 389.277740][ T5709] bridge0: port 1(bridge_slave_0) entered forwarding state [ 389.369702][ T5709] bridge0: port 2(bridge_slave_1) entered blocking state [ 389.377304][ T5709] bridge0: port 2(bridge_slave_1) entered forwarding state [ 389.606672][T14970] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 389.779526][ T937] usb_serial_simple 1-1:4.130: nokia converter detected [ 389.797396][T14970] veth0_vlan: entered promiscuous mode [ 389.815500][ T937] usb 1-1: nokia converter now attached to ttyUSB0 [ 389.826854][T14970] veth1_vlan: entered promiscuous mode [ 389.856645][ T937] usb_serial_simple 1-1:4.227: nokia converter detected [ 389.887848][ T937] usb 1-1: nokia converter now attached to ttyUSB1 [ 389.909019][T14970] veth0_macvtap: entered promiscuous mode [ 389.923947][ T937] usb 1-1: USB disconnect, device number 70 [ 389.926420][T14970] veth1_macvtap: entered promiscuous mode [ 390.000431][ T937] nokia ttyUSB0: nokia converter now disconnected from ttyUSB0 [ 390.009366][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 390.015641][ T937] usb_serial_simple 1-1:4.130: device disconnected [ 390.072514][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.084363][ T937] nokia ttyUSB1: nokia converter now disconnected from ttyUSB1 [ 390.098774][ T937] usb_serial_simple 1-1:4.227: device disconnected [ 390.122358][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 390.164006][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.174787][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 390.186318][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.197190][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 390.208478][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.219083][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 390.229963][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.241780][T14970] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 390.357448][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 390.373264][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.384450][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 390.395553][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.405921][ T5284] usb 2-1: new high-speed USB device number 74 using dummy_hcd [ 390.413892][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 390.425889][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.447301][T15394] binder: 15393:15394 ioctl c00c620f 20000340 returned -22 [ 390.455580][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 390.467499][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.481937][T14970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 390.493518][T14970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 390.505374][T14970] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 390.529786][T14970] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 390.545437][T14970] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 390.557118][T14970] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 390.576029][T14970] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 390.579108][ T5284] usb 2-1: Using ep0 maxpacket: 8 [ 390.598128][T14951] Bluetooth: hci2: command tx timeout [ 390.626616][T15394] netlink: 'syz.3.994': attribute type 10 has an invalid length. [ 390.715917][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.721186][ T5284] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 390.738047][ T5284] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 390.749863][ T5284] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 390.761287][ T5284] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 390.772743][ T5284] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 390.798011][ T5284] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 390.807131][ T5284] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 390.829809][ T5284] usb 2-1: Product: syz [ 390.838598][ T5284] usb 2-1: Manufacturer: syz [ 390.853230][ T5284] usb 2-1: SerialNumber: syz [ 390.879269][ T5284] usb 2-1: config 0 descriptor?? [ 391.017235][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.112345][ T5284] radio-si470x 2-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 391.121447][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.137910][ T5284] radio-si470x 2-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 391.205213][ T3024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 391.223547][ T3024] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 391.304087][ T5242] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 391.315031][T15386] netlink: 8 bytes leftover after parsing attributes in process `syz.1.993'. [ 391.324737][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.327246][ T5242] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 391.346004][ T5242] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 391.356809][ T5242] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 391.368221][T15386] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 391.378197][ T5242] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 391.385925][ T5242] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 391.455061][T15386] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 391.463119][ T5709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 391.472732][ T5709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 391.495524][ T5284] radio-si470x 2-1:0.0: software version 0, hardware version 0 [ 391.522348][ T5284] radio-si470x 2-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 391.538809][ T5284] radio-si470x 2-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 391.688697][ T8] usb 4-1: new high-speed USB device number 72 using dummy_hcd [ 391.696693][ T5284] radio-si470x 2-1:0.0: submitting int urb failed (-90) [ 391.769933][T15482] program syz.4.982 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 391.837844][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 391.862410][ T8] usb 4-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5 [ 391.878031][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.900011][ T11] team0: left allmulticast mode [ 391.908204][ T8] usb 4-1: Product: syz [ 391.912452][ T8] usb 4-1: Manufacturer: syz [ 391.915238][ T11] team_slave_0: left allmulticast mode [ 391.917150][ T8] usb 4-1: SerialNumber: syz [ 391.942075][ T11] team_slave_1: left allmulticast mode [ 391.948859][ T11] team0: left promiscuous mode [ 391.955772][ T11] team_slave_0: left promiscuous mode [ 391.978820][ T11] team_slave_1: left promiscuous mode [ 391.987056][ T8] usb 4-1: config 0 descriptor?? [ 391.997464][ T11] bridge0: port 3(team0) entered disabled state [ 392.000462][ T8] hub 4-1:0.0: bad descriptor, ignoring hub [ 392.019463][ T8] hub 4-1:0.0: probe with driver hub failed with error -5 [ 392.030680][ T8] gspca_main: vc032x-2.14.0 probing 0ac8:c301 [ 392.037581][ T11] bridge_slave_1: left allmulticast mode [ 392.054536][ T11] bridge_slave_1: left promiscuous mode [ 392.065609][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.101311][ T11] bridge_slave_0: left allmulticast mode [ 392.108743][ T11] bridge_slave_0: left promiscuous mode [ 392.114577][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.548084][ T8] gspca_vc032x: reg_w err -110 [ 392.562970][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.581297][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.594415][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.637826][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.658894][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.668288][ T5242] Bluetooth: hci2: command tx timeout [ 392.699559][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.706302][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.762310][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.776916][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.788601][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.793963][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.803997][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.814989][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.847856][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.853223][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.864994][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.871273][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.876707][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.887817][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 392.893187][ T8] gspca_vc032x: Unknown sensor... [ 392.904991][ T8] vc032x 4-1:0.0: probe with driver vc032x failed with error -22 [ 392.958984][ T8] usb 4-1: USB disconnect, device number 72 [ 392.971061][T15552] program syz.4.999 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 393.007074][T15552] netlink: 4 bytes leftover after parsing attributes in process `syz.4.999'. [ 393.136500][ T5284] radio-si470x 2-1:0.0: si470x_get_report: usb_control_msg returned -32 [ 393.156542][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 393.180783][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 393.206076][ T11] bond0 (unregistering): Released all slaves [ 393.240057][T15430] chnl_net:caif_netlink_parms(): no params data found [ 393.398220][ T11] tipc: Left network mode [ 393.470718][ T5242] Bluetooth: hci0: command tx timeout [ 393.573836][T15591] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1000'. [ 393.711374][T15430] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.728808][T15430] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.750709][T15430] bridge_slave_0: entered allmulticast mode [ 393.763956][T15430] bridge_slave_0: entered promiscuous mode [ 393.828939][T15430] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.849090][T15430] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.856522][T15430] bridge_slave_1: entered allmulticast mode [ 393.883937][T15430] bridge_slave_1: entered promiscuous mode [ 393.979693][ T11] hsr_slave_0: left promiscuous mode [ 394.006424][ T11] hsr_slave_1: left promiscuous mode [ 394.032909][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 394.055817][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 394.080672][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.119285][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 394.212798][ T11] veth1_macvtap: left promiscuous mode [ 394.218831][ T11] veth0_macvtap: left promiscuous mode [ 394.224820][ T11] veth1_vlan: left promiscuous mode [ 394.231901][ T11] veth0_vlan: left promiscuous mode [ 394.245208][ T8] usb 2-1: USB disconnect, device number 74 [ 394.749755][ T5242] Bluetooth: hci2: command tx timeout [ 394.948073][ T25] usb 4-1: new high-speed USB device number 73 using dummy_hcd [ 395.131032][ T8] usb 2-1: new full-speed USB device number 75 using dummy_hcd [ 395.149821][ T25] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 395.160554][ T25] usb 4-1: too many endpoints for config 0 interface 0 altsetting 255: 255, using maximum allowed: 30 [ 395.174685][T15680] loop9: detected capacity change from 0 to 7 [ 395.175176][ T25] usb 4-1: config 0 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 395.205988][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 395.214568][T15680] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 395.220564][T15680] loop9: partition table partially beyond EOD, truncated [ 395.223163][ T25] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 395.238389][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.246434][ T25] usb 4-1: Product: syz [ 395.250779][ T25] usb 4-1: Manufacturer: syz [ 395.255453][ T25] usb 4-1: SerialNumber: syz [ 395.262728][ T25] usb 4-1: config 0 descriptor?? [ 395.305078][T15680] loop9: p1 size 1139518251 extends beyond EOD, truncated [ 395.360292][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 395.420344][ T8] usb 2-1: config 0 has no interfaces? [ 395.450880][ T8] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 395.485643][ T8] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 395.549213][ T5242] Bluetooth: hci0: command tx timeout [ 395.564251][ T8] usb 2-1: Product: syz [ 395.568588][ T8] usb 2-1: SerialNumber: syz [ 395.595836][ T8] usb 2-1: config 0 descriptor?? [ 396.212129][T15695] kvm: pic: non byte write [ 396.340527][ T8] usb 2-1: USB disconnect, device number 75 [ 396.754060][ T11] team0 (unregistering): Port device team_slave_1 removed [ 396.910168][ T11] team0 (unregistering): Port device team_slave_0 removed [ 397.357895][ T46] usb 2-1: new high-speed USB device number 76 using dummy_hcd [ 397.540864][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 397.552825][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 397.565020][ T46] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00 [ 397.575013][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.592078][ T46] usb 2-1: config 0 descriptor?? [ 397.627804][ T5242] Bluetooth: hci0: command tx timeout [ 398.039143][ T46] corsair-psu 0003:1B1C:1C0D.0024: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.1-1/input0 [ 398.565155][T15708] tipc: Started in network mode [ 398.570268][T15708] tipc: Node identity f7, cluster identity 4711 [ 398.576755][T15708] tipc: Node number set to 247 [ 398.668562][ T46] corsair-psu 0003:1B1C:1C0D.0024: unable to initialize device (-71) [ 398.680252][ T25] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 398.687814][ T25] usb 4-1: selecting invalid altsetting 0 [ 398.697866][ T46] corsair-psu 0003:1B1C:1C0D.0024: probe with driver corsair-psu failed with error -71 [ 398.769584][ T25] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 398.776723][T15430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 398.778888][ T46] usb 2-1: USB disconnect, device number 76 [ 398.795878][ T25] usb 4-1: USB disconnect, device number 73 [ 398.885358][T14946] udevd[14946]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 398.903594][T15430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 399.042191][T15798] je: renamed from lo (while UP) [ 399.099527][T15430] team0: Port device team_slave_0 added [ 399.125260][T15430] team0: Port device team_slave_1 added [ 399.304841][T15430] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 399.356390][T15430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 399.414488][T15430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 399.439313][T15430] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 399.446571][T15430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 399.476441][T15430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 399.528955][ T8] usb 5-1: new high-speed USB device number 68 using dummy_hcd [ 399.705833][T15430] hsr_slave_0: entered promiscuous mode [ 399.713808][T15430] hsr_slave_1: entered promiscuous mode [ 399.718550][ T5242] Bluetooth: hci0: command tx timeout [ 399.720271][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 399.746009][ T8] usb 5-1: config 1 interface 0 altsetting 127 bulk endpoint 0x1 has invalid maxpacket 32 [ 399.772360][ T8] usb 5-1: config 1 interface 0 altsetting 127 bulk endpoint 0x82 has invalid maxpacket 16 [ 399.802502][ T8] usb 5-1: config 1 interface 0 has no altsetting 0 [ 399.807870][ T25] usb 4-1: new high-speed USB device number 74 using dummy_hcd [ 399.829177][ T8] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 399.852235][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.860817][ T5282] usb 2-1: new high-speed USB device number 77 using dummy_hcd [ 399.892522][ T8] usb 5-1: Product: syz [ 399.901345][ T8] usb 5-1: Manufacturer: Ȳ뙿灩诓鼨喓懴ᦹꀮ글龿鼻蜷䚄卹ր铽銶ﳘ涫꩐￾ൌ壏゗⣒⠌鶢㤠湅錂햘 [ 399.921976][ T8] usb 5-1: SerialNumber: syz [ 399.938158][T15828] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 399.952495][T15828] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 399.978084][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 399.986022][ T25] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 400.010938][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.039787][ T25] usb 4-1: config 0 descriptor?? [ 400.060222][ T25] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 400.078740][ T5282] usb 2-1: Using ep0 maxpacket: 8 [ 400.086445][ T5282] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 400.121540][ T5282] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 400.142424][ T5282] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 400.163117][ T5282] usb 2-1: Product: syz [ 400.186631][ T5282] usb 2-1: Manufacturer: syz [ 400.200530][ T5282] usb 2-1: SerialNumber: syz [ 400.224321][ T5282] usb 2-1: config 0 descriptor?? [ 400.245712][ T5282] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 400.401462][ T8] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 68 if 0 alt 127 proto 1 vid 0x0525 pid 0xA4A8 [ 400.436037][ T8] usb 5-1: USB disconnect, device number 68 [ 400.459735][ T8] usblp0: removed [ 400.856440][ T25] gspca_vc032x: reg_w err -71 [ 400.872417][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.885125][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.900311][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.917851][ T46] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 400.925821][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.941668][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.950466][T15430] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 400.967563][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.976688][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.989179][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 400.994609][T15430] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 400.994697][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.039035][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.044708][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.053066][T15430] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 401.070792][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.076173][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.097607][T15430] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 401.103259][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.131320][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.131343][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.131358][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.131372][ T25] gspca_vc032x: I2c Bus Busy Wait 00 [ 401.131386][ T25] gspca_vc032x: Unknown sensor... [ 401.131447][ T25] vc032x 4-1:0.0: probe with driver vc032x failed with error -22 [ 401.137827][ T46] usb 3-1: Using ep0 maxpacket: 16 [ 401.139462][ T46] usb 3-1: config 0 has an invalid interface number: 11 but max is 0 [ 401.139495][ T46] usb 3-1: config 0 has no interface number 0 [ 401.139524][ T46] usb 3-1: too many endpoints for config 0 interface 11 altsetting 255: 255, using maximum allowed: 30 [ 401.139565][ T46] usb 3-1: config 0 interface 11 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 401.139597][ T46] usb 3-1: config 0 interface 11 has no altsetting 0 [ 401.141506][ T46] usb 3-1: New USB device found, idVendor=1199, idProduct=68a1, bcdDevice=d2.7b [ 401.141541][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.141568][ T46] usb 3-1: Product: syz [ 401.141587][ T46] usb 3-1: Manufacturer: syz [ 401.141608][ T46] usb 3-1: SerialNumber: syz [ 401.143835][ T46] usb 3-1: config 0 descriptor?? [ 401.145740][ T25] usb 4-1: USB disconnect, device number 74 [ 401.364951][T16023] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 401.367023][T16023] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 401.379676][ T46] usb 3-1: USB disconnect, device number 48 [ 401.385698][T15430] 8021q: adding VLAN 0 to HW filter on device bond0 [ 401.451703][T15430] 8021q: adding VLAN 0 to HW filter on device team0 [ 401.486454][ T3024] bridge0: port 1(bridge_slave_0) entered blocking state [ 401.486536][ T3024] bridge0: port 1(bridge_slave_0) entered forwarding state [ 401.490368][ T3024] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.490457][ T3024] bridge0: port 2(bridge_slave_1) entered forwarding state [ 401.550535][T15430] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 401.550565][T15430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 401.629748][T15430] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 401.739802][T15430] veth0_vlan: entered promiscuous mode [ 401.757536][T15430] veth1_vlan: entered promiscuous mode [ 401.809578][T15430] veth0_macvtap: entered promiscuous mode [ 401.871544][T15430] veth1_macvtap: entered promiscuous mode [ 401.876289][ T5284] usb 4-1: new full-speed USB device number 75 using dummy_hcd [ 401.914074][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 401.967882][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.993028][T16095] program syz.2.1023 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 401.998032][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.034326][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.044812][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.056119][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.059835][ T5284] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 402.095341][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.110057][ T5284] usb 4-1: config 0 has no interfaces? [ 402.116113][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.145455][ T5284] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 402.146618][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 402.157804][ T5284] usb 4-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 402.191246][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.197752][ T5284] usb 4-1: Product: syz [ 402.211170][T15430] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 402.222940][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.229566][ T5284] usb 4-1: SerialNumber: syz [ 402.235428][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.251553][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.269508][ T5282] gspca_zc3xx: reg_r err -32 [ 402.282096][ T5284] usb 4-1: config 0 descriptor?? [ 402.302366][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.324487][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.349187][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.369853][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.404797][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.431754][T15430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 402.447154][T15430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 402.459632][T15430] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 402.505198][T15430] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.517348][T15430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.547950][T15430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.557333][T15430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.614263][T16120] kvm: pic: non byte write [ 402.745584][ T5274] usb 4-1: USB disconnect, device number 75 [ 402.821178][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.857878][ T5282] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 402.864758][ T5282] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -32 [ 402.873693][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 402.962682][ T5709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.974273][ T5709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 403.160999][T16123] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1027'. [ 403.181228][T16144] netlink: 276 bytes leftover after parsing attributes in process `syz.1.1017'. [ 403.235851][T16123] 8021q: adding VLAN 0 to HW filter on device team1 [ 403.913216][ T5274] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 404.069461][ T5274] usb 4-1: config 0 has an invalid interface number: 18 but max is 0 [ 404.079167][ T5274] usb 4-1: config 0 has no interface number 0 [ 404.085497][ T5274] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.110709][ T5274] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 404.129992][ T5274] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 404.148178][ T5274] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 404.157574][ T5274] usb 4-1: Manufacturer: syz [ 404.159337][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 404.159358][ T29] audit: type=1800 audit(1728382499.297:285): pid=16193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1028" name="/" dev="fuse" ino=1 res=0 errno=0 [ 404.170928][ T5274] usb 4-1: config 0 descriptor?? [ 404.264102][ T5282] usb 2-1: USB disconnect, device number 77 [ 404.522719][T16241] netlink: 'syz.1.1035': attribute type 3 has an invalid length. [ 404.528095][ T9] usb 5-1: new high-speed USB device number 69 using dummy_hcd [ 404.546208][T16241] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1035'. [ 404.662177][T16215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 404.690646][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 404.698552][T16254] input: syz1 as /devices/virtual/input/input32 [ 404.714838][ T9] usb 5-1: no configurations [ 404.719945][T16215] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 404.723744][ T9] usb 5-1: can't read configurations, error -22 [ 404.839986][ T5274] usbhid 4-1:0.18: can't add hid device: -71 [ 404.846791][ T5274] usbhid 4-1:0.18: probe with driver usbhid failed with error -71 [ 404.848064][ T8] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 404.871413][T16273] capability: warning: `syz.1.1038' uses deprecated v2 capabilities in a way that may be insecure [ 404.902133][ T9] usb 5-1: new high-speed USB device number 70 using dummy_hcd [ 404.908464][ T5274] usb 4-1: USB disconnect, device number 76 [ 405.009493][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 405.015143][T16283] fuse: Bad value for 'blksize' [ 405.023568][ T8] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 405.057802][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 405.063054][ T8] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 405.084757][ T9] usb 5-1: no configurations [ 405.118098][ T9] usb 5-1: can't read configurations, error -22 [ 405.132436][ T8] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 405.162060][ T9] usb usb5-port1: attempt power cycle [ 405.176830][ T8] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 405.210498][ T8] usb 3-1: config 0 interface 0 has no altsetting 0 [ 405.211017][ T1055] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.255930][ T8] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 405.297812][ T8] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 405.312307][ T8] usb 3-1: Product: syz [ 405.314751][ T1055] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.339346][ T5274] usb 4-1: new high-speed USB device number 77 using dummy_hcd [ 405.351248][ T8] usb 3-1: Manufacturer: syz [ 405.355915][ T8] usb 3-1: SerialNumber: syz [ 405.375091][ T8] usb 3-1: config 0 descriptor?? [ 405.396210][ T8] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 405.453769][ T8] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 405.474729][ T1055] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.490267][T16276] delete_channel: no stack [ 405.518247][ T5274] usb 4-1: Using ep0 maxpacket: 16 [ 405.537893][ T9] usb 5-1: new high-speed USB device number 71 using dummy_hcd [ 405.543573][ T5274] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 405.569504][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 405.572863][ T5274] usb 4-1: New USB device found, idVendor=046d, idProduct=0821, bcdDevice=6f.4b [ 405.602550][ T9] usb 5-1: no configurations [ 405.606953][ T5274] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.607188][ T9] usb 5-1: can't read configurations, error -22 [ 405.671384][ T5274] usb 4-1: Product: syz [ 405.675790][ T5274] usb 4-1: Manufacturer: syz [ 405.688007][ T5274] usb 4-1: SerialNumber: syz [ 405.696982][ T5274] usb 4-1: config 0 descriptor?? [ 405.715516][T16243] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 405.715798][ T5274] usb 4-1: Found UVC 0.00 device syz (046d:0821) [ 405.732694][ T5274] usb 4-1: No valid video chain found. [ 405.752479][ T1055] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.775373][T16243] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 405.818314][ T9] usb 5-1: new high-speed USB device number 72 using dummy_hcd [ 405.859646][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 405.866968][ T9] usb 5-1: no configurations [ 405.877793][ T9] usb 5-1: can't read configurations, error -22 [ 405.888086][ T9] usb usb5-port1: unable to enumerate USB device [ 406.010754][T16283] pimreg3: entered allmulticast mode [ 406.018866][ T1055] bridge_slave_1: left allmulticast mode [ 406.026642][ T1055] bridge_slave_1: left promiscuous mode [ 406.034719][ T8] usb 2-1: new high-speed USB device number 78 using dummy_hcd [ 406.068093][ T1055] bridge0: port 2(bridge_slave_1) entered disabled state [ 406.096358][T14951] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 406.114680][ T1055] bridge_slave_0: left allmulticast mode [ 406.124198][ T1055] bridge_slave_0: left promiscuous mode [ 406.130437][T14951] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 406.142572][T14951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 406.153571][T14951] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 406.163310][T14951] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 406.170895][T14951] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 406.178600][ T1055] bridge0: port 1(bridge_slave_0) entered disabled state [ 406.320246][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 406.332791][ T8] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 406.355631][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.398116][ T8] usb 2-1: config 0 descriptor?? [ 406.450240][ T8] pwc: Askey VC010 type 2 USB webcam detected. [ 406.453228][ T5284] usb 3-1: USB disconnect, device number 49 [ 406.516517][ T5284] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 406.647027][ T8] pwc: send_video_command error -71 [ 406.653938][ T8] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 406.662416][ T8] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71 [ 406.699578][ T8] usb 2-1: USB disconnect, device number 78 [ 407.115098][ T1055] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 407.139997][ T1055] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 407.162341][ T1055] bond0 (unregistering): Released all slaves [ 407.167851][ T8] usb 2-1: new high-speed USB device number 79 using dummy_hcd [ 407.176501][T16282] pimreg3: left allmulticast mode [ 407.310950][ T9] usb 4-1: USB disconnect, device number 77 [ 407.339471][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 407.350980][ T8] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 407.377248][T16361] netlink: 'syz.2.1044': attribute type 4 has an invalid length. [ 407.380972][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.460011][ T8] usb 2-1: config 0 descriptor?? [ 407.487320][ T8] pwc: Askey VC010 type 2 USB webcam detected. [ 407.885021][ T8] pwc: recv_control_msg error -32 req 02 val 2b00 [ 407.952790][ T8] pwc: recv_control_msg error -32 req 02 val 2700 [ 407.975033][ T1055] hsr_slave_0: left promiscuous mode [ 407.984967][ T8] pwc: recv_control_msg error -32 req 02 val 2c00 [ 407.992216][ T1055] hsr_slave_1: left promiscuous mode [ 408.017941][ T5281] usb 5-1: new high-speed USB device number 73 using dummy_hcd [ 408.027323][ T8] pwc: recv_control_msg error -32 req 04 val 1000 [ 408.054077][ T1055] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 408.062002][ T8] pwc: recv_control_msg error -32 req 04 val 1300 [ 408.072651][ T1055] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 408.089249][ T1055] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 408.096743][ T1055] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 408.104359][ T8] pwc: recv_control_msg error -32 req 04 val 1400 [ 408.111980][ T8] pwc: recv_control_msg error -32 req 02 val 2000 [ 408.127029][ T8] pwc: recv_control_msg error -32 req 02 val 2100 [ 408.148744][ T8] pwc: recv_control_msg error -32 req 04 val 1500 [ 408.170644][ T8] pwc: recv_control_msg error -71 req 02 val 2500 [ 408.208067][ T8] pwc: recv_control_msg error -71 req 02 val 2400 [ 408.216533][ T1055] veth1_macvtap: left promiscuous mode [ 408.222347][ T5281] usb 5-1: Using ep0 maxpacket: 32 [ 408.236267][ T8] pwc: recv_control_msg error -71 req 02 val 2600 [ 408.243104][ T1055] veth0_macvtap: left promiscuous mode [ 408.252543][ T8] pwc: recv_control_msg error -71 req 02 val 2900 [ 408.260622][ T5281] usb 5-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5 [ 408.277939][ T1055] veth1_vlan: left promiscuous mode [ 408.278342][T14951] Bluetooth: hci0: command tx timeout [ 408.283268][ T1055] veth0_vlan: left promiscuous mode [ 408.283909][ T5281] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.302753][ T8] pwc: recv_control_msg error -71 req 02 val 2800 [ 408.319915][ T8] pwc: recv_control_msg error -71 req 04 val 1100 [ 408.345612][ T8] pwc: recv_control_msg error -71 req 04 val 1200 [ 408.352795][ T5281] usb 5-1: Product: syz [ 408.357011][ T5281] usb 5-1: Manufacturer: syz [ 408.389579][ T8] pwc: Registered as video71. [ 408.395662][ T8] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input33 [ 408.407781][ T5281] usb 5-1: SerialNumber: syz [ 408.420876][ T5281] usb 5-1: config 0 descriptor?? [ 408.444606][ T5281] hub 5-1:0.0: bad descriptor, ignoring hub [ 408.461397][ T8] usb 2-1: USB disconnect, device number 79 [ 408.477166][ T5281] hub 5-1:0.0: probe with driver hub failed with error -5 [ 408.506601][ T5281] gspca_main: vc032x-2.14.0 probing 0ac8:c301 [ 408.654709][ T29] audit: type=1800 audit(1728382503.787:286): pid=16448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1046" name="/" dev="fuse" ino=1 res=0 errno=0 [ 408.960023][ T5281] gspca_vc032x: reg_w err -71 [ 408.978451][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 408.995327][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.005070][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.015154][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.020936][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.026283][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.032009][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.037370][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.043743][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.049185][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.054529][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.060000][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.073720][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.082877][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.088677][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.095035][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.100847][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.106410][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.116863][ T5281] gspca_vc032x: I2c Bus Busy Wait 00 [ 409.122473][ T5281] gspca_vc032x: Unknown sensor... [ 409.131251][ T5281] vc032x 5-1:0.0: probe with driver vc032x failed with error -22 [ 409.172480][ T5281] usb 5-1: USB disconnect, device number 73 [ 409.197948][ T8] usb 2-1: new high-speed USB device number 80 using dummy_hcd [ 409.362471][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 409.377852][ T8] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 409.386991][ T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 409.397925][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.416703][ T8] usb 2-1: config 0 descriptor?? [ 409.508541][ T1055] team0 (unregistering): Port device team_slave_1 removed [ 409.625950][ T1055] team0 (unregistering): Port device team_slave_0 removed [ 409.696475][T16569] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1050'. [ 410.202107][T16512] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1047'. [ 410.219720][T16333] chnl_net:caif_netlink_parms(): no params data found [ 410.358031][T14951] Bluetooth: hci0: command tx timeout [ 410.618036][ T5284] usb 4-1: new high-speed USB device number 78 using dummy_hcd [ 410.794470][T16333] bridge0: port 1(bridge_slave_0) entered blocking state [ 410.802191][T16333] bridge0: port 1(bridge_slave_0) entered disabled state [ 410.809662][T16333] bridge_slave_0: entered allmulticast mode [ 410.816780][T16333] bridge_slave_0: entered promiscuous mode [ 410.825168][T16333] bridge0: port 2(bridge_slave_1) entered blocking state [ 410.834760][T16333] bridge0: port 2(bridge_slave_1) entered disabled state [ 410.842194][T16333] bridge_slave_1: entered allmulticast mode [ 410.849562][T16333] bridge_slave_1: entered promiscuous mode [ 410.996840][T16333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 411.046699][T16333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 411.145364][ T5242] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 411.160651][ T5242] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 411.172664][ T5242] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 411.185198][ T5242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 411.193618][ T5242] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 411.211273][ T5242] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 411.316758][T16722] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 411.395089][T16333] team0: Port device team_slave_0 added [ 411.442821][T16333] team0: Port device team_slave_1 added [ 411.634371][T16333] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 411.634396][T16333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 411.667966][ C1] vkms_vblank_simulate: vblank timer overrun [ 411.678341][T16333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 411.716817][T16333] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 411.716839][T16333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 411.716871][T16333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 411.939549][ T46] usb 2-1: USB disconnect, device number 80 [ 411.972001][T16333] hsr_slave_0: entered promiscuous mode [ 412.004531][T16333] hsr_slave_1: entered promiscuous mode [ 412.407903][ T46] usb 2-1: new high-speed USB device number 81 using dummy_hcd [ 412.436307][T14951] Bluetooth: hci0: command tx timeout [ 412.613551][T16710] chnl_net:caif_netlink_parms(): no params data found [ 412.621415][ T46] usb 2-1: Using ep0 maxpacket: 16 [ 412.642222][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 412.668742][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 412.693045][ T46] usb 2-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00 [ 412.703136][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.716702][ T46] usb 2-1: config 0 descriptor?? [ 412.879082][ T937] usb 4-1: new full-speed USB device number 79 using dummy_hcd [ 412.888546][ T29] audit: type=1800 audit(1728382508.037:287): pid=16821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1057" name="/" dev="fuse" ino=1 res=0 errno=0 [ 413.038205][ T937] usb 4-1: device descriptor read/64, error -71 [ 413.090493][ T46] usbhid 2-1:0.0: can't add hid device: -71 [ 413.096564][ T46] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 413.130820][ T46] usb 2-1: USB disconnect, device number 81 [ 413.215885][T16710] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.230898][T16710] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.248661][T16710] bridge_slave_0: entered allmulticast mode [ 413.256086][T16710] bridge_slave_0: entered promiscuous mode [ 413.277902][ T937] usb 4-1: new full-speed USB device number 80 using dummy_hcd [ 413.306247][T16710] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.313709][T14951] Bluetooth: hci3: command tx timeout [ 413.353057][T16710] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.360557][T16710] bridge_slave_1: entered allmulticast mode [ 413.392772][T16710] bridge_slave_1: entered promiscuous mode [ 413.427900][ T937] usb 4-1: device descriptor read/64, error -71 [ 413.485088][T16710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.527157][T16710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 413.538360][ T937] usb usb4-port1: attempt power cycle [ 413.614107][T16710] team0: Port device team_slave_0 added [ 413.653231][T16710] team0: Port device team_slave_1 added [ 413.667610][T16333] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 413.710114][T16333] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 413.726260][T16333] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 413.739169][T16710] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 413.747867][T16710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.774576][T16710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 413.787446][T16333] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 413.803326][T16710] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 413.820937][T16710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.847482][ T8] usb 2-1: new high-speed USB device number 82 using dummy_hcd [ 413.856198][T16710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 413.909549][ T937] usb 4-1: new full-speed USB device number 81 using dummy_hcd [ 413.930783][ T937] usb 4-1: device descriptor read/8, error -71 [ 413.946883][T16710] hsr_slave_0: entered promiscuous mode [ 413.956065][T16710] hsr_slave_1: entered promiscuous mode [ 413.965400][T16710] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 413.973200][T16710] Cannot create hsr debugfs directory [ 414.034524][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 414.056381][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 414.068218][ T8] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 414.087571][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.112249][ T8] usb 2-1: config 0 descriptor?? [ 414.178066][ T937] usb 4-1: new full-speed USB device number 82 using dummy_hcd [ 414.210932][ T937] usb 4-1: device descriptor read/8, error -71 [ 414.213045][T16333] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.291932][T16710] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.318246][ T937] usb usb4-port1: unable to enumerate USB device [ 414.344887][T17287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 414.374821][T16333] 8021q: adding VLAN 0 to HW filter on device team0 [ 414.388484][T17287] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 414.465066][ T8] usbhid 2-1:0.0: can't add hid device: -71 [ 414.476620][ T8] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 414.503551][ T8] usb 2-1: USB disconnect, device number 82 [ 414.514305][T16710] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.525937][T14951] Bluetooth: hci0: command tx timeout [ 414.571769][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.578918][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 414.664823][T16710] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.690060][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.697224][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 414.786597][T16710] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.869941][T16333] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 415.020401][T16333] veth0_vlan: entered promiscuous mode [ 415.085163][T16333] veth1_vlan: entered promiscuous mode [ 415.123490][T16710] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 415.136778][T16710] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 415.173354][T16710] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 415.213228][T16710] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 415.222084][T17335] loop9: detected capacity change from 0 to 7 [ 415.248710][T17335] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 415.254056][T17335] loop9: partition table partially beyond EOD, truncated [ 415.263010][T17335] loop9: p1 size 1139518251 extends beyond EOD, truncated [ 415.388572][T14951] Bluetooth: hci3: command tx timeout [ 415.500888][T16333] veth0_macvtap: entered promiscuous mode [ 415.576589][T16333] veth1_macvtap: entered promiscuous mode [ 416.057392][ T7846] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.205016][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.243667][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.267797][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.317870][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.347659][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.368515][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.384138][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.405038][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.426058][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.448598][T17378] net_ratelimit: 43 callbacks suppressed [ 416.448621][T17378] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 416.482770][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.510315][T16333] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 416.558854][ T46] usb 2-1: new high-speed USB device number 83 using dummy_hcd [ 416.580083][T17383] binder: 17377:17383 ioctl c0306201 20000080 returned -14 [ 416.601761][ T7846] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.659733][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.687952][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.706570][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.723684][ T5242] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 416.733615][ T5242] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 416.741904][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.743149][ T5242] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 416.764834][ T46] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 416.776463][ T46] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 416.787344][ T5242] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 416.794358][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.794551][ T46] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 416.814487][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.822903][ T5242] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 416.830163][ T9] usb 4-1: new high-speed USB device number 83 using dummy_hcd [ 416.839240][ T5242] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 416.848119][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.859657][ T46] usb 2-1: config 0 descriptor?? [ 416.910247][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.936098][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.946631][T16333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.957898][T16333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.972005][T16333] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 416.993961][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 417.005618][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 417.034640][ T9] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 417.049072][ T9] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 417.057516][ T9] usb 4-1: Product: syz [ 417.070954][ T9] usb 4-1: Manufacturer: syz [ 417.075856][ T9] usb 4-1: SerialNumber: syz [ 417.083867][ T7846] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.143246][T16333] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.154915][T16333] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.164335][T16333] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.173573][T16333] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.257476][ T7846] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.314551][T16710] 8021q: adding VLAN 0 to HW filter on device bond0 [ 417.431902][ T9] usb 4-1: palm_os_3_probe - error -110 getting connection information [ 417.462238][ T9] visor 4-1:1.0: probe with driver visor failed with error -110 [ 417.470134][T14951] Bluetooth: hci3: command tx timeout [ 417.493726][T16710] 8021q: adding VLAN 0 to HW filter on device team0 [ 417.511164][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 417.545563][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 417.736086][ T1055] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.743562][ T1055] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.786559][ T5709] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.793757][ T5709] bridge0: port 2(bridge_slave_1) entered forwarding state [ 417.834460][ T7846] bridge_slave_1: left allmulticast mode [ 417.844465][ T7846] bridge_slave_1: left promiscuous mode [ 417.851732][ T7846] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.863691][ T7846] bridge_slave_0: left allmulticast mode [ 417.876537][ T7846] bridge_slave_0: left promiscuous mode [ 417.888070][ T7846] bridge0: port 1(bridge_slave_0) entered disabled state [ 418.557496][ T7846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 418.571282][ T7846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 418.599795][ T7846] bond0 (unregistering): Released all slaves [ 418.630600][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.634874][T17398] chnl_net:caif_netlink_parms(): no params data found [ 418.648716][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.696635][ T7846] tipc: Left network mode [ 418.909170][T14951] Bluetooth: hci2: command tx timeout [ 419.235215][ T8] usb 2-1: USB disconnect, device number 83 [ 419.280279][T17398] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.287444][T17398] bridge0: port 1(bridge_slave_0) entered disabled state [ 419.313629][T17398] bridge_slave_0: entered allmulticast mode [ 419.323401][T17398] bridge_slave_0: entered promiscuous mode [ 419.341131][T17398] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.350249][T17398] bridge0: port 2(bridge_slave_1) entered disabled state [ 419.357561][T17398] bridge_slave_1: entered allmulticast mode [ 419.378331][T17398] bridge_slave_1: entered promiscuous mode [ 419.441097][ T46] usb 4-1: USB disconnect, device number 83 [ 419.450145][ T7846] hsr_slave_0: left promiscuous mode [ 419.470955][ T7846] hsr_slave_1: left promiscuous mode [ 419.490137][ T7846] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 419.497637][ T7846] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 419.507906][ T5283] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 419.539604][ T7846] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 419.547082][ T7846] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 419.562617][T14951] Bluetooth: hci3: command tx timeout [ 419.662975][ T7846] veth1_macvtap: left promiscuous mode [ 419.668687][ T7846] veth0_macvtap: left promiscuous mode [ 419.674436][ T7846] veth1_vlan: left promiscuous mode [ 419.687890][ T5283] usb 1-1: Using ep0 maxpacket: 8 [ 419.689163][ T7846] veth0_vlan: left promiscuous mode [ 419.696743][ T5283] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 419.710813][ T5283] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.733901][ T5283] usb 1-1: config 0 descriptor?? [ 419.760236][T17663] sctp: [Deprecated]: syz.1.1072 (pid 17663) Use of int in max_burst socket option deprecated. [ 419.760236][T17663] Use struct sctp_assoc_value instead [ 420.792228][ T7846] team0 (unregistering): Port device team_slave_1 removed [ 420.850528][ T7846] team0 (unregistering): Port device team_slave_0 removed [ 420.917955][T14951] Bluetooth: hci0: command tx timeout [ 420.998356][T14951] Bluetooth: hci2: command tx timeout [ 421.624107][T17398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 421.662517][T17398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 421.774906][T16710] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 421.865132][T17398] team0: Port device team_slave_0 added [ 421.924475][T17398] team0: Port device team_slave_1 added [ 422.109576][T17398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.173571][T17398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.228782][T17398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.255531][T17398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.255880][ T5283] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 422.265769][T17398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.306609][T17398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.357330][ T5283] asix 1-1:0.0: probe with driver asix failed with error -71 [ 422.373188][T16710] veth0_vlan: entered promiscuous mode [ 422.402417][ T5283] usb 1-1: USB disconnect, device number 71 [ 422.426666][T16710] veth1_vlan: entered promiscuous mode [ 422.583427][T17398] hsr_slave_0: entered promiscuous mode [ 422.638702][T17398] hsr_slave_1: entered promiscuous mode [ 422.675161][T17398] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 422.703078][T17398] Cannot create hsr debugfs directory [ 422.925532][T16710] veth0_macvtap: entered promiscuous mode [ 423.018442][T16710] veth1_macvtap: entered promiscuous mode [ 423.088044][T14951] Bluetooth: hci2: command tx timeout [ 423.209366][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 423.221365][T17860] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1078'. [ 423.238120][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.255390][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 423.290669][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.315460][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 423.340663][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.371773][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 423.397120][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.418168][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 423.448058][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.480359][T16710] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 423.596983][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.645459][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.663630][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.685497][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.705192][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.728081][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.742204][T17876] IPVS: sh: SCTP 172.20.20.187:0 - no destination available [ 423.757828][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.775565][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.785689][ T937] IPVS: starting estimator thread 0... [ 423.819782][T16710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.860876][T16710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.877959][T17877] IPVS: using max 17 ests per chain, 40800 per kthread [ 423.896408][T16710] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 424.090700][T16710] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.130970][T16710] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.166551][T16710] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.176665][T16710] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.640759][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.677059][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.973943][ T5709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.987499][ T5709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 425.157779][T14951] Bluetooth: hci2: command tx timeout [ 425.243895][T17398] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 425.334820][T17398] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 425.398279][T17398] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 425.436799][T17398] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 425.766106][T17398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 425.862401][T17398] 8021q: adding VLAN 0 to HW filter on device team0 [ 425.909401][ T7846] bridge0: port 1(bridge_slave_0) entered blocking state [ 425.916620][ T7846] bridge0: port 1(bridge_slave_0) entered forwarding state [ 425.958229][ T7846] bridge0: port 2(bridge_slave_1) entered blocking state [ 425.965405][ T7846] bridge0: port 2(bridge_slave_1) entered forwarding state [ 426.189552][T17398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 426.340976][T17398] veth0_vlan: entered promiscuous mode [ 426.386767][T17398] veth1_vlan: entered promiscuous mode [ 426.466674][T17398] veth0_macvtap: entered promiscuous mode [ 426.507070][T17398] veth1_macvtap: entered promiscuous mode [ 426.571489][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.607760][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.617638][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.647761][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.674072][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.685221][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.685249][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.685271][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.685292][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.685310][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.685331][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.685349][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.686955][T17398] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 426.704637][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.827913][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.827943][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.827965][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.827984][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.828000][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.828020][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.828036][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.828056][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.828072][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.828090][T17398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.828107][T17398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.829615][T17398] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 426.843489][T17398] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 426.843584][T17398] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 426.843620][T17398] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 426.843655][T17398] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.138592][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.138619][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 427.243538][ T5709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.243569][ T5709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 429.057926][ T46] usb 2-1: new high-speed USB device number 84 using dummy_hcd [ 429.228165][ T46] usb 2-1: Using ep0 maxpacket: 32 [ 429.255023][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.299590][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 429.361563][ T46] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 429.413068][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.489831][ T46] usb 2-1: config 0 descriptor?? [ 429.500512][ T46] hub 2-1:0.0: USB hub found [ 429.703063][ T46] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 430.147940][ T46] usbhid 2-1:0.0: can't add hid device: -32 [ 430.154011][ T46] usbhid 2-1:0.0: probe with driver usbhid failed with error -32 [ 430.382296][T18099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 430.457525][T18099] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 432.128176][ T937] usb 2-1: USB disconnect, device number 84 [ 432.161344][ T29] audit: type=1326 audit(1728382527.297:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18114 comm="syz.4.1102" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faee657dff9 code=0x0 [ 432.386357][T14951] Bluetooth: hci3: unexpected cc 0x0c14 length: 60 < 249 [ 433.607961][ T8] usb 1-1: new full-speed USB device number 72 using dummy_hcd [ 433.779633][ T8] usb 1-1: config 0 has an invalid interface number: 120 but max is 0 [ 433.789736][ T8] usb 1-1: config 0 has no interface number 0 [ 433.809540][ T8] usb 1-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 433.835638][ T8] usb 1-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 433.889834][ T8] usb 1-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice=55.58 [ 433.906409][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 433.916853][ T8] usb 1-1: Product: syz [ 433.929054][ T8] usb 1-1: Manufacturer: syz [ 433.936548][ T8] usb 1-1: SerialNumber: syz [ 433.952035][ T8] usb 1-1: config 0 descriptor?? [ 433.961454][ T8] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.120/input/input34 [ 434.732869][ T46] usb 1-1: USB disconnect, device number 72 [ 440.198823][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.205177][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.318013][ T5274] usb 1-1: new high-speed USB device number 73 using dummy_hcd [ 441.497864][ T5274] usb 1-1: Using ep0 maxpacket: 8 [ 441.513695][ T5274] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 441.544156][ T5274] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 441.576797][ T5274] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 441.607446][ T5274] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 441.652585][ T5274] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 441.677936][ T5274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.920073][ T5274] usb 1-1: GET_CAPABILITIES returned 0 [ 441.925635][ T5274] usbtmc 1-1:16.0: can't read capabilities [ 442.132288][ T937] usb 1-1: USB disconnect, device number 73 [ 443.017891][T18372] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1159'. [ 443.051861][T18372] tipc: Started in network mode [ 443.056884][T18372] tipc: Node identity memory.en, cluster identity 8 [ 443.353748][T18381] Invalid option length (1044984) for dns_resolver key [ 450.533835][ C0] sched: DL replenish lagged too much [ 452.970133][ T5284] usb 5-1: new high-speed USB device number 74 using dummy_hcd [ 454.719370][T18448] netlink: 'syz.0.1178': attribute type 10 has an invalid length. [ 454.849959][T18448] 8021q: adding VLAN 0 to HW filter on device team0 [ 454.929409][T18448] bond0: (slave team0): Enslaving as an active interface with an up link [ 456.775970][T18494] hub 9-0:1.0: USB hub found [ 456.819045][T18494] hub 9-0:1.0: 8 ports detected [ 457.647637][ T5242] Bluetooth: hci4: command 0x0406 tx timeout [ 460.707917][ T5274] usb 5-1: new high-speed USB device number 75 using dummy_hcd [ 460.887845][ T5274] usb 5-1: Using ep0 maxpacket: 32 [ 460.917106][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 460.961896][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 461.022551][ T5274] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 461.070637][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 461.244832][ T5274] usb 5-1: config 0 descriptor?? [ 461.948087][ T5284] usb 1-1: new full-speed USB device number 74 using dummy_hcd [ 462.207785][ T5284] usb 1-1: unable to get BOS descriptor or descriptor too short [ 462.277998][ T5284] usb 1-1: no configurations [ 462.310276][ T5284] usb 1-1: can't read configurations, error -22 [ 463.492669][T18563] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1211'. [ 463.973555][T18565] syzkaller0: entered promiscuous mode [ 464.020781][T18565] syzkaller0: entered allmulticast mode [ 465.117776][ T5283] usb 4-1: new high-speed USB device number 84 using dummy_hcd [ 465.349969][ T5283] usb 4-1: Using ep0 maxpacket: 32 [ 465.383812][ T5283] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 465.434414][ T5283] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 465.478836][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.523550][ T5283] usb 4-1: Product: syz [ 465.548058][ T5283] usb 4-1: Manufacturer: syz [ 465.573223][ T5283] usb 4-1: SerialNumber: syz [ 465.620739][ T5283] usb 4-1: config 0 descriptor?? [ 465.660462][T18572] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 465.707196][ T5283] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 465.924853][ T5283] usb 4-1: USB disconnect, device number 84 [ 466.319176][T18608] udevd[18608]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 466.382311][ T5274] usbhid 5-1:0.0: can't add hid device: -32 [ 466.399426][ T5274] usbhid 5-1:0.0: probe with driver usbhid failed with error -32 [ 471.078525][ T5242] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 471.093012][ T5242] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 471.101670][ T5242] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 471.112900][ T5242] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 471.122180][ T5242] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 471.129818][ T5242] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 473.232631][ T5242] Bluetooth: hci5: command tx timeout [ 473.886707][T14951] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 473.899913][T14951] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 473.910489][T14951] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 473.919791][T14951] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 473.930760][T14951] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 473.938648][T14951] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 474.536010][ T5242] Bluetooth: hci2: link tx timeout [ 474.541839][ T5242] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 475.308048][ T5242] Bluetooth: hci5: command tx timeout [ 476.072444][ T5242] Bluetooth: hci6: command tx timeout [ 476.589594][ T5229] Bluetooth: hci2: command 0x0406 tx timeout [ 477.388006][ T5229] Bluetooth: hci5: command tx timeout [ 478.120553][ T5229] Bluetooth: hci1: command 0x0406 tx timeout [ 478.126660][ T5229] Bluetooth: hci6: command tx timeout [ 478.690592][T18663] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 478.701310][T18663] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 478.712059][T18663] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 478.727973][T18663] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 478.758856][T18663] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 478.766388][T18663] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 479.049491][ T5229] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 479.062575][ T5229] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 479.071536][ T5229] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 479.082062][ T5229] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 479.092756][ T5229] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 479.100853][ T5229] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 479.475983][T18663] Bluetooth: hci5: command tx timeout [ 479.715006][T18685] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 479.734747][T18685] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 479.743780][T18685] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 479.753506][T18685] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 479.763198][T18685] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 479.774127][T18685] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 480.187858][T18663] Bluetooth: hci6: command tx timeout [ 482.267934][T18663] Bluetooth: hci6: command tx timeout [ 501.634304][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.641138][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 529.323826][T18679] Bluetooth: hci0: command 0x0406 tx timeout [ 533.417537][T18698] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 533.490994][T18698] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 533.511555][T18698] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 533.587042][T18698] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 533.638524][T18698] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 533.669798][T18698] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 534.507975][T18698] Bluetooth: hci3: command 0x0406 tx timeout [ 534.791212][T18694] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 534.801869][T18694] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 534.811078][T18694] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 534.820907][T18694] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 534.829210][T18694] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 534.838866][T18694] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 539.330011][T18709] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 539.341303][T18709] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 539.351686][T18709] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 539.361143][T18709] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 539.369225][T18709] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 539.378294][T18709] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 539.496730][T18726] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 539.507262][T18726] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 539.517982][T18726] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 539.526181][T18726] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 539.534947][T18726] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 539.542580][T18726] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 540.437536][T18736] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 540.457939][T18736] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 540.467597][T18736] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 540.477606][T18736] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 540.487533][T18736] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 540.495027][T18736] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 556.164807][T18694] Bluetooth: hci11: command tx timeout [ 556.214565][T18736] Bluetooth: hci14: command tx timeout [ 557.481343][T18679] Bluetooth: hci2: command 0x0406 tx timeout [ 558.110387][T14951] Bluetooth: hci10: command tx timeout [ 558.203964][T14951] Bluetooth: hci11: command tx timeout [ 558.287264][T14951] Bluetooth: hci8: command tx timeout [ 558.294109][T18679] Bluetooth: hci9: command tx timeout [ 558.300152][ T5229] Bluetooth: hci7: command tx timeout [ 558.306858][ T5229] Bluetooth: hci14: command tx timeout [ 558.313520][T18685] Bluetooth: hci13: command tx timeout [ 558.319560][T18666] Bluetooth: hci12: command tx timeout [ 560.192345][ T5229] Bluetooth: hci10: command tx timeout [ 560.267993][ T5229] Bluetooth: hci11: command tx timeout [ 560.354147][ T5229] Bluetooth: hci14: command tx timeout [ 560.360095][T14951] Bluetooth: hci8: command tx timeout [ 560.365547][T14951] Bluetooth: hci9: command tx timeout [ 560.371111][T18679] Bluetooth: hci7: command tx timeout [ 560.376557][T18679] Bluetooth: hci13: command tx timeout [ 560.382172][ T5229] Bluetooth: hci12: command tx timeout [ 562.270658][T18685] Bluetooth: hci10: command tx timeout [ 562.358032][T18685] Bluetooth: hci11: command tx timeout [ 562.454079][T18685] Bluetooth: hci9: command tx timeout [ 562.462160][T14951] Bluetooth: hci13: command tx timeout [ 562.467900][T18679] Bluetooth: hci14: command tx timeout [ 562.473430][T18679] Bluetooth: hci12: command tx timeout [ 562.481002][T18666] Bluetooth: hci7: command tx timeout [ 562.487547][T18666] Bluetooth: hci8: command tx timeout [ 563.088076][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.094431][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.348195][T18679] Bluetooth: hci10: command tx timeout [ 564.508150][T18679] Bluetooth: hci12: command tx timeout [ 564.513993][T18679] Bluetooth: hci8: command tx timeout [ 564.519655][T18666] Bluetooth: hci9: command tx timeout [ 564.525105][T18666] Bluetooth: hci13: command tx timeout [ 564.530779][T18685] Bluetooth: hci7: command tx timeout [ 576.842482][ T46] usb 5-1: USB disconnect, device number 75 [ 593.168029][T18685] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 593.187937][T18685] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 593.199433][T18685] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 593.211807][T18685] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 593.219939][T18685] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 593.227302][T18685] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 595.308059][T18685] Bluetooth: hci0: command tx timeout [ 595.554255][T18666] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 595.568499][T18666] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 595.577274][T18666] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 595.590217][T18666] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 595.607842][T18666] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 595.615242][T18666] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 595.885296][T18685] Bluetooth: hci5: command 0x0406 tx timeout [ 597.387860][T18679] Bluetooth: hci0: command tx timeout [ 597.707781][T18679] Bluetooth: hci1: command tx timeout [ 599.467961][T18679] Bluetooth: hci0: command tx timeout [ 599.805879][T18679] Bluetooth: hci1: command tx timeout [ 600.443274][T18666] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 600.458525][T18666] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 600.488401][T18666] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 600.497174][T18666] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 600.508410][T18666] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 600.518551][T18666] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 600.676109][T18666] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 600.698338][T18666] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 600.708596][T18666] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 600.719545][T18666] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 600.727755][T18666] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 600.738124][T18666] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 601.001763][T18679] Bluetooth: hci6: command 0x0406 tx timeout [ 601.044520][T18666] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 601.056441][T18666] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 601.066979][T18666] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 601.075226][T18666] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 601.083416][T18666] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 601.093318][T18666] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 601.547931][T18666] Bluetooth: hci0: command tx timeout [ 601.867878][T18666] Bluetooth: hci1: command tx timeout [ 602.587967][T18666] Bluetooth: hci2: command tx timeout [ 602.827860][T18666] Bluetooth: hci3: command tx timeout [ 603.147985][T18666] Bluetooth: hci4: command tx timeout [ 603.947876][T18666] Bluetooth: hci1: command tx timeout [ 604.668088][T18666] Bluetooth: hci2: command tx timeout [ 604.907962][T18666] Bluetooth: hci3: command tx timeout [ 605.227888][T18666] Bluetooth: hci4: command tx timeout [ 606.748019][T18666] Bluetooth: hci2: command tx timeout [ 606.987994][T18666] Bluetooth: hci3: command tx timeout [ 607.307918][T18666] Bluetooth: hci4: command tx timeout [ 608.827939][T18666] Bluetooth: hci2: command tx timeout [ 609.067963][T18666] Bluetooth: hci3: command tx timeout [ 609.397979][T18666] Bluetooth: hci4: command tx timeout [ 624.510158][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.516520][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.492893][T18679] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 654.546447][T18679] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 654.590092][T18679] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 654.643674][T18679] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 654.686825][T18679] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 654.713959][T18679] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 655.932854][T18679] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 655.943498][T18679] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 655.952725][T18679] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 655.961760][T18679] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 655.970168][T18679] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 655.979457][T18679] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 656.908003][T18666] Bluetooth: hci15: command tx timeout [ 658.028106][T18666] Bluetooth: hci16: command tx timeout [ 658.988074][T18666] Bluetooth: hci15: command tx timeout [ 660.118533][T18666] Bluetooth: hci16: command tx timeout [ 660.824418][T18679] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 660.834635][T18679] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 660.845041][T18679] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 660.853129][T18679] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 660.870783][T18679] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 660.882048][T18679] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 660.998814][T18666] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 661.011507][T18666] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 661.024463][T18666] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 661.034721][T18666] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 661.042936][T18666] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 661.057805][T18666] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 661.068001][T18666] Bluetooth: hci15: command tx timeout [ 661.646124][T18685] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 661.663842][T18685] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 661.674263][T18685] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 661.682852][T18685] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 661.691212][T18685] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 661.699048][T18685] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 662.187992][T18685] Bluetooth: hci16: command tx timeout [ 662.988138][T18685] Bluetooth: hci17: command tx timeout [ 663.147960][T18666] Bluetooth: hci15: command tx timeout [ 663.153591][T18685] Bluetooth: hci18: command tx timeout [ 663.788009][T18685] Bluetooth: hci19: command tx timeout [ 664.267878][T18685] Bluetooth: hci16: command tx timeout [ 665.067869][T18685] Bluetooth: hci17: command tx timeout [ 665.227803][T18685] Bluetooth: hci18: command tx timeout [ 665.867874][T18685] Bluetooth: hci19: command tx timeout [ 667.148251][T18685] Bluetooth: hci17: command tx timeout [ 667.308094][T18685] Bluetooth: hci18: command tx timeout [ 667.948180][T18685] Bluetooth: hci19: command tx timeout [ 669.227836][T18685] Bluetooth: hci17: command tx timeout [ 669.387758][T18685] Bluetooth: hci18: command tx timeout [ 670.028031][T18685] Bluetooth: hci19: command tx timeout [ 677.811458][T18685] Bluetooth: hci9: command 0x0406 tx timeout [ 677.817746][T14951] Bluetooth: hci7: command 0x0406 tx timeout [ 677.823888][T14951] Bluetooth: hci8: command 0x0406 tx timeout [ 682.941555][T18679] Bluetooth: hci10: command 0x0406 tx timeout [ 682.947834][T18666] Bluetooth: hci13: command 0x0406 tx timeout [ 682.953972][T18666] Bluetooth: hci12: command 0x0406 tx timeout [ 682.960318][T18709] Bluetooth: hci11: command 0x0406 tx timeout [ 682.966455][T18709] Bluetooth: hci14: command 0x0406 tx timeout [ 685.951387][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.957861][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 715.379011][ T5229] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1 [ 715.434558][ T5229] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9 [ 715.463948][ T5229] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9 [ 715.544635][ T5229] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4 [ 715.591781][ T5229] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3 [ 715.608558][ T5229] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2 [ 716.541829][ T5229] Bluetooth: hci21: unexpected cc 0x0c03 length: 249 > 1 [ 716.551828][ T5229] Bluetooth: hci21: unexpected cc 0x1003 length: 249 > 9 [ 716.567794][ T5229] Bluetooth: hci21: unexpected cc 0x1001 length: 249 > 9 [ 716.576538][ T5229] Bluetooth: hci21: unexpected cc 0x0c23 length: 249 > 4 [ 716.586621][ T5229] Bluetooth: hci21: unexpected cc 0x0c25 length: 249 > 3 [ 716.602330][ T5229] Bluetooth: hci21: unexpected cc 0x0c38 length: 249 > 2 [ 717.708142][T18736] Bluetooth: hci20: command tx timeout [ 718.667824][T18736] Bluetooth: hci21: command tx timeout [ 718.771257][T18726] Bluetooth: hci1: command 0x0406 tx timeout [ 718.777366][T18736] Bluetooth: hci0: command 0x0406 tx timeout [ 719.788075][ T5229] Bluetooth: hci20: command tx timeout [ 720.748067][ T5229] Bluetooth: hci21: command tx timeout [ 721.535547][T18685] Bluetooth: hci22: unexpected cc 0x0c03 length: 249 > 1 [ 721.545211][T18685] Bluetooth: hci22: unexpected cc 0x1003 length: 249 > 9 [ 721.554169][T18685] Bluetooth: hci22: unexpected cc 0x1001 length: 249 > 9 [ 721.567025][T18685] Bluetooth: hci22: unexpected cc 0x0c23 length: 249 > 4 [ 721.575192][T18685] Bluetooth: hci22: unexpected cc 0x0c25 length: 249 > 3 [ 721.582987][T18685] Bluetooth: hci22: unexpected cc 0x0c38 length: 249 > 2 [ 721.868794][T14951] Bluetooth: hci20: command tx timeout [ 722.033987][T18726] Bluetooth: hci23: unexpected cc 0x0c03 length: 249 > 1 [ 722.045517][T18726] Bluetooth: hci23: unexpected cc 0x1003 length: 249 > 9 [ 722.058467][T18726] Bluetooth: hci23: unexpected cc 0x1001 length: 249 > 9 [ 722.067845][T18726] Bluetooth: hci23: unexpected cc 0x0c23 length: 249 > 4 [ 722.075649][T18726] Bluetooth: hci23: unexpected cc 0x0c25 length: 249 > 3 [ 722.083224][T18726] Bluetooth: hci23: unexpected cc 0x0c38 length: 249 > 2 [ 722.427806][ T30] INFO: task kworker/u8:2:35 blocked for more than 143 seconds. [ 722.436617][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 722.465559][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 722.488186][ T30] task:kworker/u8:2 state:D stack:21488 pid:35 tgid:35 ppid:2 flags:0x00004000 [ 722.527103][ T30] Workqueue: netns cleanup_net [ 722.588011][ T30] Call Trace: [ 722.591368][ T30] [ 722.594349][ T30] __schedule+0x1895/0x4b30 [ 722.686158][ T30] ? __pfx___schedule+0x10/0x10 [ 722.709409][ T30] ? __pfx_lock_release+0x10/0x10 [ 722.714532][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 722.729881][ T30] ? kthread_data+0x52/0xd0 [ 722.734482][ T30] ? schedule+0x90/0x320 [ 722.747843][ T30] ? wq_worker_sleeping+0x66/0x240 [ 722.753043][ T30] ? schedule+0x90/0x320 [ 722.759047][ T30] schedule+0x14b/0x320 [ 722.763281][ T30] schedule_preempt_disabled+0x13/0x30 [ 722.781016][ T30] __mutex_lock+0x6a7/0xd70 [ 722.785586][ T30] ? __mutex_lock+0x52a/0xd70 [ 722.797600][ T30] ? cleanup_net+0x6af/0xcc0 [ 722.802271][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 722.807351][ T30] ? bpf_prog_array_free+0x34/0x40 [ 722.822422][ T30] cleanup_net+0x6af/0xcc0 [ 722.826919][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 722.832231][T14951] Bluetooth: hci21: command tx timeout [ 722.847600][ T30] ? process_scheduled_works+0x976/0x1850 [ 722.853400][ T30] process_scheduled_works+0xa63/0x1850 [ 722.868084][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 722.874232][ T30] ? assign_work+0x364/0x3d0 [ 722.890270][ T30] worker_thread+0x870/0xd30 [ 722.894965][ T30] ? __kthread_parkme+0x169/0x1d0 [ 722.907612][ T30] ? __pfx_worker_thread+0x10/0x10 [ 722.912808][ T30] kthread+0x2f0/0x390 [ 722.916920][ T30] ? __pfx_worker_thread+0x10/0x10 [ 722.931930][ T30] ? __pfx_kthread+0x10/0x10 [ 722.936590][ T30] ret_from_fork+0x4b/0x80 [ 722.946429][ T30] ? __pfx_kthread+0x10/0x10 [ 722.956577][ T30] ret_from_fork_asm+0x1a/0x30 [ 722.966199][ T30] [ 722.975356][ T30] INFO: task kworker/u8:5:1055 blocked for more than 143 seconds. [ 722.986173][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 723.005591][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 723.017686][ T30] task:kworker/u8:5 state:D stack:20152 pid:1055 tgid:1055 ppid:2 flags:0x00004000 [ 723.035384][ T30] Workqueue: ipv6_addrconf addrconf_verify_work [ 723.043363][ T30] Call Trace: [ 723.046695][ T30] [ 723.057610][ T30] __schedule+0x1895/0x4b30 [ 723.062787][ T30] ? __pfx___schedule+0x10/0x10 [ 723.076420][ T30] ? __pfx_lock_release+0x10/0x10 [ 723.083015][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 723.096800][ T30] ? kthread_data+0x52/0xd0 [ 723.101680][ T30] ? schedule+0x90/0x320 [ 723.105985][ T30] ? wq_worker_sleeping+0x66/0x240 [ 723.114962][ T30] ? schedule+0x90/0x320 [ 723.128896][ T30] schedule+0x14b/0x320 [ 723.133137][ T30] schedule_preempt_disabled+0x13/0x30 [ 723.147266][ T30] __mutex_lock+0x6a7/0xd70 [ 723.157076][ T30] ? __mutex_lock+0x52a/0xd70 [ 723.167639][ T30] ? addrconf_verify_work+0x19/0x30 [ 723.172905][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 723.186374][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 723.194014][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 723.207597][ T30] ? process_scheduled_works+0x976/0x1850 [ 723.213388][ T30] addrconf_verify_work+0x19/0x30 [ 723.227805][ T30] process_scheduled_works+0xa63/0x1850 [ 723.233450][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 723.247621][ T30] ? assign_work+0x364/0x3d0 [ 723.261726][ T30] worker_thread+0x870/0xd30 [ 723.266978][ T30] ? __kthread_parkme+0x169/0x1d0 [ 723.277388][ T30] ? __pfx_worker_thread+0x10/0x10 [ 723.287676][ T30] kthread+0x2f0/0x390 [ 723.291799][ T30] ? __pfx_worker_thread+0x10/0x10 [ 723.296963][ T30] ? __pfx_kthread+0x10/0x10 [ 723.311704][ T30] ret_from_fork+0x4b/0x80 [ 723.316191][ T30] ? __pfx_kthread+0x10/0x10 [ 723.326068][ T30] ret_from_fork_asm+0x1a/0x30 [ 723.334830][ T30] [ 723.342995][ T30] INFO: task kworker/u8:10:7846 blocked for more than 144 seconds. [ 723.356026][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 723.371363][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 723.386251][ T30] task:kworker/u8:10 state:D stack:20624 pid:7846 tgid:7846 ppid:2 flags:0x00004000 [ 723.400469][ T30] Workqueue: events_unbound linkwatch_event [ 723.406436][ T30] Call Trace: [ 723.415013][ T30] [ 723.422708][ T30] __schedule+0x1895/0x4b30 [ 723.427299][ T30] ? __pfx___schedule+0x10/0x10 [ 723.437688][ T30] ? __pfx_lock_release+0x10/0x10 [ 723.442790][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 723.460136][ T30] ? kthread_data+0x52/0xd0 [ 723.464715][ T30] ? schedule+0x90/0x320 [ 723.482133][ T30] ? wq_worker_sleeping+0x66/0x240 [ 723.487319][ T30] ? schedule+0x90/0x320 [ 723.501164][ T30] schedule+0x14b/0x320 [ 723.505441][ T30] schedule_preempt_disabled+0x13/0x30 [ 723.517528][ T30] __mutex_lock+0x6a7/0xd70 [ 723.522218][ T30] ? __mutex_lock+0x52a/0xd70 [ 723.526942][ T30] ? linkwatch_event+0xe/0x60 [ 723.540332][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 723.545423][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 723.560203][ T30] ? process_scheduled_works+0x976/0x1850 [ 723.566090][ T30] linkwatch_event+0xe/0x60 [ 723.581196][ T30] process_scheduled_works+0xa63/0x1850 [ 723.586849][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 723.597829][ T30] ? assign_work+0x364/0x3d0 [ 723.602507][ T30] worker_thread+0x870/0xd30 [ 723.607169][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 723.622393][ T30] ? __kthread_parkme+0x169/0x1d0 [ 723.627502][ T30] ? __pfx_worker_thread+0x10/0x10 [ 723.627886][T14951] Bluetooth: hci22: command tx timeout [ 723.649406][ T30] kthread+0x2f0/0x390 [ 723.653538][ T30] ? __pfx_worker_thread+0x10/0x10 [ 723.667630][ T30] ? __pfx_kthread+0x10/0x10 [ 723.672299][ T30] ret_from_fork+0x4b/0x80 [ 723.690582][ T30] ? __pfx_kthread+0x10/0x10 [ 723.695283][ T30] ret_from_fork_asm+0x1a/0x30 [ 723.708810][ T30] [ 723.711906][ T30] INFO: task syz.1.1225:18641 blocked for more than 144 seconds. [ 723.728522][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 723.736203][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 723.753462][ T30] task:syz.1.1225 state:D stack:23160 pid:18641 tgid:18638 ppid:14136 flags:0x00004002 [ 723.768393][ T30] Call Trace: [ 723.771724][ T30] [ 723.774694][ T30] __schedule+0x1895/0x4b30 [ 723.787412][ T30] ? __pfx___schedule+0x10/0x10 [ 723.796504][ T30] ? __pfx_lock_release+0x10/0x10 [ 723.809087][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 723.814619][ T30] ? schedule+0x90/0x320 [ 723.827835][ T30] schedule+0x14b/0x320 [ 723.832064][ T30] schedule_preempt_disabled+0x13/0x30 [ 723.847860][ T30] __mutex_lock+0x6a7/0xd70 [ 723.852426][ T30] ? __mutex_lock+0x52a/0xd70 [ 723.857145][ T30] ? tun_chr_close+0x3b/0x1b0 [ 723.873062][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 723.886380][T14951] Bluetooth: hci2: command 0x0406 tx timeout [ 723.892597][T14951] Bluetooth: hci3: command 0x0406 tx timeout [ 723.898826][T18726] Bluetooth: hci4: command 0x0406 tx timeout [ 723.915830][ T30] ? __pfx_call_rcu+0x10/0x10 [ 723.922180][ T30] tun_chr_close+0x3b/0x1b0 [ 723.926740][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 723.937691][ T30] __fput+0x23f/0x880 [ 723.941759][ T30] task_work_run+0x24f/0x310 [ 723.946390][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 723.952126][T14951] Bluetooth: hci20: command tx timeout [ 723.967345][ T30] ? __pfx_task_work_run+0x10/0x10 [ 723.974553][ T30] ? do_exit+0xa2a/0x28e0 [ 723.987883][ T30] ? kmem_cache_free+0x1a2/0x420 [ 723.992890][ T30] ? do_exit+0xa2a/0x28e0 [ 723.997267][ T30] do_exit+0xa2f/0x28e0 [ 724.011226][ T30] ? __pfx_do_exit+0x10/0x10 [ 724.015883][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 724.028483][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 724.034550][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 724.052855][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 724.061902][ T30] do_group_exit+0x207/0x2c0 [ 724.066549][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 724.083944][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 724.089619][ T30] get_signal+0x16a3/0x1740 [ 724.094199][ T30] ? __pfx_get_signal+0x10/0x10 [ 724.107856][T14951] Bluetooth: hci23: command tx timeout [ 724.116823][ T30] arch_do_signal_or_restart+0x96/0x860 [ 724.127619][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 724.133922][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 724.149088][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 724.154884][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 724.167627][ T30] do_syscall_64+0x100/0x230 [ 724.172277][ T30] ? clear_bhb_loop+0x35/0x90 [ 724.188016][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.193985][ T30] RIP: 0033:0x7f996ad7dff9 [ 724.208011][ T30] RSP: 002b:00007f996a7ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 724.216499][ T30] RAX: 0000000000000058 RBX: 00007f996af36058 RCX: 00007f996ad7dff9 [ 724.233758][ T30] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 000000000000000a [ 724.244936][ T30] RBP: 00007f996adf0296 R08: 0000000000000000 R09: 0000000000000000 [ 724.260318][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.277281][ T30] R13: 0000000000000000 R14: 00007f996af36058 R15: 00007f996b05fa28 [ 724.289864][ T30] [ 724.296967][ T30] INFO: task syz-executor:18653 blocked for more than 145 seconds. [ 724.327238][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 724.344537][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 724.357436][ T30] task:syz-executor state:D stack:26816 pid:18653 tgid:18653 ppid:1 flags:0x00004006 [ 724.376101][ T30] Call Trace: [ 724.382658][ T30] [ 724.385642][ T30] __schedule+0x1895/0x4b30 [ 724.397892][ T30] ? __pfx___schedule+0x10/0x10 [ 724.402880][ T30] ? __pfx_lock_release+0x10/0x10 [ 724.415839][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 724.423005][ T30] ? schedule+0x90/0x320 [ 724.427310][ T30] schedule+0x14b/0x320 [ 724.437628][ T30] schedule_preempt_disabled+0x13/0x30 [ 724.443154][ T30] __mutex_lock+0x6a7/0xd70 [ 724.456710][ T30] ? __mutex_lock+0x52a/0xd70 [ 724.462228][ T30] ? setup_net+0x602/0x9e0 [ 724.466708][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 724.477619][ T30] ? synchronize_rcu+0x11b/0x360 [ 724.489243][ T30] ? bpf_prog_array_free+0x34/0x40 [ 724.494431][ T30] setup_net+0x602/0x9e0 [ 724.507946][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 724.513562][ T30] ? __pfx_setup_net+0x10/0x10 [ 724.528864][ T30] copy_net_ns+0x33f/0x570 [ 724.533360][ T30] create_new_namespaces+0x425/0x7b0 [ 724.547503][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 724.553645][ T30] ksys_unshare+0x57d/0xa70 [ 724.566685][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 724.573777][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 724.587600][ T30] ? do_syscall_64+0x100/0x230 [ 724.592440][ T30] __x64_sys_unshare+0x38/0x40 [ 724.597245][ T30] do_syscall_64+0xf3/0x230 [ 724.614433][ T30] ? clear_bhb_loop+0x35/0x90 [ 724.623045][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.633848][ T30] RIP: 0033:0x7fba8c37f7f7 [ 724.642147][ T30] RSP: 002b:00007fba8c65ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 724.656801][ T30] RAX: ffffffffffffffda RBX: 00007fba8c3f1a85 RCX: 00007fba8c37f7f7 [ 724.667597][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 724.675660][ T30] RBP: 0000000000000000 R08: 00007fba8d067d60 R09: 0000000000000000 [ 724.701874][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 724.715869][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 724.733994][ T30] [ 724.742639][ T30] INFO: task syz-executor:18661 blocked for more than 145 seconds. [ 724.762930][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 724.774732][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 724.790144][ T30] task:syz-executor state:D stack:26640 pid:18661 tgid:18661 ppid:1 flags:0x00004006 [ 724.810502][ T30] Call Trace: [ 724.813856][ T30] [ 724.816827][ T30] __schedule+0x1895/0x4b30 [ 724.826773][ T30] ? __pfx___schedule+0x10/0x10 [ 724.837600][ T30] ? __pfx_lock_release+0x10/0x10 [ 724.842788][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 724.856519][ T30] ? schedule+0x90/0x320 [ 724.861813][ T30] schedule+0x14b/0x320 [ 724.866041][ T30] schedule_preempt_disabled+0x13/0x30 [ 724.877799][ T30] __mutex_lock+0x6a7/0xd70 [ 724.882371][ T30] ? __mutex_lock+0x52a/0xd70 [ 724.887089][ T30] ? setup_net+0x602/0x9e0 [ 724.901596][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 724.907323][ T30] ? synchronize_rcu+0x11b/0x360 [ 724.912661][ T5229] Bluetooth: hci21: command tx timeout [ 724.928556][ T30] ? bpf_prog_array_free+0x34/0x40 [ 724.933769][ T30] setup_net+0x602/0x9e0 [ 724.948450][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 724.954089][ T30] ? __pfx_setup_net+0x10/0x10 [ 724.967771][ T30] copy_net_ns+0x33f/0x570 [ 724.972262][ T30] create_new_namespaces+0x425/0x7b0 [ 724.986116][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 724.999039][ T30] ksys_unshare+0x57d/0xa70 [ 725.009756][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 725.014851][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 725.032651][ T30] ? do_syscall_64+0x100/0x230 [ 725.037496][ T30] __x64_sys_unshare+0x38/0x40 [ 725.047275][ T30] do_syscall_64+0xf3/0x230 [ 725.055829][ T30] ? clear_bhb_loop+0x35/0x90 [ 725.067643][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.073612][ T30] RIP: 0033:0x7f91cab7f7f7 [ 725.087977][ T30] RSP: 002b:00007f91cae5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 725.107419][ T30] RAX: ffffffffffffffda RBX: 00007f91cabf1a85 RCX: 00007f91cab7f7f7 [ 725.116478][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 725.133049][ T30] RBP: 0000000000000000 R08: 00007f91cb867d60 R09: 0000000000000000 [ 725.145361][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 725.160043][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 725.174468][ T30] [ 725.190406][ T30] INFO: task syz-executor:18673 blocked for more than 146 seconds. [ 725.208209][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 725.219475][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 725.237648][ T30] task:syz-executor state:D stack:26816 pid:18673 tgid:18673 ppid:1 flags:0x00004006 [ 725.257842][ T30] Call Trace: [ 725.261266][ T30] [ 725.264234][ T30] __schedule+0x1895/0x4b30 [ 725.277915][ T30] ? __pfx___schedule+0x10/0x10 [ 725.282848][ T30] ? __pfx_lock_release+0x10/0x10 [ 725.296537][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 725.305476][ T30] ? schedule+0x90/0x320 [ 725.317594][ T30] schedule+0x14b/0x320 [ 725.321888][ T30] schedule_preempt_disabled+0x13/0x30 [ 725.327404][ T30] __mutex_lock+0x6a7/0xd70 [ 725.341803][ T30] ? __mutex_lock+0x52a/0xd70 [ 725.346554][ T30] ? setup_net+0x602/0x9e0 [ 725.356314][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 725.365856][ T30] ? synchronize_rcu+0x11b/0x360 [ 725.377336][ T30] ? bpf_prog_array_free+0x34/0x40 [ 725.386319][ T30] setup_net+0x602/0x9e0 [ 725.395682][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 725.406771][ T30] ? __pfx_setup_net+0x10/0x10 [ 725.417664][ T30] copy_net_ns+0x33f/0x570 [ 725.422180][ T30] create_new_namespaces+0x425/0x7b0 [ 725.435917][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 725.441774][ T30] ksys_unshare+0x57d/0xa70 [ 725.446331][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 725.461337][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 725.474482][ T30] ? do_syscall_64+0x100/0x230 [ 725.482013][ T30] __x64_sys_unshare+0x38/0x40 [ 725.486835][ T30] do_syscall_64+0xf3/0x230 [ 725.497628][ T30] ? clear_bhb_loop+0x35/0x90 [ 725.502376][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.517755][ T30] RIP: 0033:0x7fb26037f7f7 [ 725.522227][ T30] RSP: 002b:00007fb26065ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 725.541157][ T30] RAX: ffffffffffffffda RBX: 00007fb2603f1a85 RCX: 00007fb26037f7f7 [ 725.555452][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 725.567377][ T30] RBP: 0000000000000000 R08: 00007fb261067d60 R09: 0000000000000000 [ 725.581647][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 725.594369][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 725.608989][ T30] [ 725.617125][ T30] INFO: task syz-executor:18681 blocked for more than 146 seconds. [ 725.629262][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 725.636946][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 725.655519][ T30] task:syz-executor state:D stack:25464 pid:18681 tgid:18681 ppid:1 flags:0x00004006 [ 725.668585][ T30] Call Trace: [ 725.671918][ T30] [ 725.674885][ T30] __schedule+0x1895/0x4b30 [ 725.687685][ T30] ? __pfx___schedule+0x10/0x10 [ 725.692625][ T30] ? __pfx_lock_release+0x10/0x10 [ 725.706377][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 725.713275][T18736] Bluetooth: hci22: command tx timeout [ 725.726047][ T30] ? schedule+0x90/0x320 [ 725.737101][ T30] schedule+0x14b/0x320 [ 725.743012][ T30] schedule_preempt_disabled+0x13/0x30 [ 725.755915][ T30] __mutex_lock+0x6a7/0xd70 [ 725.762128][ T30] ? __mutex_lock+0x52a/0xd70 [ 725.766948][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 725.780819][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 725.785921][ T30] ? read_word_at_a_time+0xe/0x20 [ 725.797763][ T30] ? sized_strscpy+0x8d/0x220 [ 725.802507][ T30] ip_tunnel_init_net+0x20e/0x720 [ 725.813625][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 725.824731][ T30] ? ops_init+0x75/0x590 [ 725.832443][ T30] ops_init+0x31e/0x590 [ 725.836673][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 725.849212][ T30] setup_net+0x287/0x9e0 [ 725.853531][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 725.867306][ T30] ? __pfx_setup_net+0x10/0x10 [ 725.875970][ T30] copy_net_ns+0x33f/0x570 [ 725.887640][ T30] create_new_namespaces+0x425/0x7b0 [ 725.893020][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 725.907827][ T30] ksys_unshare+0x57d/0xa70 [ 725.912409][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 725.927982][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 725.934416][ T30] ? do_syscall_64+0x100/0x230 [ 725.949064][ T30] __x64_sys_unshare+0x38/0x40 [ 725.953895][ T30] do_syscall_64+0xf3/0x230 [ 725.967237][ T30] ? clear_bhb_loop+0x35/0x90 [ 725.972325][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.986783][ T30] RIP: 0033:0x7feb9857f7f7 [ 725.992837][ T30] RSP: 002b:00007feb9885ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 726.007621][ T30] RAX: ffffffffffffffda RBX: 00007feb985f1a85 RCX: 00007feb9857f7f7 [ 726.015671][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 726.037274][ T30] RBP: 0000000000000000 R08: 00007feb99267d60 R09: 0000000000000000 [ 726.048229][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 726.056263][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 726.069210][ T30] [ 726.076597][ T30] INFO: task syz-executor:18688 blocked for more than 147 seconds. [ 726.087736][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 726.095416][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 726.113669][ T30] task:syz-executor state:D stack:26416 pid:18688 tgid:18688 ppid:1 flags:0x00004006 [ 726.133491][ T30] Call Trace: [ 726.137442][ T30] [ 726.153174][ T30] __schedule+0x1895/0x4b30 [ 726.162848][ T30] ? __pfx___schedule+0x10/0x10 [ 726.171566][ T30] ? __pfx_lock_release+0x10/0x10 [ 726.176674][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 726.187623][ T30] ? schedule+0x90/0x320 [ 726.191944][ T30] schedule+0x14b/0x320 [ 726.196153][ T30] schedule_preempt_disabled+0x13/0x30 [ 726.205481][T18736] Bluetooth: hci23: command tx timeout [ 726.217671][ T30] __mutex_lock+0x6a7/0xd70 [ 726.224064][ T30] ? __mutex_lock+0x52a/0xd70 [ 726.237642][ T30] ? setup_net+0x602/0x9e0 [ 726.242135][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 726.247201][ T30] ? synchronize_rcu+0x11b/0x360 [ 726.262265][ T30] ? bpf_prog_array_free+0x34/0x40 [ 726.267466][ T30] setup_net+0x602/0x9e0 [ 726.283815][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 726.294656][ T30] ? __pfx_setup_net+0x10/0x10 [ 726.304408][ T30] copy_net_ns+0x33f/0x570 [ 726.312778][ T30] create_new_namespaces+0x425/0x7b0 [ 726.323056][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 726.335683][ T30] ksys_unshare+0x57d/0xa70 [ 726.345993][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 726.357862][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 726.364272][ T30] ? do_syscall_64+0x100/0x230 [ 726.379536][ T30] __x64_sys_unshare+0x38/0x40 [ 726.384374][ T30] do_syscall_64+0xf3/0x230 [ 726.396424][ T30] ? clear_bhb_loop+0x35/0x90 [ 726.401563][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.407532][ T30] RIP: 0033:0x7f0fd097f7f7 [ 726.422163][ T30] RSP: 002b:00007f0fd0c5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 726.437633][ T30] RAX: ffffffffffffffda RBX: 00007f0fd09f1a85 RCX: 00007f0fd097f7f7 [ 726.450008][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 726.466736][ T30] RBP: 0000000000000000 R08: 00007f0fd1667d60 R09: 0000000000000000 [ 726.475328][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 726.487676][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 726.495722][ T30] [ 726.506484][ T30] INFO: task syz-executor:18702 blocked for more than 147 seconds. [ 726.515143][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 726.527766][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 726.543584][ T30] task:syz-executor state:D stack:26336 pid:18702 tgid:18702 ppid:1 flags:0x00004006 [ 726.557162][ T30] Call Trace: [ 726.568193][ T30] [ 726.571188][ T30] __schedule+0x1895/0x4b30 [ 726.575768][ T30] ? __pfx___schedule+0x10/0x10 [ 726.590653][ T30] ? __pfx_lock_release+0x10/0x10 [ 726.595766][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 726.611531][ T30] ? schedule+0x90/0x320 [ 726.615858][ T30] schedule+0x14b/0x320 [ 726.624102][ T30] schedule_preempt_disabled+0x13/0x30 [ 726.632913][ T30] __mutex_lock+0x6a7/0xd70 [ 726.637481][ T30] ? __mutex_lock+0x52a/0xd70 [ 726.651483][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 726.656751][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 726.667048][ T30] ip_tunnel_init_net+0x20e/0x720 [ 726.677674][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 726.683290][ T30] ? ops_init+0x75/0x590 [ 726.696009][ T30] ops_init+0x31e/0x590 [ 726.701022][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 726.706466][ T30] setup_net+0x287/0x9e0 [ 726.717589][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 726.723294][ T30] ? __pfx_setup_net+0x10/0x10 [ 726.738675][ T30] copy_net_ns+0x33f/0x570 [ 726.743172][ T30] create_new_namespaces+0x425/0x7b0 [ 726.759557][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 726.765363][ T30] ksys_unshare+0x57d/0xa70 [ 726.777312][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 726.783960][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 726.798070][ T30] ? do_syscall_64+0x100/0x230 [ 726.803005][ T30] __x64_sys_unshare+0x38/0x40 [ 726.816711][ T30] do_syscall_64+0xf3/0x230 [ 726.821746][ T30] ? clear_bhb_loop+0x35/0x90 [ 726.826476][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.843586][ T30] RIP: 0033:0x7f9c1277f7f7 [ 726.851519][ T30] RSP: 002b:00007f9c12a5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 726.868025][ T30] RAX: ffffffffffffffda RBX: 00007f9c127f1a85 RCX: 00007f9c1277f7f7 [ 726.876052][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 726.892812][ T30] RBP: 0000000000000000 R08: 00007f9c13467d60 R09: 0000000000000000 [ 726.905067][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 726.927464][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 726.935911][ T30] [ 726.947601][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 726.965358][ T30] INFO: task syz-executor:18712 blocked for more than 147 seconds. [ 726.977591][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 726.985344][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 727.004686][ T30] task:syz-executor state:D stack:26080 pid:18712 tgid:18712 ppid:1 flags:0x00004006 [ 727.019065][ T30] Call Trace: [ 727.022395][ T30] [ 727.025364][ T30] __schedule+0x1895/0x4b30 [ 727.038179][ T30] ? __pfx___schedule+0x10/0x10 [ 727.045985][ T30] ? __pfx_lock_release+0x10/0x10 [ 727.060508][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 727.066042][ T30] ? schedule+0x90/0x320 [ 727.077592][ T30] schedule+0x14b/0x320 [ 727.081820][ T30] schedule_preempt_disabled+0x13/0x30 [ 727.087335][ T30] __mutex_lock+0x6a7/0xd70 [ 727.101467][ T30] ? __mutex_lock+0x52a/0xd70 [ 727.106219][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 727.117593][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 727.122692][ T30] ? read_word_at_a_time+0xe/0x20 [ 727.136930][ T30] ? sized_strscpy+0x8d/0x220 [ 727.142462][ T30] ip_tunnel_init_net+0x20e/0x720 [ 727.149554][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 727.155263][ T30] ? ops_init+0x75/0x590 [ 727.168399][ T30] ops_init+0x31e/0x590 [ 727.172635][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 727.186568][ T30] setup_net+0x287/0x9e0 [ 727.191250][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 727.196868][ T30] ? __pfx_setup_net+0x10/0x10 [ 727.207606][ T30] copy_net_ns+0x33f/0x570 [ 727.212103][ T30] create_new_namespaces+0x425/0x7b0 [ 727.217459][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 727.232762][ T30] ksys_unshare+0x57d/0xa70 [ 727.237360][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 727.250620][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 727.257024][ T30] ? do_syscall_64+0x100/0x230 [ 727.271630][ T30] __x64_sys_unshare+0x38/0x40 [ 727.276474][ T30] do_syscall_64+0xf3/0x230 [ 727.286208][ T30] ? clear_bhb_loop+0x35/0x90 [ 727.295990][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.305793][ T30] RIP: 0033:0x7f950277f7f7 [ 727.317699][ T30] RSP: 002b:00007f9502a5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 727.326182][ T30] RAX: ffffffffffffffda RBX: 00007f95027f1a85 RCX: 00007f950277f7f7 [ 727.344762][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 727.357272][ T30] RBP: 0000000000000000 R08: 00007f9503467d60 R09: 0000000000000000 [ 727.373312][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 727.385717][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 727.397757][ T30] [ 727.400833][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 727.419650][ T30] INFO: task syz-executor:18728 blocked for more than 148 seconds. [ 727.439130][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 727.446820][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 727.465014][ T30] task:syz-executor state:D stack:26080 pid:18728 tgid:18728 ppid:1 flags:0x00004006 [ 727.477571][ T30] Call Trace: [ 727.480901][ T30] [ 727.483869][ T30] __schedule+0x1895/0x4b30 [ 727.497750][ T30] ? __pfx___schedule+0x10/0x10 [ 727.502679][ T30] ? __pfx_lock_release+0x10/0x10 [ 727.517627][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 727.523171][ T30] ? schedule+0x90/0x320 [ 727.527471][ T30] schedule+0x14b/0x320 [ 727.537596][ T30] schedule_preempt_disabled+0x13/0x30 [ 727.543127][ T30] __mutex_lock+0x6a7/0xd70 [ 727.557705][ T30] ? __mutex_lock+0x52a/0xd70 [ 727.562455][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 727.578009][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 727.583114][ T30] ? read_word_at_a_time+0xe/0x20 [ 727.597013][ T30] ? sized_strscpy+0x8d/0x220 [ 727.602558][ T30] ip_tunnel_init_net+0x20e/0x720 [ 727.616022][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 727.622023][ T30] ? ops_init+0x75/0x590 [ 727.626341][ T30] ops_init+0x31e/0x590 [ 727.640710][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 727.646159][ T30] setup_net+0x287/0x9e0 [ 727.656831][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 727.666738][ T30] ? __pfx_setup_net+0x10/0x10 [ 727.677145][ T30] copy_net_ns+0x33f/0x570 [ 727.686700][ T30] create_new_namespaces+0x425/0x7b0 [ 727.695880][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 727.706560][ T30] ksys_unshare+0x57d/0xa70 [ 727.717666][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 727.722766][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 727.736648][ T30] ? do_syscall_64+0x100/0x230 [ 727.741790][ T30] __x64_sys_unshare+0x38/0x40 [ 727.746617][ T30] do_syscall_64+0xf3/0x230 [ 727.759293][ T30] ? clear_bhb_loop+0x35/0x90 [ 727.764049][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.778184][ T30] RIP: 0033:0x7fb0f337f7f7 [ 727.782681][ T30] RSP: 002b:00007fb0f365ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 727.791509][T18736] Bluetooth: hci22: command tx timeout [ 727.807107][ T30] RAX: ffffffffffffffda RBX: 00007fb0f33f1a85 RCX: 00007fb0f337f7f7 [ 727.817774][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 727.825804][ T30] RBP: 0000000000000000 R08: 00007fb0f4067d60 R09: 0000000000000000 [ 727.844044][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 727.853739][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 727.872789][ T30] [ 727.875873][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 727.888493][ T30] INFO: task syz-executor:18731 blocked for more than 148 seconds. [ 727.896436][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 727.912089][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 727.924812][ T30] task:syz-executor state:D stack:24816 pid:18731 tgid:18731 ppid:1 flags:0x00004004 [ 727.940596][ T30] Call Trace: [ 727.943964][ T30] [ 727.946935][ T30] __schedule+0x1895/0x4b30 [ 727.957668][ T30] ? __pfx___schedule+0x10/0x10 [ 727.970671][ T30] ? __pfx_lock_release+0x10/0x10 [ 727.975774][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 727.989349][ T30] ? schedule+0x90/0x320 [ 727.993664][ T30] schedule+0x14b/0x320 [ 728.005525][ T30] schedule_preempt_disabled+0x13/0x30 [ 728.013356][ T30] __mutex_lock+0x6a7/0xd70 [ 728.025497][ T30] ? __mutex_lock+0x52a/0xd70 [ 728.030917][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 728.036187][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 728.050542][ T30] ? read_word_at_a_time+0xe/0x20 [ 728.055626][ T30] ? sized_strscpy+0x8d/0x220 [ 728.066953][ T30] ip_tunnel_init_net+0x20e/0x720 [ 728.076909][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 728.086929][ T30] ? ops_init+0x75/0x590 [ 728.097035][ T30] ops_init+0x31e/0x590 [ 728.105099][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 728.116884][ T30] setup_net+0x287/0x9e0 [ 728.125008][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 728.136322][ T30] ? __pfx_setup_net+0x10/0x10 [ 728.145333][ T30] copy_net_ns+0x33f/0x570 [ 728.154802][ T30] create_new_namespaces+0x425/0x7b0 [ 728.164736][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 728.177613][ T30] ksys_unshare+0x57d/0xa70 [ 728.182193][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 728.207706][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 728.214126][ T30] ? do_syscall_64+0x100/0x230 [ 728.242118][ T30] __x64_sys_unshare+0x38/0x40 [ 728.246960][ T30] do_syscall_64+0xf3/0x230 [ 728.256246][ T30] ? clear_bhb_loop+0x35/0x90 [ 728.265925][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.273340][T18736] Bluetooth: hci23: command tx timeout [ 728.288076][ T30] RIP: 0033:0x7fac0497f7f7 [ 728.292557][ T30] RSP: 002b:00007fac04c5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 728.309141][ T30] RAX: ffffffffffffffda RBX: 00007fac049f1a85 RCX: 00007fac0497f7f7 [ 728.317177][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 728.333235][ T30] RBP: 0000000000000000 R08: 00007fac05667d60 R09: 0000000000000000 [ 728.343987][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 728.357639][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 728.365690][ T30] [ 728.378388][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 728.396496][ T30] INFO: task syz-executor:18739 blocked for more than 149 seconds. [ 728.406186][ T30] Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 728.421301][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 728.437658][ T30] task:syz-executor state:D stack:26304 pid:18739 tgid:18739 ppid:1 flags:0x00004006 [ 728.456199][ T30] Call Trace: [ 728.459862][ T30] [ 728.462851][ T30] __schedule+0x1895/0x4b30 [ 728.467430][ T30] ? __pfx___schedule+0x10/0x10 [ 728.484454][ T30] ? __pfx_lock_release+0x10/0x10 [ 728.489848][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 728.495378][ T30] ? schedule+0x90/0x320 [ 728.509797][ T30] schedule+0x14b/0x320 [ 728.514037][ T30] schedule_preempt_disabled+0x13/0x30 [ 728.527085][ T30] __mutex_lock+0x6a7/0xd70 [ 728.534418][ T30] ? __mutex_lock+0x52a/0xd70 [ 728.545297][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 728.558246][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 728.563600][ T30] ? read_word_at_a_time+0xe/0x20 [ 728.576182][ T30] ? sized_strscpy+0x8d/0x220 [ 728.584935][ T30] ip_tunnel_init_net+0x20e/0x720 [ 728.597640][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 728.603270][ T30] ? ops_init+0x75/0x590 [ 728.616244][ T30] ops_init+0x31e/0x590 [ 728.622189][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 728.636118][ T30] setup_net+0x287/0x9e0 [ 728.640836][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 728.646466][ T30] ? __pfx_setup_net+0x10/0x10 [ 728.657602][ T30] copy_net_ns+0x33f/0x570 [ 728.662096][ T30] create_new_namespaces+0x425/0x7b0 [ 728.667460][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 728.685603][ T30] ksys_unshare+0x57d/0xa70 [ 728.694700][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 728.705814][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 728.716218][ T30] ? do_syscall_64+0x100/0x230 [ 728.726503][ T30] __x64_sys_unshare+0x38/0x40 [ 728.735348][ T30] do_syscall_64+0xf3/0x230 [ 728.746100][ T30] ? clear_bhb_loop+0x35/0x90 [ 728.756811][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.767711][ T30] RIP: 0033:0x7effe977f7f7 [ 728.772195][ T30] RSP: 002b:00007effe9a5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 728.790764][ T30] RAX: ffffffffffffffda RBX: 00007effe97f1a85 RCX: 00007effe977f7f7 [ 728.805663][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 728.817450][ T30] RBP: 0000000000000000 R08: 00007effea467d60 R09: 0000000000000000 [ 728.831780][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 728.848609][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 728.856758][ T30] [ 728.868171][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 728.877418][ T30] [ 728.877418][ T30] Showing all locks held in the system: [ 728.896923][ T30] 6 locks held by kworker/0:0/8: [ 728.902947][ T30] 1 lock held by khungtaskd/30: [ 728.916423][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 728.927787][ T30] 4 locks held by kworker/u8:2/35: [ 728.933046][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 728.947588][ T30] #1: ffffc90000ab7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 728.967921][ T30] #2: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 728.977445][ T30] #3: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 728.999378][ T30] 3 locks held by kworker/0:2/937: [ 729.004550][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 729.026342][ T30] #1: ffffc90004057d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 729.037918][ T30] #2: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 729.057620][ T30] 3 locks held by kworker/u8:5/1055: [ 729.062963][ T30] #0: ffff88814bf78148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 729.084340][ T30] #1: ffffc90004347d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 729.107655][ T30] #2: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 729.117281][ T30] 3 locks held by kworker/u8:8/3024: [ 729.132095][ T30] #0: ffff8880b873ea98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 729.147254][ T30] #1: ffffc9000a47fd00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 729.167609][ T30] #2: ffff8880b873ea98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 729.186380][ T30] 2 locks held by getty/4984: [ 729.193273][ T30] #0: ffff88803231a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 729.213518][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 729.227588][ T30] 3 locks held by kworker/u8:10/7846: [ 729.233005][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 729.256533][ T30] #1: ffffc90004e6fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 729.276816][ T30] #2: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 729.286217][ T30] 2 locks held by syz.0.1221/18629: [ 729.297602][ T30] #0: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 729.306680][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 729.330771][ T30] 1 lock held by syz.1.1225/18641: [ 729.335950][ T30] #0: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 729.353973][ T30] 2 locks held by syz-executor/18653: [ 729.362245][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.377627][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x602/0x9e0 [ 729.386455][ T30] 2 locks held by syz-executor/18661: [ 729.404588][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.419115][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x602/0x9e0 [ 729.435289][ T30] 2 locks held by syz-executor/18673: [ 729.443489][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.457584][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x602/0x9e0 [ 729.466420][ T30] 2 locks held by syz-executor/18681: [ 729.484316][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.497874][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 729.519874][ T30] 2 locks held by syz-executor/18688: [ 729.525469][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.538098][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x602/0x9e0 [ 729.546918][ T30] 2 locks held by syz-executor/18702: [ 729.561797][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.577522][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 729.587278][ T30] 2 locks held by syz-executor/18712: [ 729.604404][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.624717][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 729.637684][ T30] 2 locks held by syz-executor/18728: [ 729.643185][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.661595][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 729.677480][ T30] 2 locks held by syz-executor/18731: [ 729.685639][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.702980][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 729.720667][ T30] 2 locks held by syz-executor/18739: [ 729.726094][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.739076][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 729.757075][ T30] 2 locks held by syz-executor/18820: [ 729.762862][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.779071][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 729.797897][ T30] 2 locks held by syz-executor/18829: [ 729.803325][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.824322][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 729.837338][ T30] 2 locks held by syz-executor/18843: [ 729.847582][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.857087][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 729.876777][ T30] 2 locks held by syz-executor/18849: [ 729.884025][T18736] Bluetooth: hci22: command tx timeout [ 729.899655][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.918002][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 729.937418][ T30] 2 locks held by syz-executor/18858: [ 729.943360][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 729.957655][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 729.977349][ T30] 2 locks held by syz-executor/18873: [ 729.983655][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.002331][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.024466][ T30] 2 locks held by syz-executor/18881: [ 730.037702][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.047229][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.066340][ T30] 2 locks held by syz-executor/18892: [ 730.072569][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.092427][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.109378][ T30] 2 locks held by syz-executor/18899: [ 730.126810][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.138789][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.158876][ T30] 2 locks held by syz-executor/18907: [ 730.164312][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.181334][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.197715][ T30] 2 locks held by syz-executor/18931: [ 730.203201][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.224880][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.239848][ T30] 2 locks held by syz-executor/18941: [ 730.245277][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.262372][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.285417][ T30] 2 locks held by syz-executor/18952: [ 730.291326][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.310664][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.327702][ T30] 2 locks held by syz-executor/18959: [ 730.333141][ T30] #0: ffffffff8fcc51d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 730.352835][ T30] #1: ffffffff8fcd1cc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 730.363469][T18736] Bluetooth: hci23: command tx timeout [ 730.378184][ T30] [ 730.380585][ T30] ============================================= [ 730.380585][ T30] [ 730.398573][ T30] NMI backtrace for cpu 1 [ 730.403054][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 730.413689][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 730.423797][ T30] Call Trace: [ 730.427117][ T30] [ 730.430088][ T30] dump_stack_lvl+0x241/0x360 [ 730.434822][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 730.440145][ T30] ? __pfx__printk+0x10/0x10 [ 730.444820][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 730.449823][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 730.455335][ T30] ? _printk+0xd5/0x120 [ 730.459548][ T30] ? __pfx__printk+0x10/0x10 [ 730.464203][ T30] ? __wake_up_klogd+0xcc/0x110 [ 730.469120][ T30] ? __pfx__printk+0x10/0x10 [ 730.473765][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 730.478849][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 730.484880][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 730.490912][ T30] watchdog+0xff4/0x1040 [ 730.495256][ T30] ? watchdog+0x1ea/0x1040 [ 730.499749][ T30] ? __pfx_watchdog+0x10/0x10 [ 730.504483][ T30] kthread+0x2f0/0x390 [ 730.508602][ T30] ? __pfx_watchdog+0x10/0x10 [ 730.513330][ T30] ? __pfx_kthread+0x10/0x10 [ 730.517979][ T30] ret_from_fork+0x4b/0x80 [ 730.522441][ T30] ? __pfx_kthread+0x10/0x10 [ 730.527069][ T30] ret_from_fork_asm+0x1a/0x30 [ 730.531909][ T30] [ 730.536072][ T30] Sending NMI from CPU 1 to CPUs 0: [ 730.541929][ C0] NMI backtrace for cpu 0 [ 730.541946][ C0] CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 730.541970][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 730.541989][ C0] Workqueue: events_power_efficient neigh_periodic_work [ 730.542020][ C0] RIP: 0010:kasan_check_range+0x1b7/0x290 [ 730.542048][ C0] Code: f5 4d 01 fb 48 8d 5d 07 48 85 ed 48 0f 49 dd 48 83 e3 f8 48 29 dd 74 12 41 80 3b 00 0f 85 a6 00 00 00 49 ff c3 48 ff cd 75 ee <5b> 41 5c 41 5e 41 5f 5d c3 cc cc cc cc 40 84 ed 75 5f f7 c5 00 ff [ 730.542065][ C0] RSP: 0018:ffffc90000007a40 EFLAGS: 00000056 [ 730.542082][ C0] RAX: 0000000000000001 RBX: 1ffff110170c8061 RCX: ffffffff8171c2a8 [ 730.542097][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880b8640308 [ 730.542119][ C0] RBP: 0000000000000000 R08: ffff8880b864030b R09: 1ffff110170c8061 [ 730.542133][ C0] R10: dffffc0000000000 R11: ffffed10170c8062 R12: ffff8880b86401a8 [ 730.542148][ C0] R13: ffff8880b86402f0 R14: dffffc0000000001 R15: ffffed10170c8062 [ 730.542164][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 730.542180][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 730.542194][ C0] CR2: 00000000200001c0 CR3: 000000000e734000 CR4: 00000000003526f0 [ 730.542211][ C0] Call Trace: [ 730.542218][ C0] [ 730.542228][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 730.542253][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 730.542289][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 730.542311][ C0] ? nmi_handle+0x2a/0x5a0 [ 730.542339][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 730.542365][ C0] ? nmi_handle+0x14f/0x5a0 [ 730.542385][ C0] ? nmi_handle+0x2a/0x5a0 [ 730.542407][ C0] ? kasan_check_range+0x1b7/0x290 [ 730.542430][ C0] ? default_do_nmi+0x63/0x160 [ 730.542454][ C0] ? exc_nmi+0x123/0x1f0 [ 730.542476][ C0] ? end_repeat_nmi+0xf/0x53 [ 730.542498][ C0] ? do_raw_spin_unlock+0x58/0x8b0 [ 730.542524][ C0] ? kasan_check_range+0x1b7/0x290 [ 730.542547][ C0] ? kasan_check_range+0x1b7/0x290 [ 730.542571][ C0] ? kasan_check_range+0x1b7/0x290 [ 730.542594][ C0] [ 730.542601][ C0] [ 730.542610][ C0] do_raw_spin_unlock+0x58/0x8b0 [ 730.542638][ C0] _raw_spin_unlock_irq+0x1e/0x50 [ 730.542665][ C0] process_backlog+0x101e/0x15b0 [ 730.542692][ C0] ? process_backlog+0x33b/0x15b0 [ 730.542721][ C0] ? __pfx_process_backlog+0x10/0x10 [ 730.542745][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 730.542775][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 730.542806][ C0] __napi_poll+0xcb/0x490 [ 730.542831][ C0] net_rx_action+0x89b/0x1240 [ 730.542866][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 730.542891][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 730.542935][ C0] handle_softirqs+0x2c5/0x980 [ 730.542964][ C0] ? do_softirq+0x11b/0x1e0 [ 730.542994][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 730.543024][ C0] do_softirq+0x11b/0x1e0 [ 730.543048][ C0] [ 730.543054][ C0] [ 730.543062][ C0] ? __pfx_do_softirq+0x10/0x10 [ 730.543087][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 730.543117][ C0] ? rcu_is_watching+0x15/0xb0 [ 730.543140][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 730.543166][ C0] ? neigh_periodic_work+0xb35/0xd50 [ 730.543189][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 730.543216][ C0] ? neigh_destroy+0x423/0x580 [ 730.543241][ C0] neigh_periodic_work+0xb35/0xd50 [ 730.543270][ C0] ? process_scheduled_works+0x976/0x1850 [ 730.543297][ C0] process_scheduled_works+0xa63/0x1850 [ 730.543337][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 730.543368][ C0] ? assign_work+0x364/0x3d0 [ 730.543395][ C0] worker_thread+0x870/0xd30 [ 730.543429][ C0] ? __kthread_parkme+0x169/0x1d0 [ 730.543458][ C0] ? __pfx_worker_thread+0x10/0x10 [ 730.543491][ C0] kthread+0x2f0/0x390 [ 730.543510][ C0] ? __pfx_worker_thread+0x10/0x10 [ 730.543536][ C0] ? __pfx_kthread+0x10/0x10 [ 730.543555][ C0] ret_from_fork+0x4b/0x80 [ 730.543588][ C0] ? __pfx_kthread+0x10/0x10 [ 730.543607][ C0] ret_from_fork_asm+0x1a/0x30 [ 730.543645][ C0] [ 730.982858][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 730.989773][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 [ 731.000320][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 731.010422][ T30] Call Trace: [ 731.013731][ T30] [ 731.016689][ T30] dump_stack_lvl+0x241/0x360 [ 731.021411][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 731.026645][ T30] ? __pfx__printk+0x10/0x10 [ 731.031280][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 731.037318][ T30] ? vscnprintf+0x5d/0x90 [ 731.041692][ T30] panic+0x349/0x880 [ 731.045637][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 731.051845][ T30] ? __pfx_panic+0x10/0x10 [ 731.056309][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 731.061721][ T30] ? __irq_work_queue_local+0x137/0x410 [ 731.067316][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 731.072726][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 731.078924][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 731.085122][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 731.091329][ T30] watchdog+0x1033/0x1040 [ 731.095704][ T30] ? watchdog+0x1ea/0x1040 [ 731.100176][ T30] ? __pfx_watchdog+0x10/0x10 [ 731.104895][ T30] kthread+0x2f0/0x390 [ 731.109026][ T30] ? __pfx_watchdog+0x10/0x10 [ 731.113745][ T30] ? __pfx_kthread+0x10/0x10 [ 731.118372][ T30] ret_from_fork+0x4b/0x80 [ 731.122842][ T30] ? __pfx_kthread+0x10/0x10 [ 731.127471][ T30] ret_from_fork_asm+0x1a/0x30 [ 731.132297][ T30] [ 731.135656][ T30] Kernel Offset: disabled [ 731.139999][ T30] Rebooting in 86400 seconds..