last executing test programs: 2.284032327s ago: executing program 4 (id=3945): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local}) ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r0, 0x7ac, &(0x7f0000000b00)={&(0x7f00000006c0)={{@my=0x0, 0x7}, {@hyper, 0xffffffff}, 0x400, "c340a23985155751f25ba8fa3536b3057dc0c288daa0a3894fb3bdf6dede8d9d7e2f7c6aafae67db5143fcb56c57606288cb67ff402468edc18039a3636a3010c4ef315b7a29fdef516ca524de76f50eb57a502db0f0d8da68291dc0b8dd072d27be0b6e21ed8b8303bf51ac976f4b790cb8e71a58b0211c6dedbe06115febc39f48874ef8593e92e2357d3286e350d8c1081bf9202bcb197e6ae1213624f4d1cc30c8215392b57cab8f798580a563b8f219e43f962674025e6bbee8be8f0da2d4e2d3385e0b96ea73964cf3bb96fedb48d303f37a142243eddd799e05fae8664a64d40733de7e1dd57cad6cca631269e5e4c78d4b052acda74f81e85a718252538e3577a28cd7271c255df46adcf2a21214cf97a8a533a37ac6f3445b5cf9c60efce5f39f9a84705ea2b87331592f82fa52ccd4cddff26ed44fc0ccaef022087b7a4cd32afae258fc16f28d339b7b0e1b1a4ce1827bfa267aa8dd8b3607ab030229de4b0688a73c6948de3e35337140c80b47073bc3a5caff58f070aa1d5ca0b6047eb2f0624308b1ab39d3bd29f229e8a5098a4bfb8f551cc5e494572e8ae37271e1f63db36410f6d4c6cd64a7161841f38c5d2b304ff504fe60c8ae56086653043285d99c518fbc7aa8ecb335f2f226d394fad5ba4e8bee4063205ca85f1726342d906b4a5c5a53a9b7346727e43ea4e1fccfb0f90945951fc81ffc47d5864cd38be05bf345d82b4bcc6946061a3cb976f2f45c9b4996643fe488f2e5e4b28c2d53964c110da5ef658b7d1957d69b28fc454b9f1195b2062e8eabce25b8b43682ca53c9eaa3daab397572b6af104ddd5a2ea6eb9a98e9b6ad1b20a635713e4ebd54d1f7d9cded8123a313c1ea0d29c4c4b2b9ecaa11f7ef273ebc1dc3d1ef6f4475f6b6a39ff70dfb0d5cc70a80e46c1e03bfd658500588eb4f9c3dee3ab619190184b448eae1c1c1e9c20b4d3d405dc29e92e7158ecd3a13947faa6cd53ed74d61ae4ab7b352b456abf838f9cf151e3b1f8a36fbb8bf7c7b81b94b9ff8913aae228c53144c31c16b72e904ac81201f412d4ebc3664dbc535caee595cf9b16f6c034f616675b4d40fa548c460ffc7a031132206cff6a444ea348bf853a8ee1e8caf5100f286bc2cb0339f1ff1c02c858f20cdaa6f54fb826803917801bd20fffd03792a1d2f6b2eb49b590ee18e9e98fd101658f3b84b292d22cfe3380164db13d2d032c3c2b50f14a186fd99d883531e55fc772a7d47b47468fe6fbbb01c25a9b85253711a709aa89a70164c45cc413c1942d5a8117346cdc8bc4de913fb5fb8f12eb9b9b04c1c7b788338b9fc55d165fa8300af6e65899f4d20cab6513f6a3c0ea51a8e51f8161851cab31cac9d491e549c71f081b3aaa5c65515949a86199ded0fed79036a6bb54e3fe33dc9e13744396d87e36968f6a600ca178f8ff3"}, 0x418, 0x9}) 2.142492384s ago: executing program 4 (id=3946): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x73) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000540)=[@in6={0xa, 0x4e24, 0xfffff801, @private2, 0x717}], 0x1c) 1.987029256s ago: executing program 3 (id=3949): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x15) capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x2) 1.824997961s ago: executing program 3 (id=3951): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000000040)) ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f0000165000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0}) 1.67497146s ago: executing program 3 (id=3953): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000000c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000"], &(0x7f0000000180), 0x0) 1.547741992s ago: executing program 3 (id=3956): r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x401}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x111, 0x0) 1.52789264s ago: executing program 1 (id=3957): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x2, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 1.394758105s ago: executing program 1 (id=3959): r0 = socket(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x7, 0x4) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xe017be01}) 1.39025557s ago: executing program 3 (id=3960): r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000b4000040"]) 1.175094754s ago: executing program 1 (id=3963): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="8400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000540012800c0001006d6163766c616e0044000280060002000100000008000100010000000800030003000000080007000500000008000100100000000600020001000000100005800a000400aaaaaaaaaa2e000008000500", @ANYRES32=r1, @ANYBLOB="08000a00fbfbf456d26d"], 0x84}}, 0x20008040) 1.174272113s ago: executing program 4 (id=3964): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="dc00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c000280050001000000000008000480040003800800084000000000080008400000000734000f8008000240000000050800024000000b8608000340000047510800034000000003080001"], 0xdc}}, 0x0) 1.109838448s ago: executing program 0 (id=3965): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @none, 0x0, 0x1}, 0xe) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x0, 0x0) 1.019431923s ago: executing program 3 (id=3967): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000380)={0x20, 0xb, 0x6, "b356f89454d6"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 878.161653ms ago: executing program 2 (id=3968): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmsg$unix(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000400)="0c8f77e6eb94592a5f85b9758c9ec7208bf97cf2dfc2d8f64303bbbf2684cc858ddfa565c9b2eb9aec1d4b050daf1ba3ab0bbc263d6e559b1f671345b72057c19967968b5629e936249586bf", 0x4c}, {&(0x7f0000000500)="3827540249f6dc0c3a922b58d929446a9fb7bbf46be4c4e4130ded54da5e0fc0f976a2679041ca118520f1f2e27681a879c634997797c45c7a76d2b71fc76b6b37892a1de7d2169edbd46d962b0591635d6ef3f20c06a91924f1e633f33d7307c1bdce5cc4237a6cbfdcbc3a2cd99a0c90d4e168f1a625c8ac7f5c67b7fa1e396ddab07dcef3a0b13539b019a7404dff86218bff39a5cc7b03962ee09179b68952", 0xa1}, {&(0x7f0000000740)="36997ad21fc78e8625725a1971287fbef7d9d1bdaf4ac134a97fe451e3c37dc22875ce88cc3d7e051402232ab7ffd93584753edb1dd167f0d157e0bc6d721c06ab6ee7ba3cb93d6f033f05f9dcea7edcfb1f58ba8477fdbe299c704325f02030cd7a8a886c0a3aaf5d586e60b029ab138b0e1979e747fc1e3122a70ac81bfb8b176f08724d5d645c8f0de2e8a75ce3cdc8250b7e", 0x94}], 0x3, &(0x7f0000000bc0)=ANY=[], 0xe0, 0x20000440}, 0x45) 835.681526ms ago: executing program 0 (id=3969): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00') 834.558216ms ago: executing program 4 (id=3970): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000780)='contention_end\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x38, 0x301, 0x70bd25, 0x25dbdbfa, {0x4}}, 0x14}}, 0x0) 774.341738ms ago: executing program 1 (id=3971): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x161283, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x287, 0x0, 0x2}]}) 737.433772ms ago: executing program 2 (id=3972): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="12000000020000000400000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1804000000000000000000000000040018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e4691eca2a90000000086", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x50) 666.837122ms ago: executing program 4 (id=3973): r0 = socket(0x840000000002, 0x3, 0xfa) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000140)=0xec62, 0x4) 615.814555ms ago: executing program 0 (id=3974): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000200)={@host}) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, &(0x7f00000002c0)={@hyper}) 559.502515ms ago: executing program 2 (id=3975): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)}, 0x0) ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x6, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"}) r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000800)={r0, r0, r0}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}}) 445.539064ms ago: executing program 0 (id=3976): openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98) r0 = open(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) truncate(&(0x7f0000000280)='./file1\x00', 0x1fefff) 417.624535ms ago: executing program 1 (id=3977): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a80)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_LIMIT={0x8, 0x2, 0xfffffffe}]}}]}, 0x3c}}, 0x44080) 355.131379ms ago: executing program 2 (id=3978): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x2, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}, {0x3, 0x5}]}) ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000d00)={0x8, r1}) 224.730527ms ago: executing program 2 (id=3979): r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000540)=0x0, &(0x7f0000000100)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd_index, 0x10, 0x0, 0x95b7, 0x0, 0x1, {0x0, r3}}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 204.17113ms ago: executing program 0 (id=3980): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func={0x4}]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2}, {0x0, [0x0]}}, &(0x7f0000001f80)=""/226, 0x26, 0x81, 0x2, 0x0, 0x0, @void, @value}, 0x20) 139.009633ms ago: executing program 4 (id=3981): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000009c0)=ANY=[@ANYBLOB="38010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="0c009900000000003e000000140004006e69637666300000000000000000000008000500060000000c001780040005000400040014000400766c616e30000000000000000000000005005300000000000a00180003030303030300000a00e80008021100000000001c00178004000100040003000400020004000200040004000400060008001780040003001c0017800400050004000400040001000400020004000200040002000a00e800ffffffffffff0000040017801c00e700db6d365654c98181bfba37013717c4c8c68999db6df653c904001780200017"], 0x138}}, 0x0) 114.145728ms ago: executing program 1 (id=3982): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5, "000000000000000000050500"}}}]}, 0x48}}, 0x0) 1.190097ms ago: executing program 0 (id=3983): socket$inet6(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8}) 0s ago: executing program 2 (id=3984): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed8d72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000040)="76389e147583ddd0569ba56a655855", 0x0, 0x4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): 76] usb 1-1: Using ep0 maxpacket: 32 [ 194.785009][ T9376] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.825206][ T9376] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 194.856168][ T9376] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 194.903397][ T9376] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 194.942697][ T9376] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.976920][ T9376] usb 1-1: config 0 descriptor?? [ 195.053134][ T9436] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1577'. [ 195.136986][ T9438] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1578'. [ 195.404054][ T9449] netlink: 'syz.1.1582': attribute type 10 has an invalid length. [ 195.414660][ T9376] hid (null): invalid report_size 822751293 [ 195.431719][ T9449] bridge_slave_1: left allmulticast mode [ 195.456837][ T9449] bridge_slave_1: left promiscuous mode [ 195.458448][ T9376] hid (null): usage index exceeded [ 195.462813][ T9449] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.482654][ T9376] hid (null): invalid report_size 27745 [ 195.494716][ T9376] hid (null): invalid report_size 29285 [ 195.498615][ T9449] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 195.514256][ T9452] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1585'. [ 195.558287][ T9376] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0024/input/input14 [ 195.654184][ T9376] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0024/input/input15 [ 195.705217][ T9376] kye 0003:0458:5011.0024: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.0-1/input0 [ 195.759473][ T9376] usb 1-1: USB disconnect, device number 15 [ 196.227789][ T9483] sp0: Synchronizing with TNC [ 196.434917][ T9493] netlink: 'syz.0.1606': attribute type 18 has an invalid length. [ 196.596252][ T9501] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1609'. [ 196.825914][ T9512] netlink: 'syz.3.1613': attribute type 1 has an invalid length. [ 196.859841][ T9512] netlink: 'syz.3.1613': attribute type 3 has an invalid length. [ 196.885647][ T9512] netlink: 216 bytes leftover after parsing attributes in process `syz.3.1613'. [ 196.885694][ T9512] NCSI netlink: No device for ifindex 813332851 [ 197.375641][ T5873] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 197.460406][ T9547] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1631'. [ 197.536666][ T5873] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 197.548312][ T5873] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 197.565960][ T5873] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 197.575050][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.612209][ T9529] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 197.624738][ T5873] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 197.632395][ T9553] netlink: 'syz.4.1634': attribute type 63 has an invalid length. [ 197.662609][ T9553] netlink: 'syz.4.1634': attribute type 63 has an invalid length. [ 197.912065][ T9376] usb 3-1: USB disconnect, device number 20 [ 198.225683][ T52] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 198.387585][ T52] usb 4-1: config 0 has no interfaces? [ 198.397156][ T52] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 198.418314][ T52] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 198.432152][ T52] usb 4-1: SerialNumber: syz [ 198.449927][ T52] usb 4-1: config 0 descriptor?? [ 198.512319][ T9588] program syz.4.1651 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 198.680321][ T52] usb 4-1: USB disconnect, device number 15 [ 198.959520][ T5873] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 199.043348][ T9609] ntfs3(loop0): try to read out of volume at offset 0x0 [ 199.116596][ T5873] usb 5-1: Using ep0 maxpacket: 8 [ 199.127318][ T5873] usb 5-1: config 1 interface 0 has no altsetting 0 [ 199.146701][ T5873] usb 5-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.40 [ 199.162070][ T5873] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.186149][ T5873] usb 5-1: Product: syz [ 199.190363][ T5873] usb 5-1: Manufacturer: syz [ 199.204514][ T5873] usb 5-1: SerialNumber: syz [ 199.312947][ T9621] netdevsim netdevsim1: Direct firmware load for ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa failed with error -2 [ 199.338955][ T9621] netdevsim netdevsim1: Falling back to sysfs fallback for: ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 199.443086][ T5873] usbhid 5-1:1.0: can't add hid device: -71 [ 199.459316][ T5873] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 199.487386][ T5873] usb 5-1: USB disconnect, device number 16 [ 199.647302][ T9630] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1670'. [ 200.123258][ T9646] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1677'. [ 200.944900][ T9689] bridge_slave_0: invalid flags given to default FDB implementation [ 201.536216][ T9713] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1708'. [ 202.053596][ T9731] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1716'. [ 202.135635][ T52] usb 5-1: new full-speed USB device number 17 using dummy_hcd [ 202.293956][ T52] usb 5-1: config 0 has an invalid interface number: 20 but max is 0 [ 202.306603][ T52] usb 5-1: config 0 has no interface number 0 [ 202.323349][ T52] usb 5-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 202.344341][ T52] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.373751][ T52] usb 5-1: Product: syz [ 202.381200][ T52] usb 5-1: Manufacturer: syz [ 202.391822][ T52] usb 5-1: SerialNumber: syz [ 202.413019][ T52] usb 5-1: config 0 descriptor?? [ 202.433909][ T52] usb-storage 5-1:0.20: USB Mass Storage device detected [ 202.462766][ T52] usb-storage 5-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 202.723316][ T52] usb 5-1: USB disconnect, device number 17 [ 202.826181][ T5873] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 202.834170][ T9767] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.843070][ T9767] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.851889][ T9767] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.861192][ T9767] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.985978][ T5873] usb 1-1: Using ep0 maxpacket: 16 [ 203.008667][ T5873] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 203.025572][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.025762][ T9376] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 203.033578][ T5873] usb 1-1: Product: syz [ 203.033597][ T5873] usb 1-1: Manufacturer: syz [ 203.033613][ T5873] usb 1-1: SerialNumber: syz [ 203.051696][ T5873] usb 1-1: config 0 descriptor?? [ 203.070229][ T5873] visor 1-1:0.0: Sony Clie 3.5 converter detected [ 203.205823][ T9376] usb 2-1: Using ep0 maxpacket: 8 [ 203.219780][ T9376] usb 2-1: config 0 has an invalid interface number: 55 but max is 0 [ 203.228173][ T9376] usb 2-1: config 0 has no interface number 0 [ 203.234302][ T9376] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 203.245253][ T9376] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 203.282699][ T9376] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 203.294287][ T9376] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 203.305601][ T5873] usb 1-1: clie_3_5_startup: get config number bad return length: 0 [ 203.334466][ T5873] visor 1-1:0.0: probe with driver visor failed with error -5 [ 203.352705][ T9376] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 203.391080][ T9376] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.417268][ T9376] usb 2-1: config 0 descriptor?? [ 203.453952][ T9376] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 203.522856][ T9786] mkiss: ax0: crc mode is auto. [ 203.530893][ T9376] usb 1-1: USB disconnect, device number 16 [ 203.666213][ T5873] usb 2-1: USB disconnect, device number 15 [ 203.695834][ T5873] ldusb 2-1:0.55: LD USB Device #0 now disconnected [ 204.796753][ T9844] kvm: kvm [9843]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x16 [ 204.969122][ T9853] ptrace attach of "./syz-executor exec"[5845] was attempted by "\x09   @ \x0b [ 205.995972][ T5873] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 206.257198][ T5873] usb 2-1: Using ep0 maxpacket: 16 [ 206.264500][ T5873] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 206.285551][ T5873] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 206.301250][ T5873] usb 2-1: config 0 interface 0 has no altsetting 0 [ 206.319246][ T5873] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 206.338569][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.353451][ T5873] usb 2-1: Product: syz [ 206.381914][ T5873] usb 2-1: Manufacturer: syz [ 206.387284][ T5873] usb 2-1: SerialNumber: syz [ 206.404983][ T5873] usb 2-1: config 0 descriptor?? [ 206.652498][ T5873] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input17 [ 206.739555][ T9922] tap0: tun_chr_ioctl cmd 1074812118 [ 206.906533][ T5873] usb 2-1: USB disconnect, device number 16 [ 206.912532][ C0] synaptics_usb 2-1:0.0: synusb_irq - usb_submit_urb failed with result: -19 [ 206.921865][ T5184] synaptics_usb 2-1:0.0: synusb_open - usb_submit_urb failed, error: -19 [ 207.366209][ T9929] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 207.366359][ T9929] syzkaller0: linktype set to 769 [ 207.570351][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 207.570372][ T30] audit: type=1400 audit(1744110568.364:49): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=9932 comm="syz.2.1809" name="337" dev="tmpfs" ino=1713 [ 208.042669][ T9959] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 208.185697][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 209.095282][T10020] xt_CT: You must specify a L4 protocol and not use inversions on it [ 210.575877][T10091] bridge0: port 3(veth0_to_bridge) entered blocking state [ 210.637465][T10091] bridge0: port 3(veth0_to_bridge) entered disabled state [ 210.666137][T10091] veth0_to_bridge: entered allmulticast mode [ 210.680924][T10091] veth0_to_bridge: entered promiscuous mode [ 210.697857][T10099] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1886'. [ 211.485838][ T5873] usb 1-1: new full-speed USB device number 17 using dummy_hcd [ 211.659873][ T5873] usb 1-1: too many endpoints for config 0 interface 0 altsetting 2: 242, using maximum allowed: 30 [ 211.679668][ T5873] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.709927][ T5873] usb 1-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 242 [ 211.748086][ T5873] usb 1-1: config 0 interface 0 has no altsetting 0 [ 211.748146][ T5873] usb 1-1: New USB device found, idVendor=05ac, idProduct=0225, bcdDevice= 0.00 [ 211.748171][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.764822][ T5873] usb 1-1: config 0 descriptor?? [ 212.190984][ T5873] apple 0003:05AC:0225.0025: unknown main item tag 0x0 [ 212.202375][ T5873] apple 0003:05AC:0225.0025: hidraw0: USB HID v0.03 Device [HID 05ac:0225] on usb-dummy_hcd.0-1/input0 [ 212.215848][T10168] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1919'. [ 212.399032][ T5873] usb 1-1: USB disconnect, device number 17 [ 213.245955][ T9376] usb 5-1: new full-speed USB device number 18 using dummy_hcd [ 213.411674][ T9376] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 213.433060][ T9376] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 213.454867][ T9376] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 213.464385][ T9376] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.478618][ T9376] usb 5-1: Product: syz [ 213.482891][ T9376] usb 5-1: Manufacturer: syz [ 213.488385][ T9376] usb 5-1: SerialNumber: syz [ 213.715162][ T9376] usb 5-1: 0:2 : does not exist [ 213.733089][ T9376] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 213.769397][ T9376] usb 5-1: USB disconnect, device number 18 [ 213.979020][ T5972] udevd[5972]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 214.266079][ T5873] usb 1-1: new full-speed USB device number 18 using dummy_hcd [ 214.450067][ T5873] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 214.468281][ T5873] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 214.477839][ T5873] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 214.487293][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.498622][ T5873] usb 1-1: config 0 descriptor?? [ 214.512879][ T5873] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 214.521572][ T5873] dvb-usb: bulk message failed: -22 (3/0) [ 214.538502][ T5873] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 214.548282][ T5873] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 214.556594][ T5873] usb 1-1: media controller created [ 214.564836][ T5873] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 214.582897][ T5873] dvb-usb: bulk message failed: -22 (6/0) [ 214.590067][ T5873] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 214.612615][ T5873] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input20 [ 214.643341][ T5873] dvb-usb: schedule remote query interval to 150 msecs. [ 214.660324][ T5873] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 214.776624][T10237] dibusb: i2c wr: len=61 is too big! [ 214.776624][T10237] [ 214.797504][ T9376] usb 1-1: USB disconnect, device number 18 [ 214.856372][ T9376] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 214.941342][ T30] audit: type=1326 audit(1744110575.734:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 214.981854][ T30] audit: type=1326 audit(1744110575.734:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.015925][ T5873] usb 5-1: new low-speed USB device number 19 using dummy_hcd [ 215.024417][ T30] audit: type=1326 audit(1744110575.734:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.061352][ T30] audit: type=1326 audit(1744110575.734:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.093439][ T30] audit: type=1326 audit(1744110575.734:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.142866][ T30] audit: type=1326 audit(1744110575.734:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.164530][ T30] audit: type=1326 audit(1744110575.734:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.183426][ T5873] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 215.205559][ T30] audit: type=1326 audit(1744110575.734:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.207592][ T5873] usb 5-1: config 0 has no interface number 0 [ 215.264759][ T5873] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 215.280726][ T30] audit: type=1326 audit(1744110575.734:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.305700][ T5873] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 215.320782][ T5873] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 215.347077][ T5873] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 215.357370][ T30] audit: type=1326 audit(1744110575.734:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10262 comm="syz.3.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 215.395813][ T5873] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 215.428294][ T5873] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 215.444852][ T5873] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 215.458430][ T5873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.494219][ T5873] usb 5-1: config 0 descriptor?? [ 215.503756][T10259] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 215.522620][T10259] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 215.567606][ T5873] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 215.801378][ T5873] usb 5-1: USB disconnect, device number 19 [ 215.817920][ T5873] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 216.480593][T10308] ptrace attach of "./syz-executor exec"[5831] was attempted by ""[10308] [ 216.756045][T10314] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1985'. [ 216.783980][T10314] vlan0: entered allmulticast mode [ 216.823438][T10314] batadv0: entered allmulticast mode [ 217.015913][T10323] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1988'. [ 218.231834][T10370] sch_tbf: burst 0 is lower than device ip6tnl0 mtu (1452) ! [ 218.336029][T10374] Invalid/unusable pipe [ 218.806109][T10398] macsec1: entered allmulticast mode [ 218.811532][T10398] macvlan0: entered allmulticast mode [ 218.825423][T10398] macvlan0: left allmulticast mode [ 218.866497][T10404] sctp: [Deprecated]: syz.4.2015 (pid 10404) Use of int in max_burst socket option deprecated. [ 218.866497][T10404] Use struct sctp_assoc_value instead [ 218.981735][T10409] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2017'. [ 219.407314][T10431] kernel read not supported for file /]--.\- (pid: 10431 comm: syz.0.2025) [ 219.416096][T10432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2024'. [ 219.438782][T10432] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2024'. [ 219.926321][ T9374] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 220.086823][ T9374] usb 3-1: Using ep0 maxpacket: 32 [ 220.103709][ T9374] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 220.117464][ T9374] usb 3-1: config 0 has no interface number 0 [ 220.123894][ T9374] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 220.155897][ T9374] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 220.178862][ T9374] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 220.196643][ T9374] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.219346][ T9374] usb 3-1: config 0 descriptor?? [ 220.423620][T10476] vlan2: entered allmulticast mode [ 220.431952][T10476] macvtap0: entered allmulticast mode [ 220.842708][ T9374] uclogic 0003:28BD:0094.0026: pen parameters not found [ 220.856876][ T9374] uclogic 0003:28BD:0094.0026: interface is invalid, ignoring [ 220.874215][ T9374] usb 3-1: USB disconnect, device number 21 [ 221.415734][ T9374] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 221.635760][ T9374] usb 5-1: Using ep0 maxpacket: 8 [ 221.671935][ T9374] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 221.691494][ T9374] usb 5-1: config 0 interface 0 has no altsetting 0 [ 221.718703][ T9374] usb 5-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 221.765700][ T9374] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.787850][ T9374] usb 5-1: config 0 descriptor?? [ 222.235150][ T9374] steelseries 0003:1038:12B6.0027: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.4-1/input0 [ 222.575733][ T5873] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 222.626170][ T976] usb 5-1: USB disconnect, device number 20 [ 222.743333][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10 [ 222.773562][ T5873] usb 1-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00 [ 222.799881][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.826708][ T5873] usb 1-1: config 0 descriptor?? [ 223.248674][ T5873] hid (null): report_id 3552984689 is invalid [ 223.269596][ T5873] aquacomputer_d5next 0003:0C70:F011.0028: report_id 3552984689 is invalid [ 223.305689][ T5873] aquacomputer_d5next 0003:0C70:F011.0028: item 0 4 1 8 parsing failed [ 223.314879][ T5873] aquacomputer_d5next 0003:0C70:F011.0028: probe with driver aquacomputer_d5next failed with error -22 [ 223.469839][ T5873] usb 1-1: USB disconnect, device number 19 [ 223.775688][ T9374] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 223.955897][ T9374] usb 5-1: Using ep0 maxpacket: 16 [ 223.983230][ T9374] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11 [ 224.004840][ T9374] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 224.025236][ T9374] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 224.060678][ T9374] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 224.082824][ T9374] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 224.111380][ T9374] usb 5-1: SerialNumber: syz [ 224.124166][T10572] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 224.325282][T10601] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2085'. [ 224.387984][ T9374] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 224.440461][ T9374] usb 5-1: USB disconnect, device number 21 [ 224.967418][ T9374] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 225.145626][ T9374] usb 3-1: Using ep0 maxpacket: 8 [ 225.161178][ T9374] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 225.170042][ T9374] usb 3-1: config 179 has no interface number 0 [ 225.180542][ T9374] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 225.202216][ T9374] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 225.244439][ T9374] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 225.258301][ T9374] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 225.287128][ T9374] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 225.321082][ T9374] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 225.343305][ T9374] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.366466][T10617] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 225.676043][ T9374] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input21 [ 226.225231][ T9374] usb 3-1: USB disconnect, device number 22 [ 226.225297][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 226.239627][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 226.294546][ T9374] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 226.690113][T10679] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2123'. [ 226.691083][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 226.691105][ T30] audit: type=1326 audit(1744110587.484:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7efe5ad84127 code=0x7ffc0000 [ 226.787892][ T30] audit: type=1326 audit(1744110587.524:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efe5ad29359 code=0x7ffc0000 [ 226.879476][ T30] audit: type=1326 audit(1744110587.524:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7efe5ad84127 code=0x7ffc0000 [ 226.898946][T10686] loop9: detected capacity change from 0 to 7 [ 226.931940][ T30] audit: type=1326 audit(1744110587.524:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efe5ad29359 code=0x7ffc0000 [ 226.962759][T10686] Dev loop9: unable to read RDB block 7 [ 226.979180][T10686] loop9: unable to read partition table [ 226.989529][ T30] audit: type=1326 audit(1744110587.534:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7efe5ad84127 code=0x7ffc0000 [ 226.999721][T10686] loop9: partition table beyond EOD, [ 227.031180][ T30] audit: type=1326 audit(1744110587.534:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efe5ad29359 code=0x7ffc0000 [ 227.053540][T10686] truncated [ 227.058991][ T30] audit: type=1326 audit(1744110587.534:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7efe5ad84127 code=0x7ffc0000 [ 227.088628][ T30] audit: type=1326 audit(1744110587.534:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efe5ad29359 code=0x7ffc0000 [ 227.094751][T10686] loop_reread_partitions: partition scan of loop9 (被x󟣑 ) failed (rc=-5) [ 227.205599][ T30] audit: type=1326 audit(1744110587.534:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7efe5ad84127 code=0x7ffc0000 [ 227.274408][ T30] audit: type=1326 audit(1744110587.534:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10677 comm="syz.3.2122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efe5ad29359 code=0x7ffc0000 [ 228.126491][T10739] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2150'. [ 228.595914][ T9374] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 228.856403][ T9374] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.875618][ T9374] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 228.905923][ T9374] usb 1-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00 [ 228.915051][ T9374] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.027243][ T9374] usb 1-1: config 0 descriptor?? [ 229.452182][ T9374] hid-generic 0003:05AC:4262.0029: unbalanced delimiter at end of report description [ 229.496362][ T9374] hid-generic 0003:05AC:4262.0029: probe with driver hid-generic failed with error -22 [ 229.628536][T10778] loop6: detected capacity change from 0 to 8 [ 229.678587][ T5873] usb 1-1: USB disconnect, device number 20 [ 229.681042][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.694074][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.729478][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.738716][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.762708][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.772044][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.783310][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.792538][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.802954][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.812181][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.821114][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.830335][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.841183][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.850417][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.859835][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.869064][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.877000][T10778] ldm_validate_partition_table(): Disk read failed. [ 229.911970][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.921213][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.936407][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.945666][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 229.961529][T10778] Dev loop6: unable to read RDB block 0 [ 229.973619][T10778] loop6: unable to read partition table [ 230.006385][T10778] loop6: partition table beyond EOD, truncated [ 230.015798][T10778] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 230.086409][ T5199] ldm_validate_partition_table(): Disk read failed. [ 230.104975][ T5199] Dev loop6: unable to read RDB block 0 [ 230.146685][ T5199] loop6: unable to read partition table [ 230.152747][ T5199] loop6: partition table beyond EOD, truncated [ 230.555140][T10802] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2175'. [ 230.579529][T10803] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2174'. [ 231.496852][ T5873] kernel write not supported for file /video8 (pid: 5873 comm: kworker/0:3) [ 231.816554][T10856] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2200'. [ 231.854368][T10856] nbd: couldn't find device at index 131080 [ 232.004524][T10862] Context (ID=0x1) not attached to queue pair (handle=0x2:0x784e) [ 232.800733][T10897] netlink: 'syz.4.2221': attribute type 10 has an invalid length. [ 232.841416][T10897] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 233.275846][T10929] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2235'. [ 233.294113][T10929] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2235'. [ 233.313802][T10927] batadv_slave_1: entered promiscuous mode [ 233.384323][ T30] kauditd_printk_skb: 61 callbacks suppressed [ 233.384345][ T30] audit: type=1326 audit(1744110594.174:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10933 comm="syz.3.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 233.501176][ T30] audit: type=1326 audit(1744110594.174:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10933 comm="syz.3.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 233.552343][T10936] bridge0: entered allmulticast mode [ 233.574503][T10936] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 233.582939][ T30] audit: type=1326 audit(1744110594.174:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10933 comm="syz.3.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 233.655152][ T30] audit: type=1326 audit(1744110594.174:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10933 comm="syz.3.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 233.709700][ T30] audit: type=1326 audit(1744110594.174:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10933 comm="syz.3.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 233.802092][ T30] audit: type=1326 audit(1744110594.224:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10933 comm="syz.3.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 233.865714][ T30] audit: type=1326 audit(1744110594.234:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10933 comm="syz.3.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 234.055847][T10958] netem: incorrect gi model size [ 234.082659][T10958] netem: change failed [ 234.517452][ T30] audit: type=1326 audit(1744110595.314:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10987 comm="syz.0.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e11d8d169 code=0x7ffc0000 [ 234.589908][ T30] audit: type=1326 audit(1744110595.334:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10987 comm="syz.0.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f2e11d8d169 code=0x7ffc0000 [ 234.615623][ T30] audit: type=1326 audit(1744110595.334:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10987 comm="syz.0.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e11d8d169 code=0x7ffc0000 [ 235.076427][T11016] pim6reg: entered allmulticast mode [ 235.090221][T11016] pim6reg: left allmulticast mode [ 235.115116][T11018] blkio.reset_stats is deprecated [ 235.475880][ T9376] usb 3-1: new full-speed USB device number 23 using dummy_hcd [ 235.637919][ T9376] usb 3-1: unable to get BOS descriptor or descriptor too short [ 235.662419][ T9376] usb 3-1: not running at top speed; connect to a high speed hub [ 235.686641][T11047] netlink: 'syz.4.2290': attribute type 11 has an invalid length. [ 235.693663][ T9376] usb 3-1: config 4 has an invalid interface number: 147 but max is 0 [ 235.713547][ T9376] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 235.755947][ T9376] usb 3-1: config 4 has no interface number 0 [ 235.782998][ T9376] usb 3-1: string descriptor 0 read error: -22 [ 235.794461][ T9376] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 235.815159][ T9376] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.883502][ T9376] usb 3-1: Found UVC 0.02 device (04f2:b746) [ 235.932232][ T9376] usb 3-1: No valid video chain found. [ 236.073019][ T9376] usb 3-1: USB disconnect, device number 23 [ 236.085611][ T5873] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 236.231698][T11065] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2299'. [ 236.285787][ T5873] usb 2-1: Using ep0 maxpacket: 32 [ 236.369809][ T5873] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 236.459010][ T5873] usb 2-1: config 0 has no interface number 0 [ 236.597790][ T5873] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 236.628529][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.662474][ T5873] usb 2-1: Product: syz [ 236.737072][ T5873] usb 2-1: Manufacturer: syz [ 236.741757][ T5873] usb 2-1: SerialNumber: syz [ 236.871961][ T5873] usb 2-1: config 0 descriptor?? [ 236.887930][ T5873] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 237.098759][ T5873] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 237.157594][ T5873] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 237.499800][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 237.509960][ T5873] usb 2-1: USB disconnect, device number 17 [ 237.530307][ T5873] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 237.570105][ T5873] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 237.608077][ T5873] quatech2 2-1:0.51: device disconnected [ 238.671003][T11144] sp0: Synchronizing with TNC [ 239.106899][T11162] sp0: Synchronizing with TNC [ 240.699587][T11234] program syz.2.2376 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 243.195165][T11334] sctp: [Deprecated]: syz.1.2421 (pid 11334) Use of struct sctp_assoc_value in delayed_ack socket option. [ 243.195165][T11334] Use struct sctp_sack_info instead [ 243.272414][T11336] bpf: Bad value for 'gid' [ 243.436402][T11340] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2424'. [ 243.474130][T11342] bridge_slave_0: default FDB implementation only supports local addresses [ 243.733574][T11353] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2430'. [ 244.255778][ T5873] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 244.418800][ T5873] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 244.445279][ T5873] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 244.475962][ T5873] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 244.515538][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.558506][T11364] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 244.573948][ T5873] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 244.592411][T11390] netem: change failed [ 244.947452][ T5873] usb 1-1: USB disconnect, device number 21 [ 244.953996][T11402] mkiss: ax0: crc mode is auto. [ 245.141019][T11402] Falling back ldisc for ttyS3. [ 245.195020][T11414] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 11414 comm: syz.2.2456) [ 245.265393][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 245.265417][ T30] audit: type=1800 audit(1744110606.054:144): pid=11414 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.2456" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=30980 res=0 errno=0 [ 246.169441][T11457] ip6tnl2: entered promiscuous mode [ 246.185080][T11457] ip6tnl2: entered allmulticast mode [ 246.190636][ T5840] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 246.195765][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 246.258479][T11461] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 246.273496][ T36] Bluetooth: hci5: Frame reassembly failed (-84) [ 246.292011][ T65] Bluetooth: hci5: Frame reassembly failed (-84) [ 246.483137][T11470] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 246.603976][T11476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2487'. [ 246.827549][ T976] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 246.987666][ T976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 247.019911][ T976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 247.050472][ T976] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 247.077232][ T976] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 247.091256][ T976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.114222][ T976] usb 3-1: config 0 descriptor?? [ 247.264818][T11490] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 247.557628][ T976] plantronics 0003:047F:FFFF.002A: item fetching failed at offset 13/15 [ 247.576555][ T976] plantronics 0003:047F:FFFF.002A: parse failed [ 247.582997][ T976] plantronics 0003:047F:FFFF.002A: probe with driver plantronics failed with error -22 [ 247.751140][ T976] usb 3-1: USB disconnect, device number 24 [ 248.271365][ T5840] Bluetooth: hci5: command 0x1003 tx timeout [ 248.276059][ T5834] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 248.638589][T11528] netlink: 'syz.4.2510': attribute type 10 has an invalid length. [ 248.663659][T11528] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.683210][T11528] bond0: (slave team0): Enslaving as an active interface with an up link [ 249.144793][ T30] audit: type=1326 audit(1744110609.934:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11542 comm="syz.0.2517" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e11d8d169 code=0x0 [ 249.758369][T11571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2530'. [ 249.817544][T11571] bond1 (unregistering): Released all slaves [ 250.095830][T11579] loop2: detected capacity change from 0 to 1 [ 250.109876][T11579] Dev loop2: unable to read RDB block 1 [ 250.125699][T11579] loop2: unable to read partition table [ 250.134420][T11579] loop2: partition table beyond EOD, truncated [ 250.142826][T11579] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 250.278804][T11588] netlink: 140 bytes leftover after parsing attributes in process `syz.2.2538'. [ 251.271103][T11622] netlink: 'syz.1.2553': attribute type 6 has an invalid length. [ 251.559931][ T976] kernel write not supported for file /vcs (pid: 976 comm: kworker/0:2) [ 251.686505][T11641] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 252.420891][T11672] netlink: 47 bytes leftover after parsing attributes in process `syz.2.2577'. [ 253.150050][T11707] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2593'. [ 253.205249][T11709] loop8: detected capacity change from 0 to 8 [ 253.230440][T11709] Dev loop8: unable to read RDB block 8 [ 253.251935][T11709] loop8: unable to read partition table [ 253.272572][T11709] loop8: partition table beyond EOD, truncated [ 253.295179][T11709] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 253.462747][T11717] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2598'. [ 254.905854][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 254.987638][T11780] tap0: tun_chr_ioctl cmd 1074025681 [ 255.260217][T11795] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 255.273240][ T30] audit: type=1804 audit(1744110616.064:146): pid=11794 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.2633" name="/newroot/539/bus" dev="tmpfs" ino=2742 res=1 errno=0 [ 255.297816][T11795] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 255.422441][T11801] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2637'. [ 255.555890][ T976] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 255.678473][T11810] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 255.709980][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.716627][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.725540][ T976] usb 4-1: Using ep0 maxpacket: 16 [ 255.732816][ T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.754390][ T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.765543][ T976] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 255.795630][ T976] usb 4-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c [ 255.812088][ T976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.841357][ T976] usb 4-1: config 0 descriptor?? [ 255.875313][T11818] ubi31: attaching mtd0 [ 255.881218][T11818] ubi31 error: ubi_attach_mtd_dev: bad VID header (327685) or data offsets (327749) [ 256.073559][T11797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 256.094699][T11797] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 256.366490][ T976] hid-multitouch 0003:045E:9994.002B: unknown main item tag 0x2 [ 256.390248][ T976] hid-multitouch 0003:045E:9994.002B: unknown main item tag 0x0 [ 256.424553][ T976] hid-multitouch 0003:045E:9994.002B: unknown main item tag 0x0 [ 256.434289][ T976] hid-multitouch 0003:045E:9994.002B: unknown main item tag 0x0 [ 256.451285][ T976] hid-multitouch 0003:045E:9994.002B: unknown main item tag 0x0 [ 256.459439][ T976] hid-multitouch 0003:045E:9994.002B: unknown main item tag 0x0 [ 256.467856][ T976] hid-multitouch 0003:045E:9994.002B: unbalanced collection at end of report description [ 256.486472][ T976] hid-multitouch 0003:045E:9994.002B: probe with driver hid-multitouch failed with error -22 [ 256.573747][ T9376] usb 4-1: USB disconnect, device number 16 [ 256.616022][ T9374] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 256.781803][ T9374] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 256.803417][ T9374] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 256.814249][ T9374] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 256.830115][ T9374] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.852156][T11839] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22 [ 256.873432][ T9374] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 256.888779][T11851] 9pnet_fd: Insufficient options for proto=fd [ 257.042309][T11855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2663'. [ 257.251555][ T976] usb 2-1: USB disconnect, device number 18 [ 259.181622][T11941] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2704'. [ 259.269773][T11947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2706'. [ 259.436035][T11955] unknown channel width for channel at 909000KHz? [ 259.757221][ T5840] Bluetooth: hci0: unexpected event for opcode 0x1005 [ 260.224629][T11989] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2728'. [ 260.241119][T11991] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2727'. [ 260.345807][ T5840] Bluetooth: hci5: command 0x1003 tx timeout [ 260.346374][ T5834] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 260.680610][T12003] syzkaller0: tun_chr_ioctl cmd 35111 [ 260.976460][T12021] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2741'. [ 261.040648][T12025] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2743'. [ 261.476525][T12047] netlink: 'syz.3.2752': attribute type 15 has an invalid length. [ 261.685005][T12061] --map-set only usable from mangle table [ 261.700780][T12059] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 263.135766][ T30] audit: type=1326 audit(1744110623.924:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.224370][ T30] audit: type=1326 audit(1744110623.924:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.248858][ T30] audit: type=1326 audit(1744110623.964:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.281928][ T30] audit: type=1326 audit(1744110623.964:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.404658][ T30] audit: type=1326 audit(1744110623.964:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.494364][ T30] audit: type=1326 audit(1744110623.964:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.591885][ T30] audit: type=1326 audit(1744110623.964:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.595989][T12122] input: syz1 as /devices/virtual/input/input27 [ 263.615614][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 263.771129][ T30] audit: type=1326 audit(1744110623.964:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 263.771232][T12127] block nbd3: NBD_DISCONNECT [ 263.855869][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 263.917786][ T30] audit: type=1326 audit(1744110623.964:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 264.050970][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 264.056876][ T30] audit: type=1326 audit(1744110623.974:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12108 comm="syz.3.2780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 264.726058][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 264.936258][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 265.455943][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 267.022292][T12260] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 267.713912][T12289] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2845'. [ 268.280139][T12311] ALSA: mixer_oss: invalid OSS volume '' [ 269.789698][T12373] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 270.972989][T12412] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 272.304058][T12443] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 272.332987][T12443] dvmrp1: linktype set to 776 [ 273.497243][T12501] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 274.027308][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 274.027330][ T30] audit: type=1326 audit(1744110635.821:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12529 comm="syz.1.2937" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9d3e98d169 code=0x0 [ 274.325807][ T5873] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 274.498713][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 274.528742][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 274.540973][ T5873] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 274.550623][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.578638][ T5873] usb 4-1: config 0 descriptor?? [ 274.784137][T12553] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2948'. [ 275.015226][ T5873] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0 [ 275.042214][ T5873] cp2112 0003:10C4:EA90.002C: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 275.195793][ T9374] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 275.209567][ T5873] cp2112 0003:10C4:EA90.002C: Part Number: 0x82 Device Version: 0xFE [ 275.277242][T12567] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2954'. [ 275.349985][ T9374] usb 2-1: Using ep0 maxpacket: 16 [ 275.377631][ T9374] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 25 [ 275.411221][ T5873] cp2112 0003:10C4:EA90.002C: error requesting SMBus config [ 275.411858][ T9374] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 275.434192][ T9374] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.445181][ T9374] usb 2-1: Product: syz [ 275.454783][ T9374] usb 2-1: Manufacturer: syz [ 275.462389][ T5873] cp2112 0003:10C4:EA90.002C: probe with driver cp2112 failed with error -71 [ 275.462506][ T9374] usb 2-1: SerialNumber: syz [ 275.485641][ T9374] usb 2-1: config 0 descriptor?? [ 275.493811][ T9374] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 275.508323][ T5873] usb 4-1: USB disconnect, device number 17 [ 276.309312][ T9374] ssu100 2-1:0.0: probe with driver ssu100 failed with error -71 [ 276.344774][ T9374] usb 2-1: USB disconnect, device number 19 [ 277.280925][T12641] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 277.564370][T12651] macsec2: entered promiscuous mode [ 277.581540][T12651] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 277.599719][T12651] macsec2: entered allmulticast mode [ 277.655797][T12651] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 278.230464][T12683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3009'. [ 278.628256][ T5873] usb 2-1: new full-speed USB device number 20 using dummy_hcd [ 278.798150][ T5873] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 278.827049][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 278.852055][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 278.875729][ T5873] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 278.896999][ T5873] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 278.906725][ T5873] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 278.915336][ T5873] usb 2-1: Manufacturer: syz [ 278.923298][ T5873] usb 2-1: config 0 descriptor?? [ 279.264451][T12723] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3027'. [ 279.316257][ T5873] rc_core: IR keymap rc-hauppauge not found [ 279.322605][ T5873] Registered IR keymap rc-empty [ 279.350757][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.391364][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.438213][ T5873] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 279.464107][ T5873] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input28 [ 279.523889][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.565853][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.626521][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.675661][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.719950][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.778743][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.835606][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.873494][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.915921][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.964557][ T5873] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 279.990602][ T5873] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 280.020248][ T5873] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 280.112251][ T5873] usb 2-1: USB disconnect, device number 20 [ 280.368719][ T9374] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 280.516807][T12763] input: syz1 as /devices/virtual/input/input29 [ 280.555962][ T9374] usb 3-1: Using ep0 maxpacket: 16 [ 280.587028][ T9374] usb 3-1: config index 0 descriptor too short (expected 69, got 36) [ 280.600700][ T9374] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 280.654040][ T9374] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 280.676127][ T9374] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.701855][ T9374] usb 3-1: Product: syz [ 280.709548][ T9374] usb 3-1: Manufacturer: syz [ 280.714215][ T9374] usb 3-1: SerialNumber: syz [ 280.731867][ T9374] usb 3-1: config 0 descriptor?? [ 280.761679][ T9374] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 281.321906][T12782] o2cb: This node has not been configured. [ 281.328539][T12782] o2cb: Cluster check failed. Fix errors before retrying. [ 281.336145][T12782] (syz.3.3054,12782,0):user_dlm_register:674 ERROR: status = -22 [ 281.344682][T12782] (syz.3.3054,12782,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 281.577589][ T9374] gspca_pac7302: reg_w() failed i: 78 v: 40 error -71 [ 281.584620][ T9374] gspca_pac7302 3-1:0.0: probe with driver gspca_pac7302 failed with error -71 [ 281.601660][ T9374] usb 3-1: USB disconnect, device number 25 [ 282.096469][ T976] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 282.218105][T12808] ALSA: mixer_oss: invalid index 40000 [ 282.281031][ T976] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 282.305580][ T976] usb 2-1: config 0 interface 0 has no altsetting 0 [ 282.319897][ T976] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 282.329771][ T976] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 282.370934][ T976] usb 2-1: Product: syz [ 282.375223][ T976] usb 2-1: Manufacturer: syz [ 282.384684][ T976] usb 2-1: SerialNumber: syz [ 282.413359][ T976] usb 2-1: config 0 descriptor?? [ 282.435217][ T976] usb 2-1: selecting invalid altsetting 0 [ 282.669507][ T976] usb 2-1: USB disconnect, device number 21 [ 283.128325][T12849] loop8: detected capacity change from 0 to 1 [ 283.139179][T12849] Dev loop8: unable to read RDB block 1 [ 283.149028][T12849] loop8: unable to read partition table [ 283.154959][T12849] loop8: partition table beyond EOD, truncated [ 283.163187][T12849] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 283.297099][ T9374] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 283.471798][ T9374] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 283.493208][ T9374] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 283.535969][ T9374] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 283.576368][ T9374] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.617920][T12845] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 283.629110][ T9374] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 283.726282][T12867] loop2: detected capacity change from 0 to 4039 [ 283.874275][ T9374] usb 1-1: USB disconnect, device number 22 [ 285.325592][ T9374] usb 4-1: new full-speed USB device number 18 using dummy_hcd [ 285.505959][ T9374] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 285.530594][T12918] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 285.541788][ T9374] usb 4-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 285.553314][ T9374] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.565163][ T9374] usb 4-1: Product: syz [ 285.569564][ T9374] usb 4-1: Manufacturer: syz [ 285.574602][ T9374] usb 4-1: SerialNumber: syz [ 285.626198][ T9374] usb 4-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 285.665582][ T9376] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 285.844878][ T9376] usb 2-1: Using ep0 maxpacket: 32 [ 285.872773][ T9376] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 285.904668][ T9376] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 285.922507][ T9376] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 285.932354][ T9376] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.953994][ T9376] usb 2-1: config 0 descriptor?? [ 286.406391][ T9376] savu 0003:1E7D:2D5A.002D: unknown main item tag 0x2 [ 286.417270][ T9376] savu 0003:1E7D:2D5A.002D: unknown main item tag 0x2 [ 286.434024][ T9376] savu 0003:1E7D:2D5A.002D: unbalanced collection at end of report description [ 286.457497][ T9374] usb 4-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 286.476688][ T9376] savu 0003:1E7D:2D5A.002D: parse failed [ 286.487075][ T9376] savu 0003:1E7D:2D5A.002D: probe with driver savu failed with error -22 [ 286.524863][ T9374] usb 4-1: USB disconnect, device number 18 [ 286.612681][ T9376] usb 2-1: USB disconnect, device number 22 [ 286.769458][T12955] netlink: 136 bytes leftover after parsing attributes in process `syz.0.3136'. [ 286.779649][T12955] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 287.240436][T12969] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3143'. [ 287.254631][T12969] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3143'. [ 287.270642][T12969] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3143'. [ 287.286571][T12972] ALSA: mixer_oss: invalid OSS volume '' [ 287.519612][T12988] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 287.519612][T12988] The task syz.3.3148 (12988) triggered the difference, watch for misbehavior. [ 287.913806][T13002] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3158'. [ 288.063843][ T30] audit: type=1326 audit(1744110649.851:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2e11d84127 code=0x7ffc0000 [ 288.115619][ T30] audit: type=1326 audit(1744110649.851:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e11d29359 code=0x7ffc0000 [ 288.170936][ T30] audit: type=1326 audit(1744110649.851:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e11d8d169 code=0x7ffc0000 [ 288.215934][ T30] audit: type=1326 audit(1744110649.851:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2e11d84127 code=0x7ffc0000 [ 288.285620][ T30] audit: type=1326 audit(1744110649.851:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e11d29359 code=0x7ffc0000 [ 288.331165][ T30] audit: type=1326 audit(1744110649.851:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f2e11d8d169 code=0x7ffc0000 [ 288.387203][ T30] audit: type=1326 audit(1744110649.851:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2e11d84127 code=0x7ffc0000 [ 288.454957][ T30] audit: type=1326 audit(1744110649.851:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e11d29359 code=0x7ffc0000 [ 288.585881][ T30] audit: type=1326 audit(1744110649.861:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e11d8d169 code=0x7ffc0000 [ 288.641216][ T30] audit: type=1326 audit(1744110649.891:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13005 comm="syz.0.3161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2e11d84127 code=0x7ffc0000 [ 288.756629][T13032] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 290.082451][T13085] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3197'. [ 290.138879][T13085] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3197'. [ 290.196073][T13085] bridge0: port 3(vlan3) entered blocking state [ 290.210658][T13085] bridge0: port 3(vlan3) entered disabled state [ 290.256171][T13085] vlan3: entered allmulticast mode [ 290.261475][T13085] bridge0: entered allmulticast mode [ 290.278587][T13085] vlan3: left allmulticast mode [ 290.299261][T13085] bridge0: left allmulticast mode [ 290.396618][ T9376] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 290.563908][ T9376] usb 2-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 290.578003][ T9376] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.596675][ T9376] usb 2-1: Product: syz [ 290.600929][ T9376] usb 2-1: Manufacturer: syz [ 290.605956][ T9376] usb 2-1: SerialNumber: syz [ 290.624948][ T9376] usb 2-1: config 0 descriptor?? [ 291.062993][ T9376] mos7840 2-1:0.0: required endpoints missing [ 291.111070][ T9376] usb 2-1: USB disconnect, device number 23 [ 291.529823][ T36] bridge_slave_1: left allmulticast mode [ 291.548601][ T36] bridge_slave_1: left promiscuous mode [ 291.556750][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.645052][ T36] bridge_slave_0: left allmulticast mode [ 291.662253][ T36] bridge_slave_0: left promiscuous mode [ 291.676773][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.012190][T13123] loop6: detected capacity change from 0 to 63 [ 292.139818][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 292.150975][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 292.159768][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 292.168978][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 292.177136][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 292.863601][ T36] team0: Port device bridge1 removed [ 293.100418][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 293.114132][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 293.124862][ T36] bond0 (unregistering): Released all slaves [ 293.146808][T13125] netlink: 'syz.2.3214': attribute type 1 has an invalid length. [ 293.979972][ T36] mac80211_hwsim hwsim4 wlan0 (unregistering): left allmulticast mode [ 294.035871][ T36] mac80211_hwsim hwsim4 wlan0 (unregistering): left promiscuous mode [ 294.278134][ T5840] Bluetooth: hci0: command tx timeout [ 294.498747][ T36] hsr_slave_0: left promiscuous mode [ 294.525819][ T36] hsr_slave_1: left promiscuous mode [ 294.546686][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.569870][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 295.241157][ T36] team0 (unregistering): Port device team_slave_1 removed [ 295.280333][ T36] team0 (unregistering): Port device team_slave_0 removed [ 295.635028][T13128] chnl_net:caif_netlink_parms(): no params data found [ 295.971699][T13240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3253'. [ 296.007142][T13240] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3253'. [ 296.022081][T13240] nbd: socks must be embedded in a SOCK_ITEM attr [ 296.111793][T13128] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.136059][T13128] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.158186][T13128] bridge_slave_0: entered allmulticast mode [ 296.175401][T13128] bridge_slave_0: entered promiscuous mode [ 296.209047][T13128] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.240716][T13128] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.264723][T13128] bridge_slave_1: entered allmulticast mode [ 296.273230][T13128] bridge_slave_1: entered promiscuous mode [ 296.346725][ T5840] Bluetooth: hci0: command tx timeout [ 296.433318][T13128] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 296.449491][T13128] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 296.644930][T13258] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input30 [ 296.680306][T13128] team0: Port device team_slave_0 added [ 296.740210][T13128] team0: Port device team_slave_1 added [ 296.973137][T13128] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 296.989978][T13128] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.024916][T13128] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 297.100239][T13128] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 297.128775][T13128] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 297.195871][T13128] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 297.449487][T13128] hsr_slave_0: entered promiscuous mode [ 297.453820][T13128] hsr_slave_1: entered promiscuous mode [ 297.484639][T13128] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 297.484726][T13128] Cannot create hsr debugfs directory [ 297.705695][ T9374] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 297.865891][ T9374] usb 2-1: Using ep0 maxpacket: 16 [ 297.873255][ T9374] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 297.873291][ T9374] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.873313][ T9374] usb 2-1: Product: syz [ 297.873330][ T9374] usb 2-1: Manufacturer: syz [ 297.873347][ T9374] usb 2-1: SerialNumber: syz [ 297.886223][ T9374] r8152-cfgselector 2-1: Unknown version 0x0000 [ 297.886257][ T9374] r8152-cfgselector 2-1: config 0 descriptor?? [ 297.914711][T13296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3271'. [ 297.991983][T13296] vlan2: entered allmulticast mode [ 297.992014][T13296] dummy0: entered allmulticast mode [ 298.251203][ T9374] r8152-cfgselector 2-1: Unknown version 0x0000 [ 298.251448][ T9374] r8152-cfgselector 2-1: bad CDC descriptors [ 298.255140][ T9374] r8152-cfgselector 2-1: USB disconnect, device number 24 [ 298.429865][ T5840] Bluetooth: hci0: command tx timeout [ 298.888425][T13317] ptrace attach of "./syz-executor exec"[5835] was attempted by ""[13317] [ 298.976110][T13128] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 298.997896][T13128] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 299.021896][T13128] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 299.041790][T13128] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 299.359161][T13128] 8021q: adding VLAN 0 to HW filter on device bond0 [ 299.424752][T13128] 8021q: adding VLAN 0 to HW filter on device team0 [ 299.449619][ T3063] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.461432][ T3063] bridge0: port 1(bridge_slave_0) entered forwarding state [ 299.489357][ T3063] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.489475][ T3063] bridge0: port 2(bridge_slave_1) entered forwarding state [ 299.975067][T13344] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3282'. [ 300.170441][T13128] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.278044][T13355] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3285'. [ 300.393832][T13128] veth0_vlan: entered promiscuous mode [ 300.469522][T13128] veth1_vlan: entered promiscuous mode [ 300.506225][ T5840] Bluetooth: hci0: command tx timeout [ 300.611198][T13128] veth0_macvtap: entered promiscuous mode [ 300.663615][T13128] veth1_macvtap: entered promiscuous mode [ 300.748378][T13128] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 300.809617][T13128] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 300.844592][T13128] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.855631][T13128] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.874761][T13128] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.895279][T13128] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.205673][T12107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 301.213558][T12107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.390976][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 301.418528][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.476194][ T5873] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 301.655680][ T5873] usb 2-1: Using ep0 maxpacket: 8 [ 301.671259][ T5873] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 301.696632][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 301.728816][ T5873] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 301.764610][T13394] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 301.765681][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 301.772060][T13394] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 301.792100][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 301.846725][ T5873] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 301.854275][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 301.885280][ T5873] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 301.911001][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 301.932867][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 301.968605][ T5873] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 301.978058][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 302.013009][ T5873] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 302.036791][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 302.070327][ T5873] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 302.110090][ T5873] usb 2-1: string descriptor 0 read error: -22 [ 302.116855][ T5873] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 302.145756][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 302.196527][ T5873] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 302.466923][ T9374] usb 2-1: USB disconnect, device number 25 [ 302.765828][ T5873] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 302.883460][T13435] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3307'. [ 302.936170][ T5873] usb 4-1: Using ep0 maxpacket: 8 [ 302.947918][ T5873] usb 4-1: config 0 has no interfaces? [ 302.968679][ T5873] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 302.984963][ T5873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.005649][ T5873] usb 4-1: Product: syz [ 303.009966][ T5873] usb 4-1: Manufacturer: syz [ 303.014614][ T5873] usb 4-1: SerialNumber: syz [ 303.056980][ T5873] usb 4-1: config 0 descriptor?? [ 303.298873][ T10] usb 4-1: USB disconnect, device number 19 [ 303.560647][T13461] loop8: detected capacity change from 0 to 1 [ 303.587610][T13461] Dev loop8: unable to read RDB block 1 [ 303.593272][T13461] loop8: unable to read partition table [ 303.631824][T13461] loop8: partition table beyond EOD, truncated [ 303.641815][T13461] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 304.040045][T13476] usb usb1: usbfs: process 13476 (syz.3.3319) did not claim interface 0 before use [ 304.057051][T13481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3321'. [ 304.105039][T13481] netlink: 27 bytes leftover after parsing attributes in process `syz.0.3321'. [ 304.748127][ T5873] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 304.864613][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 304.864636][ T30] audit: type=1326 audit(1744110666.651:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.4.3329" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x0 [ 304.945940][ T5873] usb 1-1: Using ep0 maxpacket: 16 [ 304.957628][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 304.993749][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 305.009999][ T5873] usb 1-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00 [ 305.044029][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.068848][ T5873] usb 1-1: config 0 descriptor?? [ 305.517270][ T5873] zeroplus 0003:0C12:0030.002E: unknown main item tag 0x0 [ 305.545005][ T5873] zeroplus 0003:0C12:0030.002E: unknown main item tag 0x0 [ 305.570539][ T5873] zeroplus 0003:0C12:0030.002E: unknown main item tag 0x0 [ 305.588098][ T5873] zeroplus 0003:0C12:0030.002E: unknown main item tag 0x0 [ 305.601488][ T5873] zeroplus 0003:0C12:0030.002E: unknown main item tag 0x0 [ 305.613010][ T5873] zeroplus 0003:0C12:0030.002E: hidraw0: USB HID v0.00 Device [HID 0c12:0030] on usb-dummy_hcd.0-1/input0 [ 305.626009][ T5873] zeroplus 0003:0C12:0030.002E: no inputs found [ 305.733666][ T9376] usb 1-1: USB disconnect, device number 23 [ 306.766041][ T976] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 306.930773][ T976] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 306.965567][ T976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.999282][ T976] usb 4-1: config 0 descriptor?? [ 307.015274][ T976] cp210x 4-1:0.0: cp210x converter detected [ 307.042281][T13585] netlink: 'syz.4.3360': attribute type 1 has an invalid length. [ 307.428855][ T976] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 307.474203][ T976] usb 4-1: cp210x converter now attached to ttyUSB0 [ 307.685809][ T976] usb 4-1: USB disconnect, device number 20 [ 307.717843][ T976] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 307.745077][ T976] cp210x 4-1:0.0: device disconnected [ 308.620877][T13633] vivid-000: disconnect [ 308.637894][T13630] vivid-000: reconnect [ 309.579692][T13664] netlink: 'syz.0.3399': attribute type 1 has an invalid length. [ 309.785707][ T10] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 309.952555][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 309.970636][ T10] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 309.998682][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.022169][ T10] usb 2-1: config 0 descriptor?? [ 310.046556][ T10] gspca_main: sunplus-2.14.0 probing 041e:400b [ 310.155816][ T9376] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 310.326567][ T9376] usb 1-1: Using ep0 maxpacket: 8 [ 310.350857][ T9376] usb 1-1: config 1 interface 0 has no altsetting 0 [ 310.370905][ T9376] usb 1-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.40 [ 310.392012][ T9376] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.411542][ T9376] usb 1-1: Product: syz [ 310.416097][ T9376] usb 1-1: Manufacturer: syz [ 310.420757][ T9376] usb 1-1: SerialNumber: syz [ 310.525577][ T30] audit: type=1326 audit(1744110672.311:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13702 comm="syz.4.3417" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f42f818d169 code=0x0 [ 310.546589][ C0] vkms_vblank_simulate: vblank timer overrun [ 310.646936][T13708] netlink: 312 bytes leftover after parsing attributes in process `syz.3.3419'. [ 310.667488][ T10] gspca_sunplus: reg_r err -71 [ 310.672432][ T10] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 310.680998][ T9376] usbhid 1-1:1.0: can't add hid device: -71 [ 310.693302][ T9376] usbhid 1-1:1.0: probe with driver usbhid failed with error -71 [ 310.699858][ T10] usb 2-1: USB disconnect, device number 26 [ 310.709842][ T9376] usb 1-1: USB disconnect, device number 24 [ 311.615713][ T9374] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 311.787608][ T9374] usb 4-1: Using ep0 maxpacket: 32 [ 311.811851][ T9374] usb 4-1: config 0 interface 0 has no altsetting 0 [ 311.841335][ T9374] usb 4-1: New USB device found, idVendor=056a, idProduct=033c, bcdDevice= 0.00 [ 311.885625][ T9374] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.933384][ T9374] usb 4-1: config 0 descriptor?? [ 312.375345][ T9374] wacom 0003:056A:033C.002F: unknown main item tag 0x6 [ 312.395619][ T9374] wacom 0003:056A:033C.002F: item fetching failed at offset 6/7 [ 312.426298][ T9374] wacom 0003:056A:033C.002F: parse failed [ 312.432270][ T9374] wacom 0003:056A:033C.002F: probe with driver wacom failed with error -22 [ 312.584794][ T9374] usb 4-1: USB disconnect, device number 21 [ 313.007687][T13778] loop4: detected capacity change from 0 to 524255232 [ 314.110305][T13809] netlink: 165 bytes leftover after parsing attributes in process `syz.1.3465'. [ 314.286362][T13815] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3468'. [ 316.374450][T13883] dummy0: entered allmulticast mode [ 316.382766][T13882] dummy0: left allmulticast mode [ 317.055615][ T5886] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 317.150663][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.158772][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.239323][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 317.264557][ T5886] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 317.276103][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 317.294905][ T5886] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 317.319677][ T5886] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 317.343189][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.355473][ T5886] usb 3-1: Product: syz [ 317.360575][ T5886] usb 3-1: Manufacturer: syz [ 317.366887][ T5886] usb 3-1: SerialNumber: syz [ 317.390375][ T5886] usb 3-1: config 0 descriptor?? [ 317.404362][ T5886] ums-isd200 3-1:0.0: USB Mass Storage device detected [ 317.557771][ T976] usb 2-1: new low-speed USB device number 27 using dummy_hcd [ 317.631304][ T5886] scsi host1: usb-storage 3-1:0.0 [ 317.764854][ T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 317.786597][ T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8 [ 317.816968][ T976] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 317.847920][ T5873] usb 3-1: USB disconnect, device number 26 [ 317.868788][ T976] usb 2-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00 [ 317.886947][ T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.908945][ T976] usb 2-1: config 0 descriptor?? [ 317.916055][T13919] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 317.951779][T13937] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 317.978390][T13937] syzkaller0: linktype set to 804 [ 318.205696][T13916] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3498'. [ 318.249064][ T976] usbhid 2-1:0.0: can't add hid device: -71 [ 318.257192][ T976] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 318.281514][ T976] usb 2-1: USB disconnect, device number 27 [ 318.727023][T13953] team0: No ports can be present during mode change [ 319.071916][T13968] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3518'. [ 319.271194][T13972] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3521'. [ 319.334715][T13972] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.913557][ T5873] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 319.969804][T14001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3534'. [ 319.989464][T14001] netlink: 'syz.2.3534': attribute type 20 has an invalid length. [ 320.018578][T14001] netlink: 'syz.2.3534': attribute type 21 has an invalid length. [ 320.087612][ T5873] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 320.087648][ T5873] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 320.087669][ T5873] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 320.087693][ T5873] usb 2-1: config 1 has no interface number 1 [ 320.087737][ T5873] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 320.087779][ T5873] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 320.096461][ T5873] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 320.322992][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.352708][ T5873] usb 2-1: Product: syz [ 320.365350][ T5873] usb 2-1: Manufacturer: syz [ 320.379993][ T5873] usb 2-1: SerialNumber: syz [ 320.646700][ T5873] usb 2-1: No endpoint at altset 1, falling back to MIDI 1.0 [ 320.671220][ T5873] usb 2-1: MIDIStreaming interface descriptor not found [ 320.800563][ T5873] usb 2-1: USB disconnect, device number 28 [ 320.843610][T14024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3545'. [ 321.136908][T14031] vim2m vim2m.0: vidioc_s_fmt queue busy [ 322.054072][T14060] netlink: 'syz.0.3561': attribute type 1 has an invalid length. [ 322.198668][T14066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3564'. [ 322.452642][T14076] loop4: detected capacity change from 0 to 524255232 [ 322.949388][T14090] macvtap1: entered allmulticast mode [ 322.960292][T14090] batadv0: entered allmulticast mode [ 322.988144][T14090] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 324.808608][ T5886] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 324.868582][T14146] block device autoloading is deprecated and will be removed. [ 324.885943][T14146] syz.0.3600: attempt to access beyond end of device [ 324.885943][T14146] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 325.015741][ T5886] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 325.037267][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.068005][ T5886] usb 4-1: Product: syz [ 325.072646][ T5886] usb 4-1: Manufacturer: syz [ 325.085563][ T5886] usb 4-1: SerialNumber: syz [ 325.108148][ T5886] usb 4-1: config 0 descriptor?? [ 325.461295][T14153] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3603'. [ 325.550006][ T5886] usb 4-1: Firmware: major: 0, minor: 97, hardware type: ATUSB (0) [ 325.782508][ T5886] usb 4-1: failed to fetch extended address, random address set [ 325.830769][T14163] overlay: Unknown parameter ' [ 325.830769][T14163] time [ 325.830769][T14163] string [ 325.830769][T14163] statistic [ 325.830769][T14163] state [ 325.830769][T14163] realm [ 325.830769][T14163] rateest [ 325.830769][T14163] quota [ 325.830769][T14163] pkttype [ 325.830769][T14163] physdev [ 325.830769][T14163] cgroup [ 325.830769][T14163] cgroup [ 325.830769][T14163] cgroup [ 325.830769][T14163] owner [ 325.830769][T14163] nfacct [ 325.830769][T14163] nfacct [ 325.830769][T14163] mac [ 325.830769][T14163] limit [ 325.830769][T14163] ipvs [ 325.830769][T14163] helper [ 325.830769][T14163] devgroup [ 325.830769][T14163] cpu [ 325.830769][T14163] conntrack [ 325.830769][T14163] conntrack [ 325.830769][T14163] conntrack [ 325.830769][T14163] connlabel [ 325.830769][T14163] connbytes [ 325.830769][T14163] comment [ 325.830769][T14163] bpf [ 325.830769][T14163] bpf [ 325.830769][T14163] connmark [ 325.830769][T14163] mark [ 325.830769][T14163] rpfilter [ 325.830769][T14163] ah [ 325.830769][T14163] tcpmss [ 325.830769][T14163] socket [ 325.830769][T14163] socket [ 325.830769][T14163] socket [ 325.830769][T14163] socket [ 325.830769][T14163] sctp [ 325.830769][T14163] recent [ 325.830769][T14163] recent [ 325.830769][T14163] policy [ 325.830769][T14163] osf [ 325.830769][T14163] multiport [ 325.830769][T14163] length [ 325.830769][T14163] l2tp [ 325.830769][T14163] iprange [ 325.830769][T14163] ipcomp [ 325.830769][T14163] ttl [ 325.830769][T14163] hashlimit [ 325.830769][T14163] hashlimit [ 325.830769][T14163] hashlimit [ 325.830769][T14163] esp [ 325.830769][T14163] ecn [ 325.830769][T14163] tos [ 325.830769][T14163] dscp [ 325.830769][T14163] dccp [ 325.830769][T14163] connlimit [ 325.830769][T14163] cluster [ 325.830769][T14163] addrtype [ 325.830769][T14163] addrtype [ 325.830769][T14163] set [ 325.830769][T14163] set [ 325.830769][T14163] set [ 325.830769][T14163] set [ 325.830769][T14163] set [ 325.830769][T14163] icmp [ 326.074933][ T5886] usb 4-1: USB disconnect, device number 22 [ 326.109625][ T5834] Bluetooth: hci5: command 0x1003 tx timeout [ 326.116332][ T5840] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 326.155675][ T9374] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 326.340422][T14173] 8021q: adding VLAN 0 to HW filter on device bond1 [ 326.366540][ T9374] usb 1-1: Using ep0 maxpacket: 16 [ 326.376931][T14173] bond0: (slave bond1): Enslaving as an active interface with an up link [ 326.434980][ T9374] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 326.472117][ T9374] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 326.533591][ T9374] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 326.575766][ T9374] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.584470][ T9374] usb 1-1: Product: syz [ 326.645760][ T9374] usb 1-1: Manufacturer: syz [ 326.666458][ T9374] usb 1-1: SerialNumber: syz [ 327.121929][ T9374] usb 1-1: 0:2 : does not exist [ 327.336319][ T52] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 327.545787][ T52] usb 4-1: Using ep0 maxpacket: 16 [ 327.552398][ T9374] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 327.563795][ T52] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 327.605860][ T52] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 327.652922][ T52] usb 4-1: config 0 interface 0 has no altsetting 0 [ 327.675601][ T52] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 327.732493][ T9374] usb 1-1: USB disconnect, device number 25 [ 327.751051][ T52] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.808418][ T52] usb 4-1: config 0 descriptor?? [ 327.907173][ C1] hrtimer: interrupt took 2886383 ns [ 328.047978][ T5972] udevd[5972]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 328.245228][ T52] hid (null): unknown global tag 0xe [ 328.292600][ T52] hid (null): report_id 1564596566 is invalid [ 328.373241][ T52] hid (null): unknown global tag 0xc [ 328.462839][ T52] usb 4-1: USB disconnect, device number 23 [ 330.161591][T14250] netlink: 'syz.2.3645': attribute type 10 has an invalid length. [ 330.188841][T14250] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 330.201502][T14250] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 330.220492][T14250] netlink: 'syz.2.3645': attribute type 10 has an invalid length. [ 330.242634][T14250] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3645'. [ 330.269730][T14250] batadv0: entered promiscuous mode [ 330.286363][T14250] batadv0: entered allmulticast mode [ 330.299812][T14250] bond0: (slave batadv0): Releasing backup interface [ 330.334960][T14250] bridge0: port 3(batadv0) entered blocking state [ 330.344566][T14250] bridge0: port 3(batadv0) entered disabled state [ 330.458024][T13863] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 330.468091][T13863] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 330.541695][ T30] audit: type=1800 audit(1744110692.331:184): pid=14238 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.3640" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 330.875697][ T5873] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 331.025977][ T5873] usb 3-1: Using ep0 maxpacket: 16 [ 331.037694][ T5873] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 331.047972][ T5873] usb 3-1: config 0 interface 0 has no altsetting 0 [ 331.054685][ T5873] usb 3-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 331.064034][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.075737][ T5873] usb 3-1: config 0 descriptor?? [ 331.505020][ T5873] elecom 0003:056E:010D.0031: unknown main item tag 0x0 [ 331.512566][ T5873] elecom 0003:056E:010D.0031: unknown main item tag 0x0 [ 331.519749][ T5873] elecom 0003:056E:010D.0031: unexpected long global item [ 331.527940][ T5873] elecom 0003:056E:010D.0031: probe with driver elecom failed with error -22 [ 331.714553][ T5873] usb 3-1: USB disconnect, device number 27 [ 333.209146][ T30] audit: type=1326 audit(1744110695.001:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.305024][ T30] audit: type=1326 audit(1744110695.001:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.410140][ T30] audit: type=1326 audit(1744110695.001:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.435155][ T30] audit: type=1326 audit(1744110695.001:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.480297][ T30] audit: type=1326 audit(1744110695.001:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.519190][ T30] audit: type=1326 audit(1744110695.001:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.614266][ T30] audit: type=1326 audit(1744110695.001:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.704259][ T30] audit: type=1326 audit(1744110695.001:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 333.814204][ T30] audit: type=1326 audit(1744110695.001:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14295 comm="syz.3.3664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7efe5ad8d169 code=0x7ffc0000 [ 335.645805][ T5873] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 335.707795][T14346] overlayfs: disabling nfs_export due to verity=on [ 335.741174][T14348] netlink: 'syz.4.3687': attribute type 11 has an invalid length. [ 335.753769][T14348] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3687'. [ 335.806274][ T5873] usb 3-1: Using ep0 maxpacket: 32 [ 335.814176][ T5873] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 335.830919][ T5873] usb 3-1: config 0 has no interface number 0 [ 335.850169][ T5873] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 335.878733][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=229, SerialNumber=2 [ 335.900453][ T5873] usb 3-1: Product: syz [ 335.909273][ T5873] usb 3-1: Manufacturer: syz [ 335.920748][ T5873] usb 3-1: SerialNumber: syz [ 335.957905][ T5873] usb 3-1: config 0 descriptor?? [ 335.980017][ T5873] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 336.208595][ T5873] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 336.261320][ T5873] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 336.384170][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 336.384214][ T30] audit: type=1326 audit(1744110698.171:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 336.428978][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short [ 336.513042][ T30] audit: type=1326 audit(1744110698.171:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 336.600099][ T30] audit: type=1326 audit(1744110698.221:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 336.632556][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 336.641939][ T5940] usb 3-1: USB disconnect, device number 28 [ 336.678429][ T30] audit: type=1326 audit(1744110698.221:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 336.679416][ T5940] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 336.782361][ T30] audit: type=1326 audit(1744110698.221:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 336.859697][ T5940] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 336.885707][ T30] audit: type=1326 audit(1744110698.221:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 336.893306][ T5940] quatech2 3-1:0.51: device disconnected [ 336.982230][ T30] audit: type=1326 audit(1744110698.221:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 337.059949][ T30] audit: type=1326 audit(1744110698.221:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 337.124685][ T30] audit: type=1326 audit(1744110698.241:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 337.205581][ T30] audit: type=1326 audit(1744110698.241:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14363 comm="syz.4.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42f818d169 code=0x7ffc0000 [ 337.591447][T14390] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3707'. [ 337.626299][T14390] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3707'. [ 337.860141][T14399] netlink: 'syz.1.3712': attribute type 21 has an invalid length. [ 337.877494][T14399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3712'. [ 337.902066][T14401] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3713'. [ 338.712501][T14430] netlink: 'syz.2.3726': attribute type 10 has an invalid length. [ 338.741796][T14430] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3726'. [ 338.771306][T14430] team0: entered promiscuous mode [ 338.779223][T14430] team_slave_0: entered promiscuous mode [ 338.789520][T14430] team_slave_1: entered promiscuous mode [ 338.803129][T14430] vlan0: entered promiscuous mode [ 338.813305][T14430] team0: entered allmulticast mode [ 338.822284][T14430] team_slave_0: entered allmulticast mode [ 338.834165][T14430] team_slave_1: entered allmulticast mode [ 338.863431][T14430] vlan0: entered allmulticast mode [ 338.870070][T14430] veth0_vlan: entered allmulticast mode [ 338.890065][T14430] 8021q: adding VLAN 0 to HW filter on device team0 [ 338.911334][T14430] bridge0: port 4(team0) entered blocking state [ 338.924658][T14430] bridge0: port 4(team0) entered disabled state [ 340.283736][T14491] loop6: detected capacity change from 0 to 8 [ 340.294872][ C0] blk_print_req_error: 22 callbacks suppressed [ 340.294897][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.310678][ C0] buffer_io_error: 22 callbacks suppressed [ 340.310699][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.337687][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.347044][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.379592][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.415769][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.424215][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.475637][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.535769][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.572815][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.600336][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.630220][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.656264][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.672321][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.692367][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.703278][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.749772][ T52] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 340.782588][T14491] ldm_validate_partition_table(): Disk read failed. [ 340.806664][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.900709][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.911778][T14491] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 340.926332][ T52] usb 2-1: Using ep0 maxpacket: 32 [ 340.948233][T14491] Buffer I/O error on dev loop6, logical block 0, async page read [ 340.971124][ T52] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9 [ 341.013751][T14491] Dev loop6: unable to read RDB block 0 [ 341.035126][ T52] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 341.051128][T14491] loop6: unable to read partition table [ 341.068595][ T52] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.083197][ T52] usb 2-1: Product: syz [ 341.088073][ T52] usb 2-1: Manufacturer: syz [ 341.093375][ T52] usb 2-1: SerialNumber: syz [ 341.103509][T14491] loop6: partition table beyond EOD, truncated [ 341.117695][ T52] usb 2-1: config 0 descriptor?? [ 341.127749][T14498] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 341.133387][T14491] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 341.178839][ T52] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input32 [ 341.447868][ T5940] usb 2-1: USB disconnect, device number 29 [ 341.447933][ C1] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 341.765684][ T9374] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 341.925527][ T9374] usb 1-1: Using ep0 maxpacket: 32 [ 341.944606][ T9374] usb 1-1: config 0 has an invalid interface number: 85 but max is 0 [ 341.953922][ T9374] usb 1-1: config 0 has no interface number 0 [ 341.971078][ T9374] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 341.993578][ T9374] usb 1-1: config 0 interface 85 has no altsetting 0 [ 342.033686][ T9374] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 342.064286][ T9374] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.083241][ T9374] usb 1-1: Product: syz [ 342.096247][ T9374] usb 1-1: Manufacturer: syz [ 342.117698][ T9374] usb 1-1: SerialNumber: syz [ 342.156041][ T9374] usb 1-1: config 0 descriptor?? [ 342.395621][ T10] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 342.550431][ T10] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 342.570710][ T10] usb 3-1: config 0 interface 0 has no altsetting 0 [ 342.586774][ T10] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 342.600890][ T10] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 342.610671][ T10] usb 3-1: Product: syz [ 342.614928][ T10] usb 3-1: Manufacturer: syz [ 342.624676][ T10] usb 3-1: SerialNumber: syz [ 342.641135][ T10] usb 3-1: config 0 descriptor?? [ 342.680574][ T10] usb 3-1: selecting invalid altsetting 0 [ 342.790445][ T9374] appletouch 1-1:0.85: Geyser mode initialized. [ 342.844088][ T9374] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input33 [ 342.980992][ T10] usb 3-1: USB disconnect, device number 29 [ 343.060379][ T5886] usb 1-1: USB disconnect, device number 26 [ 343.140691][ T5886] appletouch 1-1:0.85: input: appletouch disconnected [ 343.283985][T14551] netlink: 'syz.3.3782': attribute type 1 has an invalid length. [ 343.314228][ T9374] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 343.495855][ T9374] usb 2-1: Using ep0 maxpacket: 16 [ 343.518976][ T9374] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 343.556096][ T9374] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 343.579536][ T9374] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 343.602537][ T9374] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.636416][ T9374] usb 2-1: config 0 descriptor?? [ 343.986198][ T10] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 344.080316][ T9374] hid-multitouch 0003:1FD2:6007.0032: unknown main item tag 0x0 [ 344.107496][ T9374] hid-multitouch 0003:1FD2:6007.0032: unknown main item tag 0x0 [ 344.128399][ T9374] hid-multitouch 0003:1FD2:6007.0032: unknown main item tag 0x0 [ 344.160247][ T9374] hid-multitouch 0003:1FD2:6007.0032: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0 [ 344.180983][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 344.183455][T14577] netlink: 136 bytes leftover after parsing attributes in process `syz.2.3794'. [ 344.216571][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.231686][ T10] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 344.252974][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.320339][ T10] usb 1-1: config 0 descriptor?? [ 344.342229][ T10] usb 1-1: can't set config #0, error -71 [ 344.351263][ T5873] usb 2-1: USB disconnect, device number 30 [ 344.435576][ T10] usb 1-1: USB disconnect, device number 27 [ 344.517258][T14579] netlink: 192 bytes leftover after parsing attributes in process `syz.4.3795'. [ 344.892630][T14594] ALSA: mixer_oss: invalid OSS volume 'P7{*;+$p' [ 344.900864][T14594] ALSA: mixer_oss: invalid OSS volume '' [ 344.916871][T14594] ALSA: mixer_oss: invalid OSS volume 'b$Kf7?]3sX' [ 344.928587][T14594] ALSA: mixer_oss: invalid OSS volume 'K׍?Fg' [ 344.959320][T14594] ALSA: mixer_oss: invalid OSS volume '.L!t8yW+$NJs' [ 346.431277][T14646] netlink: 'syz.2.3826': attribute type 8 has an invalid length. [ 346.617271][T14650] netlink: 'syz.0.3827': attribute type 10 has an invalid length. [ 346.647100][T14650] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3827'. [ 346.670524][T14650] team0: entered promiscuous mode [ 346.676334][T14650] team_slave_0: entered promiscuous mode [ 346.683388][T14650] team_slave_1: entered promiscuous mode [ 346.690909][T14650] team0: entered allmulticast mode [ 346.698413][T14650] team_slave_0: entered allmulticast mode [ 346.707431][T14650] team_slave_1: entered allmulticast mode [ 346.738848][T14650] bridge0: port 3(team0) entered blocking state [ 346.750757][T14650] bridge0: port 3(team0) entered disabled state [ 346.791012][T14650] bridge0: port 3(team0) entered blocking state [ 346.798164][T14650] bridge0: port 3(team0) entered forwarding state [ 347.447481][T14677] pimreg3: entered allmulticast mode [ 347.460447][T14676] pimreg3: left allmulticast mode [ 347.468430][T14679] netlink: 'syz.0.3841': attribute type 9 has an invalid length. [ 347.991195][T14690] sctp: [Deprecated]: syz.4.3846 (pid 14690) Use of int in maxseg socket option. [ 347.991195][T14690] Use struct sctp_assoc_value instead [ 348.275803][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 348.275845][ T30] audit: type=1326 audit(1744110710.061:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.379662][ T30] audit: type=1326 audit(1744110710.101:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.448252][ T30] audit: type=1326 audit(1744110710.101:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.525881][ T30] audit: type=1326 audit(1744110710.101:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.547594][ C0] vkms_vblank_simulate: vblank timer overrun [ 348.574297][ T30] audit: type=1326 audit(1744110710.101:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.606191][ T30] audit: type=1326 audit(1744110710.111:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.637346][ T30] audit: type=1326 audit(1744110710.111:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.665855][ T30] audit: type=1326 audit(1744110710.111:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.693063][ T30] audit: type=1326 audit(1744110710.111:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14701 comm="syz.2.3852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddcd58d169 code=0x7ffc0000 [ 348.717422][ T30] audit: type=1326 audit(1744110710.421:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14707 comm="syz.2.3856" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fddcd58d169 code=0x0 [ 348.781086][T14719] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3860'. [ 348.905589][ T5886] usb 4-1: new low-speed USB device number 24 using dummy_hcd [ 349.056681][T14727] loop7: detected capacity change from 0 to 2 [ 349.082592][T14727] Dev loop7: unable to read RDB block 2 [ 349.091565][ T5886] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 349.105910][ T5886] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid maxpacket 1023, setting to 8 [ 349.110341][T14727] loop7: unable to read partition table [ 349.121177][ T5886] usb 4-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 349.132296][T14727] loop7: partition table beyond EOD, [ 349.137822][ T5886] usb 4-1: config 0 interface 0 has no altsetting 0 [ 349.137994][T14727] truncated [ 349.143987][ T5886] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 349.158218][T14727] loop_reread_partitions: partition scan of loop7 (被xڬdƤݡ [ 349.158218][T14727] ) failed (rc=-5) [ 349.164191][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 349.193345][ T5886] usb 4-1: config 0 descriptor?? [ 349.200784][T14714] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 349.653109][ T5886] uclogic 0003:28BD:0094.0033: interface is invalid, ignoring [ 349.891845][ T10] usb 4-1: USB disconnect, device number 24 [ 350.673362][T14777] can0: slcan on ttyS3. [ 350.731886][T14780] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 350.757901][T14777] can0 (unregistered): slcan off ttyS3. [ 350.781228][T14782] macvtap1: entered promiscuous mode [ 350.787272][T14782] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 350.797787][T14782] batman_adv: batadv0: Adding interface: macvtap1 [ 350.806202][T14782] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 350.868401][T14782] batman_adv: batadv0: Interface activated: macvtap1 [ 351.179765][T14794] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3895'. [ 351.721817][ T9374] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 351.900123][ T9374] usb 4-1: Using ep0 maxpacket: 16 [ 351.933402][ T9374] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.962387][ T9374] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.980711][ T9374] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 351.991551][ T9374] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 352.005359][ T9374] usb 4-1: config 0 descriptor?? [ 352.035850][ T5886] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 352.208770][ T5886] usb 1-1: Using ep0 maxpacket: 8 [ 352.221461][ T5886] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 56832, setting to 1024 [ 352.244110][ T5886] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 352.278910][ T5886] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 352.306066][ T5886] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 352.348673][ T5886] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 352.359700][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 352.449436][ T9374] corsair 0003:1B1C:1B02.0034: unknown main item tag 0x0 [ 352.457493][ T9374] corsair 0003:1B1C:1B02.0034: unknown main item tag 0x0 [ 352.467196][ T9374] corsair 0003:1B1C:1B02.0034: unknown main item tag 0x0 [ 352.475047][ T9374] corsair 0003:1B1C:1B02.0034: unknown main item tag 0x0 [ 352.483770][ T9374] corsair 0003:1B1C:1B02.0034: unknown main item tag 0x0 [ 352.499069][ T9374] corsair 0003:1B1C:1B02.0034: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.3-1/input0 [ 352.594491][ T5886] usb 1-1: GET_CAPABILITIES returned 0 [ 352.605702][ T5886] usbtmc 1-1:16.0: can't read capabilities [ 352.813695][ T9374] usb 1-1: USB disconnect, device number 28 [ 352.862267][T14855] loop9: detected capacity change from 0 to 7 [ 352.874080][ T5873] usb 4-1: USB disconnect, device number 25 [ 352.879297][T14855] Dev loop9: unable to read RDB block 7 [ 352.888394][T14855] loop9: unable to read partition table [ 352.897657][T14855] loop9: partition table beyond EOD, truncated [ 352.925080][T14855] loop_reread_partitions: partition scan of loop9 (被x󟣑 ) failed (rc=-5) [ 353.255749][ T5886] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 353.315318][T14871] can0: slcan on ttyS3. [ 353.376854][T14871] can0 (unregistered): slcan off ttyS3. [ 353.392038][T14871] Falling back ldisc for ttyS3. [ 353.442589][ T5886] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 353.468263][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.506230][ T5886] usb 2-1: Product: syz [ 353.516127][ T5886] usb 2-1: Manufacturer: syz [ 353.525738][ T5886] usb 2-1: SerialNumber: syz [ 353.545860][ T10] usb 3-1: new full-speed USB device number 30 using dummy_hcd [ 353.555512][ T5886] usb 2-1: config 0 descriptor?? [ 353.717545][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 353.740408][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 353.765503][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 353.785754][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 353.825638][ T10] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 353.839793][ T10] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 353.865743][ T10] usb 3-1: Manufacturer: syz [ 353.886569][ T10] usb 3-1: config 0 descriptor?? [ 354.057042][ T5886] usb 2-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 354.078626][ T5886] usb 2-1: Firmware version (0.0) predates our first public release. [ 354.101258][ T5886] usb 2-1: Please update to version 0.2 or newer [ 354.285572][ T10] rc_core: IR keymap rc-hauppauge not found [ 354.291941][ T10] Registered IR keymap rc-empty [ 354.306539][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.339317][ T5886] usb 2-1: USB disconnect, device number 31 [ 354.345785][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.377569][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 354.434423][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input34 [ 354.479163][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.546644][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.586180][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.626696][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.656224][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.680063][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.716284][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.747448][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.776058][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.795671][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 354.827851][ T10] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 354.854824][ T10] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 354.891681][ T10] usb 3-1: USB disconnect, device number 30 [ 354.938944][T14914] Falling back ldisc for ttyS3. [ 354.951733][T14913] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3948'. [ 355.067257][T14916] gtp0: entered promiscuous mode [ 355.072450][T14916] gtp0: entered allmulticast mode [ 355.748025][T14944] macvlan2: entered allmulticast mode [ 355.753512][T14944] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode [ 355.787879][T14944] mac80211_hwsim hwsim8 wlan0: left allmulticast mode [ 355.858928][T14947] netlink: 88 bytes leftover after parsing attributes in process `syz.4.3964'. [ 355.901722][T14947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3964'. [ 356.151290][ T5886] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 356.331536][ T5886] usb 4-1: Using ep0 maxpacket: 16 [ 356.359229][ T5886] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 356.379633][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 356.399878][ T5886] usb 4-1: Product: syz [ 356.446996][ T5886] usb 4-1: Manufacturer: syz [ 356.452118][ T5886] usb 4-1: SerialNumber: syz [ 356.478675][ T5886] r8152-cfgselector 4-1: Unknown version 0x0000 [ 356.490600][ T5886] r8152-cfgselector 4-1: config 0 descriptor?? [ 356.765660][ T5886] r8152-cfgselector 4-1: Needed 2 retries to read version [ 356.773451][ T5886] r8152-cfgselector 4-1: Unknown version 0x14f0 [ 356.806002][ T5886] r8152-cfgselector 4-1: bad CDC descriptors [ 356.815266][T14983] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3981'. [ 356.842599][T14983] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3981'. [ 461.949522][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 461.956570][ C1] rcu: 0-...!: (0 ticks this GP) idle=1d1c/1/0x4000000000000000 softirq=63195/63195 fqs=0 [ 461.968162][ C1] rcu: (detected by 1, t=10506 jiffies, g=58417, q=176 ncpus=2) [ 461.976034][ C1] Sending NMI from CPU 1 to CPUs 0: [ 461.976078][ C0] NMI backtrace for cpu 0 [ 461.976110][ C0] CPU: 0 UID: 0 PID: 5841 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 461.976130][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 461.976143][ C0] RIP: 0010:debug_object_deactivate+0x28a/0x390 [ 461.976180][ C0] Code: 8b 74 24 08 e8 27 20 27 07 48 8d 7c 24 40 48 c7 c6 c0 e7 a0 8c e8 86 fb ff ff 49 c7 c7 20 70 65 93 48 c7 44 24 20 0e 36 e0 45 <48> 8b 44 24 18 41 c7 04 06 00 00 00 00 41 c7 44 06 09 00 00 00 00 [ 461.976196][ C0] RSP: 0018:ffffc90000007c20 EFLAGS: 00000046 [ 461.976212][ C0] RAX: 993f338e64af8b00 RBX: ffff88802ea9ed58 RCX: 0000000000010004 [ 461.976225][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 461.976236][ C0] RBP: ffffc90000007d10 R08: ffffffff9a9464b3 R09: 1ffffffff3528c96 [ 461.976249][ C0] R10: dffffc0000000000 R11: fffffbfff3528c97 R12: 1ffff11005d53dad [ 461.976262][ C0] R13: ffff88802ea9ed6c R14: dffffc0000000000 R15: ffffffff93657020 [ 461.976275][ C0] FS: 0000555558546500(0000) GS:ffff888124fc9000(0000) knlGS:0000000000000000 [ 461.976290][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 461.976302][ C0] CR2: 0000001b3001eff8 CR3: 0000000063174000 CR4: 00000000003526f0 [ 461.976317][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 461.976327][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 461.976338][ C0] Call Trace: [ 461.976347][ C0] [ 461.976358][ C0] ? __pfx_debug_object_activate+0x10/0x10 [ 461.976390][ C0] ? __pfx_debug_object_deactivate+0x10/0x10 [ 461.976428][ C0] debug_deactivate+0x1b/0x220 [ 461.976450][ C0] __hrtimer_run_queues+0x310/0xd40 [ 461.976471][ C0] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 461.976508][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 461.976527][ C0] ? sched_clock_cpu+0x77/0x4d0 [ 461.976547][ C0] ? read_tsc+0x9/0x20 [ 461.976571][ C0] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 461.976602][ C0] hrtimer_interrupt+0x403/0xa40 [ 461.976636][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 461.976661][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 461.976682][ C0] [ 461.976688][ C0] [ 461.976694][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 461.976714][ C0] RIP: 0010:__kasan_check_write+0x0/0x20 [ 461.976736][ C0] Code: 48 8b 0c 24 31 d2 e9 cf e6 ff ff 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 89 f6 48 8b 0c 24 ba 01 00 00 00 e9 9c e6 ff ff 66 66 [ 461.976750][ C0] RSP: 0018:ffffc9000423f2d8 EFLAGS: 00000293 [ 461.976764][ C0] RAX: ffffffff82119a92 RBX: 0000000000000000 RCX: ffff88802b23bc00 [ 461.976776][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0001b4ab70 [ 461.976788][ C0] RBP: ffffc9000423f610 R08: ffffffff82119a83 R09: 1ffffd4000369568 [ 461.976801][ C0] R10: dffffc0000000000 R11: fffff94000369569 R12: ffffea0001b4ab40 [ 461.976814][ C0] R13: ffff8880635eed08 R14: ffffea0001b4ab40 R15: ffff888063529de0 [ 461.976831][ C0] ? copy_pte_range+0x8e3/0x6680 [ 461.976858][ C0] ? copy_pte_range+0x8f2/0x6680 [ 461.976882][ C0] copy_pte_range+0x901/0x6680 [ 461.976903][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 461.976928][ C0] ? kernel_text_address+0xa7/0xe0 [ 461.976955][ C0] ? unwind_get_return_address+0x4d/0x90 [ 461.976986][ C0] ? __pfx_copy_pte_range+0x10/0x10 [ 461.977004][ C0] ? stack_trace_save+0x11a/0x1d0 [ 461.977026][ C0] ? __pfx_obj_cgroup_uncharge_pages+0x10/0x10 [ 461.977052][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 461.977073][ C0] ? percpu_ref_put+0x19/0x180 [ 461.977091][ C0] ? __pfx_mas_destroy+0x10/0x10 [ 461.977106][ C0] ? __lock_acquire+0xad5/0xd80 [ 461.977138][ C0] ? mas_wr_store_type+0xc24/0x16c0 [ 461.977159][ C0] copy_page_range+0xe57/0x13a0 [ 461.977198][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 461.977219][ C0] ? up_write+0x1ab/0x590 [ 461.977245][ C0] ? __asan_memset+0x23/0x50 [ 461.977265][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 461.977290][ C0] ? vma_interval_tree_insert_after+0x26f/0x2c0 [ 461.977319][ C0] copy_mm+0x130d/0x22c0 [ 461.977349][ C0] ? __pfx_copy_mm+0x10/0x10 [ 461.977373][ C0] ? __init_rwsem+0x122/0x160 [ 461.977394][ C0] ? copy_signal+0x500/0x630 [ 461.977412][ C0] copy_process+0x17de/0x3d10 [ 461.977437][ C0] ? copy_process+0xa07/0x3d10 [ 461.977459][ C0] ? __pfx_copy_process+0x10/0x10 [ 461.977477][ C0] ? count_memcg_event_mm+0x388/0x440 [ 461.977494][ C0] ? count_memcg_event_mm+0x96/0x440 [ 461.977515][ C0] kernel_clone+0x227/0x880 [ 461.977532][ C0] ? __lock_acquire+0xad5/0xd80 [ 461.977550][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 461.977567][ C0] ? handle_mm_fault+0x173e/0x1aa0 [ 461.977597][ C0] __x64_sys_clone+0x268/0x2e0 [ 461.977620][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 461.977638][ C0] ? lock_vma_under_rcu+0x1f0/0x9a0 [ 461.977671][ C0] ? do_syscall_64+0xb6/0x230 [ 461.977694][ C0] do_syscall_64+0xf3/0x230 [ 461.977714][ C0] ? clear_bhb_loop+0x45/0xa0 [ 461.977733][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.977750][ C0] RIP: 0033:0x7fddcd5839d3 [ 461.977774][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 461.977788][ C0] RSP: 002b:00007ffff99a40e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 461.977805][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fddcd5839d3 [ 461.977817][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 461.977827][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 461.977843][ C0] R10: 00005555585467d0 R11: 0000000000000246 R12: 0000000000000000 [ 461.977854][ C0] R13: 00000000000927c0 R14: 000000000005717a R15: 00007ffff99a4280 [ 461.977875][ C0] [ 461.978068][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10505 jiffies! g58417 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 462.565476][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=24146 [ 462.573399][ C1] rcu: rcu_preempt kthread starved for 10506 jiffies! g58417 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 462.584799][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 462.594801][ C1] rcu: RCU grace-period kthread stack dump: [ 462.600712][ C1] task:rcu_preempt state:I stack:26976 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 462.612700][ C1] Call Trace: [ 462.616011][ C1] [ 462.618978][ C1] __schedule+0x1b33/0x51f0 [ 462.623532][ C1] ? _raw_spin_unlock_irqrestore+0x90/0x140 [ 462.629476][ C1] ? rcu_is_watching+0x15/0xb0 [ 462.634284][ C1] ? schedule+0x163/0x360 [ 462.638654][ C1] ? __pfx___schedule+0x10/0x10 [ 462.643563][ C1] ? schedule+0x90/0x360 [ 462.647842][ C1] ? schedule+0x90/0x360 [ 462.652122][ C1] schedule+0x163/0x360 [ 462.656325][ C1] schedule_timeout+0x15b/0x2b0 [ 462.661226][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 462.666648][ C1] ? __pfx_process_timeout+0x10/0x10 [ 462.671988][ C1] ? prepare_to_swait_event+0x1e5/0x340 [ 462.677588][ C1] ? prepare_to_swait_event+0x308/0x340 [ 462.683188][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 462.688425][ C1] rcu_gp_fqs_loop+0x2e1/0x1340 [ 462.693330][ C1] ? rcu_gp_init+0x1279/0x1690 [ 462.698145][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 462.703121][ C1] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 462.709052][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 462.714377][ C1] ? _raw_spin_unlock_irqrestore+0xde/0x140 [ 462.720320][ C1] ? finish_swait+0xdb/0x200 [ 462.724962][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 462.730207][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 462.734843][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 462.740087][ C1] ? __kthread_parkme+0x1a8/0x200 [ 462.745169][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 462.750413][ C1] kthread+0x7b7/0x940 [ 462.754530][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 462.759777][ C1] ? __pfx_kthread+0x10/0x10 [ 462.764422][ C1] ? __pfx_kthread+0x10/0x10 [ 462.769061][ C1] ? __pfx_kthread+0x10/0x10 [ 462.773695][ C1] ? __pfx_kthread+0x10/0x10 [ 462.778356][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 462.783598][ C1] ? lockdep_hardirqs_on+0x9d/0x150 [ 462.788838][ C1] ? __pfx_kthread+0x10/0x10 [ 462.793475][ C1] ret_from_fork+0x4b/0x80 [ 462.797929][ C1] ? __pfx_kthread+0x10/0x10 [ 462.802564][ C1] ret_from_fork_asm+0x1a/0x30 [ 462.807401][ C1]