last executing test programs: 10.167792512s ago: executing program 0 (id=962): mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x47d}) ioctl$UFFDIO_REGISTER(r0, 0x8010aa01, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}}) 10.03216557s ago: executing program 0 (id=965): r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="fdaf1ebd7000000000000e00000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x400c0c1}, 0x0) 9.76264203s ago: executing program 0 (id=969): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x7}}, 0xb8}}, 0x10) 9.511260604s ago: executing program 0 (id=972): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000004000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x80003, 0x6e) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000240)={@remote, @dev={0xfe, 0x80, '\x00', 0x2f}, @mcast1, 0xea9, 0x3ff, 0x9, 0x400, 0x1, 0x10020}) 9.326124298s ago: executing program 0 (id=974): open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x18) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlink(&(0x7f0000000040)='./bus\x00') 9.095427908s ago: executing program 0 (id=978): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0) 2.875828958s ago: executing program 4 (id=1043): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x5, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x3e) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10) getitimer(0x0, &(0x7f0000000000)) 2.774458824s ago: executing program 4 (id=1045): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e20}, 0x15) connect$unix(r0, &(0x7f0000000580)=@abs={0x1, 0x0, 0x4e20}, 0x15) 2.640430892s ago: executing program 4 (id=1047): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f00000000c0)={0x1, 0x0, [{0x0, 0x0, 0x2}]}) 2.423646351s ago: executing program 4 (id=1050): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce01e5020109021b00010000100009043300011870fd00090582020002"], 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000040)="74f18711033e9115e35b476980b2a2fa2e03", 0x12}], 0x1, 0x0, 0x0, 0x24008000}}], 0x1, 0x8000) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x12, &(0x7f0000000040)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b"]) 2.196517153s ago: executing program 3 (id=1053): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080)=0x200, 0x4) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000980)={0x1, 0x80000000}, 0x8) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) 2.040720594s ago: executing program 3 (id=1055): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1f, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 1.869855812s ago: executing program 3 (id=1058): r0 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa441, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000001440)={0x0, 0x87e, 0x0, 0x0}) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0}) 1.4676954s ago: executing program 3 (id=1063): unshare(0x400) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x4}, {0xac}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r1, 0xe0, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff78, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 1.204782554s ago: executing program 3 (id=1066): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000011c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f00000000c0)={0x18, r1, 0x2, 0x0, &(0x7f0000000280)=[{0x7fff, 0xffffffffffffffff}, {0x0, 0x1542}]}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000000)={0x28, 0x2, r1, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1}) 1.139317231s ago: executing program 1 (id=1067): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', r2, 0x4, 0x8, 0x10, 0x1000401, 0x1d, @mcast2, @loopback={0xfec0ffff00000000, 0x2}, 0x20, 0x8000, 0x3, 0x80}}) 1.003289967s ago: executing program 3 (id=1069): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) fchmodat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x42) 974.443359ms ago: executing program 2 (id=1070): r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x401c5820, &(0x7f0000000180)=0x10) mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x200000d, 0x13, r0, 0x100000000) 820.748066ms ago: executing program 1 (id=1071): bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0xf2cccc7fae7881b8, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000200)={0x0, 0xffffffff}, &(0x7f0000000240)=0x8) 789.769044ms ago: executing program 2 (id=1072): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) syz_emit_ethernet(0x7b, &(0x7f0000000740)=ANY=[@ANYBLOB="ffffffffffff00000000000008004500006d000000007d1190"], 0x0) 654.468838ms ago: executing program 2 (id=1073): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000042095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCGREP(r1, 0x80084522, 0x0) 647.937528ms ago: executing program 1 (id=1074): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000200)='contention_begin\x00', r0}, 0x10) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) 491.787633ms ago: executing program 1 (id=1075): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@TCA_RATE={0x6, 0x5, {0x6, 0x9}}, @qdisc_kind_options=@q_blackhole={0xe}]}, 0x3c}}, 0x44800) 467.68641ms ago: executing program 2 (id=1076): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xd, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f00000000c0), &(0x7f0000000100)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x18) 403.125299ms ago: executing program 4 (id=1077): r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0) fallocate(r0, 0x1, 0x0, 0x2004) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 332.034565ms ago: executing program 2 (id=1078): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 257.392393ms ago: executing program 4 (id=1079): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x2, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3ffffffffffff4f, 0x0) bind$llc(r0, 0x0, 0x0) 255.303907ms ago: executing program 1 (id=1080): seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0004}]}) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) chroot(&(0x7f0000000080)='./file0/file0\x00') 116.699332ms ago: executing program 1 (id=1081): socket$inet6(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8}) 0s ago: executing program 2 (id=1082): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000100)={0x100}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) migrate_pages(r0, 0x5, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.31' (ED25519) to the list of known hosts. [ 83.043761][ T5818] cgroup: Unknown subsys name 'net' [ 83.179929][ T5818] cgroup: Unknown subsys name 'cpuset' [ 83.189299][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.757784][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 88.883045][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.891113][ T5834] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.891701][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.899249][ T5834] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.905961][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.912871][ T5834] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.920414][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.933920][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.941738][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.955198][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.986074][ T5142] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.994879][ T5142] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.004027][ T5142] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.014616][ T5142] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 89.022519][ T5142] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 89.051776][ T5142] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.059772][ T5142] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.068061][ T5142] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.078713][ T5142] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.090219][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 89.090327][ T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 89.113996][ T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.121551][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.131625][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.145386][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.614969][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 89.779503][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 89.822463][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 89.842239][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 90.027464][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.034738][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.042944][ T5828] bridge_slave_0: entered allmulticast mode [ 90.050258][ T5828] bridge_slave_0: entered promiscuous mode [ 90.091047][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.098418][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.105559][ T5828] bridge_slave_1: entered allmulticast mode [ 90.112850][ T5828] bridge_slave_1: entered promiscuous mode [ 90.171396][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 90.249229][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.256508][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.263636][ T5837] bridge_slave_0: entered allmulticast mode [ 90.271774][ T5837] bridge_slave_0: entered promiscuous mode [ 90.281861][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.295029][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.304265][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.312433][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.319962][ T5829] bridge_slave_0: entered allmulticast mode [ 90.327426][ T5829] bridge_slave_0: entered promiscuous mode [ 90.356326][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.363484][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.370789][ T5837] bridge_slave_1: entered allmulticast mode [ 90.378841][ T5837] bridge_slave_1: entered promiscuous mode [ 90.400902][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.408106][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.415396][ T5829] bridge_slave_1: entered allmulticast mode [ 90.423767][ T5829] bridge_slave_1: entered promiscuous mode [ 90.444971][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.452237][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.459531][ T5843] bridge_slave_0: entered allmulticast mode [ 90.467345][ T5843] bridge_slave_0: entered promiscuous mode [ 90.532981][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.540608][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.549055][ T5843] bridge_slave_1: entered allmulticast mode [ 90.556526][ T5843] bridge_slave_1: entered promiscuous mode [ 90.579643][ T5828] team0: Port device team_slave_0 added [ 90.589881][ T5828] team0: Port device team_slave_1 added [ 90.598678][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.611739][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.645573][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.718180][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.752934][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.760194][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.789889][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.828387][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.851991][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.859112][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.886218][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.900392][ T5829] team0: Port device team_slave_0 added [ 90.906800][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.913985][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.921787][ T5841] bridge_slave_0: entered allmulticast mode [ 90.929110][ T5841] bridge_slave_0: entered promiscuous mode [ 90.937529][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.944664][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.951992][ T5841] bridge_slave_1: entered allmulticast mode [ 90.959731][ T5841] bridge_slave_1: entered promiscuous mode [ 90.969607][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.970477][ T5142] Bluetooth: hci0: command tx timeout [ 90.996640][ T5837] team0: Port device team_slave_0 added [ 91.011088][ T5837] team0: Port device team_slave_1 added [ 91.019214][ T5829] team0: Port device team_slave_1 added [ 91.036220][ T5832] Bluetooth: hci1: command tx timeout [ 91.041357][ T5142] Bluetooth: hci2: command tx timeout [ 91.107689][ T5843] team0: Port device team_slave_0 added [ 91.116512][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.168043][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.181458][ T5843] team0: Port device team_slave_1 added [ 91.196525][ T5142] Bluetooth: hci4: command tx timeout [ 91.196533][ T5832] Bluetooth: hci3: command tx timeout [ 91.210215][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.217486][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.243725][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.255880][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.262848][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.291813][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.342969][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.350606][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.376685][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.388973][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.399295][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.425540][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.443123][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.450484][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.476904][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.501177][ T5828] hsr_slave_0: entered promiscuous mode [ 91.509682][ T5828] hsr_slave_1: entered promiscuous mode [ 91.532230][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.539444][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.565447][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.604593][ T5841] team0: Port device team_slave_0 added [ 91.613143][ T5841] team0: Port device team_slave_1 added [ 91.698942][ T5837] hsr_slave_0: entered promiscuous mode [ 91.705382][ T5837] hsr_slave_1: entered promiscuous mode [ 91.712113][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.719907][ T5837] Cannot create hsr debugfs directory [ 91.781027][ T5829] hsr_slave_0: entered promiscuous mode [ 91.790163][ T5829] hsr_slave_1: entered promiscuous mode [ 91.796500][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.804163][ T5829] Cannot create hsr debugfs directory [ 91.838173][ T5843] hsr_slave_0: entered promiscuous mode [ 91.844636][ T5843] hsr_slave_1: entered promiscuous mode [ 91.850883][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.857164][ T59] cfg80211: failed to load regulatory.db [ 91.858502][ T5843] Cannot create hsr debugfs directory [ 91.873603][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.883352][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.909511][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.952007][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.959400][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.985421][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.156018][ T5841] hsr_slave_0: entered promiscuous mode [ 92.162425][ T5841] hsr_slave_1: entered promiscuous mode [ 92.168828][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.176451][ T5841] Cannot create hsr debugfs directory [ 92.558885][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 92.587132][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 92.598830][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 92.623872][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 92.690387][ T5829] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 92.701222][ T5829] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 92.717767][ T5829] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 92.738691][ T5829] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 92.803615][ T5837] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 92.819077][ T5837] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 92.863142][ T5837] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 92.899793][ T5837] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 92.966555][ T5841] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.999551][ T5841] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.032878][ T5841] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.039732][ T5142] Bluetooth: hci0: command tx timeout [ 93.052825][ T5841] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.116606][ T5142] Bluetooth: hci1: command tx timeout [ 93.116652][ T5832] Bluetooth: hci2: command tx timeout [ 93.134363][ T5843] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.144711][ T5843] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.155247][ T5843] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.177079][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.186375][ T5843] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.209181][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.276816][ T5832] Bluetooth: hci4: command tx timeout [ 93.277126][ T5142] Bluetooth: hci3: command tx timeout [ 93.294604][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.328559][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.336008][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.351805][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.358963][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.381228][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.421134][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.428276][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.487316][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.494520][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.508476][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 93.541851][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.669041][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.698583][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.731010][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.758410][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.765555][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.798502][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.805782][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.815511][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.822679][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.833341][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.840497][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.890881][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.912855][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.013445][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.062037][ T5837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 94.091513][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.098776][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.165027][ T5829] veth0_vlan: entered promiscuous mode [ 94.179141][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.186346][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.215075][ T5829] veth1_vlan: entered promiscuous mode [ 94.275511][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.344949][ T5829] veth0_macvtap: entered promiscuous mode [ 94.403290][ T5829] veth1_macvtap: entered promiscuous mode [ 94.452391][ T5828] veth0_vlan: entered promiscuous mode [ 94.514771][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.547862][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.555353][ T5828] veth1_vlan: entered promiscuous mode [ 94.583399][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.600466][ T5829] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.625836][ T5829] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.634571][ T5829] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.644454][ T5829] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.738872][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.771666][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.815440][ T5828] veth0_macvtap: entered promiscuous mode [ 94.873751][ T5828] veth1_macvtap: entered promiscuous mode [ 94.969991][ T5841] veth0_vlan: entered promiscuous mode [ 94.988184][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.003289][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.029715][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.041897][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.056554][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.076472][ T5843] veth0_vlan: entered promiscuous mode [ 95.100153][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.112893][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.123519][ T5142] Bluetooth: hci0: command tx timeout [ 95.132537][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.161387][ T5841] veth1_vlan: entered promiscuous mode [ 95.169835][ T5843] veth1_vlan: entered promiscuous mode [ 95.180786][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.182757][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.190828][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.199781][ T5142] Bluetooth: hci1: command tx timeout [ 95.211627][ T5142] Bluetooth: hci2: command tx timeout [ 95.217171][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.226570][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.235282][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.324062][ T5843] veth0_macvtap: entered promiscuous mode [ 95.351212][ T5843] veth1_macvtap: entered promiscuous mode [ 95.358283][ T5142] Bluetooth: hci4: command tx timeout [ 95.358294][ T5832] Bluetooth: hci3: command tx timeout [ 95.381046][ T5841] veth0_macvtap: entered promiscuous mode [ 95.409963][ T5841] veth1_macvtap: entered promiscuous mode [ 95.453278][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.471582][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.473322][ T5829] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 95.498079][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.500410][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.515274][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.526724][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.538262][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.569124][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.591129][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.617454][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.634872][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.657082][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.718847][ T5843] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.736082][ T5843] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.744801][ T5843] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.754229][ T5843] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.783745][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.796738][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.808500][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.831038][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.842293][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.854142][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.869045][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.902433][ T968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.913164][ T968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.924801][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.956012][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.966313][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.977684][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.987572][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.998179][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.009225][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.021481][ T5837] veth0_vlan: entered promiscuous mode [ 96.063403][ T5837] veth1_vlan: entered promiscuous mode [ 96.120455][ T5841] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.147197][ T5841] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.157610][ T5841] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.167049][ T5841] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.348783][ T968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.361338][ T968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.372014][ T5837] veth0_macvtap: entered promiscuous mode [ 96.402829][ T5837] veth1_macvtap: entered promiscuous mode [ 96.532418][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.557874][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.585708][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.604191][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.616967][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.627556][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.633736][ T5928] mmap: syz.1.12 (5928) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 96.637457][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.637478][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.639803][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.699016][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.717713][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.727971][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.738500][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.748432][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.763375][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.773368][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.784123][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.798350][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.811906][ T3028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.831150][ T3028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.944235][ T5837] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.962889][ T5837] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.972153][ T5837] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.984827][ T5837] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.038310][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.082953][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.196045][ T5142] Bluetooth: hci0: command tx timeout [ 97.222258][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.279254][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.285673][ T5142] Bluetooth: hci1: command tx timeout [ 97.292051][ T5142] Bluetooth: hci2: command tx timeout [ 97.422922][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.436454][ T5142] Bluetooth: hci3: command tx timeout [ 97.436463][ T5832] Bluetooth: hci4: command tx timeout [ 97.455555][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.531004][ T3028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.542976][ T3028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.616034][ T59] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 97.820559][ T59] usb 2-1: Using ep0 maxpacket: 16 [ 97.859920][ T59] usb 2-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35 [ 97.891952][ T59] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.926534][ T59] usb 2-1: Product: syz [ 97.941411][ T59] usb 2-1: Manufacturer: syz [ 97.973368][ T59] usb 2-1: SerialNumber: syz [ 98.020250][ T59] usb 2-1: config 0 descriptor?? [ 98.082811][ T59] as10x_usb: device has been detected [ 98.101632][ T59] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led)) [ 98.151583][ T59] usb 2-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))... [ 98.277245][ T5936] random: crng reseeded on system resumption [ 98.354619][ T59] as10x_usb: error during firmware upload part1 [ 98.373809][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.382169][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.394814][ T59] Registered device Sky IT Digital Key (green led) [ 98.543273][ T5952] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.626599][ T5952] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.881602][ T5952] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.901364][ T5952] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.914829][ T59] usb 2-1: USB disconnect, device number 2 [ 98.943133][ T5952] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.959489][ T59] Unregistered device Sky IT Digital Key (green led) [ 98.964593][ T59] as10x_usb: device has been disconnected [ 98.970679][ T5952] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.280826][ T5979] trusted_key: encrypted_key: master key parameter '' is invalid [ 99.598047][ T30] audit: type=1326 audit(1744106426.288:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5990 comm="syz.3.35" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1e7658d169 code=0x0 [ 99.626750][ T5877] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 99.809159][ T5877] usb 3-1: Using ep0 maxpacket: 8 [ 99.824491][ T5877] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 99.842942][ T5877] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.869380][ T5877] usb 3-1: Product: syz [ 99.885703][ T5877] usb 3-1: Manufacturer: syz [ 99.890389][ T5877] usb 3-1: SerialNumber: syz [ 99.910867][ T5877] usb 3-1: config 0 descriptor?? [ 99.926291][ T5877] gspca_main: se401-2.14.0 probing 047d:5003 [ 99.988736][ T6003] netlink: 12 bytes leftover after parsing attributes in process `syz.4.41'. [ 100.150893][ T6009] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 100.344726][ T5877] gspca_se401: Bayer format not supported! [ 100.574391][ T5840] usb 3-1: USB disconnect, device number 2 [ 100.748134][ T5877] kernel write not supported for file /dsp (pid: 5877 comm: kworker/0:3) [ 101.007857][ T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 101.106543][ T6028] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.198096][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 101.235501][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.271067][ T24] usb 2-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00 [ 101.325761][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.348558][ T24] usb 2-1: config 0 descriptor?? [ 101.657271][ T6047] capability: warning: `syz.0.61' uses deprecated v2 capabilities in a way that may be insecure [ 101.828364][ T24] uclogic 0003:145F:0212.0001: interface is invalid, ignoring [ 101.895694][ T6054] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 101.901756][ T6054] syzkaller1: linktype set to 805 [ 102.020095][ T5877] usb 2-1: USB disconnect, device number 3 [ 102.478555][ T6075] netlink: 60 bytes leftover after parsing attributes in process `syz.0.73'. [ 102.514246][ T6073] netlink: 60 bytes leftover after parsing attributes in process `syz.0.73'. [ 102.556613][ T6075] netlink: 60 bytes leftover after parsing attributes in process `syz.0.73'. [ 102.577448][ T6081] netlink: 'syz.4.77': attribute type 1 has an invalid length. [ 103.745792][ T5919] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 103.949449][ T5919] usb 5-1: unable to get BOS descriptor or descriptor too short [ 103.969339][ T5919] usb 5-1: not running at top speed; connect to a high speed hub [ 104.011125][ T5919] usb 5-1: config 4 has an invalid interface number: 147 but max is 0 [ 104.067168][ T5919] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 104.106003][ T5919] usb 5-1: config 4 has no interface number 0 [ 104.129179][ T24] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 104.129905][ T5919] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 104.193438][ T5919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.224171][ T5919] usb 5-1: Product: syz [ 104.244464][ T5919] usb 5-1: Manufacturer: syz [ 104.272541][ T5919] usb 5-1: SerialNumber: syz [ 104.328625][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 104.362393][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 104.419805][ T24] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 104.464178][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.512280][ T24] usb 3-1: config 0 descriptor?? [ 104.556975][ T5919] usb 5-1: USB disconnect, device number 2 [ 104.936707][ T24] isku 0003:1E7D:319C.0002: unknown main item tag 0x1 [ 104.977267][ T24] isku 0003:1E7D:319C.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0 [ 105.093526][ T6150] netlink: 'syz.3.107': attribute type 1 has an invalid length. [ 105.103574][ T6150] netlink: 244 bytes leftover after parsing attributes in process `syz.3.107'. [ 105.139203][ T24] isku 0003:1E7D:319C.0002: couldn't init struct isku_device [ 105.175826][ T24] isku 0003:1E7D:319C.0002: couldn't install keyboard [ 105.197616][ T24] isku 0003:1E7D:319C.0002: probe with driver isku failed with error -71 [ 105.279883][ T24] usb 3-1: USB disconnect, device number 3 [ 105.300864][ T6154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.111'. [ 105.728405][ T5877] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 105.894149][ T6179] process 'syz.1.122' launched './file1' with NULL argv: empty string added [ 105.911067][ T5877] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.944781][ T6181] warning: `syz.3.123' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 105.954253][ T5877] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.012283][ T5877] usb 1-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00 [ 106.036699][ T5877] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.065530][ T5877] usb 1-1: config 0 descriptor?? [ 106.524387][ T5877] waltop 0003:172F:0034.0003: item fetching failed at offset 5/7 [ 106.566970][ T5877] waltop 0003:172F:0034.0003: probe with driver waltop failed with error -22 [ 106.724562][ T6200] capability: warning: `syz.2.127' uses 32-bit capabilities (legacy support in use) [ 106.730065][ T5877] usb 1-1: USB disconnect, device number 2 [ 107.620002][ T6228] netlink: 28 bytes leftover after parsing attributes in process `syz.4.146'. [ 107.737843][ T5877] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 107.802293][ T6237] Bluetooth: MGMT ver 1.23 [ 107.942179][ T5877] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 107.982824][ T5877] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.005071][ T5877] usb 1-1: Product: syz [ 108.009631][ T6247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.152'. [ 108.013622][ T5877] usb 1-1: Manufacturer: syz [ 108.044178][ T5877] usb 1-1: SerialNumber: syz [ 108.065385][ T5877] usb 1-1: config 0 descriptor?? [ 108.389405][ T5877] usb 1-1: USB disconnect, device number 3 [ 108.921817][ T6275] netlink: 24 bytes leftover after parsing attributes in process `syz.1.167'. [ 109.041502][ T6281] netlink: 20 bytes leftover after parsing attributes in process `syz.2.170'. [ 109.763916][ T24] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 109.820107][ T6312] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 109.935824][ T24] usb 3-1: Using ep0 maxpacket: 16 [ 109.947847][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.961282][ T24] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 109.971650][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.022442][ T24] usb 3-1: config 0 descriptor?? [ 110.472543][ T24] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0 [ 110.485930][ T24] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0 [ 110.493323][ T24] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0 [ 110.513892][ T24] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0 [ 110.531799][ T24] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0 [ 110.542117][ T24] mcp2221 0003:04D8:00DD.0004: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0 [ 110.581871][ T5840] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 110.671912][ C1] usb 3-1: input irq status -75 received [ 110.758339][ T5840] usb 4-1: Using ep0 maxpacket: 32 [ 110.776424][ T5840] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 110.813198][ T5840] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 110.837012][ T5840] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 110.858699][ T5840] usb 4-1: config 1 has no interface number 0 [ 110.865066][ T5840] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 110.908830][ T5840] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 110.931744][ T10] usb 3-1: USB disconnect, device number 4 [ 110.957909][ T5840] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 110.984919][ T5840] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.057387][ T5840] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 111.272500][ T5840] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached [ 111.419451][ T5939] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 111.597984][ T5939] usb 1-1: config 1 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 111.621867][ T5939] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 111.648010][ T5939] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 111.728355][ T52] usb 4-1: USB disconnect, device number 2 [ 111.735378][ T5939] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 111.753654][ T52] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 111.782260][ T5939] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.824660][ T5939] usb-storage 1-1:1.0: USB Mass Storage device detected [ 111.879397][ T5939] usb-storage 1-1:1.0: Quirks match for vid 1908 pid 1315: 20000 [ 112.063822][ T5919] usb 1-1: USB disconnect, device number 4 [ 113.336186][ T5877] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 113.509215][ T5877] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.545251][ T5877] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 113.568626][ T5877] usb 1-1: New USB device found, idVendor=0853, idProduct=0146, bcdDevice= 0.00 [ 113.595234][ T5877] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.639237][ T5877] usb 1-1: config 0 descriptor?? [ 114.086103][ T5877] topre 0003:0853:0146.0005: hidraw0: USB HID v0.00 Device [HID 0853:0146] on usb-dummy_hcd.0-1/input0 [ 114.263617][ T6434] pim6reg: tun_chr_ioctl cmd 1074025677 [ 114.276183][ T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 114.284265][ T6434] pim6reg: linktype set to 825 [ 114.320965][ T5877] usb 1-1: USB disconnect, device number 5 [ 114.482141][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.507118][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 114.542068][ T10] usb 3-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00 [ 114.566807][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.594040][ T10] usb 3-1: config 0 descriptor?? [ 114.717029][ T5919] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 114.893590][ T5919] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 114.937719][ T5919] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.965677][ T5919] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 114.974881][ T5919] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.056658][ T5919] usb 4-1: config 0 descriptor?? [ 115.068256][ T30] audit: type=1400 audit(1744110536.771:3): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=6451 comm="syz.0.245" dest=20002 netif=wpan0 [ 115.079225][ T10] megaworld 0003:07B5:0312.0006: unknown main item tag 0x7 [ 115.135816][ T10] megaworld 0003:07B5:0312.0006: item fetching failed at offset 3/5 [ 115.160553][ T10] megaworld 0003:07B5:0312.0006: parse failed [ 115.179720][ T10] megaworld 0003:07B5:0312.0006: probe with driver megaworld failed with error -22 [ 115.274032][ T10] usb 3-1: USB disconnect, device number 5 [ 115.528249][ T5919] hid-thrustmaster 0003:044F:B65D.0007: unknown main item tag 0x0 [ 115.570533][ T5919] hid-thrustmaster 0003:044F:B65D.0007: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.3-1/input0 [ 115.604606][ T5919] hid-thrustmaster 0003:044F:B65D.0007: Wrong number of endpoints? [ 115.777352][ C0] hid-thrustmaster 0003:044F:B65D.0007: Unknown packet type 0x0, unable to proceed further with wheel init [ 115.992035][ T52] usb 4-1: USB disconnect, device number 3 [ 116.422548][ T6490] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 116.535953][ T5919] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 116.685673][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 116.715818][ T5919] usb 3-1: Using ep0 maxpacket: 8 [ 116.727138][ T5919] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d [ 116.746348][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.764663][ T5919] usb 3-1: Product: syz [ 116.771016][ T5919] usb 3-1: Manufacturer: syz [ 116.786409][ T5919] usb 3-1: SerialNumber: syz [ 116.810598][ T5919] usb 3-1: config 0 descriptor?? [ 116.834739][ T5919] gspca_main: sonixj-2.14.0 probing 0c45:613a [ 116.886568][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 116.894335][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.946315][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.965727][ T10] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 116.995343][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.011843][ T10] usb 2-1: config 0 descriptor?? [ 117.451247][ T10] savu 0003:1E7D:2D5A.0008: unknown main item tag 0x0 [ 117.468365][ T10] savu 0003:1E7D:2D5A.0008: unknown main item tag 0x0 [ 117.497738][ T10] savu 0003:1E7D:2D5A.0008: unknown main item tag 0x0 [ 117.504730][ T10] savu 0003:1E7D:2D5A.0008: unknown main item tag 0x0 [ 117.555997][ T10] savu 0003:1E7D:2D5A.0008: unknown main item tag 0x0 [ 117.573706][ T10] savu 0003:1E7D:2D5A.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 117.676906][ T10] usb 2-1: USB disconnect, device number 4 [ 117.762817][ T5919] gspca_sonixj: reg_r err -71 [ 117.789271][ T5919] sonixj 3-1:0.0: probe with driver sonixj failed with error -71 [ 117.828940][ T5919] usb 3-1: USB disconnect, device number 6 [ 117.991867][ T30] audit: type=1800 audit(1744110539.691:4): pid=6527 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.278" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 119.082339][ T6553] 8021q: adding VLAN 0 to HW filter on device bond1 [ 119.090599][ T6559] netlink: 76 bytes leftover after parsing attributes in process `syz.1.292'. [ 119.110316][ T6553] bridge0: port 3(bond1) entered blocking state [ 119.140533][ T6559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.292'. [ 119.149975][ T6553] bridge0: port 3(bond1) entered disabled state [ 119.150229][ T6553] bond1: entered allmulticast mode [ 119.153278][ T6553] bond1: entered promiscuous mode [ 119.165376][ T6559] netlink: 20 bytes leftover after parsing attributes in process `syz.1.292'. [ 119.189096][ T6559] netlink: 76 bytes leftover after parsing attributes in process `syz.1.292'. [ 119.206613][ T6553] bridge0: port 3(bond1) entered blocking state [ 119.213359][ T6553] bridge0: port 3(bond1) entered forwarding state [ 119.233203][ T6559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.292'. [ 119.250307][ T6559] netlink: 20 bytes leftover after parsing attributes in process `syz.1.292'. [ 119.263975][ T1156] bridge0: port 3(bond1) entered disabled state [ 119.526558][ T6568] Falling back ldisc for ptm0. [ 119.750100][ T30] audit: type=1326 audit(1744110541.451:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f68d8784127 code=0x7ffc0000 [ 119.835824][ T52] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 119.865775][ T30] audit: type=1326 audit(1744110541.451:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f68d8729359 code=0x7ffc0000 [ 119.920169][ T30] audit: type=1326 audit(1744110541.451:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f68d8784127 code=0x7ffc0000 [ 120.015100][ T30] audit: type=1326 audit(1744110541.451:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f68d8729359 code=0x7ffc0000 [ 120.108666][ T30] audit: type=1326 audit(1744110541.451:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f68d8784127 code=0x7ffc0000 [ 120.212918][ T30] audit: type=1326 audit(1744110541.451:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f68d8729359 code=0x7ffc0000 [ 120.234191][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.340407][ T30] audit: type=1326 audit(1744110541.451:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f68d8784127 code=0x7ffc0000 [ 120.393602][ T30] audit: type=1326 audit(1744110541.451:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f68d8729359 code=0x7ffc0000 [ 120.414879][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.541925][ T30] audit: type=1326 audit(1744110541.451:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f68d8784127 code=0x7ffc0000 [ 120.630282][ T30] audit: type=1326 audit(1744110541.451:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f68d8729359 code=0x7ffc0000 [ 120.651519][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.785667][ T30] audit: type=1326 audit(1744110541.451:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f68d8784127 code=0x7ffc0000 [ 120.888291][ T30] audit: type=1326 audit(1744110541.451:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f68d8729359 code=0x7ffc0000 [ 120.986194][ T30] audit: type=1326 audit(1744110541.451:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d878d169 code=0x7ffc0000 [ 121.047871][ T30] audit: type=1326 audit(1744110541.451:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6575 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f68d8784127 code=0x7ffc0000 [ 121.069111][ C0] vkms_vblank_simulate: vblank timer overrun [ 122.538795][ T6674] misc userio: Begin command sent, but we're already running [ 123.193694][ T6661] syz.4.326 (6661): drop_caches: 2 [ 123.596723][ T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 123.758559][ T5919] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 123.776145][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 123.784427][ T10] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 123.803129][ T10] usb 4-1: config 0 has no interface number 0 [ 123.823990][ T10] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 123.837312][ T10] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 123.850278][ T10] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 123.866053][ T10] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 123.890607][ T10] usb 4-1: Product: syz [ 123.895062][ T10] usb 4-1: SerialNumber: syz [ 123.918427][ T5919] usb 3-1: config 0 has an invalid interface number: 20 but max is 0 [ 123.930456][ T10] usb 4-1: config 0 descriptor?? [ 123.947106][ T5919] usb 3-1: config 0 has no interface number 0 [ 123.957328][ T10] cm109 4-1:0.8: invalid payload size 0, expected 4 [ 123.985381][ T5919] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 124.017810][ T10] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input6 [ 124.033135][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.050256][ T5919] usb 3-1: Product: syz [ 124.071021][ T5919] usb 3-1: Manufacturer: syz [ 124.092517][ T5919] usb 3-1: SerialNumber: syz [ 124.111853][ T5919] usb 3-1: config 0 descriptor?? [ 124.129858][ T5919] usb-storage 3-1:0.20: USB Mass Storage device detected [ 124.177396][ T5919] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 124.211968][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 124.416123][ T5840] usb 3-1: USB disconnect, device number 8 [ 124.439287][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.448323][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.455901][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.464814][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.473167][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.480920][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.488117][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.496249][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.503440][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.510630][ C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 124.536792][ T9] usb 4-1: USB disconnect, device number 4 [ 124.542719][ C0] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 124.612991][ T9] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 124.703918][ T6733] netlink: 4 bytes leftover after parsing attributes in process `syz.0.355'. [ 124.777547][ T6731] sctp: [Deprecated]: syz.1.354 (pid 6731) Use of int in maxseg socket option. [ 124.777547][ T6731] Use struct sctp_assoc_value instead [ 125.424364][ T30] kauditd_printk_skb: 58 callbacks suppressed [ 125.424383][ T30] audit: type=1800 audit(1744110547.121:77): pid=6757 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.365" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=11532 res=0 errno=0 [ 125.605311][ T6749] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.613125][ T6749] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.805419][ T6773] input: syz0 as /devices/virtual/input/input7 [ 125.912490][ T6749] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 125.944211][ T6749] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.172931][ T6749] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.193348][ T6749] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.223233][ T6749] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.240525][ T6781] sock: sock_set_timeout: `syz.3.375' (pid 6781) tries to set negative timeout [ 126.241488][ T6749] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.317246][ T6820] sctp: [Deprecated]: syz.4.393 (pid 6820) Use of struct sctp_assoc_value in delayed_ack socket option. [ 127.317246][ T6820] Use struct sctp_sack_info instead [ 127.510787][ T5919] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 127.696096][ T5919] usb 2-1: Using ep0 maxpacket: 32 [ 127.703495][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.720234][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.733888][ T5919] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 127.774687][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.807687][ T5919] usb 2-1: config 0 descriptor?? [ 127.825648][ T5919] hub 2-1:0.0: USB hub found [ 127.858348][ T6836] netlink: 8 bytes leftover after parsing attributes in process `syz.4.400'. [ 128.041165][ T5919] hub 2-1:0.0: config failed, can't read hub descriptor (err -90) [ 128.115772][ T5939] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 128.255021][ T5919] usbhid 2-1:0.0: can't add hid device: -71 [ 128.265095][ T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 128.277966][ T5939] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 128.290621][ T5919] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 128.299506][ T5939] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.324587][ T6851] netlink: 'syz.3.408': attribute type 1 has an invalid length. [ 128.355070][ T5939] usb 1-1: config 0 descriptor?? [ 128.370639][ T5939] cp210x 1-1:0.0: cp210x converter detected [ 128.372380][ T5919] usb 2-1: USB disconnect, device number 5 [ 128.458531][ T10] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 128.472826][ T10] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 128.511778][ T10] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 128.531783][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.573091][ T6843] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 128.600196][ T10] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 128.790007][ T5939] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 128.843642][ T5939] usb 1-1: cp210x converter now attached to ttyUSB0 [ 128.859542][ T5919] usb 3-1: USB disconnect, device number 9 [ 129.020992][ T9] usb 1-1: USB disconnect, device number 6 [ 129.040535][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 129.056123][ T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 129.086210][ T9] cp210x 1-1:0.0: device disconnected [ 129.227215][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 129.244620][ T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 129.268267][ T10] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16 [ 129.288640][ T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 129.309501][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.325979][ T10] usb 5-1: Product: syz [ 129.335064][ T10] usb 5-1: Manufacturer: syz [ 129.345793][ T10] usb 5-1: SerialNumber: syz [ 129.598868][ T10] cdc_ncm 5-1:1.0: bind() failure [ 129.640020][ T10] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 129.672876][ T10] cdc_ncm 5-1:1.1: bind() failure [ 129.707651][ T10] usb 5-1: USB disconnect, device number 3 [ 129.746304][ T6878] netlink: 72 bytes leftover after parsing attributes in process `syz.0.419'. [ 130.052134][ T30] audit: type=1326 audit(1744110551.751:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6887 comm="syz.0.425" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f820118d169 code=0x0 [ 130.473373][ T5840] IPVS: starting estimator thread 0... [ 130.585913][ T6907] IPVS: using max 26 ests per chain, 62400 per kthread [ 130.688467][ T6916] netlink: 'syz.2.437': attribute type 18 has an invalid length. [ 130.798391][ T6918] netlink: 32 bytes leftover after parsing attributes in process `syz.2.440'. [ 130.825778][ T6918] Zero length message leads to an empty skb [ 131.516105][ T10] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 131.695879][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 131.723205][ T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 131.755053][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 131.778243][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 131.793094][ T10] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 131.804640][ T10] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 131.821753][ T10] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 131.833595][ T10] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 131.842657][ T10] usb 4-1: Manufacturer: syz [ 131.863602][ T10] usb 4-1: config 0 descriptor?? [ 132.187147][ T10] rc_core: IR keymap rc-hauppauge not found [ 132.193687][ T10] Registered IR keymap rc-empty [ 132.205098][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.235898][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.269634][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 132.269999][ T6970] netlink: 28 bytes leftover after parsing attributes in process `syz.0.462'. [ 132.331349][ T6970] netlink: 28 bytes leftover after parsing attributes in process `syz.0.462'. [ 132.335235][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input8 [ 132.371090][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.406337][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.431697][ T6970] gretap0: entered promiscuous mode [ 132.448164][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.469829][ T6970] gretap0: left promiscuous mode [ 132.486296][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.506467][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.529778][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.565963][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.595758][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.641841][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.665896][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 132.723362][ T10] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 132.762817][ T10] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 132.800428][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.808198][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.839189][ T10] usb 4-1: USB disconnect, device number 5 [ 135.255833][ T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 135.435945][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 135.447445][ T10] usb 4-1: config 0 has an invalid interface number: 126 but max is 0 [ 135.475168][ T10] usb 4-1: config 0 has no interface number 0 [ 135.485516][ T10] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 135.534290][ T10] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 135.575868][ T10] usb 4-1: config 0 interface 126 has no altsetting 0 [ 135.628994][ T10] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 135.645677][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.653762][ T10] usb 4-1: Product: syz [ 135.693378][ T10] usb 4-1: Manufacturer: syz [ 135.703494][ T10] usb 4-1: SerialNumber: syz [ 135.726177][ T10] usb 4-1: config 0 descriptor?? [ 135.732092][ T7034] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 135.757680][ T7034] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 136.204025][ T10] ir_usb 4-1:0.126: IR Dongle converter detected [ 136.409363][ T10] usb 4-1: IR Dongle converter now attached to ttyUSB0 [ 136.613194][ T5840] usb 4-1: USB disconnect, device number 6 [ 136.652331][ T5840] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 136.683707][ T5840] ir_usb 4-1:0.126: device disconnected [ 137.528621][ T7093] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 137.536203][ T7093] IPv6: NLM_F_CREATE should be set when creating new route [ 137.543510][ T7093] IPv6: NLM_F_CREATE should be set when creating new route [ 137.550829][ T7093] IPv6: NLM_F_CREATE should be set when creating new route [ 138.827278][ T5840] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 139.008010][ T5840] usb 4-1: Using ep0 maxpacket: 32 [ 139.017058][ T7144] ntfs3(loop4): try to read out of volume at offset 0x0 [ 139.023685][ T5840] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.046287][ T5840] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 139.069329][ T5840] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 139.095172][ T5840] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 139.115412][ T5840] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.147144][ T5840] usb 4-1: config 0 descriptor?? [ 139.572017][ T5840] hid (null): invalid report_size 822751293 [ 139.610289][ T5840] hid (null): usage index exceeded [ 139.615486][ T5840] hid (null): invalid report_size 27745 [ 139.634274][ T5840] hid (null): invalid report_size 29285 [ 139.669585][ T5840] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.0009/input/input9 [ 139.791416][ T5840] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.0009/input/input10 [ 139.864059][ T5840] kye 0003:0458:5011.0009: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.3-1/input0 [ 139.922920][ T5840] usb 4-1: USB disconnect, device number 7 [ 140.660712][ T7190] mkiss: ax0: crc mode is auto. [ 140.856390][ T7201] bridge_slave_0: invalid flags given to default FDB implementation [ 141.406457][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.578'. [ 141.618232][ T7235] loop7: detected capacity change from 0 to 2 [ 141.641921][ T7235] Dev loop7: unable to read RDB block 2 [ 141.651105][ T7235] loop7: unable to read partition table [ 141.659683][ T7235] loop7: partition table beyond EOD, truncated [ 141.672166][ T7235] loop_reread_partitions: partition scan of loop7 (被xڬdƤݡ [ 141.672166][ T7235] ) failed (rc=-5) [ 142.612879][ T7278] ptrace attach of "./syz-executor exec"[5837] was attempted by "\x09   @ \x0b [ 143.327717][ T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 143.418837][ C0] vkms_vblank_simulate: vblank timer overrun [ 143.614033][ T7304] netlink: 'syz.2.613': attribute type 12 has an invalid length. [ 143.631855][ T7304] netlink: 'syz.2.613': attribute type 29 has an invalid length. [ 143.641112][ T7304] netlink: 'syz.2.613': attribute type 2 has an invalid length. [ 143.674811][ T7304] netlink: 128 bytes leftover after parsing attributes in process `syz.2.613'. [ 143.707456][ T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.721806][ T10] usb 1-1: config 0 has no interfaces? [ 143.735400][ T10] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 143.772360][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.798751][ T10] usb 1-1: Product: syz [ 143.811818][ T10] usb 1-1: Manufacturer: syz [ 143.823986][ T10] usb 1-1: SerialNumber: syz [ 143.860415][ T10] usb 1-1: config 0 descriptor?? [ 144.052464][ T7321] ======================================================= [ 144.052464][ T7321] WARNING: The mand mount option has been deprecated and [ 144.052464][ T7321] and is ignored by this kernel. Remove the mand [ 144.052464][ T7321] option from the mount to silence this warning. [ 144.052464][ T7321] ======================================================= [ 144.072605][ T7292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.087374][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.107415][ T7292] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 144.126613][ T5939] usb 1-1: USB disconnect, device number 7 [ 144.840032][ T7351] netlink: 12 bytes leftover after parsing attributes in process `syz.3.635'. [ 145.055677][ T5840] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 145.257377][ T5840] usb 5-1: Using ep0 maxpacket: 32 [ 145.289817][ T5840] usb 5-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63 [ 145.323830][ T5840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.356488][ T5840] usb 5-1: Product: syz [ 145.360716][ T5840] usb 5-1: Manufacturer: syz [ 145.396992][ T5840] usb 5-1: SerialNumber: syz [ 145.425491][ T5840] usb 5-1: config 0 descriptor?? [ 145.454727][ T5840] gspca_main: sunplus-2.14.0 probing 04f1:1001 [ 146.270958][ T5840] gspca_sunplus: reg_w_riv err -71 [ 146.279423][ T5840] sunplus 5-1:0.0: probe with driver sunplus failed with error -71 [ 146.345197][ T5840] usb 5-1: USB disconnect, device number 4 [ 146.694635][ T7409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.662'. [ 148.109850][ T7469] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 150.550170][ T7540] bridge0: port 3(veth0_to_bridge) entered blocking state [ 150.581194][ T7540] bridge0: port 3(veth0_to_bridge) entered disabled state [ 150.603421][ T7540] veth0_to_bridge: entered allmulticast mode [ 150.629713][ T7540] veth0_to_bridge: entered promiscuous mode [ 150.640831][ T7540] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 150.678727][ T7540] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:1) [ 151.340777][ T7585] futex_wake_op: syz.2.742 tries to shift op by -1; fix this program [ 151.977528][ T7606] ref_ctr_offset mismatch. inode: 0x329 offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x0 [ 152.626036][ T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 152.754083][ T7634] netlink: 8 bytes leftover after parsing attributes in process `syz.1.760'. [ 152.759129][ T7636] netlink: 'syz.4.762': attribute type 46 has an invalid length. [ 152.801578][ T7636] netlink: 212868 bytes leftover after parsing attributes in process `syz.4.762'. [ 152.815515][ T7634] netlink: 40 bytes leftover after parsing attributes in process `syz.1.760'. [ 152.840786][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.863888][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.896096][ T24] usb 1-1: New USB device found, idVendor=056a, idProduct=00f4, bcdDevice= 0.00 [ 152.937930][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.002576][ T24] usb 1-1: config 0 descriptor?? [ 153.229164][ T24] usbhid 1-1:0.0: can't add hid device: -71 [ 153.248751][ T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 153.290614][ T24] usb 1-1: USB disconnect, device number 8 [ 154.737112][ T7684] sch_tbf: burst 0 is lower than device ip6tnl0 mtu (1452) ! [ 154.951972][ T7691] sctp: [Deprecated]: syz.3.780 (pid 7691) Use of int in max_burst socket option deprecated. [ 154.951972][ T7691] Use struct sctp_assoc_value instead [ 155.197842][ T30] audit: type=1326 audit(1744110576.871:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 155.291498][ T30] audit: type=1326 audit(1744110576.881:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 155.414078][ T30] audit: type=1326 audit(1744110576.891:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 155.538034][ T30] audit: type=1326 audit(1744110576.891:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 155.646754][ T30] audit: type=1326 audit(1744110576.901:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 155.658810][ T7711] block nbd1: shutting down sockets [ 155.748191][ T30] audit: type=1326 audit(1744110576.901:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 155.795197][ T7715] Invalid/unusable pipe [ 155.844877][ T30] audit: type=1326 audit(1744110576.901:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 155.962723][ T30] audit: type=1326 audit(1744110576.901:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 156.034388][ T30] audit: type=1326 audit(1744110576.901:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.2.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 156.159090][ T30] audit: type=1400 audit(1744110577.271:88): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=7705 comm="syz.0.786" dest=20002 netif=wpan0 [ 156.832451][ T7763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.803'. [ 156.912927][ T7763] vlan2: entered allmulticast mode [ 156.950543][ T7763] batadv0: entered allmulticast mode [ 157.284144][ T7779] netlink: 28 bytes leftover after parsing attributes in process `syz.1.807'. [ 157.513635][ T7790] ptrace attach of "./syz-executor exec"[5828] was attempted by ""[7790] [ 157.605811][ T5939] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 157.785839][ T5939] usb 3-1: Using ep0 maxpacket: 32 [ 157.816892][ T5939] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 157.844291][ T5939] usb 3-1: config 0 has no interface number 0 [ 157.864872][ T5939] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 157.987440][ T5939] usb 3-1: config 0 interface 85 has no altsetting 0 [ 158.064810][ T5939] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 158.077718][ T5939] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.088183][ T5939] usb 3-1: Product: syz [ 158.094687][ T5939] usb 3-1: Manufacturer: syz [ 158.105707][ T5939] usb 3-1: SerialNumber: syz [ 158.160554][ T5939] usb 3-1: config 0 descriptor?? [ 158.828914][ T5939] appletouch 3-1:0.85: Geyser mode initialized. [ 158.908241][ T5939] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input15 [ 159.077752][ T5939] usb 3-1: USB disconnect, device number 10 [ 159.083799][ C1] appletouch 3-1:0.85: atp_complete: usb_submit_urb failed with result -19 [ 159.314727][ T5939] appletouch 3-1:0.85: input: appletouch disconnected [ 160.423996][ T7882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.843'. [ 160.437616][ T7882] netlink: 12 bytes leftover after parsing attributes in process `syz.3.843'. [ 160.587333][ T7884] vlan2: entered allmulticast mode [ 160.592725][ T7884] macvtap0: entered allmulticast mode [ 160.598882][ T7884] veth0_macvtap: entered allmulticast mode [ 160.886278][ T10] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 161.086163][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.119296][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 161.145662][ T10] usb 4-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 161.154752][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.201230][ T10] usb 4-1: config 0 descriptor?? [ 161.546416][ T5840] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 161.662611][ T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0 [ 161.717676][ T5840] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 161.741035][ T5840] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 161.764131][ T5840] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 161.779161][ T5840] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 161.796090][ T5840] usb 1-1: SerialNumber: syz [ 161.866450][ T10] hid-led 0003:1D34:0004.000A: hidraw0: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.3-1/input0 [ 161.930315][ T10] hid-led 0003:1D34:0004.000A: Dream Cheeky Webmail Notifier initialized [ 162.025196][ T5840] usb 1-1: 0:2 : does not exist [ 162.074552][ T5840] usb 1-1: USB disconnect, device number 9 [ 162.105058][ T5939] usb 4-1: USB disconnect, device number 8 [ 162.400554][ T7193] udevd[7193]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 163.013184][ T7940] netlink: 104 bytes leftover after parsing attributes in process `syz.3.869'. [ 163.304005][ T7954] macsec1: entered allmulticast mode [ 163.333915][ T7954] macvlan0: entered allmulticast mode [ 163.382980][ T7954] macvlan0: left allmulticast mode [ 163.401590][ T7959] netlink: 12 bytes leftover after parsing attributes in process `syz.3.875'. [ 163.900331][ T7973] kernel read not supported for file /]--.\- (pid: 7973 comm: syz.4.881) [ 163.951989][ T7977] 9pnet_fd: Insufficient options for proto=fd [ 163.958944][ T30] audit: type=1800 audit(1744110585.661:89): pid=7973 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.881" name="]--.\-" dev="mqueue" ino=17031 res=0 errno=0 [ 164.062678][ T7980] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 165.226959][ T9] kernel write not supported for file /amidi2 (pid: 9 comm: kworker/0:0) [ 166.093473][ T8028] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.615252][ T8042] netlink: 36 bytes leftover after parsing attributes in process `syz.2.909'. [ 166.631251][ T5939] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 166.809784][ T5939] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.848255][ T5939] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.870815][ T5939] usb 1-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 166.893569][ T5939] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.914364][ T5939] usb 1-1: config 0 descriptor?? [ 167.349893][ T5939] sony 0003:054C:024B.000B: unexpected long global item [ 167.360761][ T5939] sony 0003:054C:024B.000B: parse failed [ 167.364502][ T8065] loop9: detected capacity change from 0 to 7 [ 167.366788][ T5939] sony 0003:054C:024B.000B: probe with driver sony failed with error -22 [ 167.427726][ T8065] Dev loop9: unable to read RDB block 7 [ 167.433382][ T8065] loop9: unable to read partition table [ 167.468672][ T8065] loop9: partition table beyond EOD, truncated [ 167.482380][ T8065] loop_reread_partitions: partition scan of loop9 (被x󟣑 ) failed (rc=-5) [ 167.582036][ T10] usb 1-1: USB disconnect, device number 10 [ 169.766684][ T8154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.959'. [ 170.087265][ T8162] netlink: 204 bytes leftover after parsing attributes in process `syz.2.964'. [ 170.125869][ T8162] netlink: 204 bytes leftover after parsing attributes in process `syz.2.964'. [ 171.426681][ T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 171.452933][ T8206] vivid-000: disconnect [ 171.467887][ T8205] vivid-000: reconnect [ 171.615860][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 171.656942][ T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 171.665010][ T9] usb 4-1: config 0 has no interface number 0 [ 171.680753][ T9] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 171.719724][ T9] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 41029, setting to 1024 [ 171.736998][ T9] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 171.795816][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.821463][ T9] usb 4-1: config 0 descriptor?? [ 171.859346][ T9] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 172.090053][ T5919] usb 4-1: USB disconnect, device number 9 [ 172.095682][ T52] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 172.230684][ T30] audit: type=1326 audit(1744110593.931:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8219 comm="syz.2.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 172.263360][ T8221] netlink: 12 bytes leftover after parsing attributes in process `syz.4.990'. [ 172.266985][ T52] usb 2-1: Using ep0 maxpacket: 16 [ 172.285825][ T30] audit: type=1326 audit(1744110593.931:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8219 comm="syz.2.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 172.288081][ T52] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 172.316486][ T8221] nbd: couldn't find device at index 131080 [ 172.345879][ T30] audit: type=1326 audit(1744110593.931:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8219 comm="syz.2.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 172.365413][ T52] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 172.400745][ T52] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 172.435017][ T30] audit: type=1326 audit(1744110593.931:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8219 comm="syz.2.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 172.439951][ T52] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.495261][ T30] audit: type=1326 audit(1744110593.931:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8219 comm="syz.2.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68cb8d169 code=0x7ffc0000 [ 172.556835][ T52] usb 2-1: config 0 descriptor?? [ 172.649796][ T8225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.994'. [ 172.665831][ T8225] netlink: 'syz.2.994': attribute type 30 has an invalid length. [ 172.701952][ T8225] netlink: 12 bytes leftover after parsing attributes in process `syz.2.994'. [ 172.762651][ T8229] loop6: detected capacity change from 0 to 8 [ 172.802667][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.812106][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.836003][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.845213][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.865801][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.875045][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.893784][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.903032][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.911796][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.921025][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.931885][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.941176][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.950841][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.960032][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.976609][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.985812][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 172.994160][ T8229] ldm_validate_partition_table(): Disk read failed. [ 173.006271][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 173.015538][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 173.018628][ T52] kovaplus 0003:1E7D:2D50.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.1-1/input0 [ 173.035925][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 173.045153][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 173.059240][ T8229] Dev loop6: unable to read RDB block 0 [ 173.069933][ T8229] loop6: unable to read partition table [ 173.083402][ T8229] loop6: partition table beyond EOD, truncated [ 173.115264][ T8229] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 173.410473][ T8244] syz.2.1002 uses obsolete (PF_INET,SOCK_PACKET) [ 173.418424][ T52] kovaplus 0003:1E7D:2D50.000C: couldn't init struct kovaplus_device [ 173.426738][ T52] kovaplus 0003:1E7D:2D50.000C: couldn't install mouse [ 173.463048][ T52] kovaplus 0003:1E7D:2D50.000C: probe with driver kovaplus failed with error -71 [ 173.507851][ T52] usb 2-1: USB disconnect, device number 6 [ 173.689561][ T8248] blkio.reset_stats is deprecated [ 173.886283][ T5939] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 174.047834][ T5939] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 174.065618][ T5939] usb 5-1: config 0 has no interface number 0 [ 174.095832][ T5939] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 174.126224][ T5939] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 174.161443][ T5939] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 174.186771][ T5939] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.231645][ T5939] usb 5-1: config 0 descriptor?? [ 174.665960][ T8266] netem: incorrect gi model size [ 174.674106][ T5939] uclogic 0003:256C:006D.000D: No inputs registered, leaving [ 174.706181][ T5939] uclogic 0003:256C:006D.000D: hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.4-1/input1 [ 174.894835][ T5939] usb 5-1: USB disconnect, device number 5 [ 177.192143][ T8332] netlink: 'syz.3.1041': attribute type 10 has an invalid length. [ 177.225810][ T8332] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 177.985757][ T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 178.159023][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 178.178977][ T9] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 178.193255][ T9] usb 5-1: config 0 has no interface number 0 [ 178.230603][ T9] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 178.266664][ T9] usb 5-1: New USB device strings: Mfr=1, Product=229, SerialNumber=2 [ 178.305368][ T9] usb 5-1: Product: syz [ 178.310653][ T9] usb 5-1: Manufacturer: syz [ 178.315299][ T9] usb 5-1: SerialNumber: syz [ 178.343373][ T9] usb 5-1: config 0 descriptor?? [ 178.382710][ T9] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 178.589107][ T8374] sctp: [Deprecated]: syz.2.1061 (pid 8374) Use of int in max_burst socket option deprecated. [ 178.589107][ T8374] Use struct sctp_assoc_value instead [ 178.632255][ T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 178.677887][ T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 178.857742][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - change_port message too short [ 179.097088][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 179.099302][ T24] usb 5-1: USB disconnect, device number 6 [ 179.156386][ T24] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 179.212651][ T24] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 179.274656][ T24] quatech2 5-1:0.51: device disconnected [ 285.199683][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 285.206827][ C1] rcu: 0-...!: (1 GPs behind) idle=bd04/1/0x4000000000000000 softirq=31342/31351 fqs=2 [ 285.217549][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P7193/1:b..l [ 285.225517][ C1] rcu: (detected by 1, t=10502 jiffies, g=24205, q=218 ncpus=2) [ 285.233269][ C1] Sending NMI from CPU 1 to CPUs 0: [ 285.233322][ C0] NMI backtrace for cpu 0 [ 285.233351][ C0] CPU: 0 UID: 0 PID: 5841 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 285.233371][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 285.233383][ C0] RIP: 0010:__lock_acquire+0x27d/0xd80 [ 285.233412][ C0] Code: ff ff 41 23 54 cd 20 09 c2 41 89 54 cd 20 48 8b 94 24 80 00 00 00 49 89 54 cd 08 4d 89 7c cd 10 48 8b 54 24 78 49 89 54 cd 18 <65> 8b 15 78 c5 c6 11 31 f6 85 d2 40 0f 95 c6 31 d2 83 bd d4 0a 00 [ 285.233426][ C0] RSP: 0018:ffffc90000007b80 EFLAGS: 00000002 [ 285.233441][ C0] RAX: 000000000000006d RBX: 0000000000000000 RCX: 0000000000000005 [ 285.233452][ C0] RDX: 0000000000000000 RSI: 000000000000006d RDI: 0000000000000001 [ 285.233462][ C0] RBP: ffff88807e389e00 R08: 0000000000000001 R09: 0000000000000001 [ 285.233472][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 285.233482][ C0] R13: ffff88807e38a8f0 R14: 0000000000000000 R15: ffff8880b86276d8 [ 285.233494][ C0] FS: 000055559251e500(0000) GS:ffff888124fc9000(0000) knlGS:0000000000000000 [ 285.233508][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 285.233520][ C0] CR2: 00007ff68cda7bac CR3: 0000000060d4c000 CR4: 00000000003526f0 [ 285.233535][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 285.233545][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 285.233555][ C0] Call Trace: [ 285.233562][ C0] [ 285.233575][ C0] lock_acquire+0x116/0x2f0 [ 285.233596][ C0] ? __hrtimer_run_queues+0x67b/0xd40 [ 285.233617][ C0] ? advance_sched+0xa02/0xca0 [ 285.233644][ C0] _raw_spin_lock_irq+0xd3/0x120 [ 285.233660][ C0] ? __hrtimer_run_queues+0x67b/0xd40 [ 285.233679][ C0] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 285.233699][ C0] __hrtimer_run_queues+0x67b/0xd40 [ 285.233718][ C0] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 285.233751][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 285.233769][ C0] ? sched_clock_cpu+0x77/0x4d0 [ 285.233788][ C0] ? read_tsc+0x9/0x20 [ 285.233811][ C0] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 285.233840][ C0] hrtimer_interrupt+0x403/0xa40 [ 285.233871][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 285.233894][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 285.233913][ C0] [ 285.233918][ C0] [ 285.233925][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 285.233943][ C0] RIP: 0010:__asan_memset+0x16/0x50 [ 285.233964][ C0] Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 56 53 48 89 d3 41 89 f6 48 89 fd 48 8b 4c 24 18 <48> 89 d6 ba 01 00 00 00 e8 5d e6 ff ff 84 c0 74 12 48 89 ef 44 89 [ 285.233977][ C0] RSP: 0018:ffffc90003f07828 EFLAGS: 00000246 [ 285.233991][ C0] RAX: ffffc90003f07980 RBX: 0000000000000010 RCX: ffffffff816df656 [ 285.234003][ C0] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90003f079d0 [ 285.234014][ C0] RBP: ffffc90003f079d0 R08: 0000000000000001 R09: 0000000000000000 [ 285.234024][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90003f07980 [ 285.234035][ C0] R13: ffffc90003f08000 R14: 0000000000000000 R15: ffffc90003f00000 [ 285.234056][ C0] ? unwind_next_frame+0xb46/0x23b0 [ 285.234079][ C0] ? rcu_is_watching+0x15/0xb0 [ 285.234098][ C0] ? arch_stack_walk+0xe7/0x150 [ 285.234117][ C0] unwind_next_frame+0xb46/0x23b0 [ 285.234139][ C0] ? unwind_next_frame+0xb8/0x23b0 [ 285.234159][ C0] ? __unwind_start+0xf8/0x740 [ 285.234180][ C0] __unwind_start+0x59a/0x740 [ 285.234202][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 285.234226][ C0] arch_stack_walk+0xe7/0x150 [ 285.234248][ C0] ? arch_stack_walk+0xe7/0x150 [ 285.234270][ C0] stack_trace_save+0x11a/0x1d0 [ 285.234295][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 285.234316][ C0] ? stack_depot_save_flags+0x44/0x940 [ 285.234335][ C0] ? __lock_acquire+0xad5/0xd80 [ 285.234354][ C0] kasan_save_track+0x3f/0x80 [ 285.234414][ C0] __kasan_kmalloc+0x9d/0xb0 [ 285.234469][ C0] __kmalloc_cache_noprof+0x236/0x370 [ 285.234486][ C0] ? kmem_cache_free+0x16e/0x410 [ 285.234502][ C0] ? fput_close_sync+0x1ef/0x270 [ 285.234522][ C0] kmem_cache_free+0x16e/0x410 [ 285.234538][ C0] ? fput_close_sync+0x1ef/0x270 [ 285.234559][ C0] fput_close_sync+0x1ef/0x270 [ 285.234580][ C0] ? __pfx_fput_close_sync+0x10/0x10 [ 285.234598][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 285.234622][ C0] ? filp_flush+0x116/0x190 [ 285.234641][ C0] __x64_sys_close+0x7f/0x110 [ 285.234660][ C0] do_syscall_64+0xf3/0x230 [ 285.234680][ C0] ? clear_bhb_loop+0x45/0xa0 [ 285.234698][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.234714][ C0] RIP: 0033:0x7f820118bdca [ 285.234737][ C0] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 43 91 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 a3 91 02 00 8b 44 24 [ 285.234750][ C0] RSP: 002b:00007ffcadc0cea0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 285.234765][ C0] RAX: ffffffffffffffda RBX: 0000000000001cd7 RCX: 00007f820118bdca [ 285.234777][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 285.234786][ C0] RBP: 00007ffcadc0cf70 R08: 0000000000000000 R09: 0000000000000000 [ 285.234796][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 00007ffcadc0e000 [ 285.234806][ C0] R13: 00007f820120e08c R14: 000055559251e4a8 R15: 0000000000000005 [ 285.234823][ C0] [ 285.235317][ C1] task:udevd state:R running task stack:22600 pid:7193 tgid:7193 ppid:5202 task_flags:0x400140 flags:0x00000002 [ 285.776225][ C1] Call Trace: [ 285.779521][ C1] [ 285.782473][ C1] __schedule+0x1b33/0x51f0 [ 285.787005][ C1] ? __lock_acquire+0xad5/0xd80 [ 285.791887][ C1] ? preempt_schedule_irq+0xfe/0x1c0 [ 285.797196][ C1] ? __pfx___schedule+0x10/0x10 [ 285.802061][ C1] ? __lock_acquire+0xad5/0xd80 [ 285.806960][ C1] ? preempt_schedule_irq+0xf3/0x1c0 [ 285.812268][ C1] preempt_schedule_irq+0xfe/0x1c0 [ 285.817411][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 285.823160][ C1] irqentry_exit+0x5e/0x90 [ 285.827589][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 285.833598][ C1] RIP: 0010:unwind_next_frame+0x784/0x23b0 [ 285.839423][ C1] Code: 89 c1 48 c1 f9 02 48 c1 e8 3f 48 01 c8 48 83 e0 fe 49 8d 1c 46 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 <84> c0 75 27 48 63 03 48 01 d8 48 8d 4b 04 4c 39 e0 4c 0f 46 f1 48 [ 285.859042][ C1] RSP: 0018:ffffc9001019f7e8 EFLAGS: 00000a07 [ 285.865128][ C1] RAX: 0000000000000000 RBX: ffffffff907b0c14 RCX: dffffc0000000000 [ 285.873112][ C1] RDX: ffffffff90f758c6 RSI: ffffffff8ca0e1c0 RDI: ffffffff8ca0e180 [ 285.881097][ C1] RBP: ffffffff907b0c1c R08: 000000000000000a R09: 0000000000000000 [ 285.889079][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff823bbb2e [ 285.897063][ C1] R13: ffffffff907b0c10 R14: ffffffff907b0c10 R15: ffffffff907b0c10 [ 285.905052][ C1] ? __x64_sys_close+0x7e/0x110 [ 285.909934][ C1] ? unwind_next_frame+0xe7/0x23b0 [ 285.915080][ C1] ? unwind_next_frame+0xb8/0x23b0 [ 285.920212][ C1] ? __x64_sys_close+0x7f/0x110 [ 285.925081][ C1] ? __x64_sys_close+0x7f/0x110 [ 285.929949][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 285.936126][ C1] arch_stack_walk+0x11e/0x150 [ 285.940928][ C1] ? __x64_sys_close+0x7f/0x110 [ 285.945799][ C1] stack_trace_save+0x11a/0x1d0 [ 285.950674][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 285.956849][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 285.962258][ C1] ? __lock_acquire+0xad5/0xd80 [ 285.967138][ C1] kasan_save_stack+0x3f/0x60 [ 285.971868][ C1] ? kasan_save_stack+0x3f/0x60 [ 285.976741][ C1] ? kasan_record_aux_stack+0xbf/0xd0 [ 285.982133][ C1] ? call_rcu+0x172/0xad0 [ 285.986482][ C1] ? kmem_cache_free+0x312/0x410 [ 285.991432][ C1] ? fput_close_sync+0x1ef/0x270 [ 285.996389][ C1] ? __x64_sys_close+0x7f/0x110 [ 286.001309][ C1] ? __phys_addr+0xba/0x170 [ 286.005834][ C1] kasan_record_aux_stack+0xbf/0xd0 [ 286.011054][ C1] call_rcu+0x172/0xad0 [ 286.015242][ C1] ? __pfx_call_rcu+0x10/0x10 [ 286.019949][ C1] ? __phys_addr+0xba/0x170 [ 286.024474][ C1] kmem_cache_free+0x312/0x410 [ 286.029248][ C1] ? fput_close_sync+0x1ef/0x270 [ 286.034215][ C1] fput_close_sync+0x1ef/0x270 [ 286.039005][ C1] ? __pfx_fput_close_sync+0x10/0x10 [ 286.044313][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 286.049535][ C1] ? filp_flush+0x116/0x190 [ 286.054059][ C1] __x64_sys_close+0x7f/0x110 [ 286.058749][ C1] do_syscall_64+0xf3/0x230 [ 286.063273][ C1] ? clear_bhb_loop+0x45/0xa0 [ 286.067988][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.073914][ C1] RIP: 0033:0x7f7598f1a37f [ 286.078342][ C1] RSP: 002b:00007ffff9153068 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 286.086772][ C1] RAX: ffffffffffffffda RBX: 0000564c05346730 RCX: 00007f7598f1a37f [ 286.094758][ C1] RDX: 00007f7598fed860 RSI: 0000564c053efbe0 RDI: 0000000000000009 [ 286.102745][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffff9152ba8 [ 286.110734][ C1] R10: 000000000000010f R11: 0000000000000202 R12: 0000000000000000 [ 286.118714][ C1] R13: 00007ffff91530c8 R14: 00007ffff91534c8 R15: 0000564bf51c1ec8 [ 286.126716][ C1] [ 286.129747][ C1] rcu: rcu_preempt kthread starved for 10498 jiffies! g24205 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 286.140959][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 286.150934][ C1] rcu: RCU grace-period kthread stack dump: [ 286.156833][ C1] task:rcu_preempt state:R running task stack:26976 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 286.170358][ C1] Call Trace: [ 286.173648][ C1] [ 286.176682][ C1] __schedule+0x1b33/0x51f0 [ 286.181212][ C1] ? _raw_spin_unlock_irqrestore+0x90/0x140 [ 286.187215][ C1] ? rcu_is_watching+0x15/0xb0 [ 286.191997][ C1] ? schedule+0x163/0x360 [ 286.196352][ C1] ? __pfx___schedule+0x10/0x10 [ 286.201235][ C1] ? schedule+0x90/0x360 [ 286.205498][ C1] ? schedule+0x90/0x360 [ 286.209753][ C1] schedule+0x163/0x360 [ 286.213947][ C1] schedule_timeout+0x15b/0x2b0 [ 286.218825][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 286.224225][ C1] ? __pfx_process_timeout+0x10/0x10 [ 286.229542][ C1] ? prepare_to_swait_event+0x1e5/0x340 [ 286.235107][ C1] ? prepare_to_swait_event+0x308/0x340 [ 286.240679][ C1] rcu_gp_fqs_loop+0x2e1/0x1340 [ 286.245553][ C1] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 286.251719][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 286.257025][ C1] ? _raw_spin_unlock_irqrestore+0xde/0x140 [ 286.262944][ C1] ? finish_swait+0xdb/0x200 [ 286.267655][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 286.272869][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 286.277480][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 286.282699][ C1] ? __kthread_parkme+0x1a8/0x200 [ 286.287748][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 286.292966][ C1] kthread+0x7b7/0x940 [ 286.297085][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 286.302310][ C1] ? __pfx_kthread+0x10/0x10 [ 286.306920][ C1] ? __pfx_kthread+0x10/0x10 [ 286.311534][ C1] ? __pfx_kthread+0x10/0x10 [ 286.316144][ C1] ? __pfx_kthread+0x10/0x10 [ 286.320757][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.325967][ C1] ? lockdep_hardirqs_on+0x9d/0x150 [ 286.331182][ C1] ? __pfx_kthread+0x10/0x10 [ 286.335797][ C1] ret_from_fork+0x4b/0x80 [ 286.340233][ C1] ? __pfx_kthread+0x10/0x10 [ 286.344848][ C1] ret_from_fork_asm+0x1a/0x30 [ 286.349685][ C1] [ 286.352719][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 286.359056][ C1] CPU: 1 UID: 0 PID: 8419 Comm: syz.2.1082 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) [ 286.369307][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.379377][ C1] RIP: 0010:lock_acquire+0x167/0x2f0 [ 286.384681][ C1] Code: c7 44 24 10 00 00 00 00 9c 8f 44 24 10 f7 44 24 10 00 02 00 00 0f 85 fd 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 65 48 8b 45 00 <48> 3b 44 24 38 0f 85 72 01 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e [ 286.404299][ C1] RSP: 0018:ffffc90000a082c8 EFLAGS: 00000206 [ 286.410388][ C1] RAX: 6aa8a4f61fda2800 RBX: ffffffff8ed3dfe0 RCX: 6aa8a4f61fda2800 [ 286.418398][ C1] RDX: 0000000000000000 RSI: ffffffff8e4ea087 RDI: ffffffff8ca0e1e0 [ 286.426391][ C1] RBP: ffffffff93657020 R08: 0000000000000000 R09: 0000000000000000 [ 286.434461][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 286.442446][ C1] R13: 0000000000000002 R14: 0000000000000246 R15: 0000000000000000 [ 286.450434][ C1] FS: 00007ff68da0e6c0(0000) GS:ffff8881250c9000(0000) knlGS:0000000000000000 [ 286.459376][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.465970][ C1] CR2: 000000110c3a2b29 CR3: 0000000032222000 CR4: 00000000003526f0 [ 286.473958][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.481943][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.489937][ C1] Call Trace: [ 286.493229][ C1] [ 286.496110][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 286.502291][ C1] is_bpf_text_address+0x46/0x2a0 [ 286.507332][ C1] ? is_bpf_text_address+0x26/0x2a0 [ 286.512552][ C1] ? is_bpf_text_address+0x26/0x2a0 [ 286.517763][ C1] ? is_module_text_address+0x199/0x1f0 [ 286.523333][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 286.529507][ C1] kernel_text_address+0xa7/0xe0 [ 286.534469][ C1] __kernel_text_address+0xd/0x40 [ 286.539524][ C1] unwind_get_return_address+0x4d/0x90 [ 286.545007][ C1] arch_stack_walk+0xff/0x150 [ 286.549743][ C1] stack_trace_save+0x11a/0x1d0 [ 286.554611][ C1] ? __lock_acquire+0xad5/0xd80 [ 286.559507][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 286.564911][ C1] ? __lock_acquire+0xad5/0xd80 [ 286.569782][ C1] ? __lock_acquire+0xad5/0xd80 [ 286.574650][ C1] kasan_save_track+0x3f/0x80 [ 286.579368][ C1] ? kasan_save_track+0x3f/0x80 [ 286.584284][ C1] ? __kasan_slab_alloc+0x66/0x80 [ 286.589342][ C1] ? kmem_cache_alloc_node_noprof+0x1f2/0x3b0 [ 286.595427][ C1] ? __alloc_skb+0x1c2/0x480 [ 286.600046][ C1] ? __netdev_alloc_skb+0x105/0xa10 [ 286.605273][ C1] ? __ieee80211_beacon_get+0x9a7/0x15e0 [ 286.610927][ C1] ? ieee80211_beacon_get_tim+0xb7/0x330 [ 286.616580][ C1] ? mac80211_hwsim_beacon_tx+0x3a2/0x860 [ 286.622331][ C1] ? __iterate_interfaces+0x297/0x570 [ 286.627729][ C1] ? ieee80211_iterate_active_interfaces_atomic+0xd8/0x170 [ 286.634956][ C1] ? mac80211_hwsim_beacon+0xd4/0x1f0 [ 286.640358][ C1] ? __hrtimer_run_queues+0x5a6/0xd40 [ 286.645752][ C1] ? hrtimer_run_softirq+0x19a/0x2c0 [ 286.651063][ C1] ? handle_softirqs+0x2d6/0x9b0 [ 286.656020][ C1] ? __irq_exit_rcu+0xfb/0x220 [ 286.660797][ C1] ? irq_exit_rcu+0x9/0x30 [ 286.665227][ C1] ? sysvec_apic_timer_interrupt+0xa6/0xc0 [ 286.671053][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 286.677223][ C1] ? smp_call_function_many_cond+0x1bac/0x2d40 [ 286.683464][ C1] ? on_each_cpu_cond_mask+0x3f/0x80 [ 286.688769][ C1] ? flush_tlb_mm_range+0xb8d/0x13f0 [ 286.694075][ C1] ? copy_mm+0x19de/0x22c0 [ 286.698513][ C1] ? copy_process+0x17de/0x3d10 [ 286.703379][ C1] ? kernel_clone+0x227/0x880 [ 286.708069][ C1] ? __x64_sys_clone+0x268/0x2e0 [ 286.713023][ C1] ? do_syscall_64+0xf3/0x230 [ 286.717721][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.723840][ C1] __kasan_slab_alloc+0x66/0x80 [ 286.728722][ C1] kmem_cache_alloc_node_noprof+0x1f2/0x3b0 [ 286.734633][ C1] ? __alloc_skb+0x1c2/0x480 [ 286.739258][ C1] __alloc_skb+0x1c2/0x480 [ 286.743708][ C1] ? __pfx___alloc_skb+0x10/0x10 [ 286.748673][ C1] ? __lock_acquire+0xad5/0xd80 [ 286.753550][ C1] __netdev_alloc_skb+0x105/0xa10 [ 286.758593][ C1] ? __pfx___netdev_alloc_skb+0x10/0x10 [ 286.764190][ C1] __ieee80211_beacon_get+0x9a7/0x15e0 [ 286.769663][ C1] ? __ieee80211_beacon_get+0x36/0x15e0 [ 286.775239][ C1] ieee80211_beacon_get_tim+0xb7/0x330 [ 286.780720][ C1] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 286.786905][ C1] mac80211_hwsim_beacon_tx+0x3a2/0x860 [ 286.792489][ C1] __iterate_interfaces+0x297/0x570 [ 286.797713][ C1] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 286.803806][ C1] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 286.809894][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x170 [ 286.817122][ C1] ieee80211_iterate_active_interfaces_atomic+0xd8/0x170 [ 286.824170][ C1] mac80211_hwsim_beacon+0xd4/0x1f0 [ 286.829388][ C1] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 286.835213][ C1] __hrtimer_run_queues+0x5a6/0xd40 [ 286.840456][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 286.846206][ C1] ? read_tsc+0x9/0x20 [ 286.850295][ C1] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 286.856395][ C1] hrtimer_run_softirq+0x19a/0x2c0 [ 286.861532][ C1] handle_softirqs+0x2d6/0x9b0 [ 286.866321][ C1] ? __irq_exit_rcu+0xfb/0x220 [ 286.871103][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 286.876410][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 286.881635][ C1] __irq_exit_rcu+0xfb/0x220 [ 286.886237][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 286.891459][ C1] irq_exit_rcu+0x9/0x30 [ 286.895715][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 286.901365][ C1] [ 286.904307][ C1] [ 286.907250][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 286.913263][ C1] RIP: 0010:smp_call_function_many_cond+0x1bac/0x2d40 [ 286.920044][ C1] Code: 03 84 c0 75 7e 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 b8 e2 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 68 de 0b 00 eb 41 f3 90 <48> b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 41 f7 45 00 [ 286.939666][ C1] RSP: 0018:ffffc9000be774c0 EFLAGS: 00000246 [ 286.945755][ C1] RAX: ffffffff81b7661d RBX: 1ffff110170c8219 RCX: 0000000000080000 [ 286.953741][ C1] RDX: ffffc9000cdf3000 RSI: 000000000007ffff RDI: 0000000000080000 [ 286.961725][ C1] RBP: ffffc9000be776c0 R08: ffffffff81b765e8 R09: 1ffffffff20bd6ce [ 286.969711][ C1] R10: dffffc0000000000 R11: fffffbfff20bd6cf R12: ffff8880b873ab88 [ 286.977697][ C1] R13: ffff8880b86410c8 R14: ffff8880b873ab80 R15: 0000000000000000 [ 286.985709][ C1] ? smp_call_function_many_cond+0x1b98/0x2d40 [ 286.991896][ C1] ? smp_call_function_many_cond+0x1bcd/0x2d40 [ 286.998127][ C1] ? __pfx_mas_destroy+0x10/0x10 [ 287.003096][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 287.009484][ C1] ? rcu_is_watching+0x15/0xb0 [ 287.014293][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 287.019574][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 287.024721][ C1] flush_tlb_mm_range+0xb8d/0x13f0 [ 287.029863][ C1] ? up_write+0x1ab/0x590 [ 287.034229][ C1] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 287.039817][ C1] copy_mm+0x19de/0x22c0 [ 287.044108][ C1] ? __pfx_copy_mm+0x10/0x10 [ 287.048739][ C1] ? __init_rwsem+0x122/0x160 [ 287.053446][ C1] ? copy_signal+0x500/0x630 [ 287.058064][ C1] copy_process+0x17de/0x3d10 [ 287.062779][ C1] ? copy_process+0xa07/0x3d10 [ 287.067571][ C1] ? __pfx_copy_process+0x10/0x10 [ 287.072623][ C1] ? count_memcg_event_mm+0x388/0x440 [ 287.078132][ C1] ? count_memcg_event_mm+0x96/0x440 [ 287.083444][ C1] kernel_clone+0x227/0x880 [ 287.087969][ C1] ? __lock_acquire+0xad5/0xd80 [ 287.092841][ C1] ? __pfx_kernel_clone+0x10/0x10 [ 287.097906][ C1] ? handle_mm_fault+0x173e/0x1aa0 [ 287.103077][ C1] __x64_sys_clone+0x268/0x2e0 [ 287.107864][ C1] ? __pfx___x64_sys_clone+0x10/0x10 [ 287.113171][ C1] ? lock_vma_under_rcu+0x1f0/0x9a0 [ 287.118418][ C1] ? do_syscall_64+0xb6/0x230 [ 287.123124][ C1] do_syscall_64+0xf3/0x230 [ 287.127658][ C1] ? clear_bhb_loop+0x45/0xa0 [ 287.132621][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.138528][ C1] RIP: 0033:0x7ff68cb8d169 [ 287.142973][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.162603][ C1] RSP: 002b:00007ff68da0dfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 287.171040][ C1] RAX: ffffffffffffffda RBX: 00007ff68cda5fa0 RCX: 00007ff68cb8d169 [ 287.179040][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 287.187024][ C1] RBP: 00007ff68cc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 287.195009][ C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 287.202994][ C1] R13: 0000000000000001 R14: 00007ff68cda5fa0 R15: 00007ffedc39a548 [ 287.211009][ C1]