last executing test programs: 4.949341448s ago: executing program 2 (id=1955): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3593], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x2a012, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) 4.890401829s ago: executing program 2 (id=1956): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000000)={0x35}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000500)={{}, 'syz0\x00'}) ioctl$UI_DEV_CREATE(r0, 0x5501) 4.792709586s ago: executing program 0 (id=1958): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f00000003c0)=ANY=[], &(0x7f0000000440)={0x0, 0xa, 0x1, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.79248019s ago: executing program 2 (id=1959): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381", 0xe}, {&(0x7f00000005c0)="c2c186", 0x3}], 0x2) 2.41404874s ago: executing program 0 (id=1975): r0 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0) r1 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0) ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000500)}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x1000a) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0) ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f0000000400)={{0x80000000, 0x0, 0x0, [0x2, 0x2]}, {0x80000000, 0x0, 0x3, [0x0, 0x4]}, 0x0, [0x1]}) 2.328904607s ago: executing program 0 (id=1977): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f000000cb00)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f00000000c0)={0x50, 0x0, r1, {0x7, 0x21, 0x0, 0x945f4a821577fb5d}}, 0x50) fchownat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f00000021c0)="eb6b07fc1566c3434fae362ff8c046c938a9e0b502f065554bcdf98ab0e4e46ad731388d1c3d7526a29e5efe4e0b2c98162b26291a10e26e672e40326fdff461ff0127fb4176f3ecb40e6ff86dc305bf5c4d352ed9801f1fc3625dae7e5e8718263b04fbc18f377a519afa502a62d263af38ec7abdfb7c190eb331266bc3cb4fc56a5ca723650b42696bcb78b0f7974135145fe5f47ff92a18a0224d7201f0493048b230a1e885aefefc1aea023cc65c148aaf05f109d16def05fd741059992114e733fa50669a71a6433698a4b7bd47225d74212f6c0893e82ce9418187d5e9f8b5ea926595a7a4403a8f1bf23d420f71071851f259629d2c4b280f5bfcfd856ed399269e9b2cfb63a66be2b514ceaf1f6f03ce95358da6f48a195c60ae994e0e5a1de8ef6671a2f9522ac0f58e34b8ffd7d09dfd088a078c275caf45131849fb6302bc086fe805f0e36139cd9228a0a00c4bb6fb7d2f6a2b7c96eda079e5c8c3e4fccb697a0103eb07aad54ab26b2ad7b24604806abdc86f972944493962633bb8765f0d7112ba3f272a7ebea332c09e1392effeac0ee8bcc3058b1130b37f5a42cad0e2b02bbc0932a80c31cc92f28679ca40ebd61cbf500f62deb93517a3c6d419e3b95b26660e887cc96f85e5c3d599bebaed0b856b04c1f71bb8aac8f4d6905a8861405a763c22024a318f61c05301da7147a86dfe9754811a6589cb8206632c8ee6604e991a7bc3976c4d62ae168f617bbfae9559c2fb52dc27c6a861bfae433b02419989c4180bb98185db32ad1b1521ff41a2f8b5f8e54cfe5fb11ee2f1ad67fe062cc2481ab7860243e9633bb0533005ccb74fb6b8070dc0dc6f130ba809611cbec07f1861ac8faee6421d71a499febccfd04dd1e5925bb92f1c425b0f406242f5906066cd96775076d1798f61e2916ff0df79e8805a9a5db20531c2c50ed366f298c2f72cbc734f16f00fcc8f71a45102d0ef1e66e0266ab9e4b82e8a748ccf23516d5a4b608d408c99c6dcb24ed6de3674341a3fafe88c3ad4ab2e3141e220f84deed7d03aa8124fecfd0836754f085a6b72175e6f754c22d9920805327b5acc576cfbb23f83572ce5e00db6691d98b8cd3d9f17efd4f0066e77964a8ab2e15a1f3c9df993f793e40dcabf33d072a80bd482b6ae5a8c41566fd3e898ae7bb6a6e5e2334413d78a406f2326fb439fc160a4590d702a138300c95837d5d7f1cc32c81bf6219abd228e8b8f830f769e96aa65b40a32be0c3e483551788e8c89652e71ca9ffca687e9ede71b1a2cad3d6accfd1c87c27ddc8a69bfccdd921eea0058f5d05c4ab9272c8552a53e0d7c0a51955cc33f8d195ced34deb3f3c95bda1e5306bcf6c83c2bd9d6e3bc6b748ff4f68debc1058390a9c6a2efd47f52125b48f1f0b45b45bd6d8bbffb72bec121408f2ee109b2dc5b4bd8c5ce4640d30758ff341774a5bf6ba041de155f0cd3451d52768ca77c5e90f8b96fd0abb426992378be1edcc61ce05f59d5c94311550577bd67c524fd94144ba15bd9e45b1abc31b3028110a4b9f98b1ca317c2d5c20af52424a57d37b45f796156c3758752892a000ffabed5d1079660e5afdfe79850979f628b8b1749fec283cbf04b3ec64b79df30342acd15eb3f911a7be36d8daf8bcb072726c38449a4e79a0bca0dc793ab44978e46373e497f1f74cdfb7d30c323b7b8a8ac88635879049c995e4e476e98c911147525ec1dc8432f5250578cc718a9efa0d7a18823f55bf5183eccabd7d1ea87ed528e9bfae020981c7f3561e3824b286ad934b6df1b2090f1bd38cd95873227f1d8356e50aa62c8d49bd6b177585acf2435db86e6d65a269743ea805f1541a3e4e7f2dcebd1845235ac5e02fd7859edf2391b75046d992e80f875523725700a559df4373d279b8e59e21ad069c48c1e75996f132e45adf5361fc7083e64c27b91a02f7638b7a54636d02bf06f22e2cd4d99d5c4a5f89cce5c4529724b32f1bf9e2985aa4092a79096af7e0e39f384b3b2ead927a22d9601ee637b1b096632b0e95a6bd65cd3e556bd32c55167540ce8f09cb66151cc80e8cc04d055218f557fd39fcd22217b08902b1c6ec4e605432fc61fa7e3f85b117881cadee3162c471bb93fd447100de24311336b7ae8419de8a474140c78854ae064f911544ce3db41f8c723eede0ca173362fcbb4d8e61d8eeb31664fca3ddf407cc864318c96ab608b1afe17b1bfac3de302b8797556a22c64ea6a8386b2737427b5fe705e45694aa14e7ed9e3902d94a03fb99792c6545214087a508215ed69d59ab5222868f9a3931a58dab47023c25442f20d2690db4f230dfec06ef12675f2eaf6c514e8e001aa13b5b524ffcd66126e9a2ee90899b7e39bbd99f6e2ee8074f1c93a40ecf606c456a3d2b3bed0adc3c42585102d8bd72e200fcb50bd29a8cc44844f7b676406a6c56dbef8b1b22fc8b49d21ecc1f1e10beae9cce4a446f8db69e3b93ec5367759933493238a758c5bee588e6fe1346e427cc41debf8a7ee0d1ffbfe262dd82c2edcb35e8c97f917dbe229d477039b84ed802b7c67e2a93ad284763a4da1f73204101d83180d6d3190d3542c4a36864c382ca3220c0db5c57cb0ae904a5fdd8f7ef3866464a64a90f35d16e2f2aa6ed423d6045ef503201e52d90c4e1fc4ee452b4a76cafbe5dec204ab4c2d7a83381dd96ea13eb00f97bb063ec252226734bf3616eaea91f3445c2150edf43e6ed6d33ac689ba23bd2d4e5f87c0d2545a13ef55d7d2fbc1917147628fc132ffcd0b6b9f336ad11760b307cd8bcc64ead3a81c775d974782f6046078f735f4715e35b2a07b8a12b795800f74f126e853de80900a90952a5e8b35dca85a781dadc379e86132bbd7c0ba8b64efd70a61f5a1921dc9ae5321f0d04e6520d37162533215c9c8e53e052b0c80c61cab374b64cd836f23bba34cf77073d45740495d4090d1be51abf315df2986eefc6fb76b5891513f8c0c74b42fef50c7f8e72a97d1e847820493fffeeaae87af8905b162c5cdec679b47c4e36b9676574d1e8de4353d53d977919a4107da255a8a69ddd8c426e3c438d78652fe5c4c7abebfb738a8c49399aaa099709d05686b1120c04c3aa8b87822b99f6c4a5052ce8d191f5399a8ac27f7cf285510affb46e218b1ea9bf9709f86f80d1f413b230849c098f2f4c523cb2a761d0638a96bf64a6fbd49dd525fdfc65631ae1184fc927d0f2010f1ed95632bc82a8c0d4d0caacd7295b80aa3c93d3f05046e9691674f28155d1b8f8179c03ed979a3de1a791baaa522eccab839bc8f35a336b7dd3b487abacd230c56af8e5a0d8888f03d694f3e3bfa872276082a51863f17a055b6e2dd55fe274d8d0093bc50295facd7de5de6f3e650c4aa14765eb8f18b95e3c66291b2da29666151dae7c6c32cc614d148dbc359da862c6f58ea9415b24f740cb62edf95270e4a721cf1dbf9935fb322c92b6c4f02988654128c3005fd17e8955bc82802b3f6a87cdc4f2718956f6b6ea4a799683e1887eed7726e9a233bef71fff12e462c6dd4164a0d2737be2ed9f62a460c12ba59298559e11460aff97d058d473863fbb8b3269aa64f10556c3fd25b1a3ee1756a04dceb3bfec3ec1d7e946f398fa59485150f6971aad61ccf4a9835daf47947ee379df11ed620fc99e27af113df99944a006ad93819485acc37edb03aa1a320018ce6b91ff037e714261a11aab658a74a9c5f6a5d0d5effd12cb9a5b9e7b7f4c9dfabca410f711a30fb3cff3057563983da74dc5b9cbd1d9716aae20ec8fd3ff7e9d175958b13bb9d39e929882421996b57ebc104deaaf5dcd6630826e64aeeb85f89fe2865902983b07b1ab0550321ebe00859a58c2eefab9e971e617a8bc881e30f1823130a832be6c2bbc2347e9d7b6c6165690cafa1fe604afb69ce060a5251984f21947a361b7b54b5eafe44bb7fedc22ffa7b84feb461e816ae08859da3702b485345bc5aa5be0d5f7539917b1e172cd4ba6454d49b19c47788eb79408df6b496627ec91857f352e2f572e76e0d1203c8673cdc59a505d9c561d02976e7aae031306ac85adfc8ca6ac05bb1940e97f011824a7c443421d0e8843f6f634b14da9e6f627bf491387be1bb1703467542a0e9a3bbb35035a916e6a4534420f1bc960312ffd374fbd35e249ddbec0a95a6782b821e1404f90689276483ac440f73823d4843f54a4a92b8415d250d977bb9f3464f52c53c00610d610e97a6c8ccff5667119717c4d3710129d13ca3f12ad2bdf7dfe740d097fd2e9d7f1c0f05caebc44cf97fbeff160a1779dbfef61454c46e892a1b27dae93d447f223901dc41d4004f6000789be649bdb13fb1bb7b46204c7a6f6bda2cc51463b4f9dd77aa030cef9e4254878fc40c18b5a5ce17e715a440c2be9a3cf8f14e1d99ee082d4198926be5dcc8ebd6d6aa9320fec4cce1290d44868040bf3499b224e4a9a2d01c98ea822b1046369ac2c9900a7729d4f5785b7e4b48467e4b3e2a6e55d6355ff17e1333bfc0c4b74d33af9b29c63de78f205c96cf1d5b5a9face88499c640fcee967b60971bba05292a131833ddbd2af6e06fdddf4aa643c67704387228141ad67726833555c06df6383d613eb964d029a240dcb103cfb5afda7d5410f2cf7b9bdafb485383f2a3de0a8126b7c2a0b57a5db5adc82aa3749bd57a123e5f26edaf74dec397efbb44aa8a6557f5d5255becbc4a2da6db8eef233a7e671f2cca793c5f5538708e7aef061288cf26e9787bf316657159aaf2f686f00f088284abd96a39aef3625738d057744503079833c4ac2e5ac2666060c69f38bfc1422883626f52555698cb3d9b65f3a7129a1d3a1dee34c4be3d8f651ad2b3874018f6f16a62eb2df2e0ca125ed53e910c64c8bda46c0382db9bfb9c1e5c530c75fdfaefb3ce39008dc639e5b53968765344f478d40a85878de2e298fe394afbfc9c734d20760bbb0d4d42c69bd4fff2e6f4892b5a8f19181027f00911a2a04e230591fd85c2e63943efb0d744b08339a2f2ecded910415227cb7197f69ce593a88b3a6ee4c5eedff2f60b1feebf2d8dbb70646cbd6868682512eab4f7450c98c6668c7cee27ec12b23f3ef353c3953ca7395bcfbba30f1c4d1858cf4a870340264f42f87e45dfdab16bd869f10d900888e4807ac02e2ea8371e7d7e13ba95b8c52541990f06812ea92266d8fcade9f67100f3e4fea8909fd0c604a6696179565c0c7895e520fb2463019217f4dfdecc3de5e70ed97f072cf0b07a060b50245b2afb6df5fe3cff6f67b764e773f407e72d73c1c6d1dddc7e860e06f81a4fec8d5bfce6c5956df508b39d281832c103da0673c5474299d289065693c011dafe6d48bc29e91dd9a34dd7d0eba85644523b78e943798ca61e7c08614a0a76f09807d26932e9cc708ba2ea438576c021b0fdc786496565c534ccbf3c9c4ee565c36600e4857e43358fec9e7bd357aa30826dd67fca5da59067c9c4b60ef3a22d41ea4c9908d66b969f576fd00afbad55082af7e8f0f773dbfb8ca3db0f4d04c787a347e80a6d29350df13f27d9c2299d1fedae9a4b9c85cc50aed485b056fc372b50159dca6d205dfec90f5e40f3ad7ce9487c4584f388fb856d7e0df3889de5eee74ec191c078132dfa8e48e94a5e7f962763c22e31a22d97c1d6c8182b87abb4c92956f6243523323217524ba25d0df6fe27783704b3ca32b446430243eae64843f3fc652faa2ec7c46ad068f1964f6b0bd1107ace56215b7fe8d36d0904a951c73872d9f748c6a6ab4341460044df67eb4cc6e107f352f71984ccdb83b00b1dac9a3bd36adc7080421902033823e457aa5a8910df0e5c4da0138f84e4fa4a7fa573687d501f8ccaabb8758d53a32667e4dd3878e2e6ace9c623e068019892e8b0b53257d4bd61bbed82affafd0d32544214ab54c8d6929e320429dbd1073636e5533b1639c372df03ee137804199273d38a706d8611307a4ce1682e8b7ab0bc0f98be3e023967d636d85777e4962eed76cbcf3c51eea6bb65190cc6fc04f3385b4da45c3e37235c41e33ca114d870a126c91c3af5cdc6c203f81bf9b503d763530a9f0d1c24aeee96b5d85af722c9b28529da0b3eafb15ab875e5d77442baab96063e06790b5591c3364dbae0fe0c917e3bfa38abd425452db9493a614f306dc2e8338b7775e95baab6ade50e45b4e6232060821504aef98798acc214122151a06684732db9b1aa2470fe37db284d86f78fb6e20af63d09d20c037f04443b2d3a4d0f214452724ed40aa85729224890b036ff97bc9af12e7b2a1ffde063d1985426992998fd667e3cadd781860189a30d651e98bcca2b3ba3b9fd061a325b7dbf6d9247d81cb088e91ceb64dce083dab4f888b5b2de34f37912e8a47bab1dd1345ed63d6687fb98fa8cf3cef09a23e0e6f69841e20b88d231c694929e4c04c1b7c4948a5b53cc8fd262390ea631ed20df988f939518a91b6ca3a861f8dc10b10147ba9a8352dcabe9005e3036f3d8e20e593470a8a6a217678b4f78428bb3d5bad5311f6ecf07575c8005ec986e462f953b1f373f41a89da1edb9f1cff58df7d920858f2d43cb736358019d59647e2d23b1e052c94f143093f8de073b857915bf6a69ad2ad19de94c145303c4e3ab277a002f1715974a8bd3a0e62c08343ff52aeb0a69732c1a33477d2d5720c4bb7bf3de367938f54b0691cb32bb7bd1802f1775e36eb74994d7f4194650a94099405af8e5752e850677abca85edfc6fc93390e74f5c73149a2276290de5b1ae0060e5e0b39e14f8252d9d2468c4d626d10934210dd20454ea8bc0443e98ac30bfd74b28311b9b8bcd18703b90c48957eefdb89ed792ccfdeee0f4c41b8df726c9877dd0840c882a0d42c5f5c75b342a2b342fb3b572a7cc03e3fba42c6451b22dd99ed70f26ec35920a50777abbf06fd2993934493c5bee303e527948b11399a71320b42bc43fde9e84e8493075e0130f143362b7595d1ee1d767e0b2be064716f850baa315824f16cba3964fb552f5516e10ad8ca68dfef2f4428186f471bc1a63158a6e206d2226a2ccf340426942165be177526432e99f707690020de4c95778bfcd57ed64f55266e4f7984b94e56ed38e6a192ac7a1d4da815321ae1045ff796a8f7f0bf76442154c9526ed49834655867f0a4c9b7a7761db74a5eec660cade6f52b9c99c30908e44be4a59cb08ae7e44de6f0a374b14b6355ca06ca50c32a3f540548a7000f168f3dc68973915f8fee6530eea9384c308ceb8c4b8f6580b122ac8f4987e2f9e34a98f37cbb05573e49d33616b79b9c4656c8a8621ecdd8fb232c9c8df54050a9ce2fbda418d244aa95adb4eae161c89878446796669b8f61e6e67d2600000364962b658f54ab91cd0cd81d912e48aa7734ba882e8249925e6aa30e5cce8359c93e2fc7256eaffb4f3839b1a9b6439958afacd9199a6e86f3a0cc2c91bb4461a326854983e925dde17e3297b82bf01df9e7b38fa5d2f400de9d4bd822fc1112ca87b677f29e24f3a2a6575f9f238119889937aed47b104fe3934bdf84241e680082d0d3021bf478fe25452c07112300884a78b0ef49a644808772a539e8f3ec3bf81ba499cdc6e40c38a459dc79e0b22679100c21a453975dede9af122e3b8b1602d367c9adec7623f33379bf9ec68ba5f79e828e4fc6f2dbf0ccf4efcf747d135a0fd4e1079dbdb47510a5b94dc43e6fe60fd88d26757acc779dee7d7d8245e4f7d4ca2ae9195ed26d123da7a2d03e331ed8f1ba9a77793bba8dca8c6477695f8ebc6647257f6325f1bf36c41bb1873ef0c2bad86ef9112d4a8ae5f597902bd7dd32a4371adb6fca39dc41c273a951e82131b139e86a9552ed2863efed2d6cc8234caed4d5380af1d9761640f2eb3066f2a015cf1e6fcb350b5d49566155fb4647dd3bd578ac85fdfb187222a2ce157f6992f1a14ea17c04fb0ab4024676497ec7b40d6a3d90938d67391541a3f64184513a26859e2dbe8ab530951942ce1206ffdb8ed0b9d8c8ffc5de9e68d9c5a1a8cd4d22543faa9a5d291ed01382a7cf7ff1dc341f3ecaaee729d7cd986480bfe0791406af31dab7fd088a594cc95cdacd9dbc994c1e76055921b87c97a5b9b2c2d07410498069ca718efc5bb58a9cb388dc1255bcbff1b5b30ef0948227f0bdb028272e85050e7a96428e3d2c146c5b555eae76c3aab3a3a6db0f75d7676038a42c44c91ac2aa4d46a0b70251c2770de80396b105d58a37a22b0ac9823897949182bb6b211e67866594d7c2e4c45ca46e96c9c5746f09af036ebcf6ff99fabe9ae320e6d633ffa026ca27aa2d6714613bf4b316ead71c92fa3792b2eff2646031325759e05e3e6f20c94f5c0152c6c0c93ac93cc4ba91d064d204cfc89a6c46bb4eaeb009f0f9cc6c4b9562b27741c63479a04f4e48a8a8bf924525f146932009e8a2cb8db5835b3659cf01a69c40bcb7fc1dbdd46625d6f0915266c33d7b8353ed99de4d9fb5c3f342c0ca9ac330dfc596383dce35f69dcdb508abfa8c1642bb175e909573b2cdb68003e063f6951407cffd182612c2b2ffa6f8378af052dc4165373b9d4925702b44b97ce369ad452078e66fa224217caa58ee6ea52200aa2cc105415b8d4eb5e22ff5872df991e7235de8f290a0819d7814dbabde964b8ba5314192346d8026f98e54b29e9fc5d29bcd976801b1a3c9da031bea2dd6c8fc926da5fd0f456c7f70129b72a00d6f2c837de12c3f1859304896ef805eec933db36940984b2475c6dbb22b5b212e85a29e887a7438a676f7b774bdc805708cb13fd77b518dffc4bda3ba56577c679001e7cdf61d091e4900b26f6f10b59cedd50de212a35c0224a08c21367ba9814f82833f6c6a982658b589d1d129945074d9ad02c88c7d78c043b6dc851c2e925b8634975b7ddf501299f78e4d9c44e4b6859d2bd6ac59f0cabfcb89f03500d7cb1069fdfe734a134e8e91d3c15122ad2c701594893fe01bfe930b96b4a3e931e589863f16b2014d3301c4e2b487bf2eb7521f4a7c6e07af2b17eff641f7b04ae1a0ea43b8054ce81136f1f8f43c1a0ed869fed086b22abbfeea6a81057dbc94e4a100292ebbc2897d0eaa8adc2dab47a1f0af4ee9023aa69ecec52069c454ab90f1c47d3eb50744c3893598b92af52bdd2095cf7f50b82856adc1ef2eeb2f19e1c8a5f2ee6628aa82bee5367d3659d0c7c1443f27d66b478d79d9f1cb70638c5da70fd71ee75dfdd2898280e10f0615d80ac121ff666b91e2c4f12f3493a0d626b9534d5216d526118fd60c028662b1b2657ed752d92362bb48f3b69fe43895916e71aae9ab127fd7cb512de0c3727c5b2efe03dc4c030fd741c1629e6c24538ce2165dd25765e6a9bc480442af300f749090e4cfac35b41af981c8c3187e5442cf121c529270ca521aced83dcce803272306117f554e62583c8bbb65e795c74408d2e54038e65c38994358efaa9fbd4f0172156a8a39013f6f3ea0120a274d2ec54e983189b2cc3416d390cc385aa0273633161f7322977bbd079a4b57cabafe68ee3d2781025be230a0edc94cb1e81684365befedab952a02c180b92d43b8fd5b4f256b56fec477d610b9821a6cf6ca1110507f5a0bd3b4be4badec022d9bc866933ba6281cd289aa39bef74a142d875680de9ee00699d3c54a3c537eee02c3aa2364f46bf77c736da862c75571166aaf50945e35ad371053ec97998a44b1fede6e6a7e64626bb56113a28c32bc993d39e4eeea5fc0362a6098dd2071318b95a927fc52af0c485e0277cf65180d34d9dffae8b8bc934b8a2d94cf1d3ea4b32391110484c9689ce0fa004d1c8894b24769ad6c153044d4ef343ff7fcd8dc8536c53088d77bd77c02f441f327c128de9f4e1fcb063928dde4141d25988c833c411189eb2b5c5b33ce7da60bc665569314fd4974ef523cf1465cb1a65b75d1a69916ad5507a26718a3c48d9dae6464e5b9acaa3837a5fd9d833cf67a7de6b5fdf88e9e5f1576aedf5cfa4704c8d13dfabc5e26029c6e4073805b89689a166405f63d497f34c79a8958b90bb772ad5fb5d407e94b4b5fa374f64d6f63d33ad1decd7a766f7bbc238fc0a2e4cd96afa01cccb0005dd0d9f65530b69048462d08e352907746f5cf75e1c6006c9b538332f3f104808ac58611b79141c917a39dadae935b8ad493cb2c6b16eb4b75828fbb0fe21194fd4097d94feeb25caea930ec21946db78fb38b16fe81373872a72ce85125d7ba00350d2fe26584cd150ba6257badb15a726d87038af8a2fc4af2808faa5f4733093069ceb3705a291bf35c3caa9bf7d289add5ae659a89a5a140fb2320b80b2c17ef30a3a687d2749fa7d5a193baf844dbb1ea6221a456ddb2b2c886ed343ba4adc2381e1a8c6484925c838c2c63aa9b5d839eca32a4213952a55c0e7a8a2c89295ce06cb48c1a39b4d4b6665d11232d44923a141b4b06f6f18e30319befedcaf5c9878fe83e0c50c0dfc44b68835ffbb675fdbc8fff6a6587825a5a9039e36f1626fc6949a7004cc01a4196069e147974e6bd02852549a4906d24b4184df3ffe91a41024ccef372e50fd741a9ee408c1351b3039eb0f264e8d165da195b894ca1df73b1415f1a0458f3e8b87e0a4dc40cbf41457df4dd54222d18daff4b98aa132ef0d29da89d720989a733b33b705bc7d2a906afad809745a4880e84044953f7c9e2aa9d99da81928a2d7069f5e893f383b6acb6aac9c59c60c0b440d1cac34b14dac84645b18c763f45f4d7fece26c00a2d7bec8832704b07b3269129ad1f8aafc090008f55c794c886f2a781278180cbc409008919b7e82949ac1009bb5b54ea9fc7a758317174d8343e3a2a8e4ce06c7856ece2851129920dcef7c6b9528814c6613ceb78c2ffade65050dd7352a3edb185b1f2a2b7bf7d79f76a0e776fb4d48a31f8c294bd87cb3ef38192c4637b954dc0c2ffa3b11994aff40e69fe9e5ced58083445414aab05ea492ca9d2c0326145558751cbb567ec26dca9728ad89982c108d6cfbde507cfdab77e5ad67d3dde5b6be978f403048934a715c4d06d9c5fabe8e5620a2f407690b9a2e1cbc91772e0e13bc4d24d28cf627e9641aff8c8f0b399024b67ded142864c52023c3d20c22855b0f9320c8ef6cee0542f21c75739c8e0ec36b15e63a7445dc288fc36cd505e263a9a3507189ffbb7aaa2bd4f60c17f6a80e2fda95fbddadd57184e970d4f5cc17bfe25f4343d5f117265cf3c0f188a92e34167276dbd2e3a22a25206e626def9055e24db785bbc60da7d56acaf944a7601dc3c679c65d3c7188d3bcc01fef8a57cffc9863bc80ccae36f6dba2cf325360edf406490ddd018875e65a5044aa9e7f7aebad8ccf5608a730018e8f73eca8f0c879e8bdfa9722d6acdfc0fcf4685562e20645e422c73f2f5724abf977ee0a82adcfbe912dbdaee855650e3cf4f634a99e7c6e300a640aa052c2e7d988b34223055d92b310177d078e415aca81a46219def9f9a0bfa2d8597faac4f6c21a4b60e4e7b4b86262a722bd47ae99a0030789e7cddf702fba5c8620", 0x2000, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.510161712s ago: executing program 2 (id=1981): r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0) r1 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x0, 0x10100, 0x0, 0x3b9}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000880)={0xc, 0x8, 0xfa00, {0x0}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000d00)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000cc0)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000d40)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @local}, r4}}, 0x48) 1.509505869s ago: executing program 0 (id=1991): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$inet6(r0, &(0x7f0000000340)={0x2, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71006000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)="580000001400add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac710f2070000ffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 1.370631184s ago: executing program 0 (id=1983): recvmsg$unix(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0xc0000104) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000000d40)={0x0, 0x7000000, &(0x7f00000023c0)=[{&(0x7f0000000b40)='?', 0x1}, {0x0, 0x1}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x20001) 1.212363537s ago: executing program 0 (id=1987): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000500)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000340)={0x14, 0x0, 0x0}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 957.131363ms ago: executing program 4 (id=1992): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) 890.401466ms ago: executing program 3 (id=1994): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = creat(&(0x7f0000000440)='./file0\x00', 0x0) open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="1f000000fb000000fffb"], 0x10002) 835.293264ms ago: executing program 1 (id=1995): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r1 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x78) fcntl$addseals(r1, 0x409, 0x8) fallocate(r1, 0x3, 0x604, 0x3) close_range(r0, 0xffffffffffffffff, 0x0) 821.879783ms ago: executing program 3 (id=1996): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x5, 0x10000000000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe3}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f000000e0c0), 0x10010) 750.615682ms ago: executing program 4 (id=1997): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x80, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}]}]}, 0x80}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0) 744.547004ms ago: executing program 3 (id=1998): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/slabinfo\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) r1 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000730000400008000007"]) 712.139475ms ago: executing program 1 (id=1999): r0 = socket$inet(0x2, 0x4000000805, 0x0) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @rand_addr=0x64010102}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) sendto$inet(r0, &(0x7f0000000280)='V', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x0, @private=0xa010101}, 0x10) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000140)=@assoc_value={0x0}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x76, &(0x7f00000000c0)=@assoc_value={r2}, 0x8) 621.758025ms ago: executing program 4 (id=2000): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) close(r0) r2 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r0, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0x3}}, 0x26) ioctl$PPPIOCGL2TPSTATS(r2, 0x80487436, &(0x7f0000005280)) 578.631188ms ago: executing program 2 (id=2001): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000) migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa) r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x0, 0xe4, 0x0, 0x21, 0xe4}) 486.644911ms ago: executing program 1 (id=2002): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000700)=ANY=[@ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00'}, 0x30) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000600), 0x3fffff) 434.217095ms ago: executing program 4 (id=2003): r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='-'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 422.729876ms ago: executing program 3 (id=2004): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000200)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r4, r3, 0x2, 0x8, 0xe, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0xfffe, 0x5, 0x4cab, 0x1ff, 0x2, 0x0, 0x8000025, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}}) 340.867002ms ago: executing program 1 (id=2005): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}]}]}}]}, 0x4c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 230.668972ms ago: executing program 4 (id=2006): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffbf, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000180)={0x28, 0x0, 0x0, @host}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r1}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) 215.391944ms ago: executing program 3 (id=2007): setresgid(0xee00, 0xee01, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000400)='ns\x00') readlinkat(r2, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3) 193.257531ms ago: executing program 1 (id=2008): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x42, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000008100000001c001a80080002802d05ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x0) 66.701044ms ago: executing program 4 (id=2009): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x6b) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r2, @ANYBLOB="03000016010000001800120008000100736974000c00020008000300", @ANYRES64], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="580000001000390427bd7000e9ffffff000003e4", @ANYRES32=r3, @ANYBLOB="00500600c31006003800128008000100736974002c00028008000c89", @ANYRES32, @ANYBLOB="08000300e0faff01050009000000000006"], 0x58}}, 0x0) 66.278511ms ago: executing program 2 (id=2010): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='xdp_exception\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffee0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r2, r3}, 0x40) syz_emit_ethernet(0xfdef, &(0x7f0000000340)=ANY=[], 0x0) 47.741233ms ago: executing program 1 (id=2011): r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="1a"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000009, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d42, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=2012): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000280)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000200)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r4, r3, 0x0, 0x0, 0x0, 0x7b43, {0x5, 0x1, 0x3, 0x9, 0x899, 0x0, 0x2, 0x5, 0x4cab, 0x0, 0x0, 0x0, 0x0, 0x0, "fe1d0e1cff001704000000341300"}}) kernel console output (not intermixed with test programs): vsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.057996][ T7506] syz.2.826 (7506): drop_caches: 2 [ 150.075048][ T7506] syz.2.826 (7506): drop_caches: 2 [ 150.108632][ T4512] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.121261][ T7506] syz.2.826 (7506): drop_caches: 2 [ 150.126213][ T5229] Bluetooth: hci1: command tx timeout [ 150.132851][ T4512] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.148242][ T7506] syz.2.826 (7506): drop_caches: 2 [ 150.181654][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.189682][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.435238][ T7515] team0: entered promiscuous mode [ 150.453766][ T7515] team_slave_0: entered promiscuous mode [ 150.482511][ T7515] team_slave_1: entered promiscuous mode [ 150.503965][ T7516] team_slave_1: left promiscuous mode [ 150.611027][ T7516] team0: Port device team_slave_1 removed [ 150.669593][ T7513] team0: left promiscuous mode [ 150.680959][ T7513] team_slave_0: left promiscuous mode [ 150.968238][ T7534] netlink: 'syz.1.827': attribute type 3 has an invalid length. [ 150.980263][ T7534] netlink: 'syz.1.827': attribute type 4 has an invalid length. [ 150.990344][ T7534] netlink: 'syz.1.827': attribute type 7 has an invalid length. [ 151.035904][ T7534] netlink: 'syz.1.827': attribute type 8 has an invalid length. [ 151.053910][ T7534] netlink: 'syz.1.827': attribute type 7 has an invalid length. [ 151.078430][ T7534] netlink: 198140 bytes leftover after parsing attributes in process `syz.1.827'. [ 151.105943][ T51] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 151.265798][ T51] usb 1-1: Using ep0 maxpacket: 32 [ 151.277867][ T51] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 151.305780][ T51] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 151.320071][ T51] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 151.329239][ T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 151.339299][ T51] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 151.349358][ T51] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 151.362958][ T51] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 151.372667][ T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.386088][ T51] usb 1-1: config 0 descriptor?? [ 151.547005][ T7555] team0: entered promiscuous mode [ 151.552148][ T7555] team_slave_0: entered promiscuous mode [ 151.561749][ T7555] team_slave_1: entered promiscuous mode [ 151.570762][ T7555] team_slave_1: left promiscuous mode [ 151.592394][ T7555] team0: Port device team_slave_1 removed [ 151.605894][ T5278] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 151.606566][ T7554] team0: left promiscuous mode [ 151.619938][ T7554] team_slave_0: left promiscuous mode [ 151.629449][ T51] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 151.782267][ T5278] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 151.799555][ T5278] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 151.815880][ T5278] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 151.831919][ T5278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.842448][ T7550] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 151.853336][ T5278] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 151.870334][ T51] usb 1-1: USB disconnect, device number 10 [ 151.881685][ T51] usblp0: removed [ 151.942094][ T7565] vivid-007: disconnect [ 151.950516][ T7564] vivid-007: reconnect [ 152.086780][ T5278] usb 2-1: USB disconnect, device number 11 [ 152.300353][ T7575] netlink: 129384 bytes leftover after parsing attributes in process `syz.3.847'. [ 152.362632][ T7581] team0: entered promiscuous mode [ 152.370082][ T7581] team_slave_0: entered promiscuous mode [ 152.383213][ T7580] team0: left promiscuous mode [ 152.400700][ T7580] team_slave_0: left promiscuous mode [ 152.519040][ T63] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 153.625758][ T8] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 153.777551][ T8] usb 2-1: config 0 has an invalid interface number: 20 but max is 0 [ 153.785946][ T8] usb 2-1: config 0 has no interface number 0 [ 153.792103][ T8] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 153.814964][ T8] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 153.908391][ T8] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 153.922135][ T8] usb 2-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3 [ 153.930522][ T8] usb 2-1: Product: syz [ 153.934722][ T8] usb 2-1: Manufacturer: syz [ 153.939466][ T8] usb 2-1: SerialNumber: syz [ 153.957150][ T8] usb 2-1: config 0 descriptor?? [ 153.978629][ T7620] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 153.988395][ T8] usb-storage 2-1:0.20: USB Mass Storage device detected [ 153.999607][ T8] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 154.000834][ T7644] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 154.018798][ T7644] overlayfs: fs on './file1' does not support file handles, falling back to xino=off. [ 154.232604][ T7620] netlink: 'syz.1.865': attribute type 9 has an invalid length. [ 154.250459][ T7620] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.865'. [ 154.280184][ T8] scsi host1: usb-storage 2-1:0.20 [ 154.304343][ T8] usb 2-1: USB disconnect, device number 12 [ 154.861620][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 154.861638][ T29] audit: type=1326 audit(1728684264.052:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 154.889246][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.904789][ T29] audit: type=1326 audit(1728684264.052:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 154.958097][ T29] audit: type=1326 audit(1728684264.052:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 154.958141][ T29] audit: type=1326 audit(1728684264.072:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 154.958823][ T29] audit: type=1326 audit(1728684264.072:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7668 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1eb71b00e5 code=0x7ffc0000 [ 154.958876][ T29] audit: type=1326 audit(1728684264.072:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 154.958914][ T29] audit: type=1326 audit(1728684264.072:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 154.981705][ T29] audit: type=1326 audit(1728684264.072:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 154.981744][ T29] audit: type=1326 audit(1728684264.072:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1eb7119959 code=0x7ffc0000 [ 154.981777][ T29] audit: type=1326 audit(1728684264.072:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7665 comm="syz.3.883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb717dff9 code=0x7ffc0000 [ 155.005900][ C0] vkms_vblank_simulate: vblank timer overrun [ 155.069973][ T7679] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.071389][ T7679] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.074031][ T7679] bridge0: entered allmulticast mode [ 155.088387][ T7679] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.199734][ T7679] bridge0: port 2(bridge_slave_1) entered forwarding state [ 155.209104][ T7679] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.216322][ T7679] bridge0: port 1(bridge_slave_0) entered forwarding state [ 155.240449][ T7679] bridge0: entered promiscuous mode [ 155.579516][ T7698] ip_vti0: entered promiscuous mode [ 155.588900][ T7698] vlan0: entered promiscuous mode [ 155.618886][ T7698] ip_vti0: left promiscuous mode [ 155.975916][ T51] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 156.938948][ T51] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 156.948182][ T51] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.956746][ T51] usb 5-1: Product: syz [ 156.960937][ T51] usb 5-1: Manufacturer: syz [ 156.965553][ T51] usb 5-1: SerialNumber: syz [ 156.976173][ T51] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 157.001950][ T25] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 157.097822][ T7734] input: syz1 as /devices/virtual/input/input17 [ 157.276478][ T51] usb 5-1: USB disconnect, device number 12 [ 157.350391][ T7743] ip_vti0: entered promiscuous mode [ 157.360742][ T7743] vlan2: entered promiscuous mode [ 157.377241][ T7743] ip_vti0: left promiscuous mode [ 157.914537][ T7771] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 158.019075][ T5278] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 158.023971][ T7777] ip_vti0: entered promiscuous mode [ 158.036783][ T7777] vlan2: entered promiscuous mode [ 158.042469][ T25] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 158.050618][ T7777] ip_vti0: left promiscuous mode [ 158.053527][ T25] ath9k_htc: Failed to initialize the device [ 158.075059][ T51] usb 5-1: ath9k_htc: USB layer deinitialized [ 158.196381][ T5278] usb 1-1: Using ep0 maxpacket: 16 [ 158.204178][ T5278] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.219308][ T5278] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 158.241314][ T5278] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 158.254085][ T5278] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.274988][ T5278] usb 1-1: config 0 descriptor?? [ 158.315554][ T7790] loop0: detected capacity change from 0 to 6 [ 158.323854][ T7790] Dev loop0: unable to read RDB block 6 [ 158.338972][ T7790] loop0: unable to read partition table [ 158.345082][ T7790] loop0: partition table beyond EOD, truncated [ 158.352163][ T7790] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 158.352163][ T7790] ) failed (rc=-5) [ 158.455950][ T937] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 158.476205][ T51] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 158.555041][ T7797] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'. [ 158.631062][ T937] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 158.649188][ T51] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice= 1.08 [ 158.654047][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 158.665318][ T51] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.682354][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 158.692384][ T51] usb 5-1: Product: syz [ 158.692407][ T51] usb 5-1: Manufacturer: syz [ 158.692424][ T51] usb 5-1: SerialNumber: syz [ 158.730209][ T937] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 158.740545][ T51] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 158.780923][ T937] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 158.804736][ T1129] usb 5-1: Failed to submit usb control message: -71 [ 158.804902][ T8] usb 5-1: USB disconnect, device number 13 [ 158.813314][ T1129] usb 5-1: unable to send the bmi data to the device: -71 [ 158.818629][ T937] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.845457][ T1129] usb 5-1: unable to get target info from device [ 158.866399][ T1129] usb 5-1: could not get target info (-71) [ 158.872290][ T1129] usb 5-1: could not probe fw (-71) [ 158.886698][ T937] usb 2-1: config 0 descriptor?? [ 159.170106][ T7816] batman_adv: batadv0: Adding interface: macvtap1 [ 159.178101][ T7816] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.204408][ T7816] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 159.302456][ T937] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 159.321462][ T937] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving [ 159.355501][ T937] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 159.845848][ T937] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 160.015776][ T937] usb 3-1: Using ep0 maxpacket: 8 [ 160.024703][ T937] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 160.036273][ T937] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 160.046206][ T937] usb 3-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00 [ 160.056146][ T937] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.080528][ T937] usb 3-1: config 0 descriptor?? [ 160.511858][ T937] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0 [ 160.535828][ T5278] usbhid 1-1:0.0: can't add hid device: -71 [ 160.546216][ T937] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0 [ 160.553922][ T5278] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 160.575465][ T937] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0 [ 160.588402][ T5278] usb 1-1: USB disconnect, device number 11 [ 160.598735][ T937] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0 [ 160.606511][ T937] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0 [ 160.613950][ T937] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0 [ 160.633017][ T937] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0 [ 160.654148][ T937] playstation 0003:054C:0CE6.000F: hidraw1: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.2-1/input0 [ 160.710644][ T7863] netlink: 'syz.0.965': attribute type 29 has an invalid length. [ 160.722510][ T7863] netlink: 'syz.0.965': attribute type 29 has an invalid length. [ 160.733757][ T7863] netlink: 'syz.0.965': attribute type 29 has an invalid length. [ 160.746495][ T937] playstation 0003:054C:0CE6.000F: Invalid reportID received, expected 9 got 0 [ 160.769471][ T937] playstation 0003:054C:0CE6.000F: Failed to retrieve DualSense pairing info: -22 [ 160.780646][ T7863] netlink: 'syz.0.965': attribute type 29 has an invalid length. [ 160.794439][ T937] playstation 0003:054C:0CE6.000F: Failed to get MAC address from DualSense [ 160.811037][ T937] playstation 0003:054C:0CE6.000F: Failed to create dualsense. [ 160.824829][ T937] playstation 0003:054C:0CE6.000F: probe with driver playstation failed with error -22 [ 160.964083][ T8] usb 3-1: USB disconnect, device number 8 [ 160.993220][ T7872] netlink: 32 bytes leftover after parsing attributes in process `syz.4.969'. [ 161.037927][ T7874] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 161.171843][ T937] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 161.359776][ T5277] usb 2-1: USB disconnect, device number 13 [ 161.373452][ T937] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 161.386366][ T937] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 161.401178][ T937] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 161.412907][ T937] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 161.428290][ T937] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 161.437461][ T937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.448050][ T937] usb 1-1: config 0 descriptor?? [ 161.453985][ T7870] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 161.473033][ T7891] cgroup: fork rejected by pids controller in /syz1 [ 161.565849][ T5280] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 161.725971][ T5280] usb 5-1: Using ep0 maxpacket: 16 [ 161.741187][ T5280] usb 5-1: config index 0 descriptor too short (expected 16456, got 72) [ 161.759989][ T5280] usb 5-1: config 0 has an invalid interface number: 125 but max is 1 [ 161.772649][ T5280] usb 5-1: config 0 has an invalid interface number: 125 but max is 1 [ 161.785815][ T5280] usb 5-1: config 0 has an invalid interface number: 125 but max is 1 [ 161.794028][ T5280] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 161.815539][ T5280] usb 5-1: config 0 has no interface number 0 [ 161.825086][ T5280] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 161.844967][ T5280] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 161.854988][ T5280] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 161.870291][ T5280] usb 5-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 161.881182][ T937] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving [ 161.892992][ T5280] usb 5-1: config 0 interface 125 has no altsetting 0 [ 161.907534][ T5280] usb 5-1: config 0 interface 125 has no altsetting 2 [ 161.918680][ T937] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 161.929512][ T5280] usb 5-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 161.951792][ T5280] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.975765][ T5280] usb 5-1: Product: syz [ 161.979984][ T5280] usb 5-1: Manufacturer: syz [ 161.984618][ T5280] usb 5-1: SerialNumber: syz [ 162.034953][ T5280] usb 5-1: config 0 descriptor?? [ 162.046886][ T5280] usb 5-1: selecting invalid altsetting 2 [ 162.058281][ T4512] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.167234][ T4512] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.288230][ T4512] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.399492][ T4512] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.467332][ T7888] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 162.528847][ T7888] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 162.596640][ T5242] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 162.615413][ T5242] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 162.628334][ T5242] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 162.639144][ T5242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 162.648843][ T5242] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 162.664536][ T5242] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 162.704639][ T7921] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 162.729399][ T5277] usb 1-1: USB disconnect, device number 12 [ 162.801854][ T4512] bridge_slave_1: left allmulticast mode [ 162.807908][ T4512] bridge_slave_1: left promiscuous mode [ 162.813875][ T4512] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.847263][ T4512] bridge_slave_0: left allmulticast mode [ 162.853046][ T4512] bridge_slave_0: left promiscuous mode [ 162.858199][ T7924] trusted_key: syz.2.990 sent an empty control message without MSG_MORE. [ 162.858946][ T4512] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.076974][ T5280] get_1284_register timeout [ 163.081738][ C1] usb 5-1: async_complete: urb error -104 [ 163.087593][ C1] usb 5-1: async_complete: urb error -104 [ 163.093407][ C1] usb 5-1: async_complete: urb error -104 [ 163.111655][ T5280] uss720 5-1:0.125: probe with driver uss720 failed with error -5 [ 163.172356][ T5280] usb 5-1: USB disconnect, device number 14 [ 163.459664][ T4512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.473884][ T4512] bond0 (unregistering): Released all slaves [ 163.502800][ T7928] syz_tun: entered promiscuous mode [ 163.511759][ T7928] batadv_slave_0: entered promiscuous mode [ 163.539815][ T7928] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 163.550032][ T7928] Cannot create hsr debugfs directory [ 163.571461][ T7928] syz_tun: left promiscuous mode [ 163.598414][ T7928] batadv_slave_0: left promiscuous mode [ 164.077925][ T7918] chnl_net:caif_netlink_parms(): no params data found [ 164.257263][ T4512] hsr_slave_0: left promiscuous mode [ 164.295763][ T4512] hsr_slave_1: left promiscuous mode [ 164.302718][ T4512] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 164.316077][ T4512] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 164.354882][ T4512] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 164.377069][ T937] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 164.388671][ T4512] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 164.455195][ T4512] veth1_macvtap: left promiscuous mode [ 164.475183][ T4512] veth0_macvtap: left promiscuous mode [ 164.485248][ T4512] veth1_vlan: left promiscuous mode [ 164.497056][ T4512] veth0_vlan: left promiscuous mode [ 164.588423][ T937] usb 5-1: unable to get BOS descriptor or descriptor too short [ 164.606479][ T937] usb 5-1: config 3 has an invalid interface number: 19 but max is 0 [ 164.617113][ T937] usb 5-1: config 3 has an invalid interface number: 4 but max is 0 [ 164.626948][ T937] usb 5-1: config 3 has 2 interfaces, different from the descriptor's value: 1 [ 164.643541][ T937] usb 5-1: config 3 has no interface number 0 [ 164.652272][ T937] usb 5-1: config 3 has no interface number 1 [ 164.659246][ T937] usb 5-1: config 3 interface 19 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 4 [ 164.692243][ T937] usb 5-1: too many endpoints for config 3 interface 4 altsetting 131: 175, using maximum allowed: 30 [ 164.715025][ T937] usb 5-1: config 3 interface 4 altsetting 131 bulk endpoint 0x8E has invalid maxpacket 32 [ 164.737581][ T937] usb 5-1: config 3 interface 4 altsetting 131 bulk endpoint 0xC has invalid maxpacket 64 [ 164.748273][ T937] usb 5-1: config 3 interface 4 altsetting 131 has 2 endpoint descriptors, different from the interface descriptor's value: 175 [ 164.762653][ T5242] Bluetooth: hci3: command tx timeout [ 164.772682][ T937] usb 5-1: config 3 interface 19 has no altsetting 0 [ 164.780353][ T937] usb 5-1: config 3 interface 4 has no altsetting 0 [ 164.790289][ T937] usb 5-1: string descriptor 0 read error: -22 [ 164.796934][ T937] usb 5-1: New USB device found, idVendor=067b, idProduct=2303, bcdDevice=53.f5 [ 164.806519][ T937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.822196][ T937] pl2303 5-1:3.19: required endpoints missing [ 164.840758][ T937] pl2303 5-1:3.4: required interrupt-in endpoint missing [ 165.041757][ T1849] usb 5-1: USB disconnect, device number 15 [ 165.300514][ T4512] team0 (unregistering): Port device team_slave_0 removed [ 166.189288][ T7986] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1017'. [ 166.373397][ T7995] Dead loop on virtual device ip6_vti0, fix it urgently! [ 166.395363][ T7997] IPVS: Error joining to the multicast group [ 166.412572][ T7918] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.455986][ T7918] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.463302][ T7918] bridge_slave_0: entered allmulticast mode [ 166.472006][ T7918] bridge_slave_0: entered promiscuous mode [ 166.492475][ T7918] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.501249][ T7918] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.509249][ T7918] bridge_slave_1: entered allmulticast mode [ 166.561642][ T7918] bridge_slave_1: entered promiscuous mode [ 166.651956][ T7918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.704040][ T7918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.826378][ T8008] veth1_macvtap: left promiscuous mode [ 166.831927][ T8008] macsec0: entered promiscuous mode [ 166.838460][ T5242] Bluetooth: hci3: command tx timeout [ 166.872108][ T8009] veth1_macvtap: entered promiscuous mode [ 166.880441][ T4512] IPVS: stop unused estimator thread 0... [ 166.889339][ T8009] macsec0: left promiscuous mode [ 166.927877][ T7918] team0: Port device team_slave_0 added [ 166.947814][ T7918] team0: Port device team_slave_1 added [ 167.004623][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 167.004643][ T29] audit: type=1326 audit(1728684276.192:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8010 comm="syz.0.1028" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb68557dff9 code=0x0 [ 167.074779][ T5229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 167.087578][ T5229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 167.100278][ T5229] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 167.119741][ T5229] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 167.129811][ T5229] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 167.138961][ T5229] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 167.178228][ T7918] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.190902][ T7918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.218233][ T7918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.243378][ T7918] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.272459][ T7918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.298436][ C1] vkms_vblank_simulate: vblank timer overrun [ 167.305129][ T7918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.386267][ T4512] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.502919][ T4512] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.530470][ T7918] hsr_slave_0: entered promiscuous mode [ 167.543295][ T7918] hsr_slave_1: entered promiscuous mode [ 167.549812][ T7918] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 167.562348][ T7918] Cannot create hsr debugfs directory [ 167.595162][ T4512] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.706063][ T4512] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.906154][ T8039] IPVS: Scheduler module ip_vs_sip not found [ 167.913177][ T8039] IPVS: length: 8 != 11240 [ 168.188225][ T4512] bridge_slave_1: left allmulticast mode [ 168.193976][ T4512] bridge_slave_1: left promiscuous mode [ 168.201277][ T4512] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.218195][ T4512] bridge_slave_0: left allmulticast mode [ 168.224051][ T4512] bridge_slave_0: left promiscuous mode [ 168.231377][ T4512] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.841655][ T4512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 168.857571][ T4512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 168.878899][ T4512] bond0 (unregistering): Released all slaves [ 168.909855][ T8018] chnl_net:caif_netlink_parms(): no params data found [ 168.925944][ T5229] Bluetooth: hci3: command tx timeout [ 169.236280][ T5229] Bluetooth: hci1: command tx timeout [ 169.276101][ T4512] hsr_slave_0: left promiscuous mode [ 169.286733][ T4512] hsr_slave_1: left promiscuous mode [ 169.296923][ T4512] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 169.315390][ T4512] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 169.346155][ T4512] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 169.354120][ T4512] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 169.397571][ T4512] veth1_macvtap: left promiscuous mode [ 169.403153][ T4512] veth0_macvtap: left promiscuous mode [ 169.418120][ T4512] veth1_vlan: left promiscuous mode [ 169.423414][ T4512] veth0_vlan: left promiscuous mode [ 169.682524][ T1849] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 169.856394][ T1849] usb 5-1: Using ep0 maxpacket: 8 [ 169.863692][ T1849] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 169.877666][ T5229] Bluetooth: hci7: command tx timeout [ 169.886105][ T1849] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 169.896273][ T1849] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 169.936052][ T1849] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 169.957488][ T1849] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.968833][ T1849] usb 5-1: Product: syz [ 169.973055][ T1849] usb 5-1: Manufacturer: syz [ 169.987273][ T1849] usb 5-1: SerialNumber: syz [ 170.008814][ T1849] cdc_ncm 5-1:1.0: skipping garbage [ 170.014163][ T1849] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found [ 170.026614][ T1849] cdc_ncm 5-1:1.0: bind() failure [ 170.201195][ T4512] team0 (unregistering): Port device team_slave_0 removed [ 170.845107][ T8018] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.846824][ T1849] usb 5-1: USB disconnect, device number 16 [ 170.852736][ T8018] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.867570][ T8018] bridge_slave_0: entered allmulticast mode [ 170.874668][ T8018] bridge_slave_0: entered promiscuous mode [ 170.908271][ T8018] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.925903][ T8018] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.936204][ T8018] bridge_slave_1: entered allmulticast mode [ 170.954775][ T8018] bridge_slave_1: entered promiscuous mode [ 170.996486][ T5229] Bluetooth: hci3: command tx timeout [ 171.054720][ T8018] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.100034][ T8018] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.193486][ T7918] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 171.209701][ T8018] team0: Port device team_slave_0 added [ 171.218487][ T7918] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 171.239597][ T8018] team0: Port device team_slave_1 added [ 171.264416][ T7918] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 171.285284][ T7918] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 171.317570][ T5229] Bluetooth: hci1: command tx timeout [ 171.335770][ T8018] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.355762][ T8018] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.382784][ T8018] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.459278][ T8018] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.466467][ T8018] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.492715][ T8018] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.777658][ T8018] hsr_slave_0: entered promiscuous mode [ 171.784849][ T8018] hsr_slave_1: entered promiscuous mode [ 171.801338][ T8018] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 171.809386][ T8018] Cannot create hsr debugfs directory [ 171.881738][ T7918] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.904700][ T7918] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.942219][ T7918] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 171.952942][ T7918] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 172.032542][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.039749][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.087659][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.094847][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.482627][ T7918] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.561903][ T7918] veth0_vlan: entered promiscuous mode [ 172.575101][ T7918] veth1_vlan: entered promiscuous mode [ 172.644330][ T7918] veth0_macvtap: entered promiscuous mode [ 172.674556][ T7918] veth1_macvtap: entered promiscuous mode [ 172.766993][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.789022][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.799162][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.809813][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.819707][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.830300][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.840593][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.851227][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.861794][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.872875][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.882817][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 172.893431][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.904808][ T7918] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 172.950572][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 172.952075][ T29] audit: type=1326 audit(1728684282.142:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8138 comm="syz.2.1073" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe31a17dff9 code=0x0 [ 172.961322][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.997011][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.009494][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.022093][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.042299][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.055380][ T8140] vivid-000: disconnect [ 173.060523][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.073789][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.093015][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.106242][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.124286][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.153489][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.172254][ T7918] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.188497][ T8018] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 173.227124][ T7918] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.236263][ T7918] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.244981][ T7918] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.253926][ T7918] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.264139][ T8018] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 173.287531][ T8018] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 173.307508][ T8018] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 173.396031][ T5242] Bluetooth: hci1: command tx timeout [ 173.479137][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.487777][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.545430][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.563838][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.583975][ T8152] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1078'. [ 173.608667][ T8152] unsupported nlmsg_type 40 [ 173.611460][ T8018] 8021q: adding VLAN 0 to HW filter on device bond0 [ 173.657523][ T8138] vivid-000: reconnect [ 173.678308][ T8018] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.720407][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.727656][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.756097][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.763295][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.818154][ T8018] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 173.830863][ T8018] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 173.995215][ T8018] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.109022][ T8018] veth0_vlan: entered promiscuous mode [ 174.170653][ T8018] veth1_vlan: entered promiscuous mode [ 174.246953][ T8018] veth0_macvtap: entered promiscuous mode [ 174.261916][ T8018] veth1_macvtap: entered promiscuous mode [ 174.380768][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.396882][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.407107][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.417903][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.428195][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.439172][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.449427][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.460556][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.470641][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.481334][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.491233][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.502424][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.512978][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.523869][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.535267][ T8018] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 174.550955][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.561514][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.571648][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.582319][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.592227][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.603498][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.614072][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.624670][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.634716][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.645245][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.655180][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.665906][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.675833][ T8018] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.686342][ T8018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.697435][ T8018] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 174.709360][ T8018] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.718169][ T8018] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.726975][ T8018] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.736114][ T8018] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.846809][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.854675][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.896844][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.906619][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.947150][ T8198] Dead loop on virtual device ip6_vti0, fix it urgently! [ 175.492547][ T5242] Bluetooth: hci1: command 0x0419 tx timeout [ 176.195091][ T8253] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1114'. [ 176.295749][ T5314] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 176.319675][ T5229] Bluetooth: hci4: unexpected event for opcode 0x1407 [ 176.867847][ T8259] nbd2: detected capacity change from 0 to 12 [ 177.045830][ T8257] block nbd2: shutting down sockets [ 178.635706][ T5229] Bluetooth: hci1: command 0x0419 tx timeout [ 180.040963][ T5314] usb 1-1: device descriptor read/all, error -71 [ 180.355766][ T5242] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 180.364892][ T5242] Bluetooth: hci4: Injecting HCI hardware error event [ 180.375115][ T5242] Bluetooth: hci4: hardware error 0x00 [ 180.553079][ T8289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1129'. [ 180.567888][ T8285] block nbd3: shutting down sockets [ 182.454754][ T5242] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 186.925642][ T29] audit: type=1326 audit(1728684296.102:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8330 comm="syz.2.1147" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe31a17dff9 code=0x0 [ 186.980275][ T29] audit: type=1326 audit(1728684296.172:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8334 comm="syz.1.1150" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x0 [ 187.475729][ T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 187.625742][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 187.635371][ T25] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 187.644709][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.664384][ T25] usb 5-1: Product: syz [ 187.671113][ T25] usb 5-1: Manufacturer: syz [ 187.677332][ T25] usb 5-1: SerialNumber: syz [ 187.684010][ T25] usb 5-1: config 0 descriptor?? [ 187.689221][ T5280] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 187.699522][ T25] gspca_main: sq930x-2.14.0 probing 2770:930c [ 187.857741][ T5280] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 187.870224][ T5280] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 187.902737][ T5280] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 187.915166][ T5280] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 187.923657][ T5280] usb 4-1: SerialNumber: syz [ 188.158064][ T5280] usb 4-1: 0:2 : does not exist [ 188.163112][ T5280] usb 4-1: unit 255 not found! [ 188.184724][ T5280] usb 4-1: 5:0: cannot get min/max values for control 4 (id 5) [ 188.205548][ T5280] usb 4-1: 5:0: cannot get min/max values for control 8 (id 5) [ 188.260295][ T5280] usb 4-1: USB disconnect, device number 10 [ 188.285729][ T5278] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 188.335896][ T25] gspca_sq930x: reg_w 0305 fd00 failed -71 [ 188.478319][ T5278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.500501][ T5278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.515972][ T5278] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 188.525300][ T5278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.540861][ T5278] usb 2-1: config 0 descriptor?? [ 188.556044][ T25] gspca_sq930x: Sensor ov9630 not yet treated [ 188.562199][ T25] sq930x 5-1:0.0: probe with driver sq930x failed with error -22 [ 188.581756][ T25] usb 5-1: USB disconnect, device number 17 [ 188.890322][ T8397] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 188.890322][ T8397] The task syz.0.1172 (8397) triggered the difference, watch for misbehavior. [ 188.973986][ T5278] pyra 0003:1E7D:2CF6.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0 [ 189.085883][ T5280] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 189.249302][ T5280] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 189.266558][ T5280] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 189.287906][ T5280] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 189.335821][ T5280] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 189.368355][ T5280] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 189.385548][ T5280] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 189.394227][ T5280] usb 4-1: Manufacturer: syz [ 189.423109][ T5280] usb 4-1: config 0 descriptor?? [ 189.681317][ T8420] sg_write: data in/out 42219/14 bytes for SCSI command 0x0-- guessing data in; [ 189.681317][ T8420] program syz.4.1182 not setting count and/or reply_len properly [ 189.899787][ T5280] appleir 0003:05AC:8243.0012: unknown main item tag 0x0 [ 189.908126][ T5280] appleir 0003:05AC:8243.0012: No inputs registered, leaving [ 189.999122][ T5278] pyra 0003:1E7D:2CF6.0011: couldn't init struct pyra_device [ 190.006800][ T5278] pyra 0003:1E7D:2CF6.0011: couldn't install mouse [ 190.017243][ T5280] appleir 0003:05AC:8243.0012: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 190.175970][ T5280] usb 4-1: USB disconnect, device number 11 [ 190.646841][ T5278] pyra 0003:1E7D:2CF6.0011: probe with driver pyra failed with error -71 [ 190.736145][ T5278] usb 2-1: USB disconnect, device number 14 [ 190.897859][ T8437] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 191.568311][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 192.174919][ T8488] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 192.195974][ T1849] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 192.355920][ T1849] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 192.359469][ T8493] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.366653][ T1849] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 192.380777][ T8493] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.427807][ T1849] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 192.442605][ T1849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 192.473843][ T8494] team_slave_0: entered promiscuous mode [ 192.479687][ T8494] team_slave_1: entered promiscuous mode [ 192.488068][ T1849] usb 5-1: SerialNumber: syz [ 192.489375][ T8494] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 192.502633][ T8494] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 192.719288][ T1849] usb 5-1: 0:2 : does not exist [ 192.724269][ T1849] usb 5-1: unit 255 not found! [ 192.739578][ T1849] usb 5-1: 5:0: cannot get min/max values for control 4 (id 5) [ 192.763224][ T1849] usb 5-1: 5:0: cannot get min/max values for control 8 (id 5) [ 192.804188][ T1849] usb 5-1: USB disconnect, device number 18 [ 192.905961][ T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 193.085752][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 193.108516][ T9] usb 4-1: config index 0 descriptor too short (expected 164, got 36) [ 193.140189][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.166254][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 193.176941][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 193.189269][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.233321][ T9] usb 4-1: config 0 descriptor?? [ 193.252710][ T8508] program syz.2.1216 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 193.676982][ T9] logitech 0003:046D:C29C.0013: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.3-1/input0 [ 193.830738][ T8527] netlink: 'syz.2.1224': attribute type 9 has an invalid length. [ 193.858461][ T8527] netlink: 134636 bytes leftover after parsing attributes in process `syz.2.1224'. [ 194.158222][ T9] logitech 0003:046D:C29C.0013: no inputs found [ 194.195979][ T5280] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 194.214677][ T8532] cgroup: fork rejected by pids controller in /syz4 [ 194.228389][ T9] usb 4-1: USB disconnect, device number 12 [ 194.362803][ T5280] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 194.376336][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.382843][ T5280] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 194.392235][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.400410][ T5280] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 194.409802][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 194.417866][ T5280] usb 2-1: SerialNumber: syz [ 194.425752][ T25] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 194.505757][ T5275] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 194.575664][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 194.585137][ T25] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 194.597116][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 194.615121][ T25] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 194.624725][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.651976][ T5280] usb 2-1: 0:2 : does not exist [ 194.665709][ T25] usb 3-1: Product: syz [ 194.669963][ T25] usb 3-1: Manufacturer: syz [ 194.675505][ T25] usb 3-1: SerialNumber: syz [ 194.691008][ T5280] usb 2-1: USB disconnect, device number 15 [ 194.698528][ T25] usb 3-1: config 0 descriptor?? [ 194.708215][ T25] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 194.711975][ T5275] usb 1-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 194.743907][ T25] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 194.749572][ T5275] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 194.781790][ T5275] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 194.802168][ T5275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 194.818505][ T5275] usb 1-1: SerialNumber: syz [ 195.062974][ T5275] usb 1-1: 0:2 : does not exist [ 195.075754][ T5275] usb 1-1: unit 255 not found! [ 195.108156][ T5275] usb 1-1: 5:0: cannot get min/max values for control 4 (id 5) [ 195.119735][ T5275] usb 1-1: 5:0: cannot get min/max values for control 8 (id 5) [ 195.143012][ T5275] usb 1-1: USB disconnect, device number 15 [ 195.339142][ T25] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 195.356430][ T25] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 195.537057][ T5280] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 195.716098][ T5280] usb 2-1: Using ep0 maxpacket: 16 [ 195.746821][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.768281][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.773971][ T8582] input: syz1 as /devices/virtual/input/input18 [ 195.778602][ T25] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 195.806411][ T5280] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 195.815911][ T25] em28xx 3-1:0.0: No AC97 audio processor [ 195.822716][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.833745][ T25] usb 3-1: USB disconnect, device number 9 [ 195.841956][ T5280] usb 2-1: config 0 descriptor?? [ 195.851897][ T25] em28xx 3-1:0.0: Disconnecting em28xx [ 195.877351][ T25] em28xx 3-1:0.0: Freeing device [ 200.169470][ T8615] sock: sock_set_timeout: `syz.4.1248' (pid 8615) tries to set negative timeout [ 200.312216][ T8617] Bluetooth: Short BCSP packet [ 200.460791][ T5280] usbhid 2-1:0.0: can't add hid device: -71 [ 200.467188][ T5280] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 200.486898][ T5280] usb 2-1: USB disconnect, device number 16 [ 200.506554][ T12] Bluetooth: Error in BCSP hdr checksum [ 200.941531][ T5280] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 201.107880][ T5280] usb 2-1: Using ep0 maxpacket: 8 [ 201.121165][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.133618][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.151089][ T5280] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 201.164087][ T5280] usb 2-1: New USB device found, idVendor=058f, idProduct=9410, bcdDevice= 0.00 [ 201.189235][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.211460][ T5280] usb 2-1: config 0 descriptor?? [ 201.439715][ T5280] usbhid 2-1:0.0: can't add hid device: -71 [ 201.452942][ T5280] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 201.464511][ T5280] usb 2-1: USB disconnect, device number 17 [ 202.370585][ T5229] Bluetooth: hci8: command 0x1003 tx timeout [ 202.377740][ T5242] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 202.855803][ T5275] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 203.066064][ T5275] usb 4-1: Using ep0 maxpacket: 8 [ 203.083158][ T5275] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 203.092173][ T5275] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 203.149282][ T5275] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 203.183785][ T5275] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 203.213810][ T5275] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 203.229211][ T5275] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 203.242181][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.502994][ T5275] usb 4-1: usb_control_msg returned -32 [ 203.525979][ T5275] usbtmc 4-1:16.0: can't read capabilities [ 203.645942][ T8667] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1271'. [ 203.665221][ T8667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1271'. [ 203.738295][ T8670] loop0: detected capacity change from 0 to 7 [ 203.765433][ T8670] Dev loop0: unable to read RDB block 7 [ 203.780830][ T8670] loop0: unable to read partition table [ 203.792748][ T8670] loop0: partition table beyond EOD, truncated [ 203.804950][ T8670] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 203.804950][ T8670] ) failed (rc=-5) [ 204.023993][ T8686] netlink: 'syz.0.1279': attribute type 9 has an invalid length. [ 204.042181][ T8686] netlink: 134640 bytes leftover after parsing attributes in process `syz.0.1279'. [ 204.866257][ T5280] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 205.035791][ T5280] usb 2-1: Using ep0 maxpacket: 16 [ 205.047376][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.067997][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.078982][ T5280] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 205.093872][ T5280] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 205.103535][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.114186][ T5280] usb 2-1: config 0 descriptor?? [ 205.539423][ T5280] HID 045e:07da: Invalid code 65791 type 1 [ 205.565386][ T5280] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0014/input/input19 [ 205.596076][ T5280] microsoft 0003:045E:07DA.0014: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 205.671537][ T5275] usb 4-1: USB disconnect, device number 13 [ 205.753482][ T9] usb 2-1: USB disconnect, device number 18 [ 206.355112][ T8761] netlink: 'syz.1.1311': attribute type 27 has an invalid length. [ 206.423380][ T29] audit: type=1326 audit(2000000013.370:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8734 comm="syz.0.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb68557dff9 code=0x7fc00000 [ 206.504252][ T8761] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.512071][ T8761] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.707260][ T8761] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 206.723185][ T8761] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 206.830059][ T8761] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.839281][ T8761] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.849564][ T8761] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.860381][ T8761] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.995327][ T8765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.014839][ T8765] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.041431][ T8765] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 208.717881][ T9] usb 5-1: new full-speed USB device number 19 using dummy_hcd [ 208.997798][ T9] usb 5-1: config 0 has an invalid interface number: 133 but max is 0 [ 209.007886][ T9] usb 5-1: config 0 has no interface number 0 [ 209.020440][ T9] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 209.034607][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.070090][ T9] usb 5-1: Product: syz [ 209.082187][ T9] usb 5-1: Manufacturer: syz [ 209.090533][ T9] usb 5-1: SerialNumber: syz [ 209.098565][ T9] usb 5-1: config 0 descriptor?? [ 209.517715][ T29] audit: type=1326 audit(2000000016.470:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8866 comm="syz.0.1352" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb68557dff9 code=0x0 [ 209.682055][ T9] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected [ 209.697101][ T9] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81 [ 209.705265][ T9] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1 [ 209.735688][ T9] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2 [ 209.746174][ T9] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 209.927554][ T5280] usb 5-1: USB disconnect, device number 19 [ 209.950324][ T5280] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 209.966262][ T5280] keyspan 5-1:0.133: device disconnected [ 210.045833][ T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 210.252051][ T9] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 210.275730][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.283818][ T9] usb 3-1: Product: syz [ 210.294742][ T9] usb 3-1: Manufacturer: syz [ 210.303040][ T9] usb 3-1: SerialNumber: syz [ 210.315412][ T9] usb 3-1: config 0 descriptor?? [ 210.562013][ T8890] IPVS: Scheduler module ip_vs_ not found [ 210.694032][ T25] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 210.865692][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 210.893431][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 210.916488][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 210.985731][ T25] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 210.994888][ T25] usb 4-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 211.005643][ T25] usb 4-1: Product: syz [ 211.009864][ T25] usb 4-1: Manufacturer: syz [ 211.036632][ T25] usb 4-1: config 0 descriptor?? [ 211.353093][ T9] usb 3-1: f81604_read: reg: 100f failed: -EPROTO [ 211.376317][ T5278] kernel write not supported for file /122/timerslack_ns (pid: 5278 comm: kworker/0:5) [ 211.403479][ T9] usb 3-1: f81604_read: reg: 200f failed: -EPROTO [ 211.426332][ T9] usb 3-1: USB disconnect, device number 10 [ 211.460486][ T9] usb 3-1: f81604_read: reg: 100f failed: -ENODEV [ 211.524135][ T25] kovaplus 0003:1E7D:2D50.0015: unknown main item tag 0xd [ 211.534145][ T25] kovaplus 0003:1E7D:2D50.0015: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.3-1/input0 [ 211.552588][ T9] usb 3-1: f81604_read: reg: 200f failed: -ENODEV [ 211.676235][ T51] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 211.856846][ T51] usb 1-1: Using ep0 maxpacket: 32 [ 211.870060][ T51] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 211.880713][ T51] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.889337][ T51] usb 1-1: Product: syz [ 211.893865][ T51] usb 1-1: Manufacturer: syz [ 211.898859][ T51] usb 1-1: SerialNumber: syz [ 211.908358][ T51] usb 1-1: config 0 descriptor?? [ 211.928265][ T51] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 211.986733][ T8937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1380'. [ 212.058051][ T9] usb 5-1: new full-speed USB device number 20 using dummy_hcd [ 212.115765][ T937] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 212.137402][ T25] kovaplus 0003:1E7D:2D50.0015: couldn't init struct kovaplus_device [ 212.151388][ T25] kovaplus 0003:1E7D:2D50.0015: couldn't install mouse [ 212.159546][ T25] kovaplus 0003:1E7D:2D50.0015: probe with driver kovaplus failed with error -71 [ 212.171740][ T25] usb 4-1: USB disconnect, device number 14 [ 212.184520][ T8942] binder: 8940:8942 ioctl c0306201 20000080 returned -14 [ 212.227442][ T9] usb 5-1: config 0 has an invalid interface number: 20 but max is 0 [ 212.236282][ T9] usb 5-1: config 0 has no interface number 0 [ 212.252825][ T9] usb 5-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 212.269834][ T9] usb 5-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 212.287657][ T8944] netlink: 'syz.2.1383': attribute type 29 has an invalid length. [ 212.291806][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.302240][ T8944] netlink: 'syz.2.1383': attribute type 29 has an invalid length. [ 212.313654][ T9] usb 5-1: Product: syz [ 212.314232][ T8944] netlink: 'syz.2.1383': attribute type 29 has an invalid length. [ 212.326347][ T937] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 212.327979][ T8944] netlink: 'syz.2.1383': attribute type 29 has an invalid length. [ 212.338125][ T9] usb 5-1: Manufacturer: syz [ 212.350320][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 212.361681][ T9] usb 5-1: SerialNumber: syz [ 212.366402][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 212.378038][ T8944] netlink: 'syz.2.1383': attribute type 29 has an invalid length. [ 212.380574][ T937] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 212.397671][ T8944] netlink: 'syz.2.1383': attribute type 29 has an invalid length. [ 212.401299][ T9] usb 5-1: config 0 descriptor?? [ 212.419240][ T8931] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 212.429056][ T9] usb-storage 5-1:0.20: USB Mass Storage device detected [ 212.436364][ T937] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 212.446181][ T937] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 212.454308][ T937] usb 2-1: Manufacturer: syz [ 212.461443][ T937] usb 2-1: config 0 descriptor?? [ 212.476792][ T9] usb-storage 5-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 212.656987][ T9] scsi host1: usb-storage 5-1:0.20 [ 212.670778][ T9] usb 5-1: USB disconnect, device number 20 [ 212.891702][ T937] appleir 0003:05AC:8243.0016: unknown main item tag 0x0 [ 212.900429][ T937] appleir 0003:05AC:8243.0016: No inputs registered, leaving [ 212.924631][ T937] appleir 0003:05AC:8243.0016: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 213.174734][ T9] usb 2-1: USB disconnect, device number 19 [ 213.396084][ T51] gspca_ov534_9: reg_r err -71 [ 213.573025][ T8979] team0: entered promiscuous mode [ 213.584634][ T8979] team_slave_0: entered promiscuous mode [ 213.595273][ T8978] team0: left promiscuous mode [ 213.604525][ T8981] input: syz0 as /devices/virtual/input/input20 [ 213.621597][ T8978] team_slave_0: left promiscuous mode [ 213.665702][ T51] gspca_ov534_9: Unknown sensor 0000 [ 213.665778][ T51] ov534_9 1-1:0.0: probe with driver ov534_9 failed with error -22 [ 213.685117][ T51] usb 1-1: USB disconnect, device number 16 [ 213.961533][ T8996] netlink: 'syz.3.1405': attribute type 1 has an invalid length. [ 214.000424][ T9001] kvm: pic: non byte read [ 214.018926][ T8997] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 214.030352][ T8996] bond1: (slave gre1): The slave device specified does not support setting the MAC address [ 214.049706][ T8996] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode [ 214.067550][ T8996] bond1: (slave gre1): making interface the new active one [ 214.077649][ T8996] bond1: (slave gre1): Enslaving as an active interface with an up link [ 214.705693][ T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 214.745790][ T5278] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 214.893051][ T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 214.904959][ T5278] usb 4-1: Using ep0 maxpacket: 32 [ 214.911117][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.924094][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.936657][ T5278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.950548][ T5278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.960546][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 214.973638][ T5278] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 214.982893][ T5278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.995991][ T5278] usb 4-1: config 0 descriptor?? [ 215.002041][ T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 215.012584][ T9] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 215.021141][ T9] usb 3-1: Manufacturer: syz [ 215.029228][ T9] usb 3-1: config 0 descriptor?? [ 215.451256][ T9] appleir 0003:05AC:8243.0017: unknown main item tag 0x0 [ 215.463087][ T9] appleir 0003:05AC:8243.0017: No inputs registered, leaving [ 215.474654][ T5278] hid-u2fzero 0003:10C4:8ACF.0018: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.3-1/input0 [ 215.493928][ T5278] hid-u2fzero 0003:10C4:8ACF.0018: U2F Zero LED initialised [ 215.501672][ T9] appleir 0003:05AC:8243.0017: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 215.513272][ T5278] hid-u2fzero 0003:10C4:8ACF.0018: U2F Zero RNG initialised [ 215.678211][ T51] usb 4-1: USB disconnect, device number 15 [ 215.737424][ T25] usb 3-1: USB disconnect, device number 11 [ 216.666018][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 216.837644][ T9110] netlink: 'syz.1.1450': attribute type 11 has an invalid length. [ 217.265732][ T51] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 217.283932][ T9134] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 217.451636][ T51] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 217.483311][ T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.507509][ T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 217.526455][ T51] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 217.549378][ T51] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 217.564657][ T51] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 217.585473][ T51] usb 1-1: Manufacturer: syz [ 217.605381][ T51] usb 1-1: config 0 descriptor?? [ 218.039802][ T51] appleir 0003:05AC:8243.0019: unknown main item tag 0x0 [ 218.076371][ T51] appleir 0003:05AC:8243.0019: No inputs registered, leaving [ 218.097467][ T51] appleir 0003:05AC:8243.0019: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 218.324259][ T51] usb 1-1: USB disconnect, device number 17 [ 218.330866][ T9180] loop7: detected capacity change from 0 to 16384 [ 219.345913][ T937] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 219.566823][ T937] usb 1-1: Using ep0 maxpacket: 16 [ 219.576220][ T937] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 219.587242][ T937] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 219.605316][ T937] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 219.619769][ T937] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 219.628979][ T937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.639330][ T937] usb 1-1: config 0 descriptor?? [ 219.700625][ T5280] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 219.866822][ T5280] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 219.886601][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.907584][ T5280] usb 3-1: config 0 descriptor?? [ 219.917210][ T5280] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 220.062204][ T937] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.001A/input/input21 [ 220.188472][ T937] microsoft 0003:045E:07DA.001A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 220.262197][ T937] usb 1-1: USB disconnect, device number 18 [ 220.925316][ T9224] sg_write: data in/out 42219/14 bytes for SCSI command 0x0-- guessing data in; [ 220.925316][ T9224] program syz.0.1491 not setting count and/or reply_len properly [ 221.149060][ T5280] usb 3-1: USB disconnect, device number 12 [ 221.474737][ T9221] netlink: 'syz.4.1490': attribute type 10 has an invalid length. [ 221.484702][ T9221] syz_tun: entered promiscuous mode [ 221.517527][ T9221] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 221.562323][ T9226] input: syz0 as /devices/virtual/input/input22 [ 221.865951][ T5280] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 222.028726][ T5280] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 222.050965][ T5280] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 222.084657][ T5280] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 222.103665][ T5280] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 222.150024][ T5280] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 222.165741][ T5280] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 222.193147][ T5280] usb 5-1: Manufacturer: syz [ 222.204111][ T5280] usb 5-1: config 0 descriptor?? [ 222.277843][ T9254] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 222.300579][ T9254] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 222.634811][ T5280] appleir 0003:05AC:8243.001B: unknown main item tag 0x0 [ 222.656618][ T5280] appleir 0003:05AC:8243.001B: No inputs registered, leaving [ 222.694954][ T5280] appleir 0003:05AC:8243.001B: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 222.778826][ T9269] sg_write: data in/out 42219/14 bytes for SCSI command 0x0-- guessing data in; [ 222.778826][ T9269] program syz.2.1509 not setting count and/or reply_len properly [ 222.911104][ T9264] cgroup: fork rejected by pids controller in /syz0 [ 222.941663][ T937] usb 5-1: USB disconnect, device number 21 [ 223.559318][ T52] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.810748][ T52] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.983804][ T9314] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.002084][ T5229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 224.003933][ T9314] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.013532][ T5229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 224.025424][ T5229] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 224.051229][ T5229] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 224.071475][ T5229] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 224.079998][ T5229] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 224.136262][ T9321] team_slave_0: entered promiscuous mode [ 224.142470][ T9321] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 224.152760][ T9321] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 224.187414][ T52] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.336235][ T52] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.355949][ T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 224.549229][ T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 224.582589][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 224.593942][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 224.610057][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 224.624820][ T9] usb 5-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 224.635691][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.646180][ T9] usb 5-1: config 0 descriptor?? [ 224.666668][ T52] bridge_slave_1: left allmulticast mode [ 224.672374][ T52] bridge_slave_1: left promiscuous mode [ 224.685801][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.708790][ T52] bridge_slave_0: left allmulticast mode [ 224.721307][ T52] bridge_slave_0: left promiscuous mode [ 224.727557][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.073932][ T9] nintendo 0003:057E:2009.001C: unknown main item tag 0x0 [ 225.095944][ T9] nintendo 0003:057E:2009.001C: unknown main item tag 0x0 [ 225.107247][ T9] nintendo 0003:057E:2009.001C: item fetching failed at offset 2/5 [ 225.115878][ T9] nintendo 0003:057E:2009.001C: HID parse failed [ 225.133958][ T9] nintendo 0003:057E:2009.001C: probe - fail = -22 [ 225.140768][ T9] nintendo 0003:057E:2009.001C: probe with driver nintendo failed with error -22 [ 225.263542][ T51] usb 5-1: USB disconnect, device number 22 [ 225.313989][ T52] bond1 (unregistering): (slave gre1): Releasing backup interface [ 225.548097][ T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 225.562518][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 225.574150][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 225.589342][ T52] bond0 (unregistering): (slave macvlan2): Releasing backup interface [ 225.599758][ T52] team_slave_0: left promiscuous mode [ 225.605675][ T52] team_slave_1: left promiscuous mode [ 225.614401][ T52] bond0 (unregistering): Released all slaves [ 225.626540][ T52] bond1 (unregistering): Released all slaves [ 225.716833][ T9330] chnl_net:caif_netlink_parms(): no params data found [ 225.735315][ T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 225.773038][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.805113][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.815140][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 225.829746][ T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 225.839042][ T9] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 225.847223][ T9] usb 3-1: Manufacturer: syz [ 225.853899][ T9] usb 3-1: config 0 descriptor?? [ 226.116288][ T5229] Bluetooth: hci1: command tx timeout [ 226.243008][ T9330] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.256914][ T9330] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.274103][ T9] appleir 0003:05AC:8243.001D: unknown main item tag 0x0 [ 226.285919][ T9330] bridge_slave_0: entered allmulticast mode [ 226.286273][ T9] appleir 0003:05AC:8243.001D: No inputs registered, leaving [ 226.293300][ T9330] bridge_slave_0: entered promiscuous mode [ 226.311797][ T9] appleir 0003:05AC:8243.001D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 226.315343][ T9330] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.343835][ T9330] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.365981][ T9330] bridge_slave_1: entered allmulticast mode [ 226.372806][ T9330] bridge_slave_1: entered promiscuous mode [ 226.413854][ T52] hsr_slave_0: left promiscuous mode [ 226.426104][ T52] hsr_slave_1: left promiscuous mode [ 226.432027][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 226.439642][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 226.452617][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 226.460233][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 226.482224][ T52] veth1_macvtap: left promiscuous mode [ 226.487830][ T52] veth0_macvtap: left promiscuous mode [ 226.493429][ T52] veth1_vlan: left promiscuous mode [ 226.498794][ T52] veth0_vlan: left promiscuous mode [ 226.598123][ T5280] usb 3-1: USB disconnect, device number 13 [ 227.023535][ T52] team0 (unregistering): Port device team_slave_1 removed [ 227.079327][ T52] team0 (unregistering): Port device team_slave_0 removed [ 227.965237][ T9410] bond_slave_1: entered promiscuous mode [ 227.973110][ T9410] macsec1: entered promiscuous mode [ 227.984142][ T9410] bond0: entered promiscuous mode [ 227.995469][ T9410] macsec1: entered allmulticast mode [ 228.002025][ T9410] bond0: entered allmulticast mode [ 228.008225][ T9410] bond_slave_1: entered allmulticast mode [ 228.014263][ T9410] syz_tun: entered allmulticast mode [ 228.032145][ T9410] bond0: left allmulticast mode [ 228.037220][ T9410] bond_slave_1: left allmulticast mode [ 228.042964][ T9410] syz_tun: left allmulticast mode [ 228.048234][ T9410] bond0: left promiscuous mode [ 228.054581][ T9410] bond_slave_1: left promiscuous mode [ 228.094497][ T9330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 228.123886][ T9330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 228.212894][ T5229] Bluetooth: hci1: command tx timeout [ 228.341347][ T9330] team0: Port device team_slave_0 added [ 228.372702][ T9330] team0: Port device team_slave_1 added [ 228.472197][ T9330] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 228.480384][ T9330] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.516634][ T9330] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 228.548994][ T9330] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 228.578399][ T9330] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.578616][ T9434] cgroup: fork rejected by pids controller in /syz2 [ 228.637007][ T9330] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 231.615720][ T5229] Bluetooth: hci1: command tx timeout [ 233.646033][ T5242] Bluetooth: hci1: command tx timeout [ 233.997414][ T9330] hsr_slave_0: entered promiscuous mode [ 234.003684][ T9330] hsr_slave_1: entered promiscuous mode [ 234.014047][ T9330] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 234.021687][ T9330] Cannot create hsr debugfs directory [ 234.420224][ T9330] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 234.429315][ T9330] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 234.439357][ T9330] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 234.448086][ T9330] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 234.517040][ T9330] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.533483][ T9330] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.544948][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.552081][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 234.577932][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.585046][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 234.736668][ T9330] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.783078][ T9330] veth0_vlan: entered promiscuous mode [ 234.795658][ T9330] veth1_vlan: entered promiscuous mode [ 234.822192][ T9330] veth0_macvtap: entered promiscuous mode [ 234.835182][ T9330] veth1_macvtap: entered promiscuous mode [ 234.854041][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.865383][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.875361][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.886030][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.895878][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.906384][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.917464][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.928056][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.942133][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.953885][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.963798][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.974381][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.986418][ T9330] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.999242][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.010139][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.021499][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.032481][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.042392][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.052856][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.062754][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.073216][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.083197][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.094410][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.104612][ T9330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.115299][ T9330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.127767][ T9330] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.139586][ T9330] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.148482][ T9330] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.160688][ T9330] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.169765][ T9330] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.244739][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.261535][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.283866][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.292135][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.414999][ T9523] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 235.440955][ T9523] overlayfs: failed to set xattr on upper [ 235.461563][ T9523] overlayfs: ...falling back to redirect_dir=nofollow. [ 235.468806][ T9523] overlayfs: ...falling back to index=off. [ 235.477284][ T9523] overlayfs: ...falling back to uuid=null. [ 235.483313][ T9523] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 235.889630][ T9539] cgroup: fork rejected by pids controller in /syz3 [ 236.297523][ T9579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1570'. [ 237.212197][ T9601] sctp: [Deprecated]: syz.4.1584 (pid 9601) Use of struct sctp_assoc_value in delayed_ack socket option. [ 237.212197][ T9601] Use struct sctp_sack_info instead [ 237.216039][ T5229] Bluetooth: Wrong link type (-71) [ 237.641517][ T9645] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 237.658790][ T9645] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 237.697574][ T9645] iommufd_mock iommufd_mock2: Adding to iommu group 2 [ 237.885911][ T5229] Bluetooth: hci8: command 0x1003 tx timeout [ 237.887331][ T5242] Bluetooth: hci8: Opcode 0x1003 failed: -110 [ 238.606152][ T5277] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 238.685535][ T9668] overlayfs: failed to decode file handle (len=0, type=251, flags=0, err=-22) [ 238.787460][ T5277] usb 1-1: config 0 interface 0 has no altsetting 0 [ 238.794103][ T5277] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 238.803610][ T5277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.814574][ T5277] usb 1-1: config 0 descriptor?? [ 239.174820][ T5242] block nbd2: Receive control failed (result -32) [ 239.175295][ T9658] block nbd2: shutting down sockets [ 239.423258][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 239.726694][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 239.875104][ T5277] radio-keene 1-1:0.0: V4L2 device registered as radio32 [ 240.505836][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 240.586383][ T9742] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 240.614240][ T5277] usb 1-1: USB disconnect, device number 19 [ 240.620450][ T9742] overlayfs: failed to set xattr on upper [ 240.660610][ T9742] overlayfs: ...falling back to redirect_dir=nofollow. [ 240.681477][ T9742] overlayfs: ...falling back to metacopy=off. [ 240.695682][ T9742] overlayfs: ...falling back to uuid=null. [ 240.855770][ T937] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 241.038328][ T937] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 241.059681][ T937] usb 3-1: config 0 has no interfaces? [ 241.079173][ T937] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 241.115784][ T937] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.126615][ T937] usb 3-1: config 0 descriptor?? [ 241.157061][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 241.246245][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 241.254853][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 241.338497][ T937] usb 3-1: USB disconnect, device number 14 [ 241.405700][ T5280] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 241.574809][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.585991][ T5280] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 241.588804][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.605851][ T5280] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 241.613628][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.623762][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.631974][ T5280] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 241.641376][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.641413][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.641444][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.641473][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.641503][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.641533][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.641563][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.641593][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.657337][ T5280] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 241.657367][ T5280] usb 4-1: Product: syz [ 241.657387][ T5280] usb 4-1: Manufacturer: syz [ 241.657406][ T5280] usb 4-1: SerialNumber: syz [ 241.677323][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.727096][ T5280] usb 4-1: config 0 descriptor?? [ 241.741522][ T9755] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 241.749289][ T9755] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 241.754957][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.772799][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.781506][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.789491][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.797312][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.805068][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.813567][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.822514][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.834457][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.846875][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.854735][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.872595][ T5277] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 241.915655][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.923459][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.940467][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.952207][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.965016][ T9755] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 241.971805][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 241.983694][ T9755] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 242.002339][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 242.013674][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 242.021788][ T937] hid-generic 0000:0000:FFFFFFFF.001E: unknown main item tag 0x0 [ 242.034354][ T937] hid-generic 0000:0000:FFFFFFFF.001E: hidraw0: HID v0.02 Device [syz0] on syz0 [ 242.067281][ T5277] usb 5-1: config 0 has no interfaces? [ 242.072817][ T5277] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 242.082908][ T5277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.096321][ T5277] usb 5-1: config 0 descriptor?? [ 247.245742][ T5280] Error reading MAC address [ 247.454702][ T5280] usb 4-1: USB disconnect, device number 16 [ 247.513946][ T25] usb 5-1: USB disconnect, device number 23 [ 247.713889][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 248.030222][ T25] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 248.197760][ T25] usb 5-1: config 0 has no interfaces? [ 248.203481][ T25] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 248.212981][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.236618][ T5278] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 248.237352][ T25] usb 5-1: config 0 descriptor?? [ 248.425863][ T5278] usb 4-1: Using ep0 maxpacket: 32 [ 248.452073][ T5278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 248.471133][ T25] usb 5-1: USB disconnect, device number 24 [ 248.484046][ T5278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 248.510276][ T5278] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 248.520197][ T5278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.536437][ T5278] usb 4-1: config 0 descriptor?? [ 248.550887][ T5278] hub 4-1:0.0: USB hub found [ 248.794212][ T5278] hub 4-1:0.0: 1 port detected [ 249.409103][ T5278] hub 4-1:0.0: activate --> -90 [ 249.613564][ T9874] netlink: 'syz.2.1658': attribute type 10 has an invalid length. [ 249.648428][ T9874] team0: Device netdevsim0 failed to register rx_handler [ 250.027823][ T5278] hub 4-1:0.0: hub_ext_port_status failed (err = -71) [ 250.048235][ T937] usb 4-1: USB disconnect, device number 17 [ 250.057210][ T5278] usb 4-1-port1: cannot reset (err = -71) [ 250.064258][ T5278] usb 4-1-port1: Cannot enable. Maybe the USB cable is bad? [ 250.106898][ T5278] usb 4-1-port1: attempt power cycle [ 250.976122][ T25] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 251.140258][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 251.153612][ T25] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 251.185906][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 251.222066][ T25] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 251.245534][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.254453][ T25] usb 5-1: Product: syz [ 251.285845][ T25] usb 5-1: Manufacturer: syz [ 251.290556][ T25] usb 5-1: SerialNumber: syz [ 251.308845][ T25] usb 5-1: config 0 descriptor?? [ 251.334050][ T25] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 251.355510][ T25] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 251.944216][ T25] em28xx 5-1:0.0: unknown em28xx chip ID (61) [ 251.964613][ T29] audit: type=1326 audit(2000000058.900:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.011556][ T29] audit: type=1326 audit(2000000058.900:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.070170][ T29] audit: type=1326 audit(2000000058.950:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.127698][ T29] audit: type=1326 audit(2000000058.950:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.150164][ T25] em28xx 5-1:0.0: Config register raw data: 0x3d [ 252.156737][ T29] audit: type=1326 audit(2000000058.950:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.156784][ T29] audit: type=1326 audit(2000000058.950:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.156824][ T29] audit: type=1326 audit(2000000058.950:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.156861][ T29] audit: type=1326 audit(2000000058.950:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.156898][ T29] audit: type=1326 audit(2000000058.950:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.156936][ T29] audit: type=1326 audit(2000000058.950:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9973 comm="syz.1.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 252.221672][ C1] vkms_vblank_simulate: vblank timer overrun [ 252.288090][ C1] vkms_vblank_simulate: vblank timer overrun [ 252.370619][ T9986] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1704'. [ 252.382792][ T25] em28xx 5-1:0.0: I2S Audio (5 sample rate(s)) [ 252.406662][ T25] em28xx 5-1:0.0: No AC97 audio processor [ 252.469131][ T9988] block nbd0: shutting down sockets [ 252.779458][ T5233] Bluetooth: hci6: command 0x0406 tx timeout [ 252.785294][ T5224] Bluetooth: hci7: command 0x0406 tx timeout [ 252.819600][ T25] usb 5-1: USB disconnect, device number 25 [ 253.225756][ T5277] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 253.391057][ T5277] usb 2-1: config 0 has no interfaces? [ 253.408113][ T5277] usb 2-1: New USB device found, idVendor=0499, idProduct=5ae2, bcdDevice= 9.0f [ 253.423315][ T5277] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=7 [ 253.432030][ T5277] usb 2-1: Product: syz [ 253.436306][ T5277] usb 2-1: Manufacturer: syz [ 253.440940][ T5277] usb 2-1: SerialNumber: syz [ 253.455654][ T5277] usb 2-1: config 0 descriptor?? [ 253.530734][T10023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1720'. [ 253.539994][T10023] bridge_slave_1: left allmulticast mode [ 253.549460][T10023] bridge_slave_1: left promiscuous mode [ 253.560557][T10023] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.571712][T10023] bridge_slave_0: left allmulticast mode [ 253.577839][T10023] bridge_slave_0: left promiscuous mode [ 253.583746][T10023] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.669666][ T1849] usb 2-1: USB disconnect, device number 20 [ 254.343187][T10065] netlink: 'syz.3.1728': attribute type 1 has an invalid length. [ 254.351238][T10065] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.1728'. [ 254.748776][ T5280] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 254.919511][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.930992][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 254.942885][ T5280] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 254.956591][ T5280] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 254.965802][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.980565][ T5280] usb 2-1: config 0 descriptor?? [ 256.066657][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.073005][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.533226][ T5280] usbhid 2-1:0.0: can't add hid device: -71 [ 256.540966][ T5280] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 256.557489][ T5280] usb 2-1: USB disconnect, device number 21 [ 257.136503][T10139] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22) [ 257.267345][ T5277] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 257.426305][ T5277] usb 5-1: Using ep0 maxpacket: 32 [ 257.437655][ T5277] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 257.449375][ T5277] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 257.475595][ T5277] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 257.488143][ T5277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 257.515680][ T5277] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 257.546157][ T5277] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 257.595623][ T5277] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 257.616699][ T5277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.682037][ T5277] usb 5-1: config 0 descriptor?? [ 257.899451][ T5277] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 257.938505][T10162] syz.3.1763[10162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 257.938606][T10162] syz.3.1763[10162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 257.964702][T10162] syz.3.1763[10162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 258.100145][ T5277] usb 5-1: USB disconnect, device number 26 [ 258.117764][T10169] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'. [ 258.176088][ T5277] usblp0: removed [ 259.275749][ T5280] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 259.458169][ T5280] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 259.469508][ T5280] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 259.479522][ T5280] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 259.492959][ T5280] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 259.502568][ T5280] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.516672][ T5280] usb 1-1: config 0 descriptor?? [ 259.528277][T10227] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 259.735729][ T25] usb 4-1: new full-speed USB device number 22 using dummy_hcd [ 259.986545][ T5280] acrux 0003:1A34:0802.001F: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.0-1/input0 [ 259.997848][ T5280] acrux 0003:1A34:0802.001F: no inputs found [ 260.004788][ T5280] acrux 0003:1A34:0802.001F: Failed to enable force feedback support, error: -19 [ 260.046297][ T25] usb 4-1: config 4 has an invalid interface number: 231 but max is 0 [ 260.054620][ T25] usb 4-1: config 4 has no interface number 0 [ 260.126208][ T25] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 260.135311][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.155720][ T25] usb 4-1: Product: syz [ 260.159962][ T25] usb 4-1: Manufacturer: syz [ 260.164594][ T25] usb 4-1: SerialNumber: syz [ 260.197923][ T25] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 260.592476][T10237] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1793'. [ 260.639828][ T25] vp7045: USB control message 'in' went wrong. [ 260.655697][ T25] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 260.666212][ T25] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 260.705710][ T25] usb 4-1: USB disconnect, device number 22 [ 262.115956][ T5277] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 262.287876][ T5277] usb 3-1: config 0 has an invalid interface number: 206 but max is 0 [ 262.307609][ T5277] usb 3-1: config 0 has no interface number 0 [ 262.336478][ T5277] usb 3-1: config 0 interface 206 altsetting 211 has 0 endpoint descriptors, different from the interface descriptor's value: 19 [ 262.390234][ T5277] usb 3-1: config 0 interface 206 has no altsetting 0 [ 262.419947][ T5277] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 262.454547][ T5277] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.499149][ T5277] usb 3-1: config 0 descriptor?? [ 262.908320][T10294] netlink: 'syz.3.1816': attribute type 9 has an invalid length. [ 262.916059][ T5278] usb 1-1: USB disconnect, device number 20 [ 262.932748][T10294] netlink: 69104 bytes leftover after parsing attributes in process `syz.3.1816'. [ 263.152083][ T5277] usb 3-1: Cannot read MAC address [ 263.164755][ T5277] MOSCHIP usb-ethernet driver 3-1:0.206: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 263.181408][ T5277] usb 3-1: USB disconnect, device number 15 [ 263.276093][ T5278] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 263.455983][ T9] usb 4-1: new full-speed USB device number 23 using dummy_hcd [ 263.469225][ T5278] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 263.490857][ T5278] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.510102][ T5278] usb 1-1: Product: syz [ 263.514332][ T5278] usb 1-1: Manufacturer: syz [ 263.528274][ T5278] usb 1-1: SerialNumber: syz [ 263.546760][ T5278] usb 1-1: config 0 descriptor?? [ 263.565319][ T5278] i2c-tiny-usb 1-1:0.0: version 6d.cc found at bus 001 address 021 [ 263.629133][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 263.653148][ T9] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 263.701614][ T9] usb 4-1: New USB device found, idVendor=045c, idProduct=0283, bcdDevice= 4.0b [ 263.721189][ T9] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 263.741649][ T9] usb 4-1: Product: syz [ 263.753314][ T9] usb 4-1: SerialNumber: syz [ 263.770365][ T9] usb 4-1: config 0 descriptor?? [ 263.992243][ T25] usb 4-1: USB disconnect, device number 23 [ 264.255831][ T5278] (null): failure setting delay to 10us [ 264.261581][ T5278] i2c-tiny-usb 1-1:0.0: probe with driver i2c-tiny-usb failed with error -5 [ 264.295248][ T5278] usb 1-1: USB disconnect, device number 21 [ 265.915451][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 265.915471][ T29] audit: type=1326 audit(2000000072.830:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.084112][ T29] audit: type=1326 audit(2000000072.830:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.156237][ T29] audit: type=1326 audit(2000000072.830:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.244550][ T29] audit: type=1326 audit(2000000072.830:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.311608][T10380] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1853'. [ 266.353203][ T29] audit: type=1326 audit(2000000072.830:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.376932][ T29] audit: type=1326 audit(2000000072.830:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.425287][ T29] audit: type=1326 audit(2000000072.830:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.530742][ T29] audit: type=1326 audit(2000000072.830:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10366 comm="syz.1.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84ddd7dff9 code=0x7ffc0000 [ 266.585739][ T5280] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 266.794836][ T5280] usb 4-1: config 252 has an invalid interface number: 181 but max is 0 [ 266.814552][ T5280] usb 4-1: config 252 has no interface number 0 [ 266.835224][ T5280] usb 4-1: config 252 interface 181 has no altsetting 0 [ 266.842835][ T5280] usb 4-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 266.852391][ T5280] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.066434][ T9] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 267.107208][ T25] usb 4-1: USB disconnect, device number 24 [ 267.298704][ T9] usb 5-1: unable to get BOS descriptor or descriptor too short [ 267.313711][ T9] usb 5-1: no configurations [ 267.318558][T10382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 267.330146][ T9] usb 5-1: can't read configurations, error -22 [ 267.555021][T10412] input: syz0 as /devices/virtual/input/input23 [ 267.803060][ T5278] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 267.990993][ T5278] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 268.010109][ T5278] usb 3-1: config 1 has an invalid descriptor of length 110, skipping remainder of the config [ 268.041213][ T5278] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 268.083152][ T5278] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 101, changing to 10 [ 268.133125][ T5278] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 10100, setting to 1024 [ 268.169436][ T5278] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 268.189099][ T5278] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 268.209162][ T5278] usb 3-1: Product: syz [ 268.229433][ T5278] usb 3-1: Manufacturer: syz [ 268.245735][T10411] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 268.254775][ T5278] cdc_wdm 3-1:1.0: skipping garbage [ 268.267707][ T5278] cdc_wdm 3-1:1.0: skipping garbage [ 268.284822][ T5278] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 268.301382][ T5278] cdc_wdm 3-1:1.0: Unknown control protocol [ 268.501990][ T5280] usb 3-1: USB disconnect, device number 16 [ 268.663835][T10436] overlayfs: upper fs does not support tmpfile. [ 268.829512][T10443] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1879'. [ 269.031772][ T29] audit: type=1326 audit(2000000075.980:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10448 comm="syz.3.1882" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc54597dff9 code=0x0 [ 269.306968][T10455] nvme_fabrics: missing parameter 'transport=%s' [ 269.313858][T10455] nvme_fabrics: missing parameter 'nqn=%s' [ 269.394741][T10457] nvme_fabrics: missing parameter 'transport=%s' [ 269.403871][T10457] nvme_fabrics: missing parameter 'nqn=%s' [ 272.083150][T10517] netlink: 'syz.0.1903': attribute type 27 has an invalid length. [ 272.244612][T10517] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.449877][T10517] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 272.481586][T10517] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 272.587618][T10517] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.599021][T10517] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.608164][T10517] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.620361][T10517] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.771520][T10519] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.827164][T10519] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.869236][T10519] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 273.565728][ T29] audit: type=1326 audit(2000000080.500:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10537 comm="syz.2.1909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe31a17dff9 code=0x7fc00000 [ 273.665662][ T29] audit: type=1326 audit(2000000080.610:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10537 comm="syz.2.1909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe31a17dff9 code=0x7fc00000 [ 274.105775][ T29] audit: type=1326 audit(2000000081.050:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10537 comm="syz.2.1909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe31a119959 code=0x7fc00000 [ 274.196109][ T29] audit: type=1326 audit(2000000081.050:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10537 comm="syz.2.1909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe31a119a1f code=0x7fc00000 [ 274.275900][ T29] audit: type=1326 audit(2000000081.050:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10537 comm="syz.2.1909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe31a17dff9 code=0x7fc00000 [ 276.225945][ T1849] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 276.268010][T10592] netlink: 'syz.4.1933': attribute type 29 has an invalid length. [ 276.278272][T10592] netlink: 'syz.4.1933': attribute type 29 has an invalid length. [ 276.288993][T10592] netlink: 'syz.4.1933': attribute type 29 has an invalid length. [ 276.299810][T10592] netlink: 'syz.4.1933': attribute type 29 has an invalid length. [ 276.309385][T10592] netlink: 'syz.4.1933': attribute type 29 has an invalid length. [ 276.318525][T10592] netlink: 'syz.4.1933': attribute type 29 has an invalid length. [ 276.378023][ T1849] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 276.390217][ T1849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 276.424106][ T1849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 276.450247][ T1849] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 276.473997][ T1849] usb 4-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 276.483307][ T1849] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.505947][ T1849] usb 4-1: config 0 descriptor?? [ 276.927444][ T1849] nintendo 0003:057E:2009.0020: unknown main item tag 0x0 [ 276.956607][ T1849] nintendo 0003:057E:2009.0020: unknown main item tag 0x0 [ 276.963796][ T1849] nintendo 0003:057E:2009.0020: item fetching failed at offset 2/5 [ 277.010395][ T1849] nintendo 0003:057E:2009.0020: HID parse failed [ 277.043434][ T1849] nintendo 0003:057E:2009.0020: probe - fail = -22 [ 277.060613][ T1849] nintendo 0003:057E:2009.0020: probe with driver nintendo failed with error -22 [ 277.153579][ T1849] usb 4-1: USB disconnect, device number 25 [ 277.411097][T10633] macsec1: entered promiscuous mode [ 277.434905][T10633] bond0: entered promiscuous mode [ 277.440513][T10635] ALSA: seq fatal error: cannot create timer (-22) [ 277.444566][T10633] bond_slave_0: entered promiscuous mode [ 277.475880][T10633] bond_slave_1: entered promiscuous mode [ 277.482009][T10633] macsec1: entered allmulticast mode [ 277.487516][T10633] bond0: entered allmulticast mode [ 277.508780][T10633] bond_slave_0: entered allmulticast mode [ 277.515398][T10633] bond_slave_1: entered allmulticast mode [ 277.576897][T10633] bond0: left allmulticast mode [ 277.585821][T10633] bond_slave_0: left allmulticast mode [ 277.591400][T10633] bond_slave_1: left allmulticast mode [ 277.597210][T10633] bond0: left promiscuous mode [ 277.602444][T10633] bond_slave_0: left promiscuous mode [ 277.619457][T10633] bond_slave_1: left promiscuous mode [ 277.741748][T10650] input: syz0 as /devices/virtual/input/input24 [ 277.835765][ T5278] usb 2-1: new full-speed USB device number 22 using dummy_hcd [ 278.018663][ T5278] usb 2-1: config 0 has an invalid interface number: 133 but max is 0 [ 278.033857][ T5278] usb 2-1: config 0 has no interface number 0 [ 278.061358][ T5278] usb 2-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 278.065385][T10660] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 278.078816][ T1849] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 278.080384][ T5278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.094785][T10660] overlayfs: failed to set xattr on upper [ 278.100949][T10660] overlayfs: ...falling back to redirect_dir=nofollow. [ 278.116278][T10660] overlayfs: ...falling back to index=off. [ 278.119893][ T5278] usb 2-1: Product: syz [ 278.125031][T10660] overlayfs: ...falling back to uuid=null. [ 278.126995][ T5278] usb 2-1: Manufacturer: syz [ 278.137444][ T5278] usb 2-1: SerialNumber: syz [ 278.142634][T10660] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 278.152764][ T5278] usb 2-1: config 0 descriptor?? [ 278.252549][ T1849] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 278.262009][ T1849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.272647][ T1849] usb 1-1: config 0 descriptor?? [ 278.292819][ T1849] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 278.804755][ T5278] keyspan 2-1:0.133: Keyspan 1 port adapter converter detected [ 278.813865][ T5278] keyspan 2-1:0.133: found no endpoint descriptor for endpoint 81 [ 278.822245][ T5278] keyspan 2-1:0.133: found no endpoint descriptor for endpoint 1 [ 278.830190][ T5278] keyspan 2-1:0.133: found no endpoint descriptor for endpoint 2 [ 278.872235][ T5278] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 279.073389][ T5278] usb 2-1: USB disconnect, device number 22 [ 279.086383][ T5278] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 279.109655][ T5278] keyspan 2-1:0.133: device disconnected [ 279.600994][ T1849] usb 1-1: USB disconnect, device number 22 [ 280.231138][T10690] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 280.297263][T10690] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 280.306185][T10690] iommufd_mock iommufd_mock2: Adding to iommu group 2 [ 281.028737][T10667] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1966'. [ 281.042210][T10667] erspan0: entered promiscuous mode [ 281.047758][T10667] macvtap1: entered promiscuous mode [ 281.053269][T10667] macvtap1: entered allmulticast mode [ 281.064459][T10667] erspan0: entered allmulticast mode [ 281.080443][T10669] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1966'. [ 281.117057][T10669] erspan0: left allmulticast mode [ 281.122280][T10669] erspan0: left promiscuous mode [ 281.655687][ T1849] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 281.729602][T10736] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 281.734437][T10735] overlayfs: failed to decode file handle (len=7, type=251, flags=0, err=-61) [ 281.826427][ T1849] usb 1-1: Using ep0 maxpacket: 8 [ 281.879086][ T1849] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 281.890791][ T1849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.899162][ T1849] usb 1-1: Product: syz [ 281.903458][ T1849] usb 1-1: Manufacturer: syz [ 281.908350][ T1849] usb 1-1: SerialNumber: syz [ 281.915061][ T1849] usb 1-1: config 0 descriptor?? [ 282.128568][ T1849] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 282.650520][T10774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2009'. [ 282.681085][ T30] INFO: task syz.2.581:6894 blocked for more than 143 seconds. [ 282.705636][ T30] Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 282.713338][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 282.757241][ T30] task:syz.2.581 state:D stack:23808 pid:6894 tgid:6894 ppid:6602 flags:0x00004000 [ 282.803717][ T30] Call Trace: [ 282.825796][ T30] [ 282.828944][ T30] __schedule+0x1843/0x4ae0 [ 282.839169][ T30] ? __pfx___schedule+0x10/0x10 [ 282.851908][ T30] ? __pfx_lock_release+0x10/0x10 [ 282.862808][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 282.875801][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 282.891263][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 282.901030][ T30] ? schedule+0x90/0x320 [ 282.911088][ T30] schedule+0x14b/0x320 [ 282.920703][ T30] schedule_preempt_disabled+0x13/0x30 [ 282.932211][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 282.959547][ T1849] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 282.965591][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 282.971486][ T1849] usb 1-1: USB disconnect, device number 23 [ 282.976692][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 283.018771][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 283.023940][ T30] ? exit_mmap+0x28b/0xc40 [ 283.034085][ T30] down_write+0x1d7/0x220 [ 283.038755][ T30] ? __pfx_down_write+0x10/0x10 [ 283.044115][ T30] exit_mmap+0x2bd/0xc40 [ 283.048606][ T30] ? __mutex_lock+0x2ef/0xd70 [ 283.053314][ T30] ? __pfx_exit_mmap+0x10/0x10 [ 283.058847][ T30] ? __pfx_exit_aio+0x10/0x10 [ 283.063574][ T30] ? uprobe_clear_state+0x271/0x290 [ 283.069513][ T30] ? mm_update_next_owner+0xa2/0x8a0 [ 283.074865][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 283.080281][ T30] __mmput+0x115/0x380 [ 283.084480][ T30] exit_mm+0x220/0x310 [ 283.088637][ T30] ? __pfx_exit_mm+0x10/0x10 [ 283.093299][ T30] ? taskstats_exit+0x326/0xa60 [ 283.098269][ T30] do_exit+0x9b2/0x28e0 [ 283.102461][ T30] ? preempt_schedule_common+0x84/0xd0 [ 283.108239][ T30] ? __pfx_do_exit+0x10/0x10 [ 283.112863][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 283.118940][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 283.125319][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 283.130786][ T30] do_group_exit+0x207/0x2c0 [ 283.135387][ T30] __x64_sys_exit_group+0x3f/0x40 [ 283.140530][ T30] x64_sys_call+0x2634/0x2640 [ 283.146469][ T30] do_syscall_64+0xf3/0x230 [ 283.151056][ T30] ? clear_bhb_loop+0x35/0x90 [ 283.155882][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.162309][ T30] RIP: 0033:0x7f4a0457dff9 [ 283.166885][ T30] RSP: 002b:00007ffd8a02aa28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 283.175360][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4a0457dff9 [ 283.184211][ T30] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 283.192337][ T30] RBP: 00007ffd8a02aa7c R08: 00007ffd8a02ab0f R09: 000000000001d0ea [ 283.200497][ T30] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000032 [ 283.208581][ T30] R13: 000000000001d0ea R14: 000000000001d0d6 R15: 00007ffd8a02aad0 [ 283.216792][ T30] [ 283.220018][ T30] INFO: task syz.0.582:6896 blocked for more than 143 seconds. [ 283.233978][ T30] Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 283.243686][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 283.261312][ T30] task:syz.0.582 state:D stack:23808 pid:6896 tgid:6896 ppid:5221 flags:0x00004006 [ 283.272958][ T30] Call Trace: [ 283.276459][ T30] [ 283.279446][ T30] __schedule+0x1843/0x4ae0 [ 283.284000][ T30] ? __pfx___schedule+0x10/0x10 [ 283.288972][ T30] ? __pfx_lock_release+0x10/0x10 [ 283.294034][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 283.300236][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 283.306723][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 283.311875][ T30] ? schedule+0x90/0x320 [ 283.318375][ T30] schedule+0x14b/0x320 [ 283.322601][ T30] schedule_preempt_disabled+0x13/0x30 [ 283.328421][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 283.334199][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 283.340258][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 283.346560][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 283.352206][ T30] ? exit_mmap+0x28b/0xc40 [ 283.356860][ T30] down_write+0x1d7/0x220 [ 283.361228][ T30] ? __pfx_down_write+0x10/0x10 [ 283.366362][ T30] exit_mmap+0x2bd/0xc40 [ 283.370655][ T30] ? __mutex_lock+0x2ef/0xd70 [ 283.375342][ T30] ? __pfx_exit_mmap+0x10/0x10 [ 283.382246][ T30] ? __pfx_exit_aio+0x10/0x10 [ 283.387094][ T30] ? uprobe_clear_state+0x271/0x290 [ 283.392345][ T30] ? mm_update_next_owner+0xa2/0x8a0 [ 283.405561][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 283.410807][ T30] __mmput+0x115/0x380 [ 283.414907][ T30] exit_mm+0x220/0x310 [ 283.419225][ T30] ? __pfx_exit_mm+0x10/0x10 [ 283.423880][ T30] ? taskstats_exit+0x326/0xa60 [ 283.428879][ T30] do_exit+0x9b2/0x28e0 [ 283.433088][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 283.440675][ T30] ? __pfx_do_exit+0x10/0x10 [ 283.445285][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 283.450532][ T30] do_group_exit+0x207/0x2c0 [ 283.455765][ T30] get_signal+0x16a3/0x1740 [ 283.460312][ T30] ? __pfx_get_signal+0x10/0x10 [ 283.465168][ T30] ? down_write_killable+0x1bc/0x260 [ 283.470760][ T30] ? vm_mmap_pgoff+0x17c/0x3d0 [ 283.475691][ T30] arch_do_signal_or_restart+0x96/0x860 [ 283.481297][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 283.488870][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 283.494960][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 283.500748][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 283.506461][ T30] do_syscall_64+0x100/0x230 [ 283.511109][ T30] ? clear_bhb_loop+0x35/0x90 [ 283.515872][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.521799][ T30] RIP: 0033:0x7fb6e8d7e033 [ 283.526391][ T30] RSP: 002b:00007ffdce4e8e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 283.534983][ T30] RAX: fffffffffffffffc RBX: 00007fb6e70006c0 RCX: 00007fb6e8d7e033 [ 283.543014][ T30] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000 [ 283.552317][ T30] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000 [ 283.561348][ T30] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffdce4e8fc0 [ 283.569417][ T30] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000 [ 283.577520][ T30] [ 283.580636][ T30] [ 283.580636][ T30] Showing all locks held in the system: [ 283.588407][ T30] 2 locks held by kworker/u8:1/12: [ 283.593542][ T30] 1 lock held by ksoftirqd/1/24: [ 283.600043][ T30] #0: ffff8880b873ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 283.610171][ T30] 1 lock held by khungtaskd/30: [ 283.615035][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 283.630894][ T30] 2 locks held by getty/4984: [ 283.635755][ T30] #0: ffff888032c9a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 283.645743][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 283.656695][ T30] 1 lock held by syz.2.581/6894: [ 283.661673][ T30] #0: ffff88807d8d4d98 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x2bd/0xc40 [ 283.670894][ T30] 1 lock held by syz.0.582/6896: [ 283.675879][ T30] #0: ffff88807d8d7398 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x2bd/0xc40 [ 283.684991][ T30] [ 283.687399][ T30] ============================================= [ 283.687399][ T30] [ 283.695862][ T30] NMI backtrace for cpu 0 [ 283.700209][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 283.710749][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 283.720841][ T30] Call Trace: [ 283.724135][ T30] [ 283.727104][ T30] dump_stack_lvl+0x241/0x360 [ 283.731913][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 283.737144][ T30] ? __pfx__printk+0x10/0x10 [ 283.741774][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 283.746788][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 283.752283][ T30] ? _printk+0xd5/0x120 [ 283.756473][ T30] ? __pfx__printk+0x10/0x10 [ 283.761109][ T30] ? __wake_up_klogd+0xcc/0x110 [ 283.766011][ T30] ? __pfx__printk+0x10/0x10 [ 283.770639][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 283.775713][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 283.781745][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 283.787780][ T30] watchdog+0xff4/0x1040 [ 283.792059][ T30] ? watchdog+0x1ea/0x1040 [ 283.796509][ T30] ? __pfx_watchdog+0x10/0x10 [ 283.801216][ T30] kthread+0x2f0/0x390 [ 283.805296][ T30] ? __pfx_watchdog+0x10/0x10 [ 283.809999][ T30] ? __pfx_kthread+0x10/0x10 [ 283.814613][ T30] ret_from_fork+0x4b/0x80 [ 283.819055][ T30] ? __pfx_kthread+0x10/0x10 [ 283.823668][ T30] ret_from_fork_asm+0x1a/0x30 [ 283.828482][ T30] [ 283.832200][ T30] Sending NMI from CPU 0 to CPUs 1: [ 283.837826][ C1] NMI backtrace for cpu 1 [ 283.837839][ C1] CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 283.837861][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 283.837873][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 283.837901][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 283.837927][ C1] Code: 89 fb e8 23 00 00 00 48 8b 3d 54 9b 9b 0c 48 89 de 5b e9 53 a4 5a 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 80 d7 03 00 65 8b 15 70 f0 [ 283.837943][ C1] RSP: 0018:ffffc90000bd7790 EFLAGS: 00000202 [ 283.837958][ C1] RAX: 0000000000000000 RBX: 0000000000000014 RCX: dffffc0000000000 [ 283.837971][ C1] RDX: ffff88801ad70000 RSI: 0000000000000014 RDI: 0000000000000168 [ 283.837984][ C1] RBP: 0000000000000168 R08: ffffffff8b38e37c R09: 1ffffffff20378d5 [ 283.837997][ C1] R10: dffffc0000000000 R11: fffffbfff20378d6 R12: dffffc0000000000 [ 283.838011][ C1] R13: 0000000000000003 R14: ffff88807da2b0d0 R15: 0000000000000001 [ 283.838023][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 283.838038][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 283.838051][ C1] CR2: 00007fb6857052d8 CR3: 000000002ba06000 CR4: 00000000003526f0 [ 283.838067][ C1] DR0: 000000000000008d DR1: 0000000000000000 DR2: 0000000000000000 [ 283.838078][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 283.838096][ C1] Call Trace: [ 283.838102][ C1] [ 283.838109][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 283.838132][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 283.838160][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 283.838182][ C1] ? nmi_handle+0x2a/0x5a0 [ 283.838208][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 283.838233][ C1] ? nmi_handle+0x14f/0x5a0 [ 283.838251][ C1] ? nmi_handle+0x2a/0x5a0 [ 283.838270][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 283.838293][ C1] ? default_do_nmi+0x63/0x160 [ 283.838316][ C1] ? exc_nmi+0x123/0x1f0 [ 283.838339][ C1] ? end_repeat_nmi+0xf/0x53 [ 283.838358][ C1] ? ieee80211_sta_get_rates+0x37c/0x660 [ 283.838381][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 283.838405][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 283.838430][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 283.838453][ C1] [ 283.838459][ C1] [ 283.838465][ C1] ieee80211_sta_get_rates+0x3e8/0x660 [ 283.838493][ C1] ieee80211_ibss_rx_queued_mgmt+0x11e1/0x2d70 [ 283.838526][ C1] ? ieee80211_ibss_rx_queued_mgmt+0xf7e/0x2d70 [ 283.838550][ C1] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 283.838580][ C1] ? mark_lock+0x9a/0x360 [ 283.838599][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 283.838628][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 283.838655][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 283.838686][ C1] ieee80211_iface_work+0x8a5/0xf20 [ 283.838716][ C1] cfg80211_wiphy_work+0x2db/0x490 [ 283.838739][ C1] ? process_scheduled_works+0x976/0x1850 [ 283.838764][ C1] process_scheduled_works+0xa63/0x1850 [ 283.838802][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 283.838835][ C1] ? assign_work+0x364/0x3d0 [ 283.838861][ C1] worker_thread+0x870/0xd30 [ 283.838893][ C1] ? __kthread_parkme+0x169/0x1d0 [ 283.838920][ C1] ? __pfx_worker_thread+0x10/0x10 [ 283.838945][ C1] kthread+0x2f0/0x390 [ 283.838961][ C1] ? __pfx_worker_thread+0x10/0x10 [ 283.838986][ C1] ? __pfx_kthread+0x10/0x10 [ 283.839003][ C1] ret_from_fork+0x4b/0x80 [ 283.839028][ C1] ? __pfx_kthread+0x10/0x10 [ 283.839045][ C1] ret_from_fork_asm+0x1a/0x30 [ 283.839077][ C1] [ 283.841021][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 284.203189][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 284.213696][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 284.223777][ T30] Call Trace: [ 284.227079][ T30] [ 284.230014][ T30] dump_stack_lvl+0x241/0x360 [ 284.234711][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 284.239918][ T30] ? __pfx__printk+0x10/0x10 [ 284.244535][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 284.250538][ T30] ? vscnprintf+0x5d/0x90 [ 284.254890][ T30] panic+0x349/0x880 [ 284.258797][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 284.264965][ T30] ? __pfx_panic+0x10/0x10 [ 284.269383][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 284.274764][ T30] ? __irq_work_queue_local+0x137/0x410 [ 284.280337][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 284.285733][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 284.291926][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 284.298096][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 284.304270][ T30] watchdog+0x1033/0x1040 [ 284.308622][ T30] ? watchdog+0x1ea/0x1040 [ 284.313050][ T30] ? __pfx_watchdog+0x10/0x10 [ 284.317781][ T30] kthread+0x2f0/0x390 [ 284.321857][ T30] ? __pfx_watchdog+0x10/0x10 [ 284.326545][ T30] ? __pfx_kthread+0x10/0x10 [ 284.331140][ T30] ret_from_fork+0x4b/0x80 [ 284.335566][ T30] ? __pfx_kthread+0x10/0x10 [ 284.340160][ T30] ret_from_fork_asm+0x1a/0x30 [ 284.344952][ T30] [ 284.348373][ T30] Kernel Offset: disabled [ 284.352698][ T30] Rebooting in 86400 seconds..