last executing test programs: 6.152152221s ago: executing program 3 (id=584): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x2, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405668, &(0x7f00000001c0)={0x8, 0x1, 0x0, "272406000000d8200000100000e8e2ffffffffffff0100000000ae246d9500"}) 6.02830308s ago: executing program 3 (id=587): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x7, 0x2, 0x0, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x44, &(0x7f0000000380)={0x0, 0x0, 0x1, '\n'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.888347787s ago: executing program 3 (id=639): socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b43a409aa81", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x4, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}}}}}, 0x0) 2.74092585s ago: executing program 3 (id=642): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/resume_offset', 0x149a82, 0x0) write$cgroup_int(r0, &(0x7f0000000000), 0x12) 2.596538008s ago: executing program 3 (id=646): r0 = syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000480)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xb}}, 0x0, 0x0, 0x0}, 0x0) 2.294825165s ago: executing program 0 (id=654): r0 = openat$uinput(0xffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x2) ioctl$UI_SET_MSCBIT(r0, 0x40045568, 0x3a) 2.294400517s ago: executing program 1 (id=655): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_MAX_VCPU_ID(r1, 0x4068aea3, &(0x7f00000000c0)={0xe1}) 2.173585554s ago: executing program 0 (id=657): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000a00)="6204a105d755af176510122f1eafbcf72be12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e24732faf215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7dfd652684d6a710292ea0c3f97b7cbff701684b13c5593262534a7", 0xce}, {&(0x7f00000014c0)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44cb2e32e2bf367e9d01a5e7380cc4fc8e7c9044cc4750b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a36a8b449955e83e91b379c179017f8f4657d1b22eca6bca33036d33e1a684059c53cea91c8f637ac780ab2bcf85f774b0d4e5876fe9aee4724b7cb59731c97e70ebd706003994eb07de2f3c6a9448c3206cff6d290b433f331c2399", 0xbe}, {&(0x7f0000000040)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb48bbd3b52d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000000440)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cd", 0x27f}, {&(0x7f0000000280)="b8d35a", 0x3}, {&(0x7f0000000880)="550c7532758c9c16ffa4f109b112c63389068bee461d1744b4bf458233d3294ababe0628c97e2640f849c401a026827bfb3d48b3b006caef21c7f135c6d01a976b1eb9526b507b2b4c9f9e6b7c098e448529a204e53461f0ba57f09c8d38315d357655516c990421fbf244bd3d0c5133551ff16b4f68a06bf38e1df12de87bbcf21885ef4cf156b90efe711567d35de17893cabc36910904e5742efcfe179c5bb5dcf9a3cecf025d1fd88b25c2feafba15af43d7859a41bda0caf50c5d8f6c8b90c9fb94dceab0d88d9dee493eec0d6675c4e16a32d9a1ab872a40244eb0123f1dea55eacf372166a6515f7ab557729f", 0xf0}], 0x6}, 0x0) 2.120348732s ago: executing program 1 (id=658): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000040)=[{&(0x7f0000001140)="27050200340f00000600002fb96dbcf706e10500000086ddffff1144ee162fd4b8bf4a31a8ffffff0777cfbf6ae77256da82f6184b8a34f9015cc99e570000e81f21880b0000000000000057edd8d8aa678846e345ecc900bd9a50e13fd87e92e4218f5fc24e84b853587d68a9252184a9f91690ef93ddfada9f9e733e1623f3fd97d520b6d6d67a622ab09005ecb646703dfbe2d166c1192711d428f713233f37e37971dec0582658d180f735d8d1cbae8bd83cf258b4bc55471145f02a0b6f56b150e1149880f449cd799fc8502295", 0xd0}, {&(0x7f0000000200)="cdebce4f4e740b9b932b52fe8207323394811ec7517d3db13ae28348ba9bbadc2cc6bf1773883bd87752c113001d44883cb95540738a517dd5068ef449d477ff47d3f647fac8ea240235466461496fce07140f8adb99d843ca86a890f6e1f8341530ac3a3b0d18266c314fe1f24626a1358f5e0e9e68e0e19baa42adab2bec0b5b17abf89cd55770dee4c5f6692840f98577d9c8231b2090a7f20a0ec5f2897227185e397ffaa4ac36a1a9a68a42b80477e66545540ccf0a1513014a76d1d208e53ab806a4c06fbc4c8732591435c2c817d122a6a12713fdea7b8a479773cc90ceda7147fc24453090a16d3a6667bbef06d0bad2595cdbe39e421f7aa02ca8106383aabf360ec5df8cc163f51bc0c85b2b1f394bb7c7a5a679983a1c23be4c801483040d38357904b1daf2b292d2fbbecf23deec4e9a77ba80f4cc2876581638510e3fc2321688661b4a729afa9b0ee0723c4ca6dc1569c055d5b00961d2188fe201a61fe69c5bb2584e74890d31228754c8144a8550251d8eeb8b6c53a4b38691af9aa31fac72d7fd71e8f7e9298bef6255be7666571c9e7512d819f67dddeb62705e428dd00040954197ddbad9237aa9a2c414c11d24c8cba1461c59e7c42203580e90d3b30ed98081802359fe8a950fb1bfabac8e3fe89ef139c0bbee11f8924d3226e6ea2e90bfd286e77c2a3501bf45c81660bed7c040d8d25f35802f2f27d3be5d18b44d429e6bd8b15f46b6fa877777d766e91cee348cc762549c5c516f5dc22c87453363072c3d876a3248d8783e7a2f68f4adca16a639c042f8fda37a555636a5bc9440b583d5c9e2b435d56a7398c0caf620a12f1c8c32e2c50bdbcc408c9a1ae7b1fceba8d332119406ac1100c8f79c234d9594db972f24c80d4f4e14e088d3c0289d6f50ff8b8a972cf03fe7f00d2e702a48dd8b6531cc6129d2c2599db93f517b1fd3bb763963664be4ff72fa39dc6613cac63ed18dbeb30d38aa56dcff21d94490fa1b8338628088f9b16166acf9b495a983c22e2c4e450ae5acbba95b8004fe1dcd63e7a3e8fce797706c155641067ad582c9e14cda059c5d191d7f4810056a0d61ea7e5da1ed84a7168c19136ae7bf6256a0b54e82314e9b34407e1b97d6a6687566e5dc9817657323910464549a421ede9274d4fa36c317b3e9867754ad243d6b84e1a027fde704733527af92809f3382d5fd75f58bc498591532cece8fd6ad639311a8f2aa2137fb058c4361bf8d2a9525c4f6f05d141a30150d012d1628ff70878e29012086dd722c002f224a7ba9913c7875e4a0d07efe7fa92323b6d745924f2660cdda419b0f0fff79cea811d1f483c5d70c7bf62de6a692e1d637186b193bc7dfbfe13a6201bfa0624f47f7d27c8587d7dd150719a94c0485586b8b931b6bba1856da356c3b6b3110b39da2732fa57dde20c6e84a08ceaea226414710171aa69b25fd7f46ffde32406634ce36afa706d844651088ff241dedc678c140e3d7c30e4d0dc75e4cf3eb2ba9d6be445aae27a1caa90ff8c155b7ea4e832b01f16479f0ff2f37825c7bffe7362b6d64153ee31720572d0fd732923f64e0c23e9e5b865cbcab854b10d0ec99b8ea7e0b392af666454efc9194bd31148995229557d2ac2f2939368d59ab4576f5dae03fa6a947d021fec30032c963a5ebb78b302c66055a2919763bf196407419445806611f810925d8b50ddc9caa19617fa5fd7ac7b6d66c1228072eaf9d2f0524cdac46b06aeca7cc308977e147732278e467227b11126f090647019a5a32f682b4691e809d867980adf8c6d82470612ebc762fa6dfe0446caae7bd03088a08390c0d4ee8a8654f33362a9cdcdd541aaac5c85133e06859cc5fc1e966d116a25c2244031204125457f37319f64f6c2fa8f48ca74252109db2418064d6abf9f1c959aecbd2b053f59c8c51a0dcc40feda039cf4e949b8504a5fe439bf146fd27234219de54a9098e0b47b98c8eeb846f5e53f4711e078e7daac21f23992186afcbb40127cba7a765ec50e976e0239a231a174cc3884a6fce090237365a78f6258bea0d052adcfae5edb2cf5023650e03f0f1bb9a73c874b4470fb01369e00bd9eeaa3a233fbda734802d581c3cb0cb452d233e34d5da6b0d2eaaa3b677106abe9d2175a39af1f5b23f8704c7abbd7ee9cdc846b945e06a61ba1cbd07c652f3197300b1faf57eeb5c3a99908d4fe4dec221a5264916c767468a9638ea3c3e2d9b127c414ed90abd7e60e6080eeeec2a822def3db0bd2a5bec8ac42edf4a070209d21b2431252072d685fd494f1379d23a38da70c9726ed65175e28c2fd31d2a44bbd7e976546ce0ea142dfe68b8df0c76e86326f0a163f616556994ad77b9945a2ea2ada399c0d1388da28374da847009dacda565a1bca6d69c6fad6575c759c5917e2d8ba69f6ac7fc18da6ac89addd6e8c989698c8698a66b39c29f3dbc1df982fb2be690d90dc3b0d8a46e457d69a1fc84020dcf6ee6e16b0d860362b2a6a5266ccae87ba5fb6ad12fdd6c191dfc2149ce4edca8f51a0f297a799b071fd6c242d42a663b4f064317c8f859b1dfb372be717a78b1cceafe8442c83f2b7ee90290cdecd7b3036f3477130d1a32b061a57f799fbd60eb7ac784a7e7a26821e2ad36970ebd4e44a3db99828a0703bb6831c6484bca100565de816dba4c579e820c4746295871d8bd0a88a07e680c2737d40a84281c56bdc6ac4ad6166439cf8169982d6638f4b4b84e0ac9828afde4e93d4fba4aeff5a95d84790d075a20d4753a6289997816f5b14263ee0f892985b5faff61cdc1272ba310c53fb4ccb0c6c1001801a8dd129515a4ee25c6508bc12c7b4d766c49ed1e57b886cffb3e90cb2c3555fdacceb577d3d33154846726fcd6c0bd73305232ea74056d096537e50f43870c57d378b9a3db08c1f8cb9c001623c6b4fd6e9e2eaf034d52c7db6239bdb9a21df994b93658006b2bdc5f04f0f6c41725ce01c1b11f109dde1ac9852b9c6ffec7f51d3aae569eb94f896e9360e60bb0757d50549eb8a55ef857895059f7d4dc3177434048fc61a07812fb09303561a3b16d8f3f20d81f47a0c08abba73ac24a514cd30127143b269253e505506451af58d6de246350a0421238a8cd91ffeebb5873eb6f106780e381c25c1bd3f20eae15d3520be6ed472725ef1de2a654ca70d1e8d7222e0716b83dc4a86cabbd3caa643ff2494109ab6a0d82d23e09201c5a1efa190609bf56e45b0a44d6c201d50702fa634d8a5b4d7042dfbafa2f80c2683febfed7f19db1711d47742ed1c2e52c5195c05fff524a4642839809591d0fa5c1dfe3fe773c73b325f73620dfa35eb526200664271d396b78b2e0c1b6979bea84f0b67d67ac89e2ccbb86e2a227beb8cd16d2c62fc965c734c82476b236a94d849fe38ba3a4fbbc26f1b03b300d6a934dabf0f40c33fae6e2405126881a37f1719d444343900c965baedabd6c08e041c4f00934eda1dbc0ce7af64d263211874666942c68062b3ac49c40ac88fa31b404a43dfc75754501513b0fb3b956fe55f43e2bc3e4a4f7cfc7a3582a09de29d4f5fa042edff4b4618f5428e23c2c26d5d8cb78e7fef957b534900dcf22f25d6b1568ea0eaf6743d0f1626465aa373b37909b7279433c9eb15e5268e47fe47ac1c90cac260395ad77b1d11424f493c3fe2df972d3f514f6386b08d323cb85985c1c2e29d11dcef4fa832135c6ec0bd8b3b3d3eebbdbfaf06bc0fd1a07be8d58595db442e968dcb2f6eb31f36bf2e6afca0fa08e8b690ad126c00065258cd6fd5d4bf33e123ba6f14e840153eaf8eaaf878ce164264c0d9e26c34145421c4c315dc0735ff562542debb025330559db07a837e12ab78a8b5b2a493d0e563431e2860596bb32e40e6424914eed9aa35dd7622c47e486f8d716be134c4540e91af9b0c3847e4c9c03ec9890525fff64cb297a20c9fc2c421a1b47b4745979468ddc7fabb6f0db379e3c6aeedc5d9fcf10aeb6de00d8fa752f4bc4924e7d3858b9e6510ae3a759678a63c3a07c340f384a554caaa02edb2d1a4dea3c593ebfe2303e283e2043b4dda17f03bb3e46dd44e7e0b6573534329073b34f04c7f7f7c7c112daae16207917286b324a7af7498780f597445c8b3386194dcf3e5f5fc52ed712005fd0008eddb45114aa5809bf429c7cbf3c2ef1b64eaf591746bb22328d56a0d6a793458b43867917d9a303fcdab837b54d77f0c6a2ec36f9a73708d62d1893d4be09a75a80ef538ff36eb3c08ddd7f6726e8225ed6e0cb8b1542891ea70df0240e1c3bf1b9f2bdf9fe6572ce5a200c6a4e07c7c1dca89a47476b0fcb07450ded6a29fde9cd1edbeac2aac27fac571522e63fe359e263d900062f89e69a00c5b25a1cfd4d70bb309c00a202378e560fda8f36a78bfe5e5a2b67f8a63eee611e4a46aecf0ed0e27bdd3e643b7aec090516f3b60741ad3457b393c80d69d0a152f51f4143e49ad443a4b2682ca22f03f9a376219064b5b6dac985b35e772d0242bea4f1828fc83491fea152845458f1d53ffad2a3f6a2d4edbd1c7d7cd444dbf998ee65000e8542a9dc387c810e3e650a53aa964e218633f13914f3abc2893211946a8f6058a254e3212b9aa3fabcdce2a3754d9511645216139058933f978a3bca5a64fb5d04c82e508c682c810857957d06734288fe5819803b44a78f1a8b7eccddadfd2a160a944a6d7a7169a60eed45ce95e1877528492528d001f7b18fdd1ab9a172c76747876a4ff4c92c447163f2fa3fa3f525867944e846e2eb528707d25f0e83438feaf7ea7dc6f80b0a17dc3f1342db1228ec292f5298de8108c888b1cde4923ee0e99f4590f168dd797f5731f6f73cb914e698d6f32fa0845b155504871e7af7ee197a7a46bac297c1824eec5fd3ccb0a9161ecd57df1266849619135f3d86809722d8a8fb635bc1bc259150cd239890823892ada4307449cf5040b96acb0f664af1663cb40b3c33427eca56f1f6c3e772f02421808b5fd1d1cedd427476db73c5b666c06c9917d6db134a77f94c1a490c5edf740baf9ab9d8a82e3d104cff860e776ff2243e4082475141cb44ce749f174c033b8275519e813ae3ab4e76ef6177c9b83c93db918ed530f60403dbff48a833d29cacd812713a3496710e36315de8e27f78a95b143c0c5ef255d927d060ec29323e568d91005118044768112ca83004d6ebda15178bd81dea6ef0b03d74a1b9eaa67419d702de3f32b24ef345ac75", 0xe8a}], 0x2}, 0x0) 2.08385195s ago: executing program 0 (id=660): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2) r1 = dup(r0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x14, 0x0, 0x0, 0x0, 0x0}) 1.945425079s ago: executing program 1 (id=661): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000480)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x1, 0x0, 0x0, {[@mptcp=@synack={0x1e, 0x10, 0x1, 0x2, 0xa, 0x7, 0xe3}]}}}}}}}, 0x0) 1.911884312s ago: executing program 4 (id=662): r0 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$getregset(0x4204, r0, 0x202, &(0x7f00000000c0)={&(0x7f0000000040)=""/112, 0x70}) 1.911322054s ago: executing program 0 (id=663): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @dev, 0x34}]}, &(0x7f0000002100)=0x10) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000040)={0x77359400}, 0x10) 1.720440798s ago: executing program 4 (id=664): r0 = socket(0x2, 0x3, 0xff) getsockopt(r0, 0x1, 0x2, &(0x7f0000000300)=""/78, &(0x7f0000000140)=0x4e) 1.657424526s ago: executing program 2 (id=674): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd0}, 0x1, 0x0, 0x0, 0x15}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 1.558976714s ago: executing program 1 (id=665): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000000), 0x4) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcf, 0x0, 0x0) 1.337653434s ago: executing program 2 (id=666): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000014000000080016000000000018000180140002006e657464657673696d3000000000000008001500000000000800130000170000080014"], 0x4c}}, 0x0) 1.288567517s ago: executing program 4 (id=667): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x354, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x336, 0x33, @beacon={{{}, {}, @device_b, @device_b}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x8c, {0x0, 0x0, 0x0, "9af6da3eccb31dfdb01e6e7177c98c64430a038b1a5dfa035ea7a9381b60d5573f7a471f2255656c6fda4f9fe2a1cefb7e307f95a05deb88da8d6767435855a59a04759977ef1cf00cf302f452d67e80c72e836d0cfcfd95ca366d0e284f1c03058e40a2283bb06b723df5c6eef98646cae544fd4eebdf5effc6f1ba5debee4b327b12000000000000"}}, @void, @void, @val={0x3c, 0x4}, @void, @void, @void, @val={0x76, 0x6}, [{0xdd, 0xb7, "31851c27f0515dccb7554d54162c7b9db37edff2415d5589b53027d4db2f9527a9858f2910b19c7737136d933c4cb8b186a2cb77d33dc186120309d0107aae1822ca939dc88880a147e71f89f5936e8d68041d7e8bcc0f1b2831ed25db982a9cd8fcd5160c5cdc0cbe25dce28dc9925779fc4799284de17406d9ac3b5e35515e37ca5568297e0d3e19d80a5d5addb3184fec9543e41f70eb1bcd9a87da2f4b39e15dca2e549f43749edc5d2150d9349f08894e39ac26f6"}, {0xdd, 0xba, "1cb11f4c9767b25df19d1cb86cc9f4059996ff0021375555251d74cf6f777d24ac2b13bbd9b9d6f27b608e3a58d27ba7b7e16a8e13f0d8f288fa3e9a5e6c9ba0bd7028c0866f7cec56d3e0ae5cb3c8963c4d6e991fbd1547b046152bed86b40dc529d6663ed96a2f54759ca9fd4841407c6fb63f588fed1344890b04c3914826eaa5b022f53aa9fb6bffaa0370be496fc201cd5b33db589eb87730dee906175a89a626342c521f0b18b5cb5ed9de356bf155e503ca39d841b335"}, {0xdd, 0x25, "523a4aa23e4123ca5c555c2b2bf412911511b4b39a758f6e3a496d64414c19f01ba62cf366"}, {0xdd, 0x12, "0941a0e096d40b7d3b60bec79aa8aaa3f566"}, {0xdd, 0x3f, "7b1f666daa2c5732ac642cd918aea5ee68d9287e589b7d5326dd3b2bfb9e3d1679ee7c57f9ddfe7cc6179e25076e5fbf36bd5882a567a92f5c2ba4e5d1fe2e"}, {0xdd, 0xb, "0da71e815422994325dfec"}, {0xdd, 0x65, "30d8ac98fdedffdf2ad390d8c532101bdebf905f4f96a12b5400578c02f802cac6cedd077c38a52b4fb790de3ab2c28eed8f45baef37217a654a07159fd6efe9fc5a4effdb0327c0802a3a873e92979e62ab34d31a748ae171a86d656075c5a8c88eaba15c"}, {0xdd, 0x6, "4f3fef835ea8"}]}}]}, 0x354}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd, 0x0, 0x20000000, 0x8020, 0x0, 0x0, {0x2}}) r4 = memfd_secret(0x0) syz_io_uring_submit(0x0, 0x0, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$SCSI_IOCTL_GET_PCI(r6, 0x5393, &(0x7f0000000000)) socket$caif_stream(0x25, 0x1, 0x1000004) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) socket$inet6(0xa, 0x800, 0xfffffffb) 1.060104587s ago: executing program 4 (id=668): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f000001f9c0)={0xa, {0x8000}}) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f00000000c0)={0x2, 0x0, 0x0, {0x0, 0x0, 0xffffffff}}) 1.048480008s ago: executing program 1 (id=669): memfd_create(0x0, 0x0) syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040e0440020405"], 0x7) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0) 820.04347ms ago: executing program 2 (id=670): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0xae64, 0x0) 749.257072ms ago: executing program 1 (id=671): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xf101}) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xa) 627.852929ms ago: executing program 4 (id=672): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)={{0x14}, [@NFT_MSG_NEWTABLE={0xe8, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xba, 0x6, "e9eec003775c64e64f439fc0b5fb34bcd039590bba579a25436e11f718b64e3e01796b9e930a3d8eefa0bccf8429a311f3ce5ec5a0a7bb9e08c60e03cbcdd726725fb9b1bd1000cf2a77ab6ab91f2294634073ea59b8de2361cdd8045c5fdb81611e843cb814e4cfe672542287ebd3b2ed48dca1a08690b05bb9bbbcc05551bd05e4c6e0625fcae04323e0f29dbad3c57456d2ca020462188e1236ebe6da1442c71ab0a8ebfaacef2710111417370a0f8cd19c5f9e1a"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0xa8, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_POLICY={0x8}, @NFTA_CHAIN_COUNTERS={0x4c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xffff}, @NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x10001}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x14}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x9}]}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_HOOK={0x1c, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6b10a621}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4e73b858}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x109, 0x0, 0x0, {0x5}}], {0x14}}, 0x1cc}, 0x1, 0x0, 0x0, 0x5d04b4753047a371}, 0x0) 627.666913ms ago: executing program 0 (id=673): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b2af0ff00000000d609080000000000c39af0ffa0000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000001500000076000000bf9800000000000067080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 625.524647ms ago: executing program 3 (id=675): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)="d800000018007b18e00212ba0d8105040a3f1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000003f00000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fba8cae8c9010000734d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5000000000000", 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0) 460.95348ms ago: executing program 2 (id=676): openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) setxattr$incfs_metadata(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000600), 0x0, 0x0, 0x0) removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.id\x00') 383.904789ms ago: executing program 4 (id=677): r0 = socket$kcm(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8923, &(0x7f0000000240)={'virt_wifi0\x00', @ifru_settings={0x4, 0x0, @fr=0x0}}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 256.422739ms ago: executing program 0 (id=678): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @multicast}]}}}]}, 0x40}}, 0x0) 222.11324ms ago: executing program 2 (id=679): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001980)={0xf, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3267078b089b34083b681a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b313b0d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e924afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) 0s ago: executing program 2 (id=680): r0 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) kernel console output (not intermixed with test programs): mode [ 142.715689][ T53] veth0_vlan: left promiscuous mode [ 142.814193][ T5236] Bluetooth: hci0: command tx timeout [ 142.894742][ T5236] Bluetooth: hci4: command tx timeout [ 143.160248][ T53] team0 (unregistering): Port device team_slave_1 removed [ 143.198273][ T53] team0 (unregistering): Port device team_slave_0 removed [ 143.853382][ T53] team0 (unregistering): Port device team_slave_1 removed [ 143.889801][ T53] team0 (unregistering): Port device team_slave_0 removed [ 144.251095][ T6418] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.260790][ T6418] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.269597][ T6418] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.278417][ T6418] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.385590][ T6509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 144.639700][ T6583] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.766709][ T6509] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.830528][ T5722] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.861328][ T5722] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.890803][ T6583] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.908780][ T5236] Bluetooth: hci0: command tx timeout [ 144.956473][ T5722] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.963584][ T5722] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.964504][ T2529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.979139][ T5236] Bluetooth: hci4: command tx timeout [ 144.985939][ T2529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.031992][ T6509] veth0_vlan: entered promiscuous mode [ 145.097203][ T5722] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.104366][ T5722] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.143463][ T6648] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 145.161898][ T6720] netlink: 'syz.3.158': attribute type 1 has an invalid length. [ 145.172844][ T6720] netlink: 'syz.3.158': attribute type 2 has an invalid length. [ 145.182787][ T6720] netlink: 16074 bytes leftover after parsing attributes in process `syz.3.158'. [ 145.198152][ T6648] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 145.218633][ T6648] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 145.331773][ T6648] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 145.391398][ T6509] veth1_vlan: entered promiscuous mode [ 145.527371][ T6509] veth0_macvtap: entered promiscuous mode [ 145.552818][ T5236] Bluetooth: hci3: unexpected cc 0x1408 length: 57 > 4 [ 145.592176][ T6509] veth1_macvtap: entered promiscuous mode [ 145.653306][ T6583] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 145.737004][ T6509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.749964][ T6509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.762090][ T6509] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 145.849703][ T6740] snd_dummy snd_dummy.0: control 0:0:0:syz1:1048576 is already present [ 145.855598][ T6649] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 145.877402][ T6649] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 145.889176][ T6649] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 145.908550][ T6583] veth0_vlan: entered promiscuous mode [ 145.921674][ T6509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.933460][ T6509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.963221][ T6509] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.974182][ T6649] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 145.993361][ T6583] veth1_vlan: entered promiscuous mode [ 146.017435][ T6648] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.032669][ T6509] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.043807][ T6509] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.058449][ T6509] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.070947][ T6509] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.147099][ T6648] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.208006][ T5722] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.215221][ T5722] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.247315][ T6583] veth0_macvtap: entered promiscuous mode [ 146.290183][ T6583] veth1_macvtap: entered promiscuous mode [ 146.314646][ T5733] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.321792][ T5733] bridge0: port 2(bridge_slave_1) entered forwarding state [ 146.392826][ T2529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.435691][ T2529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.475508][ T6583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.489849][ T6583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.505704][ T6583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.522668][ T6583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.540445][ T6583] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.585107][ T5733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.601922][ T5733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.602781][ T6583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.674046][ T6583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.686435][ T6583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.704069][ T6583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.720304][ T6583] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 146.766990][ T6583] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.793032][ T6583] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.802316][ T6583] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.817116][ T6583] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.851444][ T6649] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.906413][ T6649] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.973315][ T5722] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.980582][ T5722] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.996701][ T5236] Bluetooth: hci0: command tx timeout [ 147.011478][ T6648] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.055955][ T5236] Bluetooth: hci4: command tx timeout [ 147.115030][ T5722] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.122186][ T5722] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.295625][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.320949][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.410709][ T6649] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 147.454154][ T6649] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 147.493327][ T5733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.516440][ T5733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.542045][ T6648] veth0_vlan: entered promiscuous mode [ 147.596457][ T6648] veth1_vlan: entered promiscuous mode [ 147.681378][ T6649] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.810412][ T6649] veth0_vlan: entered promiscuous mode [ 147.854262][ T6648] veth0_macvtap: entered promiscuous mode [ 147.884135][ T5326] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 147.896234][ T6648] veth1_macvtap: entered promiscuous mode [ 147.939245][ T6649] veth1_vlan: entered promiscuous mode [ 148.010023][ T6648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.030954][ T6648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.056367][ T6648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.082767][ T5326] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 148.084786][ T6648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.104975][ T1847] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 148.113858][ T5326] usb 2-1: New USB device found, idVendor=0499, idProduct=1038, bcdDevice=5b.36 [ 148.124072][ T6648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.143595][ T5326] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.143955][ T6648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.170773][ T5326] usb 2-1: config 0 descriptor?? [ 148.198150][ T5326] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 148.198380][ T6648] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.242667][ T6648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.274708][ T6648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.285134][ T5326] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 148.296205][ T5237] udevd[5237]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 148.312699][ T1847] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 148.313349][ T6648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.330267][ T1847] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.343057][ T6648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.359103][ T6648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.370722][ T6648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.393160][ T6648] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.415338][ T1847] usb 3-1: config 0 descriptor?? [ 148.470428][ T6649] veth0_macvtap: entered promiscuous mode [ 148.519252][ T6648] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.539816][ T6648] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.563777][ T6648] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.573295][ T6648] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.607078][ T6649] veth1_macvtap: entered promiscuous mode [ 148.678222][ T1847] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 148.681162][ T5283] usb 2-1: USB disconnect, device number 10 [ 148.708407][ T1847] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 148.719954][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.761601][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.808796][ T1847] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 148.814439][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.841134][ T1847] [drm] Initialized udl on minor 2 [ 148.848945][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.882603][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.901980][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.922696][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 148.943150][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.965982][ T6649] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.966071][ T6828] netlink: 4 bytes leftover after parsing attributes in process `syz.3.200'. [ 149.017176][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.043995][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.054664][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.065363][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.075443][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.086173][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.096294][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.106959][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.119438][ T6649] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.149581][ T6831] netlink: 'syz.3.200': attribute type 29 has an invalid length. [ 149.157709][ T6831] netlink: 'syz.3.200': attribute type 29 has an invalid length. [ 149.181483][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.215519][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.234818][ T1847] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 149.246142][ T6649] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.255065][ T6649] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.263784][ T6649] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.289245][ T1847] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 149.298119][ T6649] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.309511][ T5287] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 149.329099][ T1847] usb 3-1: USB disconnect, device number 10 [ 149.343331][ T5287] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 149.429348][ T5733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.467656][ T5733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.540810][ T5716] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.589564][ T5716] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.615330][ T5326] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 149.644112][ T5722] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.662738][ T5722] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.784249][ T5326] usb 2-1: Using ep0 maxpacket: 8 [ 149.810438][ T5326] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 149.836976][ T5326] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.874033][ T5326] usb 2-1: Product: syz [ 149.878291][ T5326] usb 2-1: Manufacturer: syz [ 149.882919][ T5326] usb 2-1: SerialNumber: syz [ 149.934656][ T5326] usb 2-1: config 0 descriptor?? [ 150.044010][ T5282] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 150.204013][ T5233] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 150.215754][ T5326] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 150.244438][ T5282] usb 1-1: Using ep0 maxpacket: 8 [ 150.265500][ T5282] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 150.302743][ T5282] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 150.342353][ T5282] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.359264][ T6867] usb usb8: usbfs: process 6867 (syz.2.206) did not claim interface 0 before use [ 150.369941][ T5282] usb 1-1: config 0 descriptor?? [ 150.375286][ T5233] usb 5-1: Using ep0 maxpacket: 32 [ 150.393804][ T5282] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 150.413703][ T5233] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 150.442685][ T5233] usb 5-1: New USB device found, idVendor=08ca, idProduct=2060, bcdDevice=c6.58 [ 150.462919][ T5233] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.480655][ T5233] usb 5-1: Product: syz [ 150.485212][ T5233] usb 5-1: Manufacturer: syz [ 150.489891][ T5233] usb 5-1: SerialNumber: syz [ 150.535038][ T5233] usb 5-1: config 0 descriptor?? [ 150.573767][ T5233] gspca_main: sunplus-2.14.0 probing 08ca:2060 [ 150.615305][ T6872] netlink: 'syz.2.207': attribute type 1 has an invalid length. [ 150.644703][ T6872] netlink: 'syz.2.207': attribute type 2 has an invalid length. [ 150.652451][ T6872] netlink: 16074 bytes leftover after parsing attributes in process `syz.2.207'. [ 150.709164][ T5282] gspca_vc032x: reg_r err -71 [ 150.730913][ T5282] vc032x 1-1:0.0: probe with driver vc032x failed with error -71 [ 150.788431][ T5282] usb 1-1: USB disconnect, device number 7 [ 150.874028][ T1847] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 151.046222][ T1847] usb 4-1: Using ep0 maxpacket: 32 [ 151.077636][ T1847] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 151.091418][ T1847] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 151.104130][ T1847] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 32595, setting to 1024 [ 151.116293][ T1847] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 151.135768][ T1847] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 151.157857][ T1847] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 151.184122][ T1847] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 151.197457][ T1847] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 151.219839][ T1847] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 151.230858][ T1847] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 151.244823][ T1847] usb 4-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 151.262603][ T1847] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.277815][ T1847] usb 4-1: Product: syz [ 151.282513][ T1847] usb 4-1: Manufacturer: syz [ 151.297449][ T1847] usb 4-1: SerialNumber: syz [ 151.314069][ T1847] usb 4-1: config 0 descriptor?? [ 151.324917][ T6874] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22 [ 151.334541][ T6874] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22 [ 151.602291][ T1847] cxacru 4-1:0.0: submit of read urb for cm 0x90 failed (-8) [ 151.627199][ T1847] cxacru 4-1:0.0: usbatm_usb_probe: invalid endpoint 02! [ 151.650653][ T1847] cxacru 4-1:0.0: probe with driver cxacru failed with error -22 [ 151.670647][ T6892] netlink: 4 bytes leftover after parsing attributes in process `syz.0.213'. [ 151.672862][ T1847] usb 4-1: USB disconnect, device number 11 [ 151.712228][ T6892] netlink: 'syz.0.213': attribute type 29 has an invalid length. [ 151.741925][ T6892] netlink: 'syz.0.213': attribute type 29 has an invalid length. [ 152.180016][ T5233] gspca_sunplus: reg_r err -32 [ 152.185673][ T5233] sunplus 5-1:0.0: probe with driver sunplus failed with error -32 [ 152.223706][ T5233] usb 5-1: USB disconnect, device number 7 [ 152.634185][ T5282] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 152.744532][ T5233] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 152.795957][ T5282] usb 4-1: Using ep0 maxpacket: 32 [ 152.851690][ T5282] usb 4-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice=da.88 [ 152.863925][ T5282] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.885815][ T5282] usb 4-1: Product: syz [ 152.896393][ T5233] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 152.905919][ T5233] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.916056][ T5282] usb 4-1: Manufacturer: syz [ 152.920985][ T5282] usb 4-1: SerialNumber: syz [ 152.936704][ T5233] usb 1-1: config 0 descriptor?? [ 152.965843][ T5282] usb 4-1: config 0 descriptor?? [ 152.978401][ T5282] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input9 [ 153.152475][ T5233] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 153.183234][ T4670] bcm5974 4-1:0.0: could not read from device [ 153.201045][ T5233] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 153.214851][ T5282] usb 4-1: USB disconnect, device number 12 [ 153.241769][ T4670] bcm5974 4-1:0.0: could not read from device [ 153.276440][ T4670] bcm5974 4-1:0.0: could not read from device [ 153.291908][ T5233] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 153.313935][ T5233] [drm] Initialized udl on minor 2 [ 153.421842][ T6925] netlink: 'syz.4.229': attribute type 1 has an invalid length. [ 153.430730][ T6925] netlink: 4 bytes leftover after parsing attributes in process `syz.4.229'. [ 153.633796][ T5326] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 153.642589][ T5233] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 153.661699][ T5233] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 153.673243][ T5282] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 153.674504][ T5326] usb 2-1: USB disconnect, device number 11 [ 153.699756][ T5233] usb 1-1: USB disconnect, device number 8 [ 153.720506][ T5282] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 153.749893][ T5282] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 153.822380][ T6932] netlink: 4 bytes leftover after parsing attributes in process `syz.4.231'. [ 153.842973][ T6932] netlink: 'syz.4.231': attribute type 29 has an invalid length. [ 153.852409][ T6932] netlink: 'syz.4.231': attribute type 29 has an invalid length. [ 154.123997][ T5282] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 154.271802][ T6945] netlink: 'syz.2.237': attribute type 21 has an invalid length. [ 154.279990][ T6945] netlink: 132 bytes leftover after parsing attributes in process `syz.2.237'. [ 154.299904][ T5282] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 154.311756][ T5282] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.320240][ T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 154.335323][ T5282] usb 4-1: config 0 descriptor?? [ 154.369259][ T6949] netlink: 12 bytes leftover after parsing attributes in process `syz.0.238'. [ 154.455541][ T6952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.238'. [ 154.466565][ T6952] netlink: 'syz.0.238': attribute type 29 has an invalid length. [ 154.474437][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 154.479301][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.480492][ T6952] netlink: 'syz.0.238': attribute type 29 has an invalid length. [ 154.503677][ T9] usb 2-1: New USB device found, idVendor=08ca, idProduct=2060, bcdDevice=c6.58 [ 154.520973][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.529741][ T9] usb 2-1: Product: syz [ 154.541013][ T9] usb 2-1: Manufacturer: syz [ 154.561886][ T6954] netlink: 96 bytes leftover after parsing attributes in process `syz.2.240'. [ 154.578819][ T9] usb 2-1: SerialNumber: syz [ 154.589992][ T5282] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 154.599751][ T9] usb 2-1: config 0 descriptor?? [ 154.610621][ T5282] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 154.621521][ T9] gspca_main: sunplus-2.14.0 probing 08ca:2060 [ 154.639203][ T5282] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 154.654459][ T5282] [drm] Initialized udl on minor 2 [ 155.023174][ T5282] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 155.047298][ T5282] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 155.058256][ T5233] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 155.069148][ T5282] usb 4-1: USB disconnect, device number 13 [ 155.077026][ T5233] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 155.151976][ T6963] bond1: entered promiscuous mode [ 155.170200][ T6963] bond1: entered allmulticast mode [ 155.177805][ T6963] 8021q: adding VLAN 0 to HW filter on device bond1 [ 155.509471][ T6963] bond1 (unregistering): Released all slaves [ 155.695727][ T6976] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551615) [ 155.711847][ T6976] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 155.906777][ T6984] netlink: 4 bytes leftover after parsing attributes in process `syz.0.250'. [ 155.921371][ T6984] netlink: 'syz.0.250': attribute type 29 has an invalid length. [ 155.931650][ T6984] netlink: 'syz.0.250': attribute type 29 has an invalid length. [ 155.950007][ T47] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 155.956695][ T6985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.251'. [ 155.983085][ T6985] netlink: 'syz.4.251': attribute type 29 has an invalid length. [ 155.991193][ T6985] netlink: 'syz.4.251': attribute type 29 has an invalid length. [ 156.014211][ T6986] netlink: 28 bytes leftover after parsing attributes in process `syz.2.252'. [ 156.023195][ T6986] netlink: 'syz.2.252': attribute type 7 has an invalid length. [ 156.055349][ T6986] netlink: 'syz.2.252': attribute type 8 has an invalid length. [ 156.064302][ T6986] netlink: 4 bytes leftover after parsing attributes in process `syz.2.252'. [ 156.092417][ T6986] syz_tun: entered promiscuous mode [ 156.121607][ T6986] batadv_slave_1: entered promiscuous mode [ 156.135904][ T47] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 156.145268][ T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.157889][ T47] usb 4-1: config 0 descriptor?? [ 156.177968][ T6986] gretap0: entered promiscuous mode [ 156.253556][ T9] gspca_sunplus: reg_r err -32 [ 156.279059][ T9] sunplus 2-1:0.0: probe with driver sunplus failed with error -32 [ 156.297550][ T9] usb 2-1: USB disconnect, device number 12 [ 156.371694][ T47] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 156.390446][ T47] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 156.422407][ T47] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 156.446351][ T47] [drm] Initialized udl on minor 2 [ 156.807184][ T47] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 156.819190][ T47] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 156.827906][ T5326] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 156.837695][ T47] usb 4-1: USB disconnect, device number 14 [ 156.845349][ T5326] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 157.008825][ T6583] syz_tun (unregistering): left promiscuous mode [ 157.202688][ T5236] Bluetooth: hci4: hardware error 0x00 [ 157.371671][ T5716] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.424310][ T5326] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 157.485774][ T7006] netlink: 4 bytes leftover after parsing attributes in process `syz.1.260'. [ 157.531858][ T7006] bridge_slave_1: left allmulticast mode [ 157.553219][ T7006] bridge_slave_1: left promiscuous mode [ 157.581096][ T7006] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.633970][ T7006] bridge_slave_0: left allmulticast mode [ 157.635345][ T5326] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 157.639808][ T7006] bridge_slave_0: left promiscuous mode [ 157.668761][ T7006] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.681842][ T5326] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.741979][ T5326] usb 1-1: config 0 descriptor?? [ 157.779923][ T7010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.263'. [ 157.848943][ T7011] netlink: 'syz.3.263': attribute type 29 has an invalid length. [ 157.873115][ T7011] netlink: 'syz.3.263': attribute type 29 has an invalid length. [ 157.917483][ T5716] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.982199][ T5326] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 158.001268][ T5326] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 158.035752][ T5326] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 158.067916][ T5326] [drm] Initialized udl on minor 2 [ 158.116935][ T5716] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.169237][ T5238] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 158.179108][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 158.187961][ T5238] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 158.200392][ T5238] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 158.216014][ T5238] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 158.233488][ T5238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 158.302372][ T5716] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.433206][ T5326] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 158.448546][ T5326] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 158.477589][ T5274] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 158.477713][ T5274] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 158.486042][ T5326] usb 1-1: USB disconnect, device number 9 [ 158.551900][ T5238] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 158.561851][ T5238] CPU: 1 UID: 0 PID: 5238 Comm: kworker/u9:4 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 158.572732][ T5238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 158.582820][ T5238] Workqueue: hci2 hci_rx_work [ 158.587559][ T5238] Call Trace: [ 158.590887][ T5238] [ 158.593839][ T5238] dump_stack_lvl+0x241/0x360 [ 158.598547][ T5238] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.603774][ T5238] ? __pfx__printk+0x10/0x10 [ 158.608393][ T5238] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 158.613708][ T5238] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 158.619293][ T5238] sysfs_create_dir_ns+0x2ce/0x3a0 [ 158.624439][ T5238] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 158.630105][ T5238] kobject_add_internal+0x435/0x8d0 [ 158.635338][ T5238] kobject_add+0x152/0x220 [ 158.639778][ T5238] ? do_raw_spin_unlock+0x13c/0x8b0 [ 158.645006][ T5238] ? device_add+0x3e7/0xbf0 [ 158.649539][ T5238] ? __pfx_kobject_add+0x10/0x10 [ 158.654499][ T5238] ? _raw_spin_unlock+0x28/0x50 [ 158.659383][ T5238] ? get_device_parent+0x165/0x410 [ 158.664532][ T5238] device_add+0x4e5/0xbf0 [ 158.668894][ T5238] hci_conn_add_sysfs+0xe8/0x200 [ 158.673860][ T5238] le_conn_complete_evt+0xc9f/0x12e0 [ 158.679181][ T5238] ? trace_contention_end+0x3c/0x120 [ 158.684500][ T5238] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 158.690264][ T5238] ? __mutex_unlock_slowpath+0x21d/0x750 [ 158.696010][ T5238] ? __copy_skb_header+0x437/0x5b0 [ 158.701150][ T5238] ? skb_pull_data+0x112/0x230 [ 158.705947][ T5238] hci_le_enh_conn_complete_evt+0x185/0x420 [ 158.711879][ T5238] hci_event_packet+0xa55/0x1540 [ 158.716848][ T5238] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 158.722172][ T5238] ? __pfx_hci_event_packet+0x10/0x10 [ 158.727577][ T5238] ? set_advertising_complete+0x6b0/0x6f0 [ 158.733326][ T5238] ? kcov_remote_start+0x97/0x7d0 [ 158.738387][ T5238] hci_rx_work+0x3fe/0xd80 [ 158.742838][ T5238] ? process_scheduled_works+0x976/0x1850 [ 158.748581][ T5238] process_scheduled_works+0xa63/0x1850 [ 158.754270][ T5238] ? __pfx_process_scheduled_works+0x10/0x10 [ 158.760299][ T5238] ? assign_work+0x364/0x3d0 [ 158.764926][ T5238] worker_thread+0x870/0xd30 [ 158.769557][ T5238] ? __kthread_parkme+0x169/0x1d0 [ 158.774614][ T5238] ? __pfx_worker_thread+0x10/0x10 [ 158.779760][ T5238] kthread+0x2f0/0x390 [ 158.783852][ T5238] ? __pfx_worker_thread+0x10/0x10 [ 158.789011][ T5238] ? __pfx_kthread+0x10/0x10 [ 158.793630][ T5238] ret_from_fork+0x4b/0x80 [ 158.798085][ T5238] ? __pfx_kthread+0x10/0x10 [ 158.802701][ T5238] ret_from_fork_asm+0x1a/0x30 [ 158.807510][ T5238] [ 158.820213][ T5238] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 158.840906][ T5238] Bluetooth: hci2: failed to register connection device [ 158.859151][ T5716] bridge_slave_1: left allmulticast mode [ 158.873941][ T5716] bridge_slave_1: left promiscuous mode [ 158.879680][ T5716] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.961204][ T5716] bridge_slave_0: left allmulticast mode [ 159.014055][ T5716] bridge_slave_0: left promiscuous mode [ 159.019816][ T5716] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.178623][ T7041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.270'. [ 159.225734][ T7041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.270'. [ 159.252624][ T7041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.270'. [ 159.306734][ T5236] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 159.433252][ T7041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.270'. [ 159.624095][ T5233] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 159.660252][ T5716] gretap0 (unregistering): left promiscuous mode [ 159.800788][ T5233] usb 1-1: Using ep0 maxpacket: 16 [ 159.817701][ T5233] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 159.833940][ T5233] usb 1-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 159.849050][ T5233] usb 1-1: Product: syz [ 159.853253][ T5233] usb 1-1: Manufacturer: syz [ 159.870657][ T5233] usb 1-1: SerialNumber: syz [ 159.894824][ T5233] usb 1-1: config 0 descriptor?? [ 159.913367][ T5233] usb 1-1: selecting invalid altsetting 1 [ 159.981411][ T5233] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 160.038180][ T5716] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 160.062208][ T5237] udevd[5237]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 160.117542][ T5716] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 160.142726][ T5716] bond0 (unregistering): Released all slaves [ 160.180477][ T7041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 160.204172][ T7015] chnl_net:caif_netlink_parms(): no params data found [ 160.255560][ T7041] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 160.313387][ T5326] usb 1-1: USB disconnect, device number 10 [ 160.335332][ T5236] Bluetooth: hci1: command tx timeout [ 160.535472][ T29] audit: type=1400 audit(1728061291.349:265): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A9A47D62AA50F45F72391BACA3346E8A82F2F262D2A83D1 pid=7069 comm="syz.1.278" [ 160.781546][ T7015] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.802385][ T7015] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.832263][ T7015] bridge_slave_0: entered allmulticast mode [ 160.843315][ T7015] bridge_slave_0: entered promiscuous mode [ 160.844141][ T47] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 160.891651][ T5716] batadv_slave_1: left promiscuous mode [ 160.904434][ T5236] Bluetooth: hci2: command tx timeout [ 161.031719][ T5716] hsr_slave_0: left promiscuous mode [ 161.046226][ T5716] hsr_slave_1: left promiscuous mode [ 161.065660][ T47] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 161.075301][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 161.075340][ T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.083551][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.128758][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 161.128947][ T47] usb 4-1: config 0 descriptor?? [ 161.155117][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 161.166108][ T7095] __nla_validate_parse: 5 callbacks suppressed [ 161.166126][ T7095] netlink: 12 bytes leftover after parsing attributes in process `syz.4.283'. [ 161.173128][ T7101] netlink: 4 bytes leftover after parsing attributes in process `syz.1.284'. [ 161.207827][ T5716] veth1_macvtap: left promiscuous mode [ 161.213546][ T5716] veth0_macvtap: left promiscuous mode [ 161.226695][ T5716] veth1_vlan: left promiscuous mode [ 161.230657][ T7105] netlink: 'syz.1.284': attribute type 29 has an invalid length. [ 161.235373][ T5716] veth0_vlan: left promiscuous mode [ 161.274117][ T7105] netlink: 'syz.1.284': attribute type 29 has an invalid length. [ 161.274289][ T5274] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 161.357892][ T7106] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 161.386894][ T47] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 161.407417][ T47] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 161.441362][ T47] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 161.457227][ T47] [drm] Initialized udl on minor 2 [ 161.509709][ T5274] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 161.520499][ T5274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.539889][ T5274] usb 1-1: config 0 descriptor?? [ 161.634572][ T5326] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 161.775991][ T5274] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 161.792900][ T5274] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 161.801203][ T5326] usb 5-1: Using ep0 maxpacket: 8 [ 161.823641][ T5326] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 161.841375][ T5326] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 161.849943][ T47] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 161.861710][ T5274] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 3 [ 161.873046][ T5326] usb 5-1: Product: syz [ 161.877632][ T47] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 161.885958][ T5287] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 161.896330][ T5274] [drm] Initialized udl on minor 3 [ 161.903447][ T5326] usb 5-1: Manufacturer: syz [ 161.909668][ T5326] usb 5-1: SerialNumber: syz [ 161.914536][ T5287] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 161.932660][ T47] usb 4-1: USB disconnect, device number 15 [ 161.942893][ T5287] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 161.950756][ T5326] usb 5-1: config 0 descriptor?? [ 161.976758][ T5326] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 162.220331][ T5274] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 162.230596][ T5274] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 162.239506][ T5287] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 162.249313][ T5716] team0 (unregistering): Port device team_slave_1 removed [ 162.258646][ T5287] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 162.272170][ T5274] usb 1-1: USB disconnect, device number 11 [ 162.283094][ T5287] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 162.358914][ T5716] team0 (unregistering): Port device team_slave_0 removed [ 162.425486][ T5236] Bluetooth: hci1: command tx timeout [ 162.936220][ T5326] gspca_zc3xx: reg_w_i err -110 [ 162.957417][ T5326] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -110 [ 163.903615][ T7015] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.911214][ T7015] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.919789][ T7015] bridge_slave_1: entered allmulticast mode [ 163.927216][ T7015] bridge_slave_1: entered promiscuous mode [ 163.972610][ T9] usb 5-1: USB disconnect, device number 8 [ 163.987603][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 164.145059][ T7134] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 164.148795][ T7015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 164.155664][ T7134] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 164.178987][ T7134] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 164.303583][ T7015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 164.456449][ T7015] team0: Port device team_slave_0 added [ 164.495559][ T5236] Bluetooth: hci1: command tx timeout [ 164.544547][ T7015] team0: Port device team_slave_1 added [ 164.666358][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 164.699898][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.752489][ T7144] mmap: syz.3.296 (7144) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 164.771749][ T7015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 164.847052][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 164.872150][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.983157][ T7015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 165.284033][ T5326] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 165.349303][ T7163] netlink: 96 bytes leftover after parsing attributes in process `syz.3.301'. [ 165.456413][ T5326] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 165.472290][ T5326] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.517043][ T5326] usb 1-1: config 0 descriptor?? [ 165.829951][ T5326] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 165.838645][ T5326] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 165.895150][ T5326] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 165.901923][ T5326] [drm] Initialized udl on minor 2 [ 166.277052][ T5326] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 166.277259][ T5326] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 166.290102][ T47] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 166.290742][ T5326] usb 1-1: USB disconnect, device number 12 [ 166.304080][ T47] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 166.304196][ T47] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 166.574042][ T5236] Bluetooth: hci1: command tx timeout [ 167.049679][ T7015] hsr_slave_0: entered promiscuous mode [ 167.061126][ T7015] hsr_slave_1: entered promiscuous mode [ 167.084756][ T7015] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 167.092665][ T7015] Cannot create hsr debugfs directory [ 167.187840][ T7179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.307'. [ 167.260660][ T7182] netlink: 'syz.1.308': attribute type 30 has an invalid length. [ 167.521134][ T7191] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 167.524762][ T7195] netlink: 96 bytes leftover after parsing attributes in process `syz.1.311'. [ 167.805480][ T5274] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 168.004260][ T5274] usb 1-1: Using ep0 maxpacket: 8 [ 168.026884][ T5274] usb 1-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 168.063956][ T5274] usb 1-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 168.083778][ T5274] usb 1-1: Product: syz [ 168.117582][ T5274] usb 1-1: Manufacturer: syz [ 168.138437][ T5274] usb 1-1: SerialNumber: syz [ 168.158810][ T5274] usb 1-1: config 0 descriptor?? [ 168.201898][ T5274] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 168.901961][ T7015] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 168.914638][ T5274] gspca_zc3xx: reg_w_i err -71 [ 168.922288][ T5274] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 168.987024][ T5274] usb 1-1: USB disconnect, device number 13 [ 169.028480][ T7015] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 169.066887][ T7015] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 169.204074][ T47] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 169.252652][ T7015] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 169.336477][ T7015] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.376296][ T7015] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.398089][ T2529] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.405244][ T2529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 169.433964][ T47] usb 5-1: Using ep0 maxpacket: 8 [ 169.452737][ T47] usb 5-1: config 0 has an invalid interface number: 181 but max is 0 [ 169.473959][ T47] usb 5-1: config 0 has no interface number 0 [ 169.484878][ T47] usb 5-1: New USB device found, idVendor=04cb, idProduct=0121, bcdDevice=2e.e6 [ 169.491986][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.501111][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 169.526352][ T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.549686][ T47] usb 5-1: Product: syz [ 169.579639][ T7015] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 169.600481][ T47] usb 5-1: Manufacturer: syz [ 169.618881][ T47] usb 5-1: SerialNumber: syz [ 169.635096][ T47] usb 5-1: config 0 descriptor?? [ 169.704837][ T47] gspca_main: finepix-2.14.0 probing 04cb:0121 [ 169.751705][ T7015] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 169.818345][ T7230] ebtables: wrong size: *len 80, entries_size 48, replsz 48 [ 169.918380][ T7015] veth0_vlan: entered promiscuous mode [ 169.958861][ T7015] veth1_vlan: entered promiscuous mode [ 170.119872][ T7015] veth0_macvtap: entered promiscuous mode [ 170.167370][ T7015] veth1_macvtap: entered promiscuous mode [ 170.245771][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.292560][ T7217] sctp: [Deprecated]: syz.4.312 (pid 7217) Use of struct sctp_assoc_value in delayed_ack socket option. [ 170.292560][ T7217] Use struct sctp_sack_info instead [ 170.314099][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.334752][ T5236] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 170.337775][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.343362][ T5236] Bluetooth: hci3: Injecting HCI hardware error event [ 170.354024][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.364821][ T5236] Bluetooth: hci3: hardware error 0x00 [ 170.370714][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.386793][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.396610][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.407075][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.418194][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.704999][ T7248] netlink: 16 bytes leftover after parsing attributes in process `syz.0.315'. [ 170.766248][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.778905][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.789021][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.810720][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.841636][ T9] usb 5-1: USB disconnect, device number 9 [ 170.858099][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.877250][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.891653][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.903747][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.928118][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 171.062334][ T7254] netlink: 16 bytes leftover after parsing attributes in process `syz.1.316'. [ 171.120115][ T7015] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.149262][ T7015] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.190326][ T7015] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.241077][ T7015] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.264354][ T29] audit: type=1326 audit(1728061302.089:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7258 comm="syz.0.317" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x0 [ 171.521832][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.553737][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.681909][ T5733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.707402][ T5285] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 171.715455][ T5733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.867160][ T5238] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 171.884107][ T5238] CPU: 1 UID: 0 PID: 5238 Comm: kworker/u9:4 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 171.895017][ T5238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 171.905081][ T5238] Workqueue: hci0 hci_rx_work [ 171.909771][ T5238] Call Trace: [ 171.913043][ T5238] [ 171.915971][ T5238] dump_stack_lvl+0x241/0x360 [ 171.920660][ T5238] ? __pfx_dump_stack_lvl+0x10/0x10 [ 171.925941][ T5238] ? __pfx__printk+0x10/0x10 [ 171.930618][ T5238] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 171.935905][ T5238] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 171.941451][ T5238] sysfs_create_dir_ns+0x2ce/0x3a0 [ 171.946572][ T5238] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 171.952219][ T5238] kobject_add_internal+0x435/0x8d0 [ 171.957430][ T5238] kobject_add+0x152/0x220 [ 171.961846][ T5238] ? do_raw_spin_unlock+0x13c/0x8b0 [ 171.967052][ T5238] ? device_add+0x3e7/0xbf0 [ 171.971557][ T5238] ? __pfx_kobject_add+0x10/0x10 [ 171.976492][ T5238] ? _raw_spin_unlock+0x28/0x50 [ 171.981344][ T5238] ? get_device_parent+0x165/0x410 [ 171.986470][ T5238] device_add+0x4e5/0xbf0 [ 171.990836][ T5238] hci_conn_add_sysfs+0xe8/0x200 [ 171.995775][ T5238] le_conn_complete_evt+0xc9f/0x12e0 [ 172.001073][ T5238] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 172.006880][ T5238] ? __mutex_unlock_slowpath+0x21d/0x750 [ 172.012509][ T5238] ? __copy_skb_header+0x437/0x5b0 [ 172.017617][ T5238] ? skb_pull_data+0x112/0x230 [ 172.022390][ T5238] hci_le_enh_conn_complete_evt+0x185/0x420 [ 172.028318][ T5238] hci_event_packet+0xa55/0x1540 [ 172.033259][ T5238] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 172.038548][ T5238] ? __pfx_hci_event_packet+0x10/0x10 [ 172.043928][ T5238] ? set_advertising_complete+0x6b0/0x6f0 [ 172.049660][ T5238] ? kcov_remote_start+0x97/0x7d0 [ 172.054690][ T5238] hci_rx_work+0x3fe/0xd80 [ 172.059114][ T5238] ? process_scheduled_works+0x976/0x1850 [ 172.064844][ T5238] process_scheduled_works+0xa63/0x1850 [ 172.070413][ T5238] ? __pfx_process_scheduled_works+0x10/0x10 [ 172.076485][ T5238] ? assign_work+0x364/0x3d0 [ 172.081076][ T5238] worker_thread+0x870/0xd30 [ 172.085674][ T5238] ? __kthread_parkme+0x169/0x1d0 [ 172.090703][ T5238] ? __pfx_worker_thread+0x10/0x10 [ 172.095822][ T5238] kthread+0x2f0/0x390 [ 172.099888][ T5238] ? __pfx_worker_thread+0x10/0x10 [ 172.104999][ T5238] ? __pfx_kthread+0x10/0x10 [ 172.109675][ T5238] ret_from_fork+0x4b/0x80 [ 172.114091][ T5238] ? __pfx_kthread+0x10/0x10 [ 172.118675][ T5238] ret_from_fork_asm+0x1a/0x30 [ 172.123445][ T5238] [ 172.134263][ T5238] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 172.148946][ T5238] Bluetooth: hci0: failed to register connection device [ 172.214031][ T5326] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 172.345605][ T5285] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 172.354805][ T5285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.386242][ T5285] usb 2-1: config 0 descriptor?? [ 172.392141][ T5326] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 172.410367][ T5326] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 172.455015][ T5326] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.491299][ T5326] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 172.601691][ T7300] netlink: 'syz.3.322': attribute type 30 has an invalid length. [ 172.630000][ T5285] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 172.640106][ T5285] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 172.656024][ T5236] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 172.672640][ T5285] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 172.692098][ T5285] [drm] Initialized udl on minor 2 [ 173.017175][ T7316] netlink: 4 bytes leftover after parsing attributes in process `syz.3.323'. [ 173.049597][ T7316] netlink: 'syz.3.323': attribute type 29 has an invalid length. [ 173.067726][ T5285] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 173.088096][ T7316] netlink: 'syz.3.323': attribute type 29 has an invalid length. [ 173.097672][ T5285] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 173.097869][ T7320] netlink: 20 bytes leftover after parsing attributes in process `syz.4.320'. [ 173.111942][ T9] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 173.178450][ T5285] usb 2-1: USB disconnect, device number 13 [ 173.185170][ T9] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 173.193133][ T9] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 173.515339][ T7337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.327'. [ 173.527729][ T7337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.327'. [ 173.546513][ T5326] stv0680 5-1:4.0: STV(e): camera ping failed!! [ 173.604278][ T7341] netlink: 28 bytes leftover after parsing attributes in process `syz.2.327'. [ 173.775585][ T5326] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 173.812914][ T5326] stv0680 5-1:4.0: last error: 81, command = 0xcb [ 173.839369][ T5326] usb 5-1: USB disconnect, device number 10 [ 173.924074][ T5274] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 174.014139][ T5233] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 174.095694][ T5274] usb 2-1: Using ep0 maxpacket: 8 [ 174.108259][ T5274] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 174.119275][ T5274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.129601][ T5274] usb 2-1: Product: syz [ 174.135108][ T5274] usb 2-1: Manufacturer: syz [ 174.140041][ T5274] usb 2-1: SerialNumber: syz [ 174.150760][ T5274] usb 2-1: config 0 descriptor?? [ 174.215341][ T5233] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 174.233435][ T5233] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.268919][ T5233] usb 1-1: config 0 descriptor?? [ 174.423115][ T5274] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 174.521276][ T5233] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 174.566132][ T5233] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 174.589261][ T5233] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 174.611628][ T5233] [drm] Initialized udl on minor 2 [ 175.007427][ T5233] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 175.036977][ T5233] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 175.053807][ T5282] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 175.074142][ T7347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.076884][ T5282] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 175.091128][ T5233] usb 1-1: USB disconnect, device number 14 [ 175.112982][ T5282] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 175.132224][ T7347] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.168748][ T7392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.342'. [ 175.198716][ T7395] netlink: 'syz.4.343': attribute type 33 has an invalid length. [ 175.211912][ T7395] netlink: 152 bytes leftover after parsing attributes in process `syz.4.343'. [ 175.225821][ T7392] netlink: 'syz.2.342': attribute type 29 has an invalid length. [ 175.264154][ T7392] netlink: 'syz.2.342': attribute type 29 has an invalid length. [ 175.405012][ T7399] netlink: 44 bytes leftover after parsing attributes in process `syz.4.346'. [ 175.621093][ T5274] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 175.634065][ T5233] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 175.643069][ T5274] usb 2-1: USB disconnect, device number 14 [ 175.836340][ T5233] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 175.857572][ T5233] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 175.872652][ T5233] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.900361][ T5233] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 176.031901][ T5722] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.144447][ T5722] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.167612][ T7413] netlink: 4 bytes leftover after parsing attributes in process `syz.2.352'. [ 176.192917][ T7413] netlink: 'syz.2.352': attribute type 29 has an invalid length. [ 176.201931][ T7413] netlink: 'syz.2.352': attribute type 29 has an invalid length. [ 176.243805][ T5722] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.337908][ T5722] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.495321][ T5236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 176.507448][ T5236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 176.516052][ T5236] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 176.537558][ T5236] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 176.546662][ T5236] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 176.553200][ T7418] netlink: 20 bytes leftover after parsing attributes in process `syz.3.347'. [ 176.570205][ T5236] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 176.579363][ T5722] bridge_slave_1: left allmulticast mode [ 176.638646][ T5722] bridge_slave_1: left promiscuous mode [ 176.646907][ T5722] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.666162][ T5722] bridge_slave_0: left allmulticast mode [ 176.671852][ T5722] bridge_slave_0: left promiscuous mode [ 176.684186][ T5722] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.054249][ T5233] stv0680 4-1:4.0: STV(e): camera ping failed!! [ 177.214736][ T5285] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 177.378052][ T5285] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 177.388575][ T5285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.412323][ T5285] usb 2-1: config 0 descriptor?? [ 177.574248][ T5233] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -110 [ 177.582655][ T5233] stv0680 4-1:4.0: last error: 81, command = 0xcb [ 177.631135][ T5285] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 177.647786][ T5285] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 177.683913][ T5285] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 177.692292][ T5285] [drm] Initialized udl on minor 2 [ 177.800183][ T5722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 177.812496][ T5722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.824141][ T5722] bond0 (unregistering): Released all slaves [ 177.981762][ T5326] usb 4-1: USB disconnect, device number 16 [ 178.069674][ T5285] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 178.078027][ T5285] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 178.086312][ T9] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 178.096395][ T5285] usb 2-1: USB disconnect, device number 15 [ 178.103310][ T9] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 178.225652][ T7443] netlink: 96 bytes leftover after parsing attributes in process `syz.2.364'. [ 178.552662][ T5722] hsr_slave_0: left promiscuous mode [ 178.558866][ T5722] hsr_slave_1: left promiscuous mode [ 178.567017][ T5722] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.576189][ T5722] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 178.584231][ T5722] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 178.591962][ T5722] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 178.646828][ T5722] veth1_macvtap: left promiscuous mode [ 178.652560][ T5722] veth0_macvtap: left promiscuous mode [ 178.654308][ T55] Bluetooth: hci4: command tx timeout [ 178.658352][ T5722] veth1_vlan: left promiscuous mode [ 178.669204][ T5722] veth0_vlan: left promiscuous mode [ 179.131030][ T7471] netlink: 4 bytes leftover after parsing attributes in process `syz.0.368'. [ 179.193198][ T7474] netlink: 'syz.0.368': attribute type 29 has an invalid length. [ 179.216107][ T7474] netlink: 'syz.0.368': attribute type 29 has an invalid length. [ 179.286507][ T7476] netlink: 4 bytes leftover after parsing attributes in process `syz.2.371'. [ 179.338509][ T7477] netlink: 'syz.2.371': attribute type 29 has an invalid length. [ 179.360637][ T7477] netlink: 'syz.2.371': attribute type 29 has an invalid length. [ 179.405380][ T47] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 179.578793][ T47] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 179.590816][ T47] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 179.613196][ T47] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 179.650039][ T47] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 179.674757][ T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.695903][ T47] usb 4-1: Product: syz [ 179.700447][ T47] usb 4-1: Manufacturer: syz [ 179.717453][ T47] usb 4-1: SerialNumber: syz [ 179.735497][ T47] usb 4-1: selecting invalid altsetting 1 [ 179.976339][ T5722] team0 (unregistering): Port device team_slave_1 removed [ 180.080709][ T5722] team0 (unregistering): Port device team_slave_0 removed [ 180.212556][ T7482] ebtables: wrong size: *len 80, entries_size 48, replsz 48 [ 180.735301][ T55] Bluetooth: hci4: command tx timeout [ 181.079285][ T7420] chnl_net:caif_netlink_parms(): no params data found [ 181.106411][ T47] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS [ 181.114516][ T47] cdc_ncm 4-1:1.0: bind() failure [ 181.130522][ T47] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 181.153514][ T47] cdc_ncm 4-1:1.1: bind() failure [ 181.177538][ T47] usb 4-1: USB disconnect, device number 17 [ 181.339555][ T7420] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.362616][ T7420] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.374957][ T7420] bridge_slave_0: entered allmulticast mode [ 181.381561][ T7420] bridge_slave_0: entered promiscuous mode [ 181.390916][ T7420] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.398557][ T7420] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.405868][ T7420] bridge_slave_1: entered allmulticast mode [ 181.412939][ T7420] bridge_slave_1: entered promiscuous mode [ 181.499024][ T7420] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 181.525693][ T7420] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 181.619886][ T7420] team0: Port device team_slave_0 added [ 181.677303][ T7420] team0: Port device team_slave_1 added [ 181.755280][ T7420] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 181.762251][ T7420] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.844409][ T7420] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 181.867084][ T7506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.381'. [ 181.894842][ T7420] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 181.905375][ T7420] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.970406][ T7420] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 181.985968][ T7512] netlink: 'syz.0.381': attribute type 29 has an invalid length. [ 182.015360][ T7512] netlink: 'syz.0.381': attribute type 29 has an invalid length. [ 182.117554][ T7515] netlink: 28 bytes leftover after parsing attributes in process `syz.1.372'. [ 182.134057][ T7515] netlink: 'syz.1.372': attribute type 7 has an invalid length. [ 182.142499][ T7515] netlink: 'syz.1.372': attribute type 8 has an invalid length. [ 182.213295][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.1.372'. [ 182.251876][ T7515] syz_tun: entered promiscuous mode [ 182.264710][ T7515] batadv_slave_1: entered promiscuous mode [ 182.271803][ T7515] gretap0: entered promiscuous mode [ 182.360594][ T7420] hsr_slave_0: entered promiscuous mode [ 182.444651][ T7420] hsr_slave_1: entered promiscuous mode [ 182.450944][ T7420] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 182.464470][ T7420] Cannot create hsr debugfs directory [ 182.477853][ T7525] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 182.485378][ T7525] PKCS7: Only support pkcs7_signedData type [ 182.814257][ T55] Bluetooth: hci4: command tx timeout [ 182.935411][ T6509] syz_tun (unregistering): left promiscuous mode [ 183.193977][ T47] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 183.345647][ T47] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 183.362889][ T47] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 183.401803][ T47] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 183.420731][ T47] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 183.431808][ T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.452725][ T47] usb 3-1: Product: syz [ 183.462874][ T47] usb 3-1: Manufacturer: syz [ 183.466556][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.473021][ T47] usb 3-1: SerialNumber: syz [ 183.488812][ T47] usb 3-1: selecting invalid altsetting 1 [ 183.789340][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.949538][ T5236] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 183.958596][ T5236] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 183.967695][ T5236] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 184.033004][ T5236] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 184.041377][ T5236] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 184.049496][ T5236] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 184.395195][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.542064][ T7564] netlink: 28 bytes leftover after parsing attributes in process `syz.3.391'. [ 184.561900][ T7564] netlink: 'syz.3.391': attribute type 7 has an invalid length. [ 184.577563][ T7564] netlink: 'syz.3.391': attribute type 8 has an invalid length. [ 184.603503][ T7564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.391'. [ 184.660847][ T7564] syz_tun: entered promiscuous mode [ 184.686825][ T7564] batadv_slave_1: entered promiscuous mode [ 184.697502][ T7564] gretap0: entered promiscuous mode [ 184.713031][ T7564] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 184.720895][ T7564] Cannot create hsr debugfs directory [ 184.888433][ T7573] ebtables: wrong size: *len 80, entries_size 48, replsz 48 [ 184.904568][ T5236] Bluetooth: hci4: command tx timeout [ 184.914064][ T47] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS [ 184.935366][ T47] cdc_ncm 3-1:1.0: bind() failure [ 184.949610][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.963483][ T47] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 185.004288][ T47] cdc_ncm 3-1:1.1: bind() failure [ 185.017435][ T47] usb 3-1: USB disconnect, device number 11 [ 185.314507][ T6418] syz_tun (unregistering): left promiscuous mode [ 185.347850][ T7420] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 185.357844][ T7420] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 185.378607][ T7420] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 185.397567][ T7565] chnl_net:caif_netlink_parms(): no params data found [ 185.446279][ T7420] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 185.925861][ T7581] netlink: 96 bytes leftover after parsing attributes in process `syz.2.395'. [ 186.022718][ T12] gretap0 (unregistering): left promiscuous mode [ 186.094005][ T5236] Bluetooth: hci2: command tx timeout [ 186.296706][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 186.312481][ T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 186.321649][ T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 186.334302][ T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 186.348852][ T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 186.362098][ T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 186.407498][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 186.437344][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 186.449531][ T12] bond0 (unregistering): Released all slaves [ 186.675748][ T7565] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.682833][ T7565] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.704123][ T7565] bridge_slave_0: entered allmulticast mode [ 186.710882][ T7565] bridge_slave_0: entered promiscuous mode [ 186.736911][ T7565] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.744479][ T7565] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.751659][ T7565] bridge_slave_1: entered allmulticast mode [ 186.767577][ T7565] bridge_slave_1: entered promiscuous mode [ 187.019370][ T7565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.053172][ T47] IPVS: starting estimator thread 0... [ 187.083265][ T7420] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.119632][ T7565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.174629][ T7602] IPVS: using max 18 ests per chain, 43200 per kthread [ 187.190710][ T12] batadv_slave_1: left promiscuous mode [ 187.218287][ T12] hsr_slave_0: left promiscuous mode [ 187.229435][ T12] hsr_slave_1: left promiscuous mode [ 187.258787][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 187.272545][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 187.289784][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 187.302475][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 187.379758][ T12] veth1_macvtap: left promiscuous mode [ 187.388769][ T12] veth0_macvtap: left promiscuous mode [ 187.395638][ T12] veth1_vlan: left promiscuous mode [ 187.400942][ T12] veth0_vlan: left promiscuous mode [ 188.174919][ T55] Bluetooth: hci2: command tx timeout [ 188.424315][ T55] Bluetooth: hci3: command tx timeout [ 188.460203][ T12] team0 (unregistering): Port device team_slave_1 removed [ 188.532625][ T12] team0 (unregistering): Port device team_slave_0 removed [ 189.221021][ T7619] netlink: 'syz.0.399': attribute type 10 has an invalid length. [ 189.230181][ T7619] bridge0: port 3(netdevsim0) entered blocking state [ 189.237890][ T7619] bridge0: port 3(netdevsim0) entered disabled state [ 189.245230][ T7619] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 189.253565][ T7619] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 189.263185][ T7619] bridge0: port 3(netdevsim0) entered blocking state [ 189.270892][ T7619] bridge0: port 3(netdevsim0) entered forwarding state [ 189.303085][ T7565] team0: Port device team_slave_0 added [ 189.311705][ T7565] team0: Port device team_slave_1 added [ 189.407378][ T7565] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.423272][ T7565] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.458332][ T7565] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.491758][ T7565] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.504107][ T7565] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.584084][ T7565] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.614899][ T7584] chnl_net:caif_netlink_parms(): no params data found [ 189.665957][ T7420] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.802662][ T5722] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.809875][ T5722] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.867067][ T5722] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.874234][ T5722] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.136723][ T7565] hsr_slave_0: entered promiscuous mode [ 190.152955][ T7565] hsr_slave_1: entered promiscuous mode [ 190.264881][ T55] Bluetooth: hci2: command tx timeout [ 190.426908][ T7584] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.466193][ T7584] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.494400][ T7584] bridge_slave_0: entered allmulticast mode [ 190.504312][ T55] Bluetooth: hci3: command tx timeout [ 190.541190][ T7584] bridge_slave_0: entered promiscuous mode [ 190.638115][ T7584] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.672812][ T7584] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.685990][ T7584] bridge_slave_1: entered allmulticast mode [ 190.696053][ T7584] bridge_slave_1: entered promiscuous mode [ 190.712360][ T7420] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 190.722935][ T7420] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 190.824191][ T7719] xt_CT: No such helper "snmp_trap" [ 190.892701][ T5722] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.091630][ T5722] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.148166][ T7584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.208718][ T7584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.276196][ T5722] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.376565][ T7584] team0: Port device team_slave_0 added [ 191.416186][ T5722] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.511459][ T7584] team0: Port device team_slave_1 added [ 191.631537][ T7420] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.682506][ T7584] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.693245][ T7584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.731092][ T7584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.833155][ T7584] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.842313][ T7584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.869013][ T7584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.965211][ T7584] hsr_slave_0: entered promiscuous mode [ 191.971467][ T7584] hsr_slave_1: entered promiscuous mode [ 191.978437][ T7584] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 191.986727][ T7584] Cannot create hsr debugfs directory [ 191.992478][ T5722] bridge_slave_1: left allmulticast mode [ 191.999719][ T5722] bridge_slave_1: left promiscuous mode [ 192.005531][ T5722] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.015506][ T5722] bridge_slave_0: left allmulticast mode [ 192.021144][ T5722] bridge_slave_0: left promiscuous mode [ 192.028164][ T5722] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.160118][ T5722] gretap0 (unregistering): left promiscuous mode [ 192.341187][ T5722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.345136][ T55] Bluetooth: hci2: command tx timeout [ 192.358131][ T5722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.368943][ T5722] bond0 (unregistering): Released all slaves [ 192.516950][ T7420] veth0_vlan: entered promiscuous mode [ 192.556810][ T7565] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 192.574043][ T55] Bluetooth: hci3: command tx timeout [ 192.631643][ T7565] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 192.647493][ T7565] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 192.661513][ T7565] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 192.757871][ T7420] veth1_vlan: entered promiscuous mode [ 192.847428][ T5722] batadv_slave_1: left promiscuous mode [ 192.868693][ T5722] hsr_slave_0: left promiscuous mode [ 192.881363][ T5722] hsr_slave_1: left promiscuous mode [ 192.888108][ T5722] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.896155][ T5722] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.904760][ T5722] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.919682][ T5722] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.936198][ T5722] veth1_macvtap: left promiscuous mode [ 192.941726][ T5722] veth0_macvtap: left promiscuous mode [ 192.948000][ T5722] veth1_vlan: left promiscuous mode [ 192.953278][ T5722] veth0_vlan: left promiscuous mode [ 193.332134][ T5722] team0 (unregistering): Port device team_slave_1 removed [ 193.372054][ T5722] team0 (unregistering): Port device team_slave_0 removed [ 193.809873][ T7420] veth0_macvtap: entered promiscuous mode [ 193.832316][ T7420] veth1_macvtap: entered promiscuous mode [ 193.872283][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 193.889196][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.899759][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 193.910375][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.921616][ T7420] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 193.972687][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.983975][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.993817][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.007002][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.018430][ T7420] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.030285][ T7565] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.058221][ T7420] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.067532][ T7420] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.076882][ T7420] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.087186][ T7420] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.139001][ T7565] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.162080][ T5716] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.169258][ T5716] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.188778][ T5716] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.195917][ T5716] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.372647][ T7584] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 194.380869][ T5716] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.397741][ T5716] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.398931][ T7584] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 194.422702][ T7584] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 194.450812][ T7584] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 194.495275][ T2529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.507031][ T2529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.510077][ T7565] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 194.575194][ T7565] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.583220][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.590452][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.654105][ T55] Bluetooth: hci3: command tx timeout [ 195.003596][ T7584] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.023687][ T7565] veth0_vlan: entered promiscuous mode [ 195.049809][ T7565] veth1_vlan: entered promiscuous mode [ 195.061332][ T7584] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.140432][ T2529] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.147604][ T2529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.185073][ T2529] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.192263][ T2529] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.316508][ T7584] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 195.327029][ T7584] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 195.355840][ T7584] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.389895][ T7584] veth0_vlan: entered promiscuous mode [ 195.400844][ T7584] veth1_vlan: entered promiscuous mode [ 195.424606][ T7584] veth0_macvtap: entered promiscuous mode [ 195.433392][ T7584] veth1_macvtap: entered promiscuous mode [ 195.449274][ T7584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.460435][ T7584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.470403][ T7584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.480903][ T7584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.494534][ T7584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.505340][ T7584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.516828][ T7584] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 195.534648][ T7565] veth0_macvtap: entered promiscuous mode [ 195.543620][ T7565] veth1_macvtap: entered promiscuous mode [ 195.558750][ T7565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.569486][ T7565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.579443][ T7565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.589962][ T7565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.599907][ T7565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.610641][ T7565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.620879][ T7565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.631393][ T7565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.642858][ T7565] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 195.652720][ T7565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.663268][ T7565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.673233][ T7565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.683802][ T7565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.693687][ T7565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.704631][ T7565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.716359][ T7565] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 195.727044][ T7565] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.735835][ T7565] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.744956][ T7565] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.753655][ T7565] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.842043][ T7584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.872047][ T7584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.907194][ T7584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.988010][ T7584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.997955][ T7584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.073288][ T7584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.104051][ T7584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.137600][ T7584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.148905][ T7808] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 196.173790][ T7584] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.262123][ T7811] netlink: 4 bytes leftover after parsing attributes in process `syz.2.419'. [ 196.285857][ T7791] netlink: 'syz.4.412': attribute type 10 has an invalid length. [ 196.293730][ T7791] bridge0: port 3(netdevsim0) entered blocking state [ 196.336084][ T7815] netlink: 'syz.2.419': attribute type 29 has an invalid length. [ 196.350993][ T7791] bridge0: port 3(netdevsim0) entered disabled state [ 196.358560][ T7791] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 196.368699][ T7791] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 196.372287][ T7815] netlink: 'syz.2.419': attribute type 29 has an invalid length. [ 196.404268][ T7791] bridge0: port 3(netdevsim0) entered blocking state [ 196.411004][ T7791] bridge0: port 3(netdevsim0) entered forwarding state [ 196.482337][ T7584] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.503979][ T7584] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.525903][ T7584] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.582313][ T7584] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.823115][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.860479][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.974429][ T2529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.996696][ T5733] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.029635][ T2529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.042395][ T5733] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.094641][ T5733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.106332][ T5733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.280072][ T7848] IPv6: NLM_F_CREATE should be specified when creating new route [ 197.711401][ T7871] netlink: 96 bytes leftover after parsing attributes in process `syz.1.438'. [ 197.763995][ T5233] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 197.964542][ T5233] usb 1-1: Using ep0 maxpacket: 8 [ 197.991376][ T5233] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 198.033974][ T5233] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 138, changing to 11 [ 198.071416][ T5233] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 198.153745][ T5233] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 198.186872][ T5233] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.244078][ T5233] usb 1-1: Product: syz [ 198.248287][ T5233] usb 1-1: Manufacturer: syz [ 198.296263][ T5233] usb 1-1: SerialNumber: syz [ 198.302840][ T7892] netlink: 'syz.2.445': attribute type 32 has an invalid length. [ 198.324141][ T7892] netlink: 4 bytes leftover after parsing attributes in process `syz.2.445'. [ 198.377468][ T7892] netlink: 'syz.2.445': attribute type 32 has an invalid length. [ 198.615750][ T5233] cdc_ncm 1-1:1.0: NCM or ECM functional descriptors missing [ 198.643997][ T5233] cdc_ncm 1-1:1.0: bind() failure [ 198.677435][ T5233] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 198.710384][ T5233] cdc_ncm 1-1:1.1: bind() failure [ 198.754152][ T5233] usb 1-1: USB disconnect, device number 15 [ 198.918832][ T7878] ebtables: wrong size: *len 80, entries_size 48, replsz 48 [ 199.052467][ T7909] SET target dimension over the limit! [ 199.257851][ T7915] x_tables: (null)_tables: DNAT target: only valid in nat table, not syz0 [ 199.400310][ T7920] netlink: 96 bytes leftover after parsing attributes in process `syz.3.459'. [ 199.468647][ T7924] netlink: 4 bytes leftover after parsing attributes in process `syz.2.457'. [ 199.519717][ T7924] netlink: 'syz.2.457': attribute type 29 has an invalid length. [ 199.538522][ T7924] netlink: 'syz.2.457': attribute type 29 has an invalid length. [ 200.421131][ T7940] netlink: 24 bytes leftover after parsing attributes in process `syz.2.467'. [ 200.533301][ T7946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.468'. [ 200.571041][ T7950] netlink: 4 bytes leftover after parsing attributes in process `syz.2.467'. [ 200.600837][ T7950] netlink: 'syz.2.467': attribute type 29 has an invalid length. [ 200.662162][ T5285] IPVS: starting estimator thread 0... [ 200.683492][ T7950] netlink: 'syz.2.467': attribute type 29 has an invalid length. [ 200.691521][ T5326] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 200.764745][ T7953] IPVS: using max 22 ests per chain, 52800 per kthread [ 200.849864][ T5326] usb 5-1: Using ep0 maxpacket: 8 [ 200.857174][ T5326] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 200.868387][ T5326] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 138, changing to 11 [ 200.884186][ T5326] usb 5-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 200.906601][ T5326] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 200.918342][ T5326] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.927043][ T5326] usb 5-1: Product: syz [ 200.931585][ T5326] usb 5-1: Manufacturer: syz [ 200.937437][ T5326] usb 5-1: SerialNumber: syz [ 201.172001][ T5326] cdc_ncm 5-1:1.0: NCM or ECM functional descriptors missing [ 201.209631][ T5326] cdc_ncm 5-1:1.0: bind() failure [ 201.237422][ T5326] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 201.249741][ T5326] cdc_ncm 5-1:1.1: bind() failure [ 201.267567][ T5326] usb 5-1: USB disconnect, device number 11 [ 201.631249][ T7968] dccp_invalid_packet: P.Data Offset(100) too large [ 201.979056][ T29] audit: type=1326 audit(1728061332.799:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7975 comm="syz.4.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000 [ 202.044083][ T5233] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 202.073645][ T29] audit: type=1326 audit(1728061332.799:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7975 comm="syz.4.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000 [ 202.110219][ T7978] @: renamed from veth0_vlan (while UP) [ 202.117951][ T7974] ebtables: wrong size: *len 80, entries_size 48, replsz 48 [ 202.199109][ T29] audit: type=1326 audit(1728061332.799:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7975 comm="syz.4.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7ff2579 code=0x7ffc0000 [ 202.265471][ T5233] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.287386][ T29] audit: type=1326 audit(1728061332.799:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7975 comm="syz.4.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000 [ 202.347713][ T29] audit: type=1326 audit(1728061332.799:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7975 comm="syz.4.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000 [ 202.381012][ T5233] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 202.397727][ T5233] usb 3-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 202.406959][ T5233] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.427000][ T5233] usb 3-1: config 0 descriptor?? [ 203.001903][ T5233] logitech-djreceiver 0003:046D:C534.0006: hidraw0: USB HID v0.00 Device [HID 046d:c534] on usb-dummy_hcd.2-1/input0 [ 203.208137][ T1847] usb 3-1: USB disconnect, device number 12 [ 203.324012][ T5285] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 203.483982][ T5285] usb 5-1: Using ep0 maxpacket: 8 [ 203.490934][ T5285] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 203.510356][ T5285] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 138, changing to 11 [ 203.542621][ T5285] usb 5-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 203.579309][ T8003] netlink: 'syz.1.489': attribute type 29 has an invalid length. [ 203.582470][ T5285] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 203.598567][ T5285] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.607236][ T5285] usb 5-1: Product: syz [ 203.611530][ T5285] usb 5-1: Manufacturer: syz [ 203.627371][ T5285] usb 5-1: SerialNumber: syz [ 203.734043][ T5326] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 203.763578][ T8008] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 203.772465][ T8008] PKCS7: Only support pkcs7_signedData type [ 203.885375][ T5326] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 203.894822][ T5326] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.905405][ T5326] usb 1-1: config 0 descriptor?? [ 204.129186][ T5326] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 204.140455][ T8017] netlink: 16 bytes leftover after parsing attributes in process `syz.2.495'. [ 204.151934][ T5326] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 204.160135][ T5285] cdc_ncm 5-1:1.0: NCM or ECM functional descriptors missing [ 204.167413][ T5326] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 204.176343][ T5326] [drm] Initialized udl on minor 2 [ 204.244349][ T5285] cdc_ncm 5-1:1.0: bind() failure [ 204.291742][ T5285] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 204.300134][ T5285] cdc_ncm 5-1:1.1: bind() failure [ 204.309662][ T5285] usb 5-1: USB disconnect, device number 12 [ 204.596079][ T5326] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 204.609416][ T8023] netlink: 4 bytes leftover after parsing attributes in process `syz.2.498'. [ 204.629035][ T5326] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 204.657802][ T1847] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 204.689601][ T5326] usb 1-1: USB disconnect, device number 16 [ 204.718765][ T1847] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 205.008869][ T8039] netlink: 40 bytes leftover after parsing attributes in process `syz.1.506'. [ 205.074221][ T5233] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 205.256119][ T5233] usb 3-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 205.265573][ T5233] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.276232][ T5233] usb 3-1: config 0 descriptor?? [ 205.286755][ T5233] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input11 [ 205.499640][ T5287] usb 3-1: USB disconnect, device number 13 [ 206.023524][ T8056] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 206.044597][ T8056] PKCS7: Only support pkcs7_signedData type [ 206.364100][ T5285] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 206.384343][ T5233] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 206.458795][ T8067] netlink: 24 bytes leftover after parsing attributes in process `syz.0.517'. [ 206.533973][ T5287] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 206.549556][ T5285] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 206.561662][ T8068] netlink: 4 bytes leftover after parsing attributes in process `syz.0.517'. [ 206.571372][ T5233] usb 2-1: Using ep0 maxpacket: 8 [ 206.582107][ T5285] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.601911][ T5233] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 206.613771][ T8068] netlink: 'syz.0.517': attribute type 29 has an invalid length. [ 206.625607][ T5285] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 206.638088][ T5233] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 138, changing to 11 [ 206.651520][ T8068] netlink: 'syz.0.517': attribute type 29 has an invalid length. [ 206.671471][ T5285] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 206.684317][ T5233] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 206.687688][ T5287] usb 4-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 206.710671][ T5285] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.720292][ T5285] usb 3-1: Product: syz [ 206.725101][ T5287] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.733429][ T5287] usb 4-1: Product: syz [ 206.747893][ T5287] usb 4-1: Manufacturer: syz [ 206.748004][ T5233] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 206.752522][ T5287] usb 4-1: SerialNumber: syz [ 206.771619][ T5285] usb 3-1: Manufacturer: syz [ 206.787331][ T5285] usb 3-1: SerialNumber: syz [ 206.790647][ T5287] usb 4-1: config 0 descriptor?? [ 206.797648][ T5285] usb 3-1: selecting invalid altsetting 1 [ 206.817651][ T5287] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 206.828509][ T5233] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.852902][ T5233] usb 2-1: Product: syz [ 206.861975][ T5233] usb 2-1: Manufacturer: syz [ 206.879184][ T5233] usb 2-1: SerialNumber: syz [ 207.116268][ T5233] cdc_ncm 2-1:1.0: NCM or ECM functional descriptors missing [ 207.130117][ T5233] cdc_ncm 2-1:1.0: bind() failure [ 207.144422][ T5233] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 207.151691][ T5233] cdc_ncm 2-1:1.1: bind() failure [ 207.164976][ T5233] usb 2-1: USB disconnect, device number 16 [ 207.239085][ T5287] gspca_sunplus: reg_r err -71 [ 207.244091][ T5287] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 207.269491][ T5287] usb 4-1: USB disconnect, device number 18 [ 207.687327][ T5285] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS [ 207.714146][ T5285] cdc_ncm 3-1:1.0: bind() failure [ 207.745544][ T5285] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 207.758522][ T5285] cdc_ncm 3-1:1.1: bind() failure [ 207.775479][ T5285] usb 3-1: USB disconnect, device number 14 [ 207.985382][ T8104] xt_connbytes: Forcing CT accounting to be enabled [ 208.025569][ T8104] xt_CT: You must specify a L4 protocol and not use inversions on it [ 208.063347][ T8110] netlink: 211388 bytes leftover after parsing attributes in process `syz.0.538'. [ 208.254182][ T5326] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 208.450789][ T5326] usb 5-1: Using ep0 maxpacket: 16 [ 208.466994][ T5326] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 208.469347][ T8126] geneve2: entered promiscuous mode [ 208.487913][ T5326] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.497133][ T8126] geneve2: entered allmulticast mode [ 208.524886][ T5326] usb 5-1: config 0 descriptor?? [ 208.550371][ T5326] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 208.778691][ T5326] usb 5-1: Detected FT232B [ 208.783659][ T8137] netlink: 4 bytes leftover after parsing attributes in process `syz.3.552'. [ 208.980122][ T5326] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 208.988983][ T5326] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 208.997627][ T5326] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 209.015959][ T5326] usb 5-1: USB disconnect, device number 13 [ 209.028124][ T5326] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 209.042329][ T5326] ftdi_sio 5-1:0.0: device disconnected [ 209.054000][ T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 209.062163][ T8148] netlink: 4 bytes leftover after parsing attributes in process `syz.3.556'. [ 209.083080][ T8148] netlink: 'syz.3.556': attribute type 29 has an invalid length. [ 209.106926][ T8148] netlink: 'syz.3.556': attribute type 29 has an invalid length. [ 209.124531][ T5285] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 209.218981][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 209.229835][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 209.244647][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 209.259430][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 209.270128][ T9] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 209.283918][ T5285] usb 1-1: Using ep0 maxpacket: 16 [ 209.291351][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.310722][ T5285] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 209.322907][ T9] usb 2-1: config 0 descriptor?? [ 209.331457][ T5285] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 209.350347][ T5285] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.360189][ T5285] usb 1-1: Product: syz [ 209.374019][ T5285] usb 1-1: Manufacturer: syz [ 209.378698][ T5285] usb 1-1: SerialNumber: syz [ 209.392556][ T5285] usb 1-1: config 0 descriptor?? [ 209.402525][ T5285] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 209.418025][ T5285] usb 1-1: Detected FT232R [ 209.575301][ T9] hdpvr 2-1:0.0: firmware version 0x1e dated q|RC@22[7BD^jvi0 [ 209.575301][ T9] pY [ 209.798044][ T9] hdpvr 2-1:0.0: device init failed [ 209.823241][ T9] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12 [ 209.839009][ T5285] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 209.871898][ T5285] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71 [ 209.893939][ T9] usb 2-1: USB disconnect, device number 17 [ 209.904107][ T5285] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 209.925761][ T5285] usb 1-1: USB disconnect, device number 17 [ 209.941861][ T5285] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 209.952173][ T5285] ftdi_sio 1-1:0.0: device disconnected [ 210.153761][ T8168] usb usb1: usbfs: process 8168 (syz.4.566) did not claim interface 0 before use [ 210.340760][ T8178] Cannot find add_set index 0 as target [ 210.584005][ T47] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 210.746409][ T47] usb 3-1: Using ep0 maxpacket: 32 [ 210.783162][ T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 55515, setting to 1024 [ 210.811053][ T47] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 210.837307][ T47] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 210.861359][ T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.874362][ T47] usb 3-1: Product: syz [ 210.878647][ T47] usb 3-1: Manufacturer: syz [ 210.883429][ T47] usb 3-1: SerialNumber: syz [ 210.898173][ T47] usb 3-1: config 0 descriptor?? [ 210.906909][ T8179] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 210.927898][ T47] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 211.070798][ T8210] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 211.186214][ T47] usb 3-1: USB disconnect, device number 15 [ 211.404297][ T5285] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 211.430320][ T8220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.591'. [ 211.455924][ T8220] netlink: 72 bytes leftover after parsing attributes in process `syz.4.591'. [ 211.473922][ T8220] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 211.564195][ T5285] usb 4-1: device descriptor read/64, error -71 [ 211.744355][ T8228] netlink: 12 bytes leftover after parsing attributes in process `syz.0.593'. [ 211.804368][ T5285] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 211.861900][ T8235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.593'. [ 211.899990][ T8235] netlink: 'syz.0.593': attribute type 29 has an invalid length. [ 211.912581][ T8235] netlink: 'syz.0.593': attribute type 29 has an invalid length. [ 211.954154][ T5285] usb 4-1: device descriptor read/64, error -71 [ 212.064249][ T5285] usb usb4-port1: attempt power cycle [ 212.403979][ T5285] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 212.424665][ T5285] usb 4-1: device descriptor read/8, error -71 [ 212.502216][ T8267] netlink: 'syz.4.611': attribute type 10 has an invalid length. [ 212.511213][ T8267] netlink: 40 bytes leftover after parsing attributes in process `syz.4.611'. [ 212.524370][ T8267] batman_adv: batadv0: Adding interface: virt_wifi0 [ 212.531113][ T8267] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.561982][ T8267] batman_adv: batadv0: Not using interface virt_wifi0 (retrying later): interface not active [ 212.612159][ T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 212.624017][ T5282] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 212.657871][ T8271] netlink: 96 bytes leftover after parsing attributes in process `syz.4.613'. [ 212.674204][ T5285] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 212.705319][ T5285] usb 4-1: device descriptor read/8, error -71 [ 212.783967][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 212.793684][ T9] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 212.803030][ T5282] usb 2-1: Using ep0 maxpacket: 16 [ 212.818480][ T9] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 212.834180][ T5282] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 212.845031][ T5285] usb usb4-port1: unable to enumerate USB device [ 212.863999][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 212.885516][ T5282] usb 2-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25 [ 212.896180][ T5282] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.905389][ T9] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 212.917783][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.930313][ T5282] usb 2-1: Product: syz [ 212.934637][ T5282] usb 2-1: Manufacturer: syz [ 212.939444][ T9] usb 3-1: Product: syz [ 212.943626][ T9] usb 3-1: Manufacturer: syz [ 212.948484][ T5282] usb 2-1: SerialNumber: syz [ 212.955226][ T5282] usb 2-1: config 0 descriptor?? [ 212.960302][ T9] usb 3-1: SerialNumber: syz [ 213.229330][ T5287] usb 2-1: USB disconnect, device number 18 [ 213.342100][ T8284] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 213.353086][ T8284] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 213.418618][ T9] usb 3-1: 0:2 : does not exist [ 213.457563][ T9] usb 3-1: USB disconnect, device number 16 [ 213.986863][ T8310] netlink: 'syz.1.631': attribute type 13 has an invalid length. [ 214.034943][ T8310] veth0_macvtap: left promiscuous mode [ 214.046557][ T8310] macvtap0: entered allmulticast mode [ 214.063497][ T8310] macvtap0: refused to change device tx_queue_len [ 214.082985][ T8316] netlink: 'syz.2.635': attribute type 39 has an invalid length. [ 214.261645][ T55] Bluetooth: hci0: unexpected cc 0x0c05 length: 5 > 1 [ 214.269902][ T8324] capability: warning: `syz.1.638' uses deprecated v2 capabilities in a way that may be insecure [ 214.370518][ T8327] netlink: 132 bytes leftover after parsing attributes in process `syz.2.641'. [ 214.596367][ T8345] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 214.603754][ T8345] IPv6: NLM_F_CREATE should be set when creating new route [ 214.611105][ T8345] IPv6: NLM_F_CREATE should be set when creating new route [ 214.618367][ T8345] IPv6: NLM_F_CREATE should be set when creating new route [ 214.803973][ T5282] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 214.993985][ T5282] usb 4-1: Using ep0 maxpacket: 8 [ 215.024715][ T5282] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 215.043923][ T5282] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 215.064303][ T5282] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 215.098593][ T5282] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 215.110478][ T5282] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.133972][ T5282] usb 4-1: Product: syz [ 215.138277][ T5282] usb 4-1: Manufacturer: syz [ 215.142893][ T5282] usb 4-1: SerialNumber: syz [ 215.617262][ T5282] usb 4-1: 0:2 : does not exist [ 215.659503][ T5282] usb 4-1: USB disconnect, device number 23 [ 218.334118][ T55] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 218.344450][ T55] Bluetooth: hci0: Injecting HCI hardware error event [ 218.371522][ T5236] Bluetooth: hci0: hardware error 0x00 [ 220.494445][ T5236] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 226.163865][ C1] sched: DL replenish lagged too much [ 227.586209][ T5241] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 227.598870][ T5241] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 227.608352][ T5238] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 227.617178][ T5241] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 227.626954][ T5238] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 227.635200][ T5241] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 227.645930][ T5238] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 227.670872][ T5238] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 227.678723][ T5238] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 227.687838][ T5238] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 227.714117][ T5238] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 227.721496][ T5238] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 228.659002][ T5236] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 228.669742][ T5236] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 228.684072][ T5236] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 228.693802][ T5236] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 228.701978][ T5236] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 228.710954][ T5236] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 228.783652][ T5238] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 228.794772][ T5238] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 228.814945][ T5238] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 228.824543][ T5238] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 228.854082][ T5238] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 228.861505][ T5238] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 228.987001][ T5238] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 228.998760][ T5238] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 229.008596][ T5238] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 229.019175][ T5238] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 229.030644][ T5238] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 229.044166][ T5238] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 229.775480][ T5236] Bluetooth: hci5: command tx timeout [ 229.782045][ T5236] Bluetooth: hci6: command tx timeout [ 230.814219][ T5236] Bluetooth: hci7: command tx timeout [ 230.894136][ T5236] Bluetooth: hci8: command tx timeout [ 231.134165][ T5236] Bluetooth: hci9: command tx timeout [ 231.854206][ T5238] Bluetooth: hci5: command tx timeout [ 231.862564][ T5236] Bluetooth: hci6: command tx timeout [ 232.894143][ T5236] Bluetooth: hci7: command tx timeout [ 232.976044][ T5236] Bluetooth: hci8: command tx timeout [ 233.214278][ T5236] Bluetooth: hci9: command tx timeout [ 233.934090][ T5238] Bluetooth: hci5: command tx timeout [ 233.940852][ T5236] Bluetooth: hci6: command tx timeout [ 234.974221][ T5236] Bluetooth: hci7: command tx timeout [ 235.054225][ T5236] Bluetooth: hci8: command tx timeout [ 235.294329][ T5236] Bluetooth: hci9: command tx timeout [ 236.014124][ T5238] Bluetooth: hci5: command tx timeout [ 236.019736][ T5236] Bluetooth: hci6: command tx timeout [ 237.054084][ T5236] Bluetooth: hci7: command tx timeout [ 237.134267][ T5236] Bluetooth: hci8: command tx timeout [ 237.374248][ T5236] Bluetooth: hci9: command tx timeout [ 256.094472][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.100814][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 283.704058][ T5236] Bluetooth: hci1: command 0x0406 tx timeout [ 284.662780][ T8405] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 284.670086][ T8405] IPv6: NLM_F_CREATE should be set when creating new route [ 284.677422][ T8405] IPv6: NLM_F_CREATE should be set when creating new route [ 284.684695][ T8405] IPv6: NLM_F_CREATE should be set when creating new route [ 284.737652][ T8409] net veth1_virt_wifi : renamed from virt_wifi0 [ 287.865709][ T5236] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 287.876813][ T5236] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 287.885326][ T5236] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 287.893207][ T5236] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 287.900995][ T5236] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 287.911584][ T5236] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 287.978673][ T5236] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 287.988952][ T5236] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 287.997549][ T5236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 288.005814][ T5236] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 288.013407][ T5236] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 288.024361][ T5236] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 288.908102][ T5238] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 288.917695][ T5238] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 288.928041][ T5238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 288.936467][ T5238] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 288.945479][ T5238] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 288.962440][ T5238] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 289.041429][ T5236] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 289.051543][ T5236] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 289.060255][ T5236] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 289.068356][ T5236] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 289.076720][ T5236] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 289.094289][ T5236] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 289.215825][ T5238] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 289.231450][ T5238] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 289.240725][ T5238] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 289.249104][ T5238] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 289.256937][ T5238] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 289.264787][ T5238] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 290.015181][ T5238] Bluetooth: hci2: command tx timeout [ 290.094277][ T5238] Bluetooth: hci3: command tx timeout [ 291.058054][ T5238] Bluetooth: hci4: command tx timeout [ 291.214308][ T5236] Bluetooth: hci10: command tx timeout [ 291.294100][ T5238] Bluetooth: hci11: command tx timeout [ 292.094026][ T5238] Bluetooth: hci2: command tx timeout [ 292.174319][ T5238] Bluetooth: hci3: command tx timeout [ 293.134335][ T5236] Bluetooth: hci4: command tx timeout [ 293.294116][ T5238] Bluetooth: hci10: command tx timeout [ 293.374016][ T5238] Bluetooth: hci11: command tx timeout [ 294.174211][ T5238] Bluetooth: hci2: command tx timeout [ 294.254200][ T5238] Bluetooth: hci3: command tx timeout [ 295.214365][ T5238] Bluetooth: hci4: command tx timeout [ 295.374093][ T5238] Bluetooth: hci10: command tx timeout [ 295.456603][ T5238] Bluetooth: hci11: command tx timeout [ 296.254121][ T5238] Bluetooth: hci2: command tx timeout [ 296.334170][ T5238] Bluetooth: hci3: command tx timeout [ 297.294187][ T5238] Bluetooth: hci4: command tx timeout [ 297.457561][ T5238] Bluetooth: hci10: command tx timeout [ 297.534167][ T5238] Bluetooth: hci11: command tx timeout [ 317.462266][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.469626][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 350.260896][ T5236] Bluetooth: hci5: command 0x0406 tx timeout [ 350.273954][ T5241] Bluetooth: hci6: command 0x0406 tx timeout [ 351.946468][ T55] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 351.968591][ T55] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 352.013493][ T55] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 352.024967][ T55] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 352.034805][ T55] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 352.042211][ T55] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 352.284084][ T5238] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 352.299246][ T5238] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 352.307456][ T5238] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 352.324679][ T5238] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 352.332373][ T5238] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 352.343338][ T5238] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 352.414275][ T5236] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 352.425720][ T5236] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 352.438722][ T5236] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 352.446850][ T5236] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 352.474369][ T5236] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 352.481784][ T5236] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 352.544314][ T55] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 352.558150][ T55] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 352.566193][ T55] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 352.574414][ T55] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 352.583224][ T55] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 352.591563][ T55] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 352.686290][ T5236] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 352.701753][ T5236] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 352.710334][ T5236] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 352.720482][ T5236] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 352.728472][ T5236] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 352.738652][ T5236] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 354.094177][ T5236] Bluetooth: hci12: command tx timeout [ 354.414115][ T5236] Bluetooth: hci13: command tx timeout [ 354.574341][ T5236] Bluetooth: hci14: command tx timeout [ 354.654247][ T5236] Bluetooth: hci15: command tx timeout [ 354.814109][ T5236] Bluetooth: hci16: command tx timeout [ 355.383979][ T5236] Bluetooth: hci9: command 0x0406 tx timeout [ 355.390086][ T5236] Bluetooth: hci7: command 0x0406 tx timeout [ 355.396245][ T4623] Bluetooth: hci8: command 0x0406 tx timeout [ 356.174366][ T5241] Bluetooth: hci12: command tx timeout [ 356.494206][ T5241] Bluetooth: hci13: command tx timeout [ 356.654172][ T5241] Bluetooth: hci14: command tx timeout [ 356.734140][ T5241] Bluetooth: hci15: command tx timeout [ 356.894143][ T5241] Bluetooth: hci16: command tx timeout [ 358.254007][ T5241] Bluetooth: hci12: command tx timeout [ 358.574195][ T5241] Bluetooth: hci13: command tx timeout [ 358.733996][ T5241] Bluetooth: hci14: command tx timeout [ 358.814120][ T5241] Bluetooth: hci15: command tx timeout [ 358.974098][ T5241] Bluetooth: hci16: command tx timeout [ 360.334124][ T5241] Bluetooth: hci12: command tx timeout [ 360.654169][ T5241] Bluetooth: hci13: command tx timeout [ 360.814270][ T5241] Bluetooth: hci14: command tx timeout [ 360.894206][ T5241] Bluetooth: hci15: command tx timeout [ 361.054058][ T5241] Bluetooth: hci16: command tx timeout [ 378.897746][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.911649][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.536961][ T30] INFO: task syz.2.680:8416 blocked for more than 143 seconds. [ 379.557507][ T30] Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 379.583874][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 379.644341][ T30] task:syz.2.680 state:D stack:26816 pid:8416 tgid:8415 ppid:7015 flags:0x20000004 [ 379.758407][ T30] Call Trace: [ 379.761740][ T30] [ 379.813094][ T30] __schedule+0x1895/0x4b30 [ 379.833921][ T30] ? __pfx___schedule+0x10/0x10 [ 379.838933][ T30] ? __pfx_lock_release+0x10/0x10 [ 379.914005][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 379.919544][ T30] ? schedule+0x90/0x320 [ 379.923810][ T30] schedule+0x14b/0x320 [ 379.968180][ T30] schedule_preempt_disabled+0x13/0x30 [ 379.973679][ T30] __mutex_lock+0x6a7/0xd70 [ 380.030942][ T30] ? __mutex_lock+0x52a/0xd70 [ 380.060924][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 380.083954][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 380.089063][ T30] ? __might_fault+0xc6/0x120 [ 380.093776][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 380.156270][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 380.161629][ T30] ? __fget_files+0x3f3/0x470 [ 380.223948][ T30] __se_compat_sys_ioctl+0x510/0xc90 [ 380.229388][ T30] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 380.293963][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 380.300020][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 380.338134][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 380.368111][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 380.373380][ T30] __do_fast_syscall_32+0xb4/0x110 [ 380.414117][ T30] ? exc_page_fault+0x590/0x8c0 [ 380.419034][ T30] do_fast_syscall_32+0x34/0x80 [ 380.454012][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 380.460424][ T30] RIP: 0023:0xf7f85579 [ 380.504053][ T30] RSP: 002b:00000000f570656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 380.512542][ T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400454ca [ 380.558462][ T30] RDX: 0000000020002280 RSI: 0000000000000000 RDI: 0000000000000000 [ 380.593656][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 380.624010][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 380.632145][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 380.690040][ T30] [ 380.709453][ T30] INFO: task syz.2.680:8417 blocked for more than 144 seconds. [ 380.734022][ T30] Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 380.741701][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 380.797836][ T30] task:syz.2.680 state:D stack:28576 pid:8417 tgid:8415 ppid:7015 flags:0x20000004 [ 380.833908][ T30] Call Trace: [ 380.853998][ T30] [ 380.856981][ T30] __schedule+0x1895/0x4b30 [ 380.861548][ T30] ? __pfx___schedule+0x10/0x10 [ 380.896264][ T30] ? __pfx_lock_release+0x10/0x10 [ 380.901360][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 380.924036][ T30] ? schedule+0x90/0x320 [ 380.928345][ T30] schedule+0x14b/0x320 [ 380.932529][ T30] schedule_preempt_disabled+0x13/0x30 [ 380.963874][ T30] __mutex_lock+0x6a7/0xd70 [ 380.979539][ T30] ? __mutex_lock+0x52a/0xd70 [ 380.991472][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 380.996752][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 381.001824][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 381.024018][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 381.029372][ T30] ? __fget_files+0x3f3/0x470 [ 381.050483][ T30] __se_compat_sys_ioctl+0x510/0xc90 [ 381.071232][ T30] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 381.094086][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 381.100136][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 381.119843][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 381.143921][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 381.149188][ T30] __do_fast_syscall_32+0xb4/0x110 [ 381.173998][ T30] ? ret_from_fork_asm+0x1a/0x30 [ 381.203900][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 381.209176][ T30] do_fast_syscall_32+0x34/0x80 [ 381.249674][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 381.256262][ T30] RIP: 0023:0xf7f85579 [ 381.272550][ T30] RSP: 002b:00000000f56e556c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 381.311685][ T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400454cb [ 381.339591][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 381.354009][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 381.362913][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 381.393264][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 381.418008][ T30] [ 381.425248][ T30] INFO: task syz-executor:8431 blocked for more than 145 seconds. [ 381.433094][ T30] Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 381.471787][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 381.497486][ T30] task:syz-executor state:D stack:26816 pid:8431 tgid:8431 ppid:1 flags:0x20004004 [ 381.523877][ T30] Call Trace: [ 381.527211][ T30] [ 381.530163][ T30] __schedule+0x1895/0x4b30 [ 381.551317][ T30] ? __pfx___schedule+0x10/0x10 [ 381.570473][ T30] ? __pfx_lock_release+0x10/0x10 [ 381.587735][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 381.593275][ T30] ? schedule+0x90/0x320 [ 381.613874][ T30] schedule+0x14b/0x320 [ 381.618117][ T30] schedule_preempt_disabled+0x13/0x30 [ 381.623611][ T30] __mutex_lock+0x6a7/0xd70 [ 381.654030][ T30] ? __mutex_lock+0x52a/0xd70 [ 381.658780][ T30] ? register_nexthop_notifier+0x84/0x290 [ 381.683936][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 381.689038][ T30] ? __asan_memset+0x23/0x50 [ 381.693661][ T30] register_nexthop_notifier+0x84/0x290 [ 381.722329][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 381.739879][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 381.759489][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 381.770986][ T30] ? __asan_memset+0x23/0x50 [ 381.788857][ T30] ops_init+0x31e/0x590 [ 381.793078][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 381.819199][ T30] setup_net+0x287/0x9e0 [ 381.823505][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 381.843889][ T30] ? __pfx_setup_net+0x10/0x10 [ 381.848726][ T30] copy_net_ns+0x33f/0x570 [ 381.853198][ T30] create_new_namespaces+0x425/0x7b0 [ 381.880077][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 381.899799][ T30] ksys_unshare+0x619/0xc10 [ 381.910222][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 381.923904][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 381.929959][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 381.957740][ T30] __ia32_sys_unshare+0x37/0x40 [ 381.962650][ T30] __do_fast_syscall_32+0xb4/0x110 [ 381.981969][ T30] ? exc_page_fault+0x590/0x8c0 [ 381.987156][ T30] do_fast_syscall_32+0x34/0x80 [ 381.992041][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 382.006042][ T30] RIP: 0023:0xf7f40579 [ 382.010157][ T30] RSP: 002b:00000000f752ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 382.023574][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 382.033037][ T30] RDX: 00000000f73cbff4 RSI: 00000000f72a224b RDI: 0000000030000000 [ 382.048012][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 382.059291][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 382.070758][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 382.082713][ T30] [ 382.089471][ T30] INFO: task syz-executor:8433 blocked for more than 145 seconds. [ 382.108694][ T30] Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 382.118937][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.131648][ T30] task:syz-executor state:D stack:26816 pid:8433 tgid:8433 ppid:1 flags:0x20004004 [ 382.143951][ T30] Call Trace: [ 382.147262][ T30] [ 382.150211][ T30] __schedule+0x1895/0x4b30 [ 382.162002][ T30] ? __pfx___schedule+0x10/0x10 [ 382.167684][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.172753][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 382.189079][ T30] ? schedule+0x90/0x320 [ 382.193370][ T30] schedule+0x14b/0x320 [ 382.199124][ T30] schedule_preempt_disabled+0x13/0x30 [ 382.210980][ T30] __mutex_lock+0x6a7/0xd70 [ 382.215951][ T30] ? __mutex_lock+0x52a/0xd70 [ 382.220715][ T30] ? register_nexthop_notifier+0x84/0x290 [ 382.232456][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 382.237879][ T30] ? __asan_memset+0x23/0x50 [ 382.242501][ T30] register_nexthop_notifier+0x84/0x290 [ 382.254077][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 382.259937][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 382.273977][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 382.280184][ T30] ? __asan_memset+0x23/0x50 [ 382.292598][ T30] ops_init+0x31e/0x590 [ 382.299201][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 382.310848][ T30] setup_net+0x287/0x9e0 [ 382.315435][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 382.321016][ T30] ? __pfx_setup_net+0x10/0x10 [ 382.332249][ T30] copy_net_ns+0x33f/0x570 [ 382.346844][ T30] create_new_namespaces+0x425/0x7b0 [ 382.352190][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 382.368347][ T30] ksys_unshare+0x619/0xc10 [ 382.372907][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 382.379730][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 382.392201][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 382.401738][ T30] __ia32_sys_unshare+0x37/0x40 [ 382.411847][ T30] __do_fast_syscall_32+0xb4/0x110 [ 382.418473][ T30] ? exc_page_fault+0x590/0x8c0 [ 382.423367][ T30] do_fast_syscall_32+0x34/0x80 [ 382.433126][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 382.440927][ T30] RIP: 0023:0xf743d579 [ 382.451444][ T30] RSP: 002b:00000000f758ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 382.461420][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 382.474080][ T30] RDX: 00000000f742bff4 RSI: 00000000f730224b RDI: 0000000030000000 [ 382.482085][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 382.502020][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 382.513239][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 382.524970][ T30] [ 382.528087][ T30] INFO: task syz-executor:8438 blocked for more than 146 seconds. [ 382.541967][ T30] Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 382.551190][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.563858][ T30] task:syz-executor state:D stack:26816 pid:8438 tgid:8438 ppid:1 flags:0x20004004 [ 382.580171][ T30] Call Trace: [ 382.583486][ T30] [ 382.588091][ T30] __schedule+0x1895/0x4b30 [ 382.594339][ T30] ? __pfx___schedule+0x10/0x10 [ 382.599234][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.610228][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 382.617056][ T30] ? schedule+0x90/0x320 [ 382.621346][ T30] schedule+0x14b/0x320 [ 382.631609][ T30] schedule_preempt_disabled+0x13/0x30 [ 382.638576][ T30] __mutex_lock+0x6a7/0xd70 [ 382.643127][ T30] ? __mutex_lock+0x52a/0xd70 [ 382.653891][ T30] ? register_nexthop_notifier+0x84/0x290 [ 382.659672][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 382.670900][ T30] ? __asan_memset+0x23/0x50 [ 382.679996][ T30] register_nexthop_notifier+0x84/0x290 [ 382.692452][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 382.703030][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 382.710821][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 382.722109][ T30] ? __asan_memset+0x23/0x50 [ 382.728585][ T30] ops_init+0x31e/0x590 [ 382.732830][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 382.745833][ T30] setup_net+0x287/0x9e0 [ 382.750217][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 382.760583][ T30] ? __pfx_setup_net+0x10/0x10 [ 382.766926][ T30] copy_net_ns+0x33f/0x570 [ 382.771402][ T30] create_new_namespaces+0x425/0x7b0 [ 382.781655][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 382.790842][ T30] ksys_unshare+0x619/0xc10 [ 382.801680][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 382.808247][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 382.819558][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 382.827665][ T30] __ia32_sys_unshare+0x37/0x40 [ 382.832552][ T30] __do_fast_syscall_32+0xb4/0x110 [ 382.844557][ T30] ? exc_page_fault+0x590/0x8c0 [ 382.849465][ T30] do_fast_syscall_32+0x34/0x80 [ 382.860066][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 382.866786][ T30] RIP: 0023:0xf7f30579 [ 382.870890][ T30] RSP: 002b:00000000f751ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 382.885416][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 382.893436][ T30] RDX: 00000000f73bbff4 RSI: 00000000f729224b RDI: 0000000030000000 [ 382.910358][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 382.920185][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 382.934150][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 382.942175][ T30] [ 382.951285][ T30] INFO: task syz-executor:8439 blocked for more than 146 seconds. [ 382.960015][ T30] Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 382.975328][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.990151][ T30] task:syz-executor state:D stack:26816 pid:8439 tgid:8439 ppid:1 flags:0x20004004 [ 383.002064][ T30] Call Trace: [ 383.011490][ T30] [ 383.014786][ T30] __schedule+0x1895/0x4b30 [ 383.019349][ T30] ? __pfx___schedule+0x10/0x10 [ 383.032187][ T30] ? __pfx_lock_release+0x10/0x10 [ 383.037538][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 383.043037][ T30] ? schedule+0x90/0x320 [ 383.053317][ T30] schedule+0x14b/0x320 [ 383.057908][ T30] schedule_preempt_disabled+0x13/0x30 [ 383.063414][ T30] __mutex_lock+0x6a7/0xd70 [ 383.073885][ T30] ? __mutex_lock+0x52a/0xd70 [ 383.078611][ T30] ? register_nexthop_notifier+0x84/0x290 [ 383.091007][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 383.096488][ T30] ? __asan_memset+0x23/0x50 [ 383.101113][ T30] register_nexthop_notifier+0x84/0x290 [ 383.114080][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 383.119942][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 383.133513][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 383.143413][ T30] ? __asan_memset+0x23/0x50 [ 383.153997][ T30] ops_init+0x31e/0x590 [ 383.158206][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 383.163611][ T30] setup_net+0x287/0x9e0 [ 383.174514][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 383.180103][ T30] ? __pfx_setup_net+0x10/0x10 [ 383.191302][ T30] copy_net_ns+0x33f/0x570 [ 383.196294][ T30] create_new_namespaces+0x425/0x7b0 [ 383.201630][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 383.214179][ T30] ksys_unshare+0x619/0xc10 [ 383.218734][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 383.232377][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 383.239017][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 383.251978][ T30] __ia32_sys_unshare+0x37/0x40 [ 383.257295][ T30] __do_fast_syscall_32+0xb4/0x110 [ 383.262482][ T30] ? exc_page_fault+0x590/0x8c0 [ 383.274110][ T30] do_fast_syscall_32+0x34/0x80 [ 383.279018][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 383.291577][ T30] RIP: 0023:0xf7eff579 [ 383.297950][ T30] RSP: 002b:00000000f74eff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 383.313876][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 383.323260][ T30] RDX: 00000000f738bff4 RSI: 00000000f726224b RDI: 0000000030000000 [ 383.336218][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 383.347950][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 383.359544][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 383.371611][ T30] [ 383.389638][ T30] INFO: task syz-executor:8441 blocked for more than 147 seconds. [ 383.399956][ T30] Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 383.414930][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 383.423629][ T30] task:syz-executor state:D stack:26480 pid:8441 tgid:8441 ppid:1 flags:0x20004004 [ 383.440510][ T30] Call Trace: [ 383.444134][ T30] [ 383.447097][ T30] __schedule+0x1895/0x4b30 [ 383.451649][ T30] ? __pfx___schedule+0x10/0x10 [ 383.464743][ T30] ? __pfx_lock_release+0x10/0x10 [ 383.469824][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 383.481292][ T30] ? schedule+0x90/0x320 [ 383.485921][ T30] schedule+0x14b/0x320 [ 383.490120][ T30] schedule_preempt_disabled+0x13/0x30 [ 383.501763][ T30] __mutex_lock+0x6a7/0xd70 [ 383.508966][ T30] ? __mutex_lock+0x52a/0xd70 [ 383.515442][ T30] ? register_nexthop_notifier+0x84/0x290 [ 383.521222][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 383.532602][ T30] ? __asan_memset+0x23/0x50 [ 383.542372][ T30] register_nexthop_notifier+0x84/0x290 [ 383.553952][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 383.559821][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 383.571259][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 383.577906][ T30] ? __asan_memset+0x23/0x50 [ 383.582539][ T30] ops_init+0x31e/0x590 [ 383.592788][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 383.598603][ T30] setup_net+0x287/0x9e0 [ 383.602902][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 383.615318][ T30] ? __pfx_setup_net+0x10/0x10 [ 383.620145][ T30] copy_net_ns+0x33f/0x570 [ 383.630169][ T30] create_new_namespaces+0x425/0x7b0 [ 383.635886][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 383.641661][ T30] ksys_unshare+0x619/0xc10 [ 383.654042][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 383.659115][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 383.671460][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 383.678495][ T30] __ia32_sys_unshare+0x37/0x40 [ 383.683385][ T30] __do_fast_syscall_32+0xb4/0x110 [ 383.694005][ T30] ? exc_page_fault+0x590/0x8c0 [ 383.698913][ T30] do_fast_syscall_32+0x34/0x80 [ 383.703787][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 383.715533][ T30] RIP: 0023:0xf7fb0579 [ 383.722867][ T30] RSP: 002b:00000000f759ff7c EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 383.738171][ T30] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 0000000000000000 [ 383.748837][ T30] RDX: 00000000f743bff4 RSI: 00000000f731224b RDI: 0000000030000000 [ 383.761589][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 383.771025][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 383.783940][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 383.791971][ T30] [ 383.801478][ T30] [ 383.801478][ T30] Showing all locks held in the system: [ 383.809659][ T30] 3 locks held by kworker/u8:1/12: [ 383.822011][ T30] #0: ffff88814c014948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 383.835854][ T30] #1: ffffc90000117d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 383.856590][ T30] #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 383.868808][ T30] 1 lock held by khungtaskd/30: [ 383.873687][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 383.889371][ T30] 2 locks held by getty/4992: [ 383.896648][ T30] #0: ffff88802e5b40a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 383.910044][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 383.927514][ T30] 3 locks held by kworker/1:5/5287: [ 383.932793][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 383.952839][ T30] #1: ffffc90004117d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 383.970412][ T30] #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 383.981720][ T30] 4 locks held by kworker/1:7/5326: [ 383.992781][ T30] 1 lock held by syz.1.671/8397: [ 383.998045][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 384.012938][ T30] 1 lock held by syz.3.675/8405: [ 384.019953][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 384.038108][ T30] 1 lock held by syz.4.677/8409: [ 384.043086][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 384.054232][ T30] 2 locks held by syz.0.678/8412: [ 384.059287][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 384.075388][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 384.093331][ T30] 1 lock held by syz.2.680/8416: [ 384.098639][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48c/0x2400 [ 384.114096][ T30] 1 lock held by syz.2.680/8417: [ 384.119062][ T30] #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48c/0x2400 [ 384.135380][ T30] 2 locks held by syz-executor/8431: [ 384.140693][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.155907][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.170751][ T30] 2 locks held by syz-executor/8433: [ 384.182100][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.195507][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.209697][ T30] 2 locks held by syz-executor/8438: [ 384.219344][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.236058][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.250195][ T30] 2 locks held by syz-executor/8439: [ 384.260020][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.273192][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.289376][ T30] 2 locks held by syz-executor/8441: [ 384.295167][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.311787][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.322582][ T30] 2 locks held by syz-executor/8449: [ 384.334022][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.343498][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.362236][ T30] 2 locks held by syz-executor/8450: [ 384.367887][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.383287][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.401222][ T30] 2 locks held by syz-executor/8456: [ 384.406834][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.431544][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.450984][ T30] 2 locks held by syz-executor/8457: [ 384.456660][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.472091][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.483748][ T30] 2 locks held by syz-executor/8459: [ 384.493977][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.503454][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.519564][ T30] 2 locks held by syz-executor/8474: [ 384.525257][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.545009][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.561313][ T30] 2 locks held by syz-executor/8478: [ 384.566962][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.586110][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.601740][ T30] 2 locks held by syz-executor/8480: [ 384.607359][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.622727][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.638050][ T30] 2 locks held by syz-executor/8482: [ 384.643372][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.657406][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.672306][ T30] 2 locks held by syz-executor/8483: [ 384.681369][ T30] #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 384.693476][ T30] #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 384.709836][ T30] [ 384.712193][ T30] ============================================= [ 384.712193][ T30] [ 384.722428][ T30] NMI backtrace for cpu 0 [ 384.726784][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 384.737308][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 384.747385][ T30] Call Trace: [ 384.750686][ T30] [ 384.753628][ T30] dump_stack_lvl+0x241/0x360 [ 384.758330][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 384.763551][ T30] ? __pfx__printk+0x10/0x10 [ 384.768182][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 384.773148][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 384.778712][ T30] ? _printk+0xd5/0x120 [ 384.782888][ T30] ? __pfx__printk+0x10/0x10 [ 384.787674][ T30] ? __wake_up_klogd+0xcc/0x110 [ 384.792555][ T30] ? __pfx__printk+0x10/0x10 [ 384.797169][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 384.802219][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 384.808234][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 384.814244][ T30] watchdog+0xff4/0x1040 [ 384.818515][ T30] ? watchdog+0x1ea/0x1040 [ 384.822964][ T30] ? __pfx_watchdog+0x10/0x10 [ 384.827662][ T30] kthread+0x2f0/0x390 [ 384.831751][ T30] ? __pfx_watchdog+0x10/0x10 [ 384.836447][ T30] ? __pfx_kthread+0x10/0x10 [ 384.841058][ T30] ret_from_fork+0x4b/0x80 [ 384.845497][ T30] ? __pfx_kthread+0x10/0x10 [ 384.850196][ T30] ret_from_fork_asm+0x1a/0x30 [ 384.854993][ T30] [ 384.858761][ T30] Sending NMI from CPU 0 to CPUs 1: [ 384.864478][ C1] NMI backtrace for cpu 1 [ 384.864492][ C1] CPU: 1 UID: 0 PID: 5326 Comm: kworker/1:7 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 384.864512][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 384.864523][ C1] Workqueue: events nsim_dev_trap_report_work [ 384.864546][ C1] RIP: 0010:lockdep_hardirqs_on_prepare+0x110/0x780 [ 384.864572][ C1] Code: 48 c1 eb 03 80 3c 13 00 74 12 4c 89 f7 e8 f8 84 8e 00 48 ba 00 00 00 00 00 fc ff df 48 c7 44 24 40 00 00 00 00 9c 8f 44 24 40 <80> 3c 13 00 74 12 4c 89 f7 e8 e2 83 8e 00 48 ba 00 00 00 00 00 fc [ 384.864587][ C1] RSP: 0018:ffffc90000a178e0 EFLAGS: 00000046 [ 384.864601][ C1] RAX: 0000000000000004 RBX: 1ffff92000142f24 RCX: ffffffff9a3cc903 [ 384.864614][ C1] RDX: dffffc0000000000 RSI: ffffffff8c60f840 RDI: ffffffff8c60f800 [ 384.864626][ C1] RBP: ffffc90000a17988 R08: ffffffff901ce7af R09: 1ffffffff2039cf5 [ 384.864638][ C1] R10: dffffc0000000000 R11: fffffbfff2039cf6 R12: dffffc0000000000 [ 384.864650][ C1] R13: 1ffff92000142f34 R14: ffffc90000a17920 R15: 1ffff92000142f20 [ 384.864663][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 384.864677][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 384.864689][ C1] CR2: 0000000056e244c0 CR3: 000000000e734000 CR4: 00000000003526f0 [ 384.864703][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 384.864712][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 384.864723][ C1] Call Trace: [ 384.864729][ C1] [ 384.864736][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 384.864754][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 384.864782][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 384.864799][ C1] ? nmi_handle+0x2a/0x5a0 [ 384.864822][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 384.864842][ C1] ? nmi_handle+0x14f/0x5a0 [ 384.864857][ C1] ? nmi_handle+0x2a/0x5a0 [ 384.864873][ C1] ? lockdep_hardirqs_on_prepare+0x110/0x780 [ 384.864894][ C1] ? default_do_nmi+0x63/0x160 [ 384.864913][ C1] ? exc_nmi+0x123/0x1f0 [ 384.864930][ C1] ? end_repeat_nmi+0xf/0x53 [ 384.864950][ C1] ? lockdep_hardirqs_on_prepare+0x110/0x780 [ 384.864971][ C1] ? lockdep_hardirqs_on_prepare+0x110/0x780 [ 384.864994][ C1] ? lockdep_hardirqs_on_prepare+0x110/0x780 [ 384.865015][ C1] [ 384.865020][ C1] [ 384.865027][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 384.865050][ C1] ? rcu_is_watching+0x15/0xb0 [ 384.865068][ C1] trace_hardirqs_on+0x28/0x40 [ 384.865086][ C1] _raw_spin_unlock_irqrestore+0x8f/0x140 [ 384.865108][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 384.865128][ C1] ? stack_depot_save_flags+0x29/0x830 [ 384.865153][ C1] ref_tracker_alloc+0x2c4/0x490 [ 384.865169][ C1] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 384.865183][ C1] ? dst_init+0xee/0x490 [ 384.865197][ C1] ? dst_alloc+0x14f/0x190 [ 384.865210][ C1] ? ip_route_output_key_hash_rcu+0x13cc/0x2390 [ 384.865231][ C1] ? ip_route_output_key_hash+0x193/0x2b0 [ 384.865250][ C1] ? ip_route_output_flow+0x29/0x140 [ 384.865267][ C1] ? ip_route_me_harder+0x80d/0x1300 [ 384.865285][ C1] ? synproxy_send_tcp+0x356/0x6c0 [ 384.865303][ C1] ? synproxy_send_client_synack+0x8b8/0xf30 [ 384.865322][ C1] ? nft_synproxy_eval_v4+0x3ca/0x610 [ 384.865342][ C1] ? nft_synproxy_do_eval+0x362/0xa60 [ 384.865361][ C1] ? nft_do_chain+0x4ad/0x1da0 [ 384.865381][ C1] ? nft_do_chain_inet+0x418/0x6b0 [ 384.865400][ C1] ? nf_hook_slow+0xc3/0x220 [ 384.865418][ C1] ? NF_HOOK+0x29e/0x450 [ 384.865433][ C1] ? NF_HOOK+0x3a4/0x450 [ 384.865447][ C1] ? __netif_receive_skb+0x2bf/0x650 [ 384.865469][ C1] dst_init+0xee/0x490 [ 384.865482][ C1] ? kmem_cache_alloc_noprof+0x185/0x2a0 [ 384.865503][ C1] dst_alloc+0x14f/0x190 [ 384.865519][ C1] ip_route_output_key_hash_rcu+0x13cc/0x2390 [ 384.865545][ C1] ip_route_output_key_hash+0x193/0x2b0 [ 384.865566][ C1] ? ip_route_output_key_hash+0xdf/0x2b0 [ 384.865585][ C1] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 384.865608][ C1] ? __pfx_lock_release+0x10/0x10 [ 384.865628][ C1] ? kthread+0x2f0/0x390 [ 384.865647][ C1] ip_route_output_flow+0x29/0x140 [ 384.865667][ C1] ip_route_me_harder+0x80d/0x1300 [ 384.865690][ C1] ? __pfx_ip_route_me_harder+0x10/0x10 [ 384.865710][ C1] ? trace_kmalloc+0x1f/0xd0 [ 384.865727][ C1] ? __kmalloc_node_track_caller_noprof+0x242/0x440 [ 384.865757][ C1] synproxy_send_tcp+0x356/0x6c0 [ 384.865784][ C1] synproxy_send_client_synack+0x8b8/0xf30 [ 384.865810][ C1] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 384.865831][ C1] ? synproxy_pernet+0x45/0x270 [ 384.865853][ C1] nft_synproxy_eval_v4+0x3ca/0x610 [ 384.865876][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 384.865897][ C1] ? nf_ip_checksum+0x13a/0x500 [ 384.865920][ C1] nft_synproxy_do_eval+0x362/0xa60 [ 384.865942][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 384.865962][ C1] ? validate_chain+0x11e/0x5920 [ 384.865981][ C1] ? __pfx_validate_chain+0x10/0x10 [ 384.866002][ C1] nft_do_chain+0x4ad/0x1da0 [ 384.866029][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 384.866049][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 384.866080][ C1] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 384.866098][ C1] nft_do_chain_inet+0x418/0x6b0 [ 384.866119][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 384.866139][ C1] ? ipt_do_table+0x312/0x1860 [ 384.866166][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 384.866185][ C1] nf_hook_slow+0xc3/0x220 [ 384.866204][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 384.866220][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 384.866237][ C1] NF_HOOK+0x29e/0x450 [ 384.866254][ C1] ? NF_HOOK+0x9a/0x450 [ 384.866269][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 384.866286][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 384.866306][ C1] ? ip_rcv_finish+0x406/0x560 [ 384.866323][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 384.866339][ C1] NF_HOOK+0x3a4/0x450 [ 384.866356][ C1] ? NF_HOOK+0x9a/0x450 [ 384.866371][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 384.866386][ C1] ? ip_rcv_core+0x801/0xd10 [ 384.866403][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 384.866422][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 384.866439][ C1] __netif_receive_skb+0x2bf/0x650 [ 384.866458][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 384.866478][ C1] ? __pfx___netif_receive_skb+0x10/0x10 [ 384.866495][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 384.866516][ C1] ? __pfx_lock_release+0x10/0x10 [ 384.866537][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 384.866562][ C1] process_backlog+0x662/0x15b0 [ 384.866582][ C1] ? process_backlog+0x33b/0x15b0 [ 384.866604][ C1] ? __pfx_process_backlog+0x10/0x10 [ 384.866622][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 384.866644][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 384.866666][ C1] __napi_poll+0xcb/0x490 [ 384.866685][ C1] net_rx_action+0x89b/0x1240 [ 384.866713][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 384.866731][ C1] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 384.866769][ C1] handle_softirqs+0x2c5/0x980 [ 384.866791][ C1] ? do_softirq+0x11b/0x1e0 [ 384.866810][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 384.866833][ C1] do_softirq+0x11b/0x1e0 [ 384.866851][ C1] [ 384.866856][ C1] [ 384.866862][ C1] ? __pfx_do_softirq+0x10/0x10 [ 384.866880][ C1] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 384.866904][ C1] ? rcu_is_watching+0x15/0xb0 [ 384.866921][ C1] __local_bh_enable_ip+0x1bb/0x200 [ 384.866940][ C1] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 384.866957][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 384.866977][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 384.866996][ C1] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 384.867015][ C1] nsim_dev_trap_report_work+0x75d/0xaa0 [ 384.867038][ C1] ? process_scheduled_works+0x976/0x1850 [ 384.867059][ C1] process_scheduled_works+0xa63/0x1850 [ 384.867091][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 384.867115][ C1] ? assign_work+0x364/0x3d0 [ 384.867136][ C1] worker_thread+0x870/0xd30 [ 384.867159][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 384.867181][ C1] ? __kthread_parkme+0x169/0x1d0 [ 384.867202][ C1] ? __pfx_worker_thread+0x10/0x10 [ 384.867222][ C1] kthread+0x2f0/0x390 [ 384.867236][ C1] ? __pfx_worker_thread+0x10/0x10 [ 384.867255][ C1] ? __pfx_kthread+0x10/0x10 [ 384.867269][ C1] ret_from_fork+0x4b/0x80 [ 384.867290][ C1] ? __pfx_kthread+0x10/0x10 [ 384.867305][ C1] ret_from_fork_asm+0x1a/0x30 [ 384.867332][ C1] [ 385.773193][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 385.780090][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0 [ 385.790609][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 385.800681][ T30] Call Trace: [ 385.803969][ T30] [ 385.806911][ T30] dump_stack_lvl+0x241/0x360 [ 385.811608][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 385.816822][ T30] ? __pfx__printk+0x10/0x10 [ 385.821465][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 385.827484][ T30] ? vscnprintf+0x5d/0x90 [ 385.831834][ T30] panic+0x349/0x880 [ 385.835751][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 385.841926][ T30] ? __pfx_panic+0x10/0x10 [ 385.846360][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 385.851751][ T30] ? __irq_work_queue_local+0x137/0x410 [ 385.857326][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 385.862800][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 385.868971][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 385.875142][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 385.881327][ T30] watchdog+0x1033/0x1040 [ 385.885688][ T30] ? watchdog+0x1ea/0x1040 [ 385.890133][ T30] ? __pfx_watchdog+0x10/0x10 [ 385.894825][ T30] kthread+0x2f0/0x390 [ 385.898908][ T30] ? __pfx_watchdog+0x10/0x10 [ 385.903603][ T30] ? __pfx_kthread+0x10/0x10 [ 385.908206][ T30] ret_from_fork+0x4b/0x80 [ 385.912729][ T30] ? __pfx_kthread+0x10/0x10 [ 385.917333][ T30] ret_from_fork_asm+0x1a/0x30 [ 385.922129][ T30] [ 385.925399][ T30] Kernel Offset: disabled [ 385.929716][ T30] Rebooting in 86400 seconds..