last executing test programs: 1m23.201176681s ago: executing program 3 (id=87): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/132, 0x84) lseek(r0, 0x0, 0x0) 1m10.648875154s ago: executing program 3 (id=87): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/132, 0x84) lseek(r0, 0x0, 0x0) 53.891645029s ago: executing program 3 (id=87): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/132, 0x84) lseek(r0, 0x0, 0x0) 38.266865457s ago: executing program 3 (id=87): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/132, 0x84) lseek(r0, 0x0, 0x0) 23.738361238s ago: executing program 3 (id=87): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/132, 0x84) lseek(r0, 0x0, 0x0) 6.062918149s ago: executing program 3 (id=87): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/132, 0x84) lseek(r0, 0x0, 0x0) 4.462120421s ago: executing program 0 (id=1311): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000140)={0x0, 0x0, 0x0, {0x0, @raw_data="234eb7ac38c29ad8e9ac894d6d51efbc986cd2f7099ec4429283aa085838aa26fd4b5c6794ee39b1cd771ce55ac793f07c19f0d31a44931bddbb710893a9ee9b8da950646610994f9af3a6f7d5a75ab206c7059275b0164b83f6acdca79251facbcbddb0d35d6cb6c10e83bb11c6705f3928e98f03f2d012abdfdd71fc450747d9c925730b249a3a1ddf85db9086773bccf79c8b031e028fc4072b7248e625b33248e8e71eda774dfbb67c8c1e493515c2bd8a23907feb7125e9cfc399de8f40c607bd34cda43209"}}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) 4.286589858s ago: executing program 0 (id=1314): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000100)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000080)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000004c0)={0x48, 0x5, r1, 0x0, 0xffffffffffffffff}) ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000600)={0x48, 0x8, r2, 0x0, 0x0, 0x1001, &(0x7f0000000540)='d', 0x4}) 4.099653334s ago: executing program 0 (id=1317): r0 = io_uring_setup(0xb3e, &(0x7f00000002c0)) r1 = socket$packet(0x11, 0x2, 0x300) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 3.705105482s ago: executing program 0 (id=1322): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000680)={0x80a0000, 0x10000}) 2.329586983s ago: executing program 1 (id=1326): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 2.213229708s ago: executing program 1 (id=1328): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001c00)=ANY=[@ANYBLOB="b7020000910c0000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000003000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000ba7ddd0000cb4500639100002000000000f20000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe11cc32a790bc0b80e80eae8f5e64be2c9d2d29db3dd33e51dd0d793936dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f745837bf3cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaa05000000000000007395019f02ec4b85f60000faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a129127156c7192a4251b59d378d0616a48c7957e122765c8b7e89eddfc3783f6c9129a7c5f8ee4191dc152f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b668c71e26032176066599783568628f0309c3a3706e1fa89917e131f403dfa85a379291b13417036d091a534a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd756d2f87b039d5430b3c6643e9146d2478ce31344b554aca78a0000000000000028bd86ccbc7caaddf3dd4c1fc0b5a7af627a12e787a4971d7b4067b0595a2066c998897360c1173c43d00a9b13e1244e5cfdd75df824b2cc581b48d75c8196d3f8e0f22d8b8ca6d0d20cefbc0eccc4a96bcf9366af2c19002e675abfc3a26d6cd80cabaa7f"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14) 2.087277402s ago: executing program 0 (id=1329): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000000), 0x10) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000380)={&(0x7f0000000100)={0x1d, r2}, 0x10, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7f668ca0000000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000004"], 0x48}}, 0x20000800) 2.010024944s ago: executing program 1 (id=1330): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) sendmmsg$inet(r1, &(0x7f0000002ac0)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)="2ea86ac93eb55b49b1a871a4919fc4171c13a16fe9c897c0f96ad767cc5d5d615e3cbf61ed8918865d46c52bcb65e9350c3c7db9221717a8c8cc8c50cbe9771567121f7f45717ef6101c83f9e59b3c83c251b2515256d0df6746098d04ed695d08363d00c67e89575ed9e4c71b5918cee1d27af3f0e2a432a6662b0ec63d925c18025af1e5d33178f71b2bf48e8c995e02c1ae6c510924ae6ea6e43d066e06a3814d17a9f094d2bb9841cbef", 0xac}], 0x1}}], 0x1, 0x48811) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) 1.950319801s ago: executing program 0 (id=1331): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x141202, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) 1.853812638s ago: executing program 4 (id=1332): r0 = io_uring_setup(0x31d3, &(0x7f00000000c0)) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000080), 0xc) read(r1, &(0x7f0000000180)=""/52, 0xfffffdef) ioctl$sock_qrtr_TIOCOUTQ(r1, 0x8916, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.568379521s ago: executing program 4 (id=1333): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0xa) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401) ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522) ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0) ioctl$USBDEVFS_FORBID_SUSPEND(r1, 0x5521) 1.321726178s ago: executing program 4 (id=1335): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = syz_io_uring_setup(0x239, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f00000002c0)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "2a100000ec070000005b459e8a00"}) 1.186902937s ago: executing program 1 (id=1337): r0 = syz_open_procfs(0x0, &(0x7f0000000280)='cmdline\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) r2 = syz_io_uring_setup(0x4973, &(0x7f0000000380)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000340)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1}) io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0) 1.154779792s ago: executing program 4 (id=1338): socket$inet_mptcp(0x2, 0x1, 0x106) socket$inet6(0xa, 0x80002, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x7fff, 0x2) syz_open_dev$video4linux(&(0x7f00000001c0), 0x0, 0x40300) pselect6(0x40, &(0x7f0000000000)={0xfc, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, 0x0, 0x0, 0x0, 0x0) 1.060088336s ago: executing program 2 (id=1339): r0 = socket$inet6(0xa, 0x40000080806, 0x0) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e60}, 0x1c) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r2 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) 985.040851ms ago: executing program 1 (id=1340): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000440)="0f23e066b9560b000066b80900000066ba000000000f300fc7aa0e000f01c8f20f0d810080260fd8ba00500f01c8c54dbfc4c28ddf870e000f20d86635080000000f22d8", 0x44}], 0x1, 0xe8, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 948.169829ms ago: executing program 4 (id=1341): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r1, 0x0) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000002840), 0x1, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) rt_sigprocmask(0x0, &(0x7f0000002fc0), &(0x7f0000003000), 0x8) 850.390213ms ago: executing program 2 (id=1342): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_UPDATE_FT_IES(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000400)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 686.781867ms ago: executing program 1 (id=1343): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000800)={0x6}) 660.842955ms ago: executing program 2 (id=1344): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2f4}}, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0xa) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, r0, {}, 0xa}}, 0x26) sendmmsg$inet(r1, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) 462.065427ms ago: executing program 2 (id=1345): syz_open_procfs(0x0, 0x0) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$sock(r1, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="22e15f6d66fb", 0x6}], 0x1}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001c40)="508b54099353f7fdd8cdb2583a1ddfd9e2fce73624a40d3b37ab2d6e881a76d9c7a426e51642ebbaf671430fe959a806cb7c9a3267bfdc32beeb6f4449ebdfd6e32a2f7e6db94baf90c0320c6f98a75c3da8cc568fa72c2b1c33fa9a802130fdffbaffd053921fdd4d253957373f05e02ecaac991325d3962d4194fbac06cfadf9ca0def812094d5d6862ee921ace8beb81c56df17edd137b7ebb80701d5ee19339c4c061866215a297e23f01760cba186e2fa1c53db4d55d89b76350179154d5c01c513a30d7043a789d11515889015fecd1dc8742e2f59d147a1cf29c8556c652f0917b3a2ebc32fe44a00e7fe2ed4812f55f42251481f9c461ab3566912cb067e2005b3d57dc7776b68730e9f32f62ebfb46b166509f3dd8e277478e0325f03e58c14c56112da94936d5f2b4a9a50b11edfe3dc31219817ba3a5cb43737ebc1ab7f2d6e256246356255b1681232a0e669080eb912a420f825f29fbce2ce1f0bb6867567c12e341e723a15e23dc03f5275c87649361efd8a4e4a23cbd9be1c2f6d14edc2a0f25576bf6d7a2e0d5d3a2a41473684fb12371b4b863e2c3eabedbc52bf894067356fa200511b9c18ea8afde308585c201ce0dc79815894f7b042ef428a5bda48368fe2d468bbc9cde2143bcd486729340f1a1b9befb6fc87cac6e9baea9d8df6c938e3aae3e5aa2e17e03d0426736e49a039f654e2021acabfc7d6fbb5003c16a509761c3e15393ba0b4137a47b88ff61223795e75932d5014d71d4da7b529fe7cf12d48a67cc8b695f42f12d67ec33f062773cb4433460335055d8c36bcf3a01dfd926c10cff3cbd02f333543940c8af9846a1ff6df78afaf822b3b729c62b10f7ceeab7e2dbc9cbcb01cf3edab1974fd65e04be1c230591787e4785bdeb835f1146fcd5d337d74e08a98c9a07bad9fd2b040e603b6650de440645abfb4efcfaba3f74d57f6d6d39be89689a94e306d9252a39d9ad13ccd16ea44fcb45cea7bfd690616d1b99899d8df0c9cdb9e81aede64d077d015c2987adbde48bcc988bd09e5a049841162e44582e34099018b5e2d81249cb1e5bb99474a7c8a0a3eda8fa3c9b71a45fa62e66b46aad01808db8a6c7da4ec513f8f4f89fdb5d88debc5ff3ab9ac4a738b1bbe6513a53a161be3500ca23af2b2568a1d22fb2438298920af03360cbdcb2c3175d8b734b281590d3cbfb944ad2067390697d6ae533bf76a8a5271efd292057eaaa5dd42e0a789016ba4ed0a1520f70deffbc096a907b30d2c4e91f94dab0c0dcbaac8a6c35c3710dacd09cfaa2a126ab55fa13518f70ea010e6081296976bc998adcbaa6d6979c693f0a4c8eaed14d8a4f3a69f1dff10", 0x3c4}], 0x1}}], 0x2, 0x20008881) 279.472705ms ago: executing program 2 (id=1346): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000bc0)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0xcdc}}, 0x0) 25.884851ms ago: executing program 2 (id=1347): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00', 0x10) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000003700)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/18, 0x12}], 0x1}}], 0x2, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000004c0)="9e685760794f93d5148a96de6f79285dad5de4da19e0", 0x16}], 0x1, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x5}], 0x18}, 0x0) 0s ago: executing program 4 (id=1348): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}}]}]}, 0x54}}, 0x0) kernel console output (not intermixed with test programs): connect, device number 6 [ 136.366981][ T6772] chnl_net:caif_netlink_parms(): no params data found [ 136.516980][ T6908] input: syz0 as /devices/virtual/input/input13 [ 136.744999][ T6772] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.752232][ T6772] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.781864][ T6772] bridge_slave_0: entered allmulticast mode [ 136.792591][ T6772] bridge_slave_0: entered promiscuous mode [ 136.822281][ T6772] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.839903][ T6772] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.848146][ T5273] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 136.856269][ T5273] cdc_ncm 3-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 136.863763][ T5273] cdc_ncm 3-1:1.0: setting rx_max = 2048 [ 136.869686][ T6772] bridge_slave_1: entered allmulticast mode [ 136.889383][ T6772] bridge_slave_1: entered promiscuous mode [ 137.047862][ T6772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.057899][ T5273] cdc_ncm 3-1:1.0: setting tx_max = 88 [ 137.077184][ T6772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 137.105115][ T5273] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 137.172452][ T5273] usb 3-1: USB disconnect, device number 8 [ 137.205969][ T5273] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP) [ 137.218146][ T6772] team0: Port device team_slave_0 added [ 137.241544][ T6772] team0: Port device team_slave_1 added [ 137.291393][ T5227] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 137.357490][ T6772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 137.375355][ T6772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.404930][ T6772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 137.418821][ T6772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 137.427467][ T6772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.453475][ C1] vkms_vblank_simulate: vblank timer overrun [ 137.491571][ T6772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 137.494822][ T5227] usb 1-1: Using ep0 maxpacket: 16 [ 137.543340][ T5227] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.581170][ T5227] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.591474][ T5227] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 137.641785][ T5227] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 137.660367][ T5227] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.685489][ T5227] usb 1-1: config 0 descriptor?? [ 137.696096][ T6772] hsr_slave_0: entered promiscuous mode [ 137.719556][ T6772] hsr_slave_1: entered promiscuous mode [ 137.756512][ T6772] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 137.785231][ T5237] Bluetooth: hci3: command tx timeout [ 137.790760][ T6772] Cannot create hsr debugfs directory [ 138.156211][ T5227] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.000A/input/input14 [ 138.225614][ T5227] microsoft 0003:045E:07DA.000A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 138.362687][ T5227] usb 1-1: USB disconnect, device number 10 [ 139.118188][ T6982] input: syz1 as /devices/virtual/input/input15 [ 139.865005][ T5237] Bluetooth: hci3: command tx timeout [ 140.026181][ T6772] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 140.051104][ T6772] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 140.125760][ T6772] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 140.191097][ T6772] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 140.326349][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 140.326365][ T29] audit: type=1326 audit(140.288:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7013 comm="syz.1.489" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fab1657cef9 code=0x0 [ 140.538615][ T6772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.621237][ T6772] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.672467][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.679682][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.760354][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.767618][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.026754][ T7034] pim6reg: entered allmulticast mode [ 141.081980][ T7034] batadv_slave_0: entered allmulticast mode [ 141.328435][ C1] sd 0:0:1:0: [sda] tag#6426 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 141.339021][ C1] sd 0:0:1:0: [sda] tag#6426 CDB: Read(6) 08 00 00 00 85 f0 [ 141.349436][ T6772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.595109][ T6772] veth0_vlan: entered promiscuous mode [ 141.639122][ T6772] veth1_vlan: entered promiscuous mode [ 141.739098][ T6772] veth0_macvtap: entered promiscuous mode [ 141.760282][ T6772] veth1_macvtap: entered promiscuous mode [ 141.799719][ T7063] input: syz0 as /devices/virtual/input/input16 [ 141.820751][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.854492][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.870220][ T7068] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 141.890327][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.915206][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.933059][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.944188][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.981147][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.004796][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.031515][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.054527][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.082190][ T6772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 142.098795][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.109566][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.144565][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.164522][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.184249][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.206845][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.226999][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.258484][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.284510][ T6772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.308198][ T6772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.333325][ T6772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.363009][ T6772] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.409350][ T6772] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.445072][ T6772] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.453816][ T6772] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.717938][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.741076][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.813037][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.836996][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.089044][ T7111] Bluetooth: MGMT ver 1.23 [ 143.221609][ T7116] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 143.737626][ T7141] Bluetooth: MGMT ver 1.23 [ 144.924487][ T7192] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.235653][ T5227] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 145.342083][ T997] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.425293][ T5227] usb 2-1: Using ep0 maxpacket: 32 [ 145.432684][ T5227] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 145.442942][ T5227] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.457324][ T5227] usb 2-1: config 0 descriptor?? [ 145.465881][ T5227] gspca_main: sq930x-2.14.0 probing 041e:403c [ 145.494646][ T5309] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 145.674568][ T5309] usb 1-1: Using ep0 maxpacket: 16 [ 145.681262][ T5309] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 145.690289][ T5309] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 145.699412][ T5309] usb 1-1: config 1 has no interface number 1 [ 145.710428][ T5309] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 145.724519][ T5309] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 145.742551][ T5309] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 145.752557][ T5309] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.760719][ T5309] usb 1-1: Product: syz [ 145.765047][ T5309] usb 1-1: Manufacturer: syz [ 145.769673][ T5309] usb 1-1: SerialNumber: syz [ 146.075984][ T5309] usb 1-1: 2:1 : no UAC_FORMAT_TYPE desc [ 146.101985][ T5309] usb 1-1: USB disconnect, device number 11 [ 146.294677][ T5271] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 146.342588][ T997] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.365278][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 146.374149][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 146.382335][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 146.402073][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 146.412268][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 146.436346][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 146.455560][ T997] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.494615][ T5271] usb 3-1: Using ep0 maxpacket: 16 [ 146.501453][ T5271] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 146.533921][ T5271] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 146.545049][ T5271] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 146.554120][ T5271] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.562443][ T5272] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 146.573859][ T5271] usb 3-1: config 0 descriptor?? [ 146.597927][ T997] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.724639][ T5227] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 146.730580][ T5227] sq930x 2-1:0.0: probe with driver sq930x failed with error -71 [ 146.788083][ T5272] usb 5-1: Using ep0 maxpacket: 8 [ 146.805603][ T5227] usb 2-1: USB disconnect, device number 4 [ 146.817653][ T5272] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 146.827982][ T5272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.836712][ T7215] chnl_net:caif_netlink_parms(): no params data found [ 146.837655][ T5272] usb 5-1: Product: syz [ 146.848928][ T5272] usb 5-1: Manufacturer: syz [ 146.853580][ T5272] usb 5-1: SerialNumber: syz [ 146.871018][ T5272] usb 5-1: config 0 descriptor?? [ 146.929561][ T997] bridge_slave_1: left allmulticast mode [ 146.936159][ T997] bridge_slave_1: left promiscuous mode [ 146.942079][ T997] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.962615][ T997] bridge_slave_0: left allmulticast mode [ 146.969063][ T997] bridge_slave_0: left promiscuous mode [ 146.975204][ T997] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.005892][ T5271] cp2112 0003:10C4:EA90.000B: unbalanced delimiter at end of report description [ 147.036668][ T5271] cp2112 0003:10C4:EA90.000B: parse failed [ 147.042626][ T5271] cp2112 0003:10C4:EA90.000B: probe with driver cp2112 failed with error -22 [ 147.109337][ T5272] usb 5-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 147.212543][ T5309] usb 3-1: USB disconnect, device number 9 [ 147.610594][ T7232] ptrace attach of "./syz-executor exec"[5876] was attempted by "\x0c "[7232] [ 147.717441][ T997] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 147.729006][ T997] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 147.745550][ T997] bond0 (unregistering): Released all slaves [ 147.976193][ T7215] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.983403][ T7215] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.001327][ T7215] bridge_slave_0: entered allmulticast mode [ 148.014955][ T7215] bridge_slave_0: entered promiscuous mode [ 148.084907][ T7244] unknown channel width for channel at 909000KHz? [ 148.091410][ T7244] unknown channel width for channel at 909000KHz? [ 148.098248][ T7215] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.110611][ T7215] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.164671][ T7215] bridge_slave_1: entered allmulticast mode [ 148.171887][ T7215] bridge_slave_1: entered promiscuous mode [ 148.254562][ T5273] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 148.511392][ T5238] Bluetooth: hci3: command tx timeout [ 148.673577][ T5272] usb write operation failed. (-71) [ 148.699303][ T997] hsr_slave_0: left promiscuous mode [ 148.726291][ T5272] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 148.764568][ T997] hsr_slave_1: left promiscuous mode [ 148.775254][ T5272] dvbdev: DVB: registering new adapter (Terratec H7) [ 148.782346][ T5272] usb 5-1: media controller created [ 148.805264][ T997] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 148.812727][ T997] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 148.854883][ T5272] usb read operation failed. (-71) [ 148.861545][ T997] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 148.869258][ T5272] usb write operation failed. (-71) [ 148.874569][ T997] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 148.917592][ T5272] dvb_usb_az6007 5-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 148.985936][ T5272] usb 5-1: USB disconnect, device number 7 [ 149.004927][ T997] veth1_macvtap: left promiscuous mode [ 149.010519][ T997] veth0_macvtap: left promiscuous mode [ 149.054920][ T997] veth1_vlan: left promiscuous mode [ 149.061680][ T997] veth0_vlan: left promiscuous mode [ 149.814478][ T98] block nbd2: Possible stuck request ffff888026008000: control (read@0,4096B). Runtime 60 seconds [ 150.247298][ T29] audit: type=1326 audit(150.208:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.332538][ T29] audit: type=1326 audit(150.208:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.373463][ T29] audit: type=1326 audit(150.208:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.395160][ T29] audit: type=1326 audit(150.208:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.419573][ T29] audit: type=1326 audit(150.208:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.482185][ T29] audit: type=1326 audit(150.228:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.584735][ T5238] Bluetooth: hci3: command tx timeout [ 150.604708][ T29] audit: type=1326 audit(150.228:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.655001][ T29] audit: type=1326 audit(150.228:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.724663][ T29] audit: type=1326 audit(150.228:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.762383][ T7273] loop9: detected capacity change from 0 to 7 [ 150.769576][ T29] audit: type=1326 audit(150.228:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 150.801636][ T7273] Dev loop9: unable to read RDB block 7 [ 150.816549][ T7273] loop9: AHDI p1 p3 p4 [ 150.831062][ T7273] loop9: partition table partially beyond EOD, truncated [ 150.842876][ T7273] loop9: p1 start 2048 is beyond EOD, truncated [ 150.850858][ T7273] loop9: p3 size 16779293 extends beyond EOD, truncated [ 151.296385][ T997] team0 (unregistering): Port device team_slave_1 removed [ 151.392950][ T997] team0 (unregistering): Port device team_slave_0 removed [ 151.944795][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 152.104744][ T7299] loop9: detected capacity change from 0 to 7 [ 152.141532][ T7299] Dev loop9: unable to read RDB block 7 [ 152.164204][ T7299] loop9: unable to read partition table [ 152.191987][ T7299] loop9: partition table beyond EOD, truncated [ 152.204702][ T7299] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 152.204702][ T7299] ) failed (rc=-5) [ 152.302886][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 152.411110][ T7304] tls_set_device_offload_rx: netdev not found [ 152.665486][ T5238] Bluetooth: hci3: command tx timeout [ 152.933507][ T7289] bridge0: entered promiscuous mode [ 152.950214][ T7289] bridge0: left promiscuous mode [ 153.014632][ T7309] netlink: 16 bytes leftover after parsing attributes in process `syz.4.584'. [ 153.023768][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 153.070232][ T7309] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (14) [ 153.080150][ T7309] Zero length message leads to an empty skb [ 153.094716][ T5272] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 153.138225][ T7215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 153.177321][ T7215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.307312][ T5272] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.316484][ T7215] team0: Port device team_slave_0 added [ 153.342937][ T5272] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 153.356259][ T7215] team0: Port device team_slave_1 added [ 153.365877][ T5272] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.395497][ T5272] usb 1-1: Product: syz [ 153.400384][ T5272] usb 1-1: Manufacturer: syz [ 153.432076][ T5272] usb 1-1: SerialNumber: syz [ 153.479521][ T7215] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 153.509031][ T7215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.543724][ T7215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 153.564593][ T7215] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 153.571574][ T7215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.606437][ T7215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 153.733164][ T7215] hsr_slave_0: entered promiscuous mode [ 153.757976][ T7215] hsr_slave_1: entered promiscuous mode [ 153.768404][ T7215] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 153.779536][ T7215] Cannot create hsr debugfs directory [ 153.977242][ T7329] netlink: 32 bytes leftover after parsing attributes in process `syz.1.592'. [ 153.993662][ T5227] IPVS: starting estimator thread 0... [ 154.084899][ T7330] IPVS: using max 20 ests per chain, 48000 per kthread [ 154.156717][ T7332] netlink: 48 bytes leftover after parsing attributes in process `syz.1.593'. [ 154.241995][ T5227] kernel write not supported for file /input/mice (pid: 5227 comm: kworker/0:3) [ 154.405642][ T7338] loop0: detected capacity change from 0 to 7 [ 154.433556][ T7338] loop0: [CUMANA/ADFS] p1 [ADFS] p1 [ 154.449199][ T7338] loop0: partition table partially beyond EOD, truncated [ 154.467260][ T7338] loop0: p1 size 1748753132 extends beyond EOD, truncated [ 154.501461][ T5272] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 154.509178][ T5272] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 154.519880][ T5272] cdc_ncm 1-1:1.0: setting rx_max = 2048 [ 154.567026][ T7215] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 154.603043][ T7215] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 154.645994][ T7215] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 154.667952][ T7215] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 154.709248][ T5272] cdc_ncm 1-1:1.0: setting tx_max = 184 [ 154.733151][ T5272] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 154.744996][ T5238] Bluetooth: hci3: command tx timeout [ 154.787545][ T5272] usb 1-1: USB disconnect, device number 12 [ 154.805491][ T5272] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP) [ 154.918684][ T7215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 154.952229][ T7215] 8021q: adding VLAN 0 to HW filter on device team0 [ 154.954748][ T5309] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 154.991321][ T2895] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.998524][ T2895] bridge0: port 1(bridge_slave_0) entered forwarding state [ 155.018175][ T2895] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.025396][ T2895] bridge0: port 2(bridge_slave_1) entered forwarding state [ 155.164971][ T5309] usb 2-1: config 0 has no interfaces? [ 155.193478][ T5309] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 155.214150][ T5309] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.238256][ T5309] usb 2-1: Product: syz [ 155.243822][ T5309] usb 2-1: Manufacturer: syz [ 155.264663][ T5309] usb 2-1: SerialNumber: syz [ 155.280844][ T5309] usb 2-1: config 0 descriptor?? [ 155.483908][ T7378] sp0: Synchronizing with TNC [ 155.508584][ T7215] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 155.530099][ T5301] usb 2-1: USB disconnect, device number 5 [ 155.536918][ T7378] sp0: Found TNC [ 155.671789][ T7215] veth0_vlan: entered promiscuous mode [ 155.709874][ T7215] veth1_vlan: entered promiscuous mode [ 155.788516][ T7215] veth0_macvtap: entered promiscuous mode [ 155.811085][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 155.811104][ T29] audit: type=1326 audit(411.767:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.4.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 155.859454][ T7215] veth1_macvtap: entered promiscuous mode [ 155.905837][ T29] audit: type=1326 audit(411.767:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.4.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 155.910723][ T7392] netlink: 12 bytes leftover after parsing attributes in process `syz.4.616'. [ 155.939821][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.971213][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.981405][ T29] audit: type=1326 audit(411.767:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.4.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 156.021507][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.036366][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.046498][ T29] audit: type=1326 audit(411.767:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.4.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 156.068142][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.084638][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.099183][ T29] audit: type=1326 audit(411.767:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.4.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 156.125616][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.143902][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.157676][ T29] audit: type=1326 audit(411.767:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.4.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 156.179817][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.190723][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.211736][ T29] audit: type=1326 audit(411.767:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.4.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 156.237287][ T7215] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.258230][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.280118][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.311350][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.334454][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.344325][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.374537][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.390129][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.414588][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.424727][ T7215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.435280][ T7215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.448819][ T7215] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.500442][ T7215] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.530976][ T7215] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.553168][ T7215] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.562112][ T7215] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.653693][ T7407] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 156.701810][ T7407] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 156.713609][ T29] audit: type=1326 audit(412.667:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7408 comm="syz.0.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 156.804973][ T29] audit: type=1326 audit(412.667:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7408 comm="syz.0.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 156.864887][ T1831] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.883600][ T29] audit: type=1326 audit(412.667:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7408 comm="syz.0.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c2b7cef9 code=0x7ffc0000 [ 156.890049][ T1831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 156.989613][ T7415] netlink: 'syz.4.626': attribute type 9 has an invalid length. [ 157.010548][ T7415] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.626'. [ 157.012576][ T997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.064873][ T997] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.121837][ T7420] netlink: 'syz.4.626': attribute type 9 has an invalid length. [ 157.155029][ T7420] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.626'. [ 157.974510][ T25] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 157.994515][ T5301] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 158.187237][ T25] usb 1-1: New USB device found, idVendor=05ac, idProduct=0223, bcdDevice=e1.fc [ 158.197830][ T5301] usb 5-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config [ 158.199681][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.224902][ T5301] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 158.236727][ T25] usb 1-1: config 0 descriptor?? [ 158.247704][ T25] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input17 [ 158.249704][ T5301] usb 5-1: config 1 has no interface number 0 [ 158.280699][ T5301] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.299384][ T5301] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 158.315635][ T5301] usb 5-1: too many endpoints for config 1 interface 1 altsetting 1: 97, using maximum allowed: 30 [ 158.328117][ T5301] usb 5-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 97 [ 158.366221][ T5301] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 158.375697][ T5301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.383703][ T5301] usb 5-1: Product: syz [ 158.390713][ T5301] usb 5-1: Manufacturer: syz [ 158.395818][ T5301] usb 5-1: SerialNumber: syz [ 158.525414][ T5271] usb 1-1: USB disconnect, device number 13 [ 158.535850][ T4660] bcm5974 1-1:0.0: could not read from device [ 158.545554][ T4660] bcm5974 1-1:0.0: could not read from device [ 158.606710][ T25] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 158.806781][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 158.813572][ T25] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 158.822469][ T25] usb 2-1: config 179 has no interface number 0 [ 158.833875][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 158.847919][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 158.867455][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 158.878667][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 158.890330][ T25] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 158.903610][ T25] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 158.912819][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.927855][ T7475] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 159.191215][ T5272] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input18 [ 159.237073][ T5301] cdc_ncm 5-1:1.1: failed GET_NTB_PARAMETERS [ 159.243217][ T5301] cdc_ncm 5-1:1.1: bind() failure [ 159.253273][ T5301] usb 5-1: USB disconnect, device number 8 [ 159.396300][ T5271] usb 2-1: USB disconnect, device number 6 [ 159.402181][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 159.402224][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 159.441912][ T25] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 159.485988][ T5271] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 159.542514][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.654665][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 159.666716][ T25] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 159.678046][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.686263][ T25] usb 1-1: Product: syz [ 159.690501][ T25] usb 1-1: Manufacturer: syz [ 159.698183][ T25] usb 1-1: SerialNumber: syz [ 159.704275][ T25] usb 1-1: config 0 descriptor?? [ 159.921523][ T25] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 160.253287][ T7491] netlink: 'syz.4.661': attribute type 1 has an invalid length. [ 160.262971][ T7491] netlink: 80 bytes leftover after parsing attributes in process `syz.4.661'. [ 160.408030][ T7496] netlink: 'syz.4.662': attribute type 1 has an invalid length. [ 160.589849][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.655138][ T5237] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 160.672795][ T5237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 160.687541][ T5237] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 160.697901][ T5237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 160.717678][ T5237] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 160.726884][ T5237] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 160.730536][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.814721][ T5227] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 160.873345][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.919730][ T7507] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 160.927775][ T25] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 160.966163][ T25] usb 1-1: USB disconnect, device number 14 [ 161.009444][ T5227] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 161.049233][ T5227] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 161.080472][ T5227] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 161.111935][ T5227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 161.144353][ T5227] usb 5-1: SerialNumber: syz [ 161.147729][ T7504] chnl_net:caif_netlink_parms(): no params data found [ 161.221293][ T11] bridge_slave_1: left allmulticast mode [ 161.231554][ T11] bridge_slave_1: left promiscuous mode [ 161.237578][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.251629][ T11] bridge_slave_0: left allmulticast mode [ 161.263724][ T11] bridge_slave_0: left promiscuous mode [ 161.273197][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.399302][ T5227] usb 5-1: 0:2 : does not exist [ 161.435090][ T5227] usb 5-1: USB disconnect, device number 9 [ 161.958066][ T7537] ALSA: seq fatal error: cannot create timer (-22) [ 162.045941][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.074234][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.092851][ T11] bond0 (unregistering): Released all slaves [ 162.161359][ T7523] netlink: 56 bytes leftover after parsing attributes in process `syz.2.670'. [ 162.435848][ T7555] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 162.646507][ T7562] tls_set_device_offload_rx: netdev not found [ 162.756363][ T7504] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.763627][ T7504] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.778384][ T7504] bridge_slave_0: entered allmulticast mode [ 162.793254][ T7504] bridge_slave_0: entered promiscuous mode [ 162.832846][ T5238] Bluetooth: hci3: command tx timeout [ 162.851124][ T7566] serio: Serial port pts0 [ 162.943640][ T7504] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.969588][ T7504] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.059327][ T7504] bridge_slave_1: entered allmulticast mode [ 163.069965][ T7504] bridge_slave_1: entered promiscuous mode [ 163.215299][ T11] hsr_slave_0: left promiscuous mode [ 163.247399][ T11] hsr_slave_1: left promiscuous mode [ 163.274866][ T7576] kernel profiling enabled (shift: 0) [ 163.281771][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.296367][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.308484][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.321822][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.360870][ T11] veth1_macvtap: left promiscuous mode [ 163.369892][ T11] veth0_macvtap: left promiscuous mode [ 163.378208][ T11] veth1_vlan: left promiscuous mode [ 163.383646][ T11] veth0_vlan: left promiscuous mode [ 163.886526][ T7591] netlink: 80 bytes leftover after parsing attributes in process `syz.4.698'. [ 164.099730][ T7594] block nbd0: shutting down sockets [ 164.557531][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 164.635656][ T7576] syz.1.692: vmalloc error: size 729808896, failed to allocated page array size 1425408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 164.655225][ T7576] CPU: 0 UID: 0 PID: 7576 Comm: syz.1.692 Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 [ 164.665868][ T7576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 164.675945][ T7576] Call Trace: [ 164.679246][ T7576] [ 164.682192][ T7576] dump_stack_lvl+0x241/0x360 [ 164.686887][ T7576] ? __pfx_dump_stack_lvl+0x10/0x10 [ 164.692077][ T7576] ? __pfx__printk+0x10/0x10 [ 164.696781][ T7576] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 164.703194][ T7576] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 164.709779][ T7576] warn_alloc+0x278/0x410 [ 164.714116][ T7576] ? __pfx_warn_alloc+0x10/0x10 [ 164.718992][ T7576] ? profile_init+0xb1/0x100 [ 164.723590][ T7576] ? __get_vm_area_node+0x23d/0x270 [ 164.728797][ T7576] __vmalloc_node_range_noprof+0x6a2/0x1400 [ 164.734718][ T7576] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 164.741041][ T7576] ? rcu_is_watching+0x15/0xb0 [ 164.745805][ T7576] ? rcu_is_watching+0x15/0xb0 [ 164.750567][ T7576] ? profile_init+0xb1/0x100 [ 164.755151][ T7576] ? __pfx_sysfs_kf_write+0x10/0x10 [ 164.760344][ T7576] vzalloc_noprof+0x79/0x90 [ 164.764853][ T7576] ? profile_init+0xb1/0x100 [ 164.769446][ T7576] profile_init+0xb1/0x100 [ 164.773858][ T7576] profiling_store+0x6c/0xf0 [ 164.778460][ T7576] kernfs_fop_write_iter+0x3a1/0x500 [ 164.783746][ T7576] vfs_write+0xa72/0xc90 [ 164.787990][ T7576] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 164.793792][ T7576] ? __pfx_vfs_write+0x10/0x10 [ 164.798555][ T7576] ? do_futex+0x33b/0x560 [ 164.802902][ T7576] ksys_write+0x1a0/0x2c0 [ 164.807238][ T7576] ? __pfx_ksys_write+0x10/0x10 [ 164.812089][ T7576] ? do_syscall_64+0x100/0x230 [ 164.816853][ T7576] ? do_syscall_64+0xb6/0x230 [ 164.821529][ T7576] do_syscall_64+0xf3/0x230 [ 164.826031][ T7576] ? clear_bhb_loop+0x35/0x90 [ 164.830708][ T7576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.836632][ T7576] RIP: 0033:0x7fab1657cef9 [ 164.841044][ T7576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.860642][ T7576] RSP: 002b:00007fab173be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 164.869054][ T7576] RAX: ffffffffffffffda RBX: 00007fab16735f80 RCX: 00007fab1657cef9 [ 164.877023][ T7576] RDX: 0000000000000048 RSI: 0000000020000280 RDI: 0000000000000003 [ 164.885002][ T7576] RBP: 00007fab165ef046 R08: 0000000000000000 R09: 0000000000000000 [ 164.892990][ T7576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.900964][ T7576] R13: 0000000000000000 R14: 00007fab16735f80 R15: 00007ffe153d6828 [ 164.908954][ T7576] [ 164.916491][ T5238] Bluetooth: hci3: command tx timeout [ 164.934623][ T7576] Mem-Info: [ 164.937787][ T7576] active_anon:236 inactive_anon:4010 isolated_anon:0 [ 164.937787][ T7576] active_file:4750 inactive_file:34859 isolated_file:0 [ 164.937787][ T7576] unevictable:768 dirty:348 writeback:0 [ 164.937787][ T7576] slab_reclaimable:9325 slab_unreclaimable:95581 [ 164.937787][ T7576] mapped:24758 shmem:1231 pagetables:758 [ 164.937787][ T7576] sec_pagetables:0 bounce:0 [ 164.937787][ T7576] kernel_misc_reclaimable:0 [ 164.937787][ T7576] free:1335837 free_pcp:1411 free_cma:0 [ 165.009690][ T7576] Node 0 active_anon:944kB inactive_anon:16040kB active_file:18932kB inactive_file:139436kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99032kB dirty:1388kB writeback:0kB shmem:3388kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10332kB pagetables:2932kB sec_pagetables:0kB all_unreclaimable? no [ 165.062205][ T7576] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 165.101859][ T7576] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 165.181615][ T7576] lowmem_reserve[]: 0 2469 2470 0 0 [ 165.186968][ T7576] Node 0 DMA32 free:1378504kB boost:0kB min:34244kB low:42804kB high:51364kB reserved_highatomic:0KB active_anon:940kB inactive_anon:19852kB active_file:17944kB inactive_file:139372kB unevictable:1536kB writepending:1396kB present:3129332kB managed:2557024kB mlocked:0kB bounce:0kB free_pcp:2960kB local_pcp:1484kB free_cma:0kB [ 165.232674][ T7576] lowmem_reserve[]: 0 0 1 0 0 [ 165.261698][ T7576] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:988kB inactive_file:64kB unevictable:0kB writepending:4kB present:1048576kB managed:1128kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 165.303250][ T7576] lowmem_reserve[]: 0 0 0 0 [ 165.310676][ T11] team0 (unregistering): Port device team_slave_1 removed [ 165.323404][ T7576] 0 [ 165.339098][ T7576] Node 1 Normal free:3945084kB boost:0kB min:55644kB low:69552kB high:83460kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:2548kB local_pcp:2548kB free_cma:0kB [ 165.394058][ T7576] lowmem_reserve[]: 0 0 0 0 0 [ 165.416393][ T7576] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 165.429405][ T7576] Node 0 DMA32: 2*4kB (ME) 3*8kB (UME) 3*16kB (UME) 0*32kB 6*64kB (UE) 4*128kB (UME) 8*256kB (UME) 4*512kB (ME) 5*1024kB (UM) 5*2048kB (UME) 330*4096kB (M) = 1372112kB [ 165.460048][ T11] team0 (unregistering): Port device team_slave_0 removed [ 165.481748][ T7576] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 165.500706][ T7576] Node 1 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 1*32kB (M) 5*64kB (U) 4*128kB (U) 3*256kB (UM) 4*512kB (UM) 3*1024kB (U) 3*2048kB (UM) 960*4096kB (UM) = 3945084kB [ 165.539785][ T7576] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 165.576825][ T7576] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 165.596524][ T7576] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 165.627344][ T7576] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 165.639639][ T7576] 41029 total pagecache pages [ 165.644379][ T7576] 0 pages in swap cache [ 165.652811][ T7576] Free swap = 124684kB [ 165.663960][ T7576] Total swap = 124996kB [ 165.668222][ T7576] 2097051 pages RAM [ 165.673085][ T7576] 0 pages HighMem/MovableOnly [ 165.678170][ T7576] 426393 pages reserved [ 165.689395][ T7576] 0 pages cma reserved [ 166.520006][ T7504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.550458][ T7504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.814131][ T7504] team0: Port device team_slave_0 added [ 166.864179][ T7504] team0: Port device team_slave_1 added [ 166.984757][ T5238] Bluetooth: hci3: command tx timeout [ 166.992913][ T7504] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.003393][ T7504] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.082860][ T7504] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.134897][ T7504] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.143957][ T7504] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.172305][ T7504] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.264588][ T5301] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 167.286181][ T7504] hsr_slave_0: entered promiscuous mode [ 167.294969][ T7504] hsr_slave_1: entered promiscuous mode [ 167.303976][ T7504] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 167.312262][ T7504] Cannot create hsr debugfs directory [ 167.324903][ T25] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 167.464726][ T5301] usb 5-1: Using ep0 maxpacket: 32 [ 167.474589][ T5301] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 167.493055][ T5301] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 167.515282][ T5301] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 167.543110][ T5301] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 167.553305][ T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 167.558075][ T5301] usb 5-1: config 0 interface 0 has no altsetting 0 [ 167.581307][ T5301] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 167.591877][ T5301] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 167.600537][ T5301] usb 5-1: Product: syz [ 167.600770][ T25] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 167.604935][ T5301] usb 5-1: Manufacturer: syz [ 167.604955][ T5301] usb 5-1: SerialNumber: syz [ 167.625462][ T5301] usb 5-1: config 0 descriptor?? [ 167.630573][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 167.630601][ T25] usb 3-1: Product: syz [ 167.630617][ T25] usb 3-1: Manufacturer: syz [ 167.630633][ T25] usb 3-1: SerialNumber: syz [ 167.670406][ T5301] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 167.698468][ T5301] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 167.930445][ T7504] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 167.942142][ T7504] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 167.953929][ T7504] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 167.967394][ T7504] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 168.065816][ T7504] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.089377][ T7504] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.102383][ T997] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.109659][ T997] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.129772][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.136922][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.418221][ T7652] netlink: 12 bytes leftover after parsing attributes in process `syz.0.720'. [ 168.503490][ T7504] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 168.588164][ T7504] veth0_vlan: entered promiscuous mode [ 168.620051][ T7504] veth1_vlan: entered promiscuous mode [ 168.680019][ T7504] veth0_macvtap: entered promiscuous mode [ 168.695461][ T7504] veth1_macvtap: entered promiscuous mode [ 168.714695][ T25] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 168.721212][ T25] cdc_ncm 3-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 168.733446][ T25] cdc_ncm 3-1:1.0: setting rx_max = 2048 [ 168.743790][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.756609][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.766807][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.777500][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.787472][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.799491][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.809428][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.823372][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.833808][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.844722][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.857227][ T7504] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 168.878021][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.897918][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.912676][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.923511][ T25] cdc_ncm 3-1:1.0: setting tx_max = 184 [ 168.932216][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.943261][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.954043][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.966487][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.978500][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.990757][ T7504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 169.001888][ T7504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.013944][ T7504] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 169.027997][ T25] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 169.046626][ T7504] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.060739][ T7504] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.070489][ T5238] Bluetooth: hci3: command tx timeout [ 169.076419][ T25] usb 3-1: USB disconnect, device number 11 [ 169.082959][ T25] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP) [ 169.084731][ T7504] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.106567][ T7504] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.221420][ T1831] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 169.254642][ T1831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 169.304198][ T1831] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 169.323616][ T1831] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 169.835478][ T25] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 170.009513][ T5309] usb 5-1: USB disconnect, device number 10 [ 170.028697][ T5309] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 170.055817][ T25] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 170.064690][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 170.075009][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.096977][ T25] usb 1-1: config 0 descriptor?? [ 170.257582][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.284527][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 170.315002][ T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 170.325694][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.340159][ T8] usb 2-1: config 0 descriptor?? [ 170.778081][ T8] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 170.798032][ T8] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 171.055226][ T8] usb 2-1: USB disconnect, device number 7 [ 171.231194][ T7722] 9pnet: p9_errstr2errno: server reported unknown error ^P [ 171.300037][ T7726] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 171.356095][ T25] pegasus 1-1:0.0: can't reset MAC [ 171.361470][ T25] pegasus 1-1:0.0: probe with driver pegasus failed with error -5 [ 171.395139][ T25] usb 1-1: USB disconnect, device number 15 [ 172.025532][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.944492][ T7761] ALSA: mixer_oss: invalid OSS volume 'Units' [ 172.976403][ T7761] ALSA: mixer_oss: invalid OSS volume 'Max' [ 172.982368][ T7761] ALSA: mixer_oss: invalid OSS volume 'Max' [ 173.357668][ T5237] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 173.377489][ T5237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 173.388263][ T5237] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 173.402775][ T5237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 173.412152][ T5237] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 173.419746][ T5237] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 173.519387][ T5272] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 173.531873][ T7787] warning: `syz.4.772' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 173.724746][ T5272] usb 1-1: Using ep0 maxpacket: 8 [ 173.737648][ T5272] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 173.774791][ T5272] usb 1-1: config 179 has no interface number 0 [ 173.785071][ T5272] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 173.833518][ T7781] chnl_net:caif_netlink_parms(): no params data found [ 173.841343][ T5272] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 173.868066][ T5272] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 173.915186][ T5272] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 173.948676][ T5272] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 173.957885][ T5272] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.971261][ T7776] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 174.178457][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.200926][ T7781] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.218332][ T7781] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.226047][ T5272] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input20 [ 174.249087][ T7781] bridge_slave_0: entered allmulticast mode [ 174.279189][ T7781] bridge_slave_0: entered promiscuous mode [ 174.366658][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.407907][ T7781] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.434128][ T7781] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.443554][ T5272] usb 1-1: USB disconnect, device number 16 [ 174.449512][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 174.449561][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 174.459364][ T7781] bridge_slave_1: entered allmulticast mode [ 174.493017][ T5272] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 174.495933][ T7781] bridge_slave_1: entered promiscuous mode [ 174.624234][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.653078][ T7781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.677009][ T7781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.787178][ T7781] team0: Port device team_slave_0 added [ 174.803965][ T7781] team0: Port device team_slave_1 added [ 174.810159][ T5227] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 174.904949][ T7781] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.911945][ T7781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.943527][ T7781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.957281][ T7781] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.964299][ T7781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.029850][ T5227] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.051648][ T5227] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.080265][ T7781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.101373][ T5227] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 175.125481][ T5227] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.142460][ T5227] usb 3-1: config 0 descriptor?? [ 175.204515][ T7847] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 175.211415][ T7847] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 175.225261][ T7847] vhci_hcd vhci_hcd.0: Device attached [ 175.255222][ T7847] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 175.261789][ T7847] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 175.270511][ T7847] vhci_hcd vhci_hcd.0: Device attached [ 175.287093][ T7853] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 175.299355][ T5272] kernel read not supported for file /vga_arbiter (pid: 5272 comm: kworker/1:5) [ 175.314737][ T7847] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 175.321295][ T7847] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 175.335453][ T11] bridge_slave_1: left allmulticast mode [ 175.344106][ T11] bridge_slave_1: left promiscuous mode [ 175.348558][ T7856] netlink: 8 bytes leftover after parsing attributes in process `syz.0.795'. [ 175.359822][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.370682][ T7847] vhci_hcd vhci_hcd.0: Device attached [ 175.394237][ T7857] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(10) [ 175.400894][ T7857] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 175.424995][ T25] vhci_hcd: vhci_device speed not set [ 175.446009][ T11] bridge_slave_0: left allmulticast mode [ 175.451700][ T11] bridge_slave_0: left promiscuous mode [ 175.457655][ T7857] vhci_hcd vhci_hcd.0: Device attached [ 175.473426][ T5237] Bluetooth: hci3: command tx timeout [ 175.474638][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.526424][ T25] usb 11-1: new full-speed USB device number 2 using vhci_hcd [ 175.562731][ T7847] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 175.563423][ T7857] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 175.569279][ T7847] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 175.594094][ T5227] sony 0003:054C:0268.000D: unknown main item tag 0x0 [ 175.602140][ T7847] vhci_hcd vhci_hcd.0: Device attached [ 175.618500][ T5227] sony 0003:054C:0268.000D: hiddev0,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.2-1/input0 [ 175.644783][ T5227] sony 0003:054C:0268.000D: failed to claim input [ 175.666296][ T7865] netlink: 88 bytes leftover after parsing attributes in process `syz.4.797'. [ 175.704898][ T7858] vhci_hcd: connection closed [ 175.707685][ T7852] vhci_hcd: connection closed [ 175.709878][ T7850] vhci_hcd: connection closed [ 175.714979][ T7862] vhci_hcd: connection closed [ 175.719797][ T7848] vhci_hcd: connection reset by peer [ 175.728289][ T7865] netlink: 48 bytes leftover after parsing attributes in process `syz.4.797'. [ 175.743266][ T61] vhci_hcd: stop threads [ 175.756355][ T61] vhci_hcd: release socket [ 175.775103][ T61] vhci_hcd: disconnect device [ 175.804606][ T61] vhci_hcd: stop threads [ 175.808910][ T61] vhci_hcd: release socket [ 175.830241][ T61] vhci_hcd: disconnect device [ 175.850639][ T61] vhci_hcd: stop threads [ 175.859694][ T61] vhci_hcd: release socket [ 175.866901][ T9] usb 3-1: USB disconnect, device number 12 [ 175.889565][ T61] vhci_hcd: disconnect device [ 175.905092][ T61] vhci_hcd: stop threads [ 175.909674][ T61] vhci_hcd: release socket [ 175.914253][ T61] vhci_hcd: disconnect device [ 175.919802][ T61] vhci_hcd: stop threads [ 175.935354][ T61] vhci_hcd: release socket [ 175.951936][ T61] vhci_hcd: disconnect device [ 176.808550][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 176.831968][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.851029][ T11] bond0 (unregistering): Released all slaves [ 176.874828][ T7781] hsr_slave_0: entered promiscuous mode [ 176.902330][ T7781] hsr_slave_1: entered promiscuous mode [ 176.939827][ T7781] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 176.960891][ T7781] Cannot create hsr debugfs directory [ 177.253774][ T7908] loop0: detected capacity change from 0 to 128 [ 177.288757][ T7908] loop0: [CUMANA/ADFS] p1 [ADFS] p1 [ 177.314602][ T7908] loop0: partition table partially beyond EOD, truncated [ 177.329713][ T7908] loop0: p1 size 348879409 extends beyond EOD, truncated [ 177.546376][ T5237] Bluetooth: hci3: command tx timeout [ 177.580564][ T11] hsr_slave_0: left promiscuous mode [ 177.588478][ T11] hsr_slave_1: left promiscuous mode [ 177.596408][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 177.604112][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.625549][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 177.626829][ T7924] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 177.633081][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 177.724095][ T11] veth1_macvtap: left promiscuous mode [ 177.752701][ T11] veth0_macvtap: left promiscuous mode [ 177.764715][ T11] veth1_vlan: left promiscuous mode [ 177.770539][ T11] veth0_vlan: left promiscuous mode [ 177.917178][ T7939] loop2: detected capacity change from 0 to 7 [ 177.967247][ T7939] Dev loop2: unable to read RDB block 7 [ 177.983664][ T7939] loop2: unable to read partition table [ 178.014760][ T7939] loop2: partition table beyond EOD, truncated [ 178.034893][ T7939] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 178.974100][ T7977] netlink: 48 bytes leftover after parsing attributes in process `syz.0.842'. [ 179.423557][ T7987] nullb0: AHDI p1 p2 [ 179.445641][ T7987] nullb0: p1 start 3945035761 is beyond EOD, truncated [ 179.475155][ T11] team0 (unregistering): Port device team_slave_1 removed [ 179.529884][ T7993] ALSA: seq fatal error: cannot create timer (-16) [ 179.607377][ T11] team0 (unregistering): Port device team_slave_0 removed [ 179.624710][ T5237] Bluetooth: hci3: command tx timeout [ 179.866690][ T98] block nbd2: Possible stuck request ffff888026008000: control (read@0,4096B). Runtime 90 seconds [ 180.674915][ T25] vhci_hcd: vhci_device speed not set [ 181.704705][ T5237] Bluetooth: hci3: command tx timeout [ 182.057589][ T5272] usb usb12-port1: attempt power cycle [ 182.787538][ T5272] usb usb12-port1: unable to enumerate USB device [ 182.926759][ T7781] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 182.978482][ T7781] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 183.020356][ T7781] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 183.050335][ T7781] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 183.371018][ T7781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.445153][ T7781] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.478712][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.485897][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.508926][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.516113][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.901435][ T7781] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.012628][ T7781] veth0_vlan: entered promiscuous mode [ 184.069114][ T7781] veth1_vlan: entered promiscuous mode [ 184.138864][ T8097] binder: 8096:8097 unknown command 0 [ 184.151514][ T7781] veth0_macvtap: entered promiscuous mode [ 184.163658][ T8097] binder: 8096:8097 ioctl c0306201 20000480 returned -22 [ 184.192905][ T7781] veth1_macvtap: entered promiscuous mode [ 184.228669][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.252624][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.294823][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.324687][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.365990][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.414462][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.438213][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.486669][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.509978][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.535981][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.560447][ T7781] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.596188][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.637445][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.668650][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.685637][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.695800][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.706425][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.717438][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.782171][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.831818][ T7781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.854719][ T7781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.919052][ T7781] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.435157][ T5237] Bluetooth: hci0: command 0x0406 tx timeout [ 186.436362][ T5222] Bluetooth: hci4: command 0x0406 tx timeout [ 186.441206][ T5237] Bluetooth: hci1: command 0x0406 tx timeout [ 187.423790][ T7781] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.454508][ T7781] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.474724][ T7781] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.483520][ T7781] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.812249][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.840971][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.870665][ T8141] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 187.910471][ T997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.922790][ T997] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.304913][ T8] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 188.487532][ T8] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 188.502162][ T8] usb 1-1: config 0 has no interface number 0 [ 188.509954][ T8] usb 1-1: too many endpoints for config 0 interface 1 altsetting 0: 32, using maximum allowed: 30 [ 188.521944][ T8] usb 1-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 188.535091][ T8] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 188.544136][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.558868][ T8] usb 1-1: config 0 descriptor?? [ 188.570665][ T8] cp210x 1-1:0.1: cp210x converter detected [ 188.735476][ T2895] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.755238][ T5272] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 188.775107][ T5301] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 188.841539][ T2895] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.915887][ T2895] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.964739][ T5272] usb 3-1: Using ep0 maxpacket: 16 [ 188.966397][ T5301] usb 2-1: Using ep0 maxpacket: 8 [ 188.972024][ T5272] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.979986][ T5301] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 188.994472][ T5272] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.995110][ T8] cp210x 1-1:0.1: failed to get vendor val 0x000e size 3: -32 [ 189.004220][ T5272] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 189.004276][ T5272] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 189.014959][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 189.035942][ T5272] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.050556][ T5301] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 189.075746][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 189.078255][ T5272] usb 3-1: config 0 descriptor?? [ 189.087638][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 189.118042][ T2895] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.135795][ T5301] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 189.143380][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 189.157001][ T5301] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 189.189657][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 189.206629][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 189.230933][ T5301] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 189.243314][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 189.255107][ T5301] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 189.255233][ T2895] bridge_slave_1: left allmulticast mode [ 189.267914][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 189.283484][ T2895] bridge_slave_1: left promiscuous mode [ 189.294845][ T5301] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 189.309606][ T2895] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.310816][ T8] usb 1-1: cp210x converter now attached to ttyUSB0 [ 189.326191][ T2895] bridge_slave_0: left allmulticast mode [ 189.332506][ T2895] bridge_slave_0: left promiscuous mode [ 189.337064][ T5301] usb 2-1: string descriptor 0 read error: -22 [ 189.339347][ T2895] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.351922][ T5301] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 189.361170][ T5301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 189.389206][ T5301] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 189.511073][ T5301] usb 1-1: USB disconnect, device number 17 [ 189.513892][ T5272] hid_map_usage: 4378 callbacks suppressed [ 189.513909][ T5272] HID 045e:07da: Invalid code 65791 type 1 [ 189.525418][ T5301] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 189.565731][ T5301] cp210x 1-1:0.1: device disconnected [ 189.569953][ T5272] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.000E/input/input21 [ 189.611950][ T5272] microsoft 0003:045E:07DA.000E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 189.696345][ T5272] usb 2-1: USB disconnect, device number 8 [ 189.825537][ T5273] usb 3-1: USB disconnect, device number 13 [ 190.077126][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 190.088811][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 190.100956][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 190.119247][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 190.127457][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 190.142090][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 190.320637][ T2895] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.340961][ T2895] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 190.372771][ T2895] bond0 (unregistering): Released all slaves [ 190.524743][ T5227] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 191.193504][ T2895] hsr_slave_0: left promiscuous mode [ 191.234069][ T2895] hsr_slave_1: left promiscuous mode [ 191.304785][ T2895] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 191.312257][ T2895] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 191.356947][ T2895] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 191.385312][ T2895] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 191.508082][ T2895] veth1_macvtap: left promiscuous mode [ 191.513669][ T2895] veth0_macvtap: left promiscuous mode [ 191.554695][ T2895] veth1_vlan: left promiscuous mode [ 191.560108][ T2895] veth0_vlan: left promiscuous mode [ 192.185004][ T5238] Bluetooth: hci3: command tx timeout [ 194.272662][ T5238] Bluetooth: hci3: command tx timeout [ 194.558208][ T2895] team0 (unregistering): Port device team_slave_1 removed [ 194.594952][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.601463][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.896235][ T2895] team0 (unregistering): Port device team_slave_0 removed [ 195.593358][ T8203] netlink: 104 bytes leftover after parsing attributes in process `syz.2.928'. [ 195.742343][ T8207] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 195.774553][ T5227] usb 1-1: device descriptor read/64, error -110 [ 195.976551][ T8213] xt_bpf: check failed: parse error [ 196.045121][ T5227] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 196.344642][ T5238] Bluetooth: hci3: command tx timeout [ 197.201683][ T8172] chnl_net:caif_netlink_parms(): no params data found [ 197.373514][ T8172] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.381096][ T8172] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.389617][ T8172] bridge_slave_0: entered allmulticast mode [ 197.398105][ T8172] bridge_slave_0: entered promiscuous mode [ 197.406922][ T8172] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.414124][ T8172] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.419936][ T8235] serio: Serial port ptm0 [ 197.421910][ T8172] bridge_slave_1: entered allmulticast mode [ 197.433309][ T8172] bridge_slave_1: entered promiscuous mode [ 197.480326][ T8172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.493956][ T8172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.534722][ T5227] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 197.557896][ T5273] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 197.562053][ T8172] team0: Port device team_slave_0 added [ 197.588108][ T8172] team0: Port device team_slave_1 added [ 197.621090][ T8172] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 197.628674][ T8172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.660479][ T8172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.690609][ T8172] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.697732][ T8172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.724096][ T8172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 197.764888][ T5227] usb 5-1: Using ep0 maxpacket: 16 [ 197.795219][ T5273] usb 2-1: not running at top speed; connect to a high speed hub [ 197.803723][ T5227] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.813077][ T5273] usb 2-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 197.825298][ T5227] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.833697][ T5273] usb 2-1: config 1 interface 0 has no altsetting 0 [ 197.844527][ T5227] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 197.844585][ T5227] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 197.844609][ T5227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.855394][ T5227] usb 5-1: config 0 descriptor?? [ 197.866474][ T5273] usb 2-1: New USB device found, idVendor=046d, idProduct=c29a, bcdDevice= 0.40 [ 197.894284][ T5273] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.902669][ T5301] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 197.905316][ T5273] usb 2-1: Product: 囋✼郓ᷣ쾽䤇Ó⯛葴믰ꮘ睢 [ 197.917864][ T5273] usb 2-1: Manufacturer: Ь [ 197.922389][ T5273] usb 2-1: SerialNumber: 鋏슣 컓鞤昜ኚ誽젋Қ嵦曂熨璊ꃎꞧ欍㜶ꢒ䡔駌࠭놶昄㳐笑㏉濋筞䲵呻萷橴烗际鑦␵ꏯ੊퓰稏췭⦛炈霢⇢摸 [ 197.976433][ T8172] hsr_slave_0: entered promiscuous mode [ 197.983498][ T8172] hsr_slave_1: entered promiscuous mode [ 197.997906][ T8172] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.006406][ T8172] Cannot create hsr debugfs directory [ 198.119070][ T5301] usb 3-1: Using ep0 maxpacket: 16 [ 198.132958][ T5301] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 198.172000][ T5301] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 198.186422][ T8225] kernel read not supported for file /  (pid: 8225 comm: syz.1.938) [ 198.197249][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 198.197267][ T29] audit: type=1800 audit(454.157:427): pid=8225 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.938" name=2001 dev="mqueue" ino=25009 res=0 errno=0 [ 198.223266][ T5301] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 198.244533][ T5301] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.255932][ T5301] usb 3-1: Product: syz [ 198.260472][ T5301] usb 3-1: Manufacturer: syz [ 198.261783][ T5273] usbhid 2-1:1.0: can't add hid device: -71 [ 198.277164][ T5273] usbhid 2-1:1.0: probe with driver usbhid failed with error -71 [ 198.277212][ T5301] usb 3-1: SerialNumber: syz [ 198.295483][ T5273] usb 2-1: USB disconnect, device number 9 [ 198.312487][ T5301] usb 3-1: config 0 descriptor?? [ 198.332515][ T5227] HID 045e:07da: Invalid code 65791 type 1 [ 198.339480][ T5301] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 198.354279][ T5227] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.000F/input/input22 [ 198.375799][ T5301] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 198.396383][ T5227] microsoft 0003:045E:07DA.000F: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 198.425061][ T5238] Bluetooth: hci3: command tx timeout [ 198.665426][ T8] usb 5-1: USB disconnect, device number 11 [ 198.944329][ T5301] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 198.964384][ T5301] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 199.048233][ T8172] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 199.069907][ T8172] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 199.089784][ T8172] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 199.108114][ T8172] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 199.190070][ T5301] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 199.200951][ T5301] em28xx 3-1:0.0: No AC97 audio processor [ 199.237050][ T5301] usb 3-1: USB disconnect, device number 14 [ 199.258020][ T5301] em28xx 3-1:0.0: Disconnecting em28xx [ 199.288594][ T5301] em28xx 3-1:0.0: Freeing device [ 199.299532][ T8172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.346829][ T8172] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.381076][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.388286][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.446433][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.453584][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.924943][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 200.115723][ T8172] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.328974][ T8172] veth0_vlan: entered promiscuous mode [ 200.453112][ T8172] veth1_vlan: entered promiscuous mode [ 200.589736][ T8172] veth0_macvtap: entered promiscuous mode [ 200.624286][ T8172] veth1_macvtap: entered promiscuous mode [ 200.687749][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.721118][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.752439][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.783921][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.815591][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.850758][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.874054][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.907431][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.930862][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.951578][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.981494][ T8172] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.011399][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.054471][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.082383][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.107948][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.125755][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.159885][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.170194][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.181412][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.191315][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.201810][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.226068][ T8172] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.261530][ T8172] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.290414][ T8172] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.310573][ T8172] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.334183][ T8172] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.715982][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.723857][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 201.834130][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.857373][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.264744][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 203.435295][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 203.514641][ T8366] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 204.481283][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.581226][ T8388] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 205.590437][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.807884][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.940632][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.074964][ T5231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 206.087933][ T5231] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 206.097055][ T5231] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 206.124007][ T5231] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 206.134566][ T5231] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 206.142048][ T5231] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 206.216196][ T11] bridge_slave_1: left allmulticast mode [ 206.221883][ T11] bridge_slave_1: left promiscuous mode [ 206.253013][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.292125][ T11] bridge_slave_0: left allmulticast mode [ 206.302380][ T8441] UBIFS error (pid: 8441): cannot open "./file0", error -22 [ 206.320836][ T11] bridge_slave_0: left promiscuous mode [ 206.365947][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.521707][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 207.558248][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 207.582104][ T11] bond0 (unregistering): Released all slaves [ 207.636327][ T8454] dvmrp0: entered allmulticast mode [ 207.679785][ T8457] netlink: 'syz.2.1032': attribute type 10 has an invalid length. [ 207.721099][ T8457] team0: Port device netdevsim0 added [ 207.745953][ T8460] netlink: 'syz.2.1032': attribute type 10 has an invalid length. [ 207.813460][ T8460] team0: Port device netdevsim0 removed [ 207.838199][ T8460] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 208.188228][ T5231] Bluetooth: hci3: command tx timeout [ 208.577565][ T11] hsr_slave_0: left promiscuous mode [ 208.598293][ T11] hsr_slave_1: left promiscuous mode [ 208.639037][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.659089][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 208.679713][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.708216][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 208.774629][ T11] veth1_macvtap: left promiscuous mode [ 208.779524][ T5271] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 208.780352][ T11] veth0_macvtap: left promiscuous mode [ 208.803221][ T11] veth1_vlan: left promiscuous mode [ 208.809995][ T11] veth0_vlan: left promiscuous mode [ 208.967181][ T8502] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0 [ 208.982966][ T5271] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 208.995933][ T5271] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 209.016571][ T5271] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 209.031759][ T5271] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 209.050074][ T5271] usb 1-1: SerialNumber: syz [ 209.279335][ T5271] usb 1-1: 0:2 : does not exist [ 209.321990][ T5271] usb 1-1: USB disconnect, device number 20 [ 209.952176][ T98] block nbd2: Possible stuck request ffff888026008000: control (read@0,4096B). Runtime 120 seconds [ 210.192924][ T11] team0 (unregistering): Port device team_slave_1 removed [ 210.265652][ T5231] Bluetooth: hci3: command tx timeout [ 210.285081][ T11] team0 (unregistering): Port device team_slave_0 removed [ 211.392760][ T8433] chnl_net:caif_netlink_parms(): no params data found [ 212.030579][ T8433] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.044726][ T8433] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.052097][ T8433] bridge_slave_0: entered allmulticast mode [ 212.076159][ T8433] bridge_slave_0: entered promiscuous mode [ 212.149977][ T8433] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.167162][ T8433] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.191948][ T8433] bridge_slave_1: entered allmulticast mode [ 212.206362][ T8433] bridge_slave_1: entered promiscuous mode [ 212.295407][ T5301] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 212.338047][ T8433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.355120][ T5231] Bluetooth: hci3: command tx timeout [ 212.357088][ T8433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.384840][ T52] tipc: Subscription rejected, illegal request [ 212.466884][ T8433] team0: Port device team_slave_0 added [ 212.484757][ T5301] usb 2-1: Using ep0 maxpacket: 32 [ 212.499542][ T5301] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 212.518048][ T8433] team0: Port device team_slave_1 added [ 212.534011][ T5301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.558483][ T5301] usb 2-1: Product: syz [ 212.575286][ T5301] usb 2-1: Manufacturer: syz [ 212.583806][ T5301] usb 2-1: SerialNumber: syz [ 212.590329][ T5301] usb 2-1: config 0 descriptor?? [ 212.632660][ T8433] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.642453][ T8433] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.677351][ T8433] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.721147][ T8433] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.739071][ T8433] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.778768][ T8433] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.005761][ T5301] airspy 2-1:0.0: Board ID: 00 [ 213.010701][ T5301] airspy 2-1:0.0: Firmware version: [ 213.027586][ T8433] hsr_slave_0: entered promiscuous mode [ 213.044946][ T8433] hsr_slave_1: entered promiscuous mode [ 213.052702][ T8433] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.062205][ T8433] Cannot create hsr debugfs directory [ 213.674699][ T5272] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 213.817089][ T5301] airspy 2-1:0.0: usb_control_msg() failed -71 request 0f [ 213.840412][ T5301] airspy 2-1:0.0: Registered as swradio16 [ 213.847145][ T5301] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 213.864809][ T5272] usb 1-1: Using ep0 maxpacket: 32 [ 213.864890][ T5301] usb 2-1: USB disconnect, device number 10 [ 213.880925][ T5272] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 213.898180][ T8433] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 213.905839][ T5272] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.913867][ T5272] usb 1-1: Product: syz [ 213.925813][ T8433] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 213.933244][ T5272] usb 1-1: Manufacturer: syz [ 213.939303][ T5272] usb 1-1: SerialNumber: syz [ 213.956417][ T8433] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 213.966199][ T5272] usb 1-1: config 0 descriptor?? [ 213.984198][ T8433] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 213.993545][ T5272] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 214.036883][ T8609] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993 [ 214.141936][ T8433] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.171694][ T8433] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.216598][ T1831] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.223755][ T1831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.264274][ T1831] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.271508][ T1831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.425605][ T5231] Bluetooth: hci3: command tx timeout [ 214.450128][ T29] audit: type=1326 audit(470.407:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.511734][ T29] audit: type=1326 audit(470.407:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.565216][ T29] audit: type=1326 audit(470.437:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.600292][ T29] audit: type=1326 audit(470.437:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.602213][ T8623] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 214.651904][ T29] audit: type=1326 audit(470.437:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.750480][ T29] audit: type=1326 audit(470.437:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.793943][ T29] audit: type=1326 audit(470.437:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.841275][ T8433] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.850314][ T29] audit: type=1326 audit(470.437:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.924522][ T29] audit: type=1326 audit(470.437:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 214.994237][ T8433] veth0_vlan: entered promiscuous mode [ 215.007652][ T29] audit: type=1326 audit(470.437:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8617 comm="syz.4.1093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0eb377cef9 code=0x7ffc0000 [ 215.053642][ T8433] veth1_vlan: entered promiscuous mode [ 215.180662][ T8433] veth0_macvtap: entered promiscuous mode [ 215.221044][ T8433] veth1_macvtap: entered promiscuous mode [ 215.235819][ T5272] gspca_ov534_9: reg_w failed -71 [ 215.286719][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.306622][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.327670][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.345853][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.371073][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.398964][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.419229][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.440184][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.460928][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.484817][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.516295][ T8433] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 215.547307][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.562218][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.562397][ T8645] UHID_CREATE from different security context by process 526 (syz.1.1104), this is not allowed. [ 215.579361][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.602807][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.612936][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.631502][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.641693][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.659577][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.672478][ T5227] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 215.674550][ T5272] gspca_ov534_9: Unknown sensor 0000 [ 215.680295][ T5272] ov534_9 1-1:0.0: probe with driver ov534_9 failed with error -22 [ 215.689442][ T8433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.714790][ T5272] usb 1-1: USB disconnect, device number 21 [ 215.720592][ T8433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.736166][ T8433] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 215.800745][ T8433] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.845074][ T8433] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.853829][ T8433] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.864900][ T5227] usb 5-1: Using ep0 maxpacket: 8 [ 215.871953][ T5227] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 215.879159][ T8433] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.880596][ T5227] usb 5-1: config 179 has no interface number 0 [ 215.905727][ T5227] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 215.940862][ T5227] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 215.983645][ T5227] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 216.026650][ T5227] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 216.058654][ T5227] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 216.061804][ T2906] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.095809][ T2906] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.113628][ T5227] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 216.131757][ T1831] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.152372][ T1831] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.160325][ T5227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.183703][ T8641] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 216.497359][ T5227] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input23 [ 216.746047][ T5273] usb 5-1: USB disconnect, device number 12 [ 216.746173][ C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 216.768382][ T5273] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 217.014627][ T8675] MTD: Attempt to mount non-MTD device "./file0" [ 217.164525][ T5238] Bluetooth: hci2: command 0x0406 tx timeout [ 217.316450][ T8680] hsr_slave_1 (unregistering): left promiscuous mode [ 218.470538][ T8740] binder: 8739:8740 ioctl c0306201 20000080 returned -14 [ 219.033740][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.073153][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.220810][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.238665][ T8762] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 220.406872][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.754984][ T11] bridge_slave_1: left allmulticast mode [ 220.776441][ T11] bridge_slave_1: left promiscuous mode [ 220.777120][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 220.782325][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.803983][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 220.813921][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 220.827960][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 220.842809][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 220.851610][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 220.885527][ T11] bridge_slave_0: left allmulticast mode [ 220.891221][ T11] bridge_slave_0: left promiscuous mode [ 220.959567][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.199449][ T8799] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 221.797548][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 221.810373][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 221.821383][ T11] bond0 (unregistering): Released all slaves [ 222.055071][ T5272] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 222.259483][ T11] hsr_slave_0: left promiscuous mode [ 222.267844][ T5272] usb 2-1: Using ep0 maxpacket: 16 [ 222.276562][ T5272] usb 2-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 222.290254][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.307274][ T11] hsr_slave_1: left promiscuous mode [ 222.316851][ T5272] usb 2-1: config 0 descriptor?? [ 222.324269][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 222.336270][ T5272] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 222.372328][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 222.382862][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 222.409170][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 222.476380][ T11] veth1_macvtap: left promiscuous mode [ 222.492807][ T11] veth0_macvtap: left promiscuous mode [ 222.504916][ T11] veth1_vlan: left promiscuous mode [ 222.520845][ T11] veth0_vlan: left promiscuous mode [ 222.555878][ T8838] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 222.798630][ T8848] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 222.904736][ T5238] Bluetooth: hci3: command tx timeout [ 223.093547][ T5309] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 223.142863][ T8861] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 223.317589][ T5309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 223.331257][ T5309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 223.341845][ T5309] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 223.370383][ T5309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.392859][ T5309] usb 1-1: config 0 descriptor?? [ 223.589672][ T5272] gspca_sonixj: reg_w1 err -71 [ 223.621364][ T11] team0 (unregistering): Port device team_slave_1 removed [ 223.636658][ T5272] sonixj 2-1:0.0: probe with driver sonixj failed with error -71 [ 223.654810][ T5272] usb 2-1: USB disconnect, device number 11 [ 223.702896][ T11] team0 (unregistering): Port device team_slave_0 removed [ 223.864764][ T8866] 9pnet: p9_errstr2errno: server reported unknown error ΜN/Y80娪m=| [ 223.876813][ T5309] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0 [ 223.898257][ T5309] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0 [ 223.920860][ T5309] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0010/input/input24 [ 223.985717][ T5309] cm6533_jd 0003:0D8C:0022.0010: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 224.135990][ T8870] ======================================================= [ 224.135990][ T8870] WARNING: The mand mount option has been deprecated and [ 224.135990][ T8870] and is ignored by this kernel. Remove the mand [ 224.135990][ T8870] option from the mount to silence this warning. [ 224.135990][ T8870] ======================================================= [ 224.207398][ T5273] usb 1-1: USB disconnect, device number 22 [ 224.987596][ T5238] Bluetooth: hci3: command tx timeout [ 225.577323][ T8780] chnl_net:caif_netlink_parms(): no params data found [ 226.067660][ T8780] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.093326][ T8780] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.111628][ T8780] bridge_slave_0: entered allmulticast mode [ 226.145007][ T8780] bridge_slave_0: entered promiscuous mode [ 226.171115][ T8923] Bluetooth: hci6: Frame reassembly failed (-84) [ 226.227517][ T8780] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.254362][ T8780] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.298408][ T8780] bridge_slave_1: entered allmulticast mode [ 226.325576][ T8780] bridge_slave_1: entered promiscuous mode [ 226.419937][ T8780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.460677][ T8780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.600626][ T8780] team0: Port device team_slave_0 added [ 226.648723][ T8780] team0: Port device team_slave_1 added [ 227.074513][ T5231] Bluetooth: hci3: command tx timeout [ 228.194612][ T5238] Bluetooth: hci6: Entering manufacturer mode failed (-110) [ 228.194660][ T5231] Bluetooth: hci6: command 0xfc11 tx timeout [ 229.144737][ T5238] Bluetooth: hci3: command tx timeout [ 229.794212][ T8942] Bluetooth: MGMT ver 1.23 [ 229.796611][ T8780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 229.824596][ T8780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.873508][ T8944] 9pnet: p9_errstr2errno: server reported unknown error słm6'tT #>r[5 [ 229.914510][ T8780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 229.954661][ T8780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 229.967478][ T8780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.025064][ T8780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 230.158595][ T8936] infiniband syz1: Couldn't register device with driver model [ 230.187881][ T8780] hsr_slave_0: entered promiscuous mode [ 230.190750][ T8936] siw: device registration error -19 [ 230.244620][ T8780] hsr_slave_1: entered promiscuous mode [ 230.284255][ T8780] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 230.301779][ T8780] Cannot create hsr debugfs directory [ 230.449725][ T5231] Bluetooth: hci4: unexpected event for opcode 0x2024 [ 230.545755][ T8972] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1234'. [ 230.698593][ T8974] (syz.1.1235,8974,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory. [ 231.403286][ T8780] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 231.432367][ T8780] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 231.462775][ T8780] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 231.491677][ T8780] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 231.517194][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 231.517212][ T29] audit: type=1326 audit(487.477:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9011 comm="syz.4.1250" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eb377cef9 code=0x0 [ 231.543636][ C0] vkms_vblank_simulate: vblank timer overrun [ 231.806896][ T8780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.858614][ T8780] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.895831][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.903060][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.963353][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.970575][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.504903][ T5231] Bluetooth: hci5: command 0x0406 tx timeout [ 232.509938][ T8780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.621593][ T8780] veth0_vlan: entered promiscuous mode [ 232.645775][ T8780] veth1_vlan: entered promiscuous mode [ 232.730559][ T8780] veth0_macvtap: entered promiscuous mode [ 232.772217][ T8780] veth1_macvtap: entered promiscuous mode [ 232.867004][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.893912][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.912532][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.937678][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.953407][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.966000][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.989834][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.009579][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.022852][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.038111][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.052435][ T9061] PM: Enabling pm_trace changes system date and time during resume. [ 233.052435][ T9061] PM: Correct system time has to be restored manually after resume. [ 233.073145][ T8780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.085642][ T5272] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 233.138288][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.163683][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.180600][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.192517][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.204666][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.218096][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.228438][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.239278][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.250313][ T8780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.261173][ T8780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.273473][ T8780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.298364][ T8780] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.309648][ T5272] usb 3-1: Using ep0 maxpacket: 32 [ 233.323123][ T5272] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 233.333382][ T5272] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.349937][ T8780] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.362707][ T8780] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.372773][ T5272] usb 3-1: config 0 descriptor?? [ 233.378302][ T8780] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.511445][ T9069] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1271'. [ 233.554819][ T9067] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1271'. [ 233.586121][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.613106][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.679841][ T5272] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware [ 233.706707][ T5272] usb 3-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2 [ 233.716835][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.725137][ T5272] usb 3-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw [ 233.734040][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.773168][ T29] audit: type=1326 audit(490.727:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9096 comm="syz.2.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13597cef9 code=0x7fc00000 [ 234.794121][ C0] vkms_vblank_simulate: vblank timer overrun [ 234.875889][ T25] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 235.076807][ T25] usb 2-1: config index 0 descriptor too short (expected 45, got 36) [ 235.089956][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 235.101984][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 235.114548][ T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 235.127620][ T25] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 235.139517][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.151374][ T25] usb 2-1: config 0 descriptor?? [ 235.159913][ T9099] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 235.390005][ T29] audit: type=1326 audit(491.337:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9096 comm="syz.2.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb13597cef9 code=0x7fc00000 [ 235.579220][ T9114] 9pnet: p9_errstr2errno: server reported unknown error @hQIte [ 235.589630][ T25] plantronics 0003:047F:FFFF.0011: unknown main item tag 0xd [ 235.600349][ T25] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 235.625143][ T25] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 235.889093][ T25] usb 2-1: USB disconnect, device number 12 [ 236.515249][ T9154] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 236.581237][ T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.002972][ T9166] netlink: 'syz.4.1308': attribute type 1 has an invalid length. [ 238.019510][ T9166] netlink: 9344 bytes leftover after parsing attributes in process `syz.4.1308'. [ 238.031639][ T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.042664][ T9166] netlink: 'syz.4.1308': attribute type 1 has an invalid length. [ 238.266566][ T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.342956][ T9180] input: syz0 as /devices/virtual/input/input26 [ 238.434114][ T5231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 238.445467][ T5231] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 238.456787][ T5231] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 238.468889][ T5231] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 238.481218][ T5231] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 238.483775][ T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.506019][ T5231] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 238.791483][ T9197] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 239.204667][ T61] bridge_slave_1: left allmulticast mode [ 239.214515][ T61] bridge_slave_1: left promiscuous mode [ 239.220322][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.295732][ T61] bridge_slave_0: left allmulticast mode [ 239.301435][ T61] bridge_slave_0: left promiscuous mode [ 239.364171][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 240.081331][ T98] block nbd2: Possible stuck request ffff888026008000: control (read@0,4096B). Runtime 150 seconds [ 240.235870][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1325'. [ 240.584825][ T5238] Bluetooth: hci3: command tx timeout [ 240.963935][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 240.986996][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 241.027582][ T61] bond0 (unregistering): Released all slaves [ 241.250133][ T9183] chnl_net:caif_netlink_parms(): no params data found [ 241.956024][ T9183] bridge0: port 1(bridge_slave_0) entered blocking state [ 241.963199][ T9183] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.004760][ T9183] bridge_slave_0: entered allmulticast mode [ 242.036786][ T9183] bridge_slave_0: entered promiscuous mode [ 242.085561][ T61] hsr_slave_0: left promiscuous mode [ 242.100936][ T61] hsr_slave_1: left promiscuous mode [ 242.136193][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 242.154274][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 242.171029][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 242.183333][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 242.272683][ T61] veth1_macvtap: left promiscuous mode [ 242.285281][ T61] veth0_macvtap: left promiscuous mode [ 242.302345][ T61] veth1_vlan: left promiscuous mode [ 242.317817][ T61] veth0_vlan: left promiscuous mode [ 242.589091][ T30] INFO: task udevd:5233 blocked for more than 143 seconds. [ 242.604577][ T30] Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 [ 242.622134][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 242.647351][ T30] task:udevd state:D stack:24280 pid:5233 tgid:5233 ppid:1 flags:0x00000002 [ 242.664868][ T5238] Bluetooth: hci3: command tx timeout [ 242.700117][ T30] Call Trace: [ 242.703445][ T30] [ 242.765993][ T30] __schedule+0x17ae/0x4a10 [ 242.770607][ T30] ? __pfx___schedule+0x10/0x10 [ 242.816503][ T30] ? __pfx_lock_release+0x10/0x10 [ 242.836497][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 242.846953][ T30] ? schedule+0x90/0x320 [ 242.851333][ T30] schedule+0x14b/0x320 [ 242.855747][ T30] schedule_preempt_disabled+0x13/0x30 [ 242.863529][ T30] __mutex_lock+0x6a4/0xd70 [ 242.869287][ T30] ? __mutex_lock+0x527/0xd70 [ 242.876264][ T30] ? bdev_open+0xf0/0xc60 [ 242.881805][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 242.915056][ T30] ? kobject_get_unless_zero+0x22d/0x330 [ 242.920770][ T30] ? disk_block_events+0xa9/0x120 [ 242.925993][ T30] ? bdev_open+0xb1/0xc60 [ 242.930997][ T30] bdev_open+0xf0/0xc60 [ 242.945583][ T30] ? iput+0x3ad/0x930 [ 242.949656][ T30] blkdev_open+0x3e8/0x570 [ 242.954100][ T30] ? __pfx_blkdev_open+0x10/0x10 [ 242.964858][ T30] do_dentry_open+0x970/0x1440 [ 242.969714][ T30] vfs_open+0x3e/0x330 [ 242.973815][ T30] path_openat+0x2b3e/0x3470 [ 242.978537][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 242.983948][ T30] ? __lock_acquire+0x137a/0x2040 [ 242.991937][ T30] ? __pfx_path_openat+0x10/0x10 [ 243.005797][ T30] do_filp_open+0x235/0x490 [ 243.010924][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 243.022840][ T30] ? _raw_spin_unlock+0x28/0x50 [ 243.027895][ T30] ? alloc_fd+0x5a1/0x640 [ 243.032850][ T30] do_sys_openat2+0x13e/0x1d0 [ 243.044465][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 243.049723][ T30] __x64_sys_openat+0x247/0x2a0 [ 243.062566][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 243.069005][ T30] ? do_syscall_64+0x100/0x230 [ 243.073809][ T30] ? do_syscall_64+0xb6/0x230 [ 243.084449][ T30] do_syscall_64+0xf3/0x230 [ 243.088993][ T30] ? clear_bhb_loop+0x35/0x90 [ 243.093692][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.111670][ T30] RIP: 0033:0x7fa99a9169a4 [ 243.117661][ T30] RSP: 002b:00007fff6b3ab640 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 243.134561][ T30] RAX: ffffffffffffffda RBX: 00005625c5d4de10 RCX: 00007fa99a9169a4 [ 243.142584][ T30] RDX: 00000000000a0800 RSI: 00005625c5d447e0 RDI: 00000000ffffff9c [ 243.158219][ T30] RBP: 00005625c5d447e0 R08: 0000000000000001 R09: 7fffffffffffffff [ 243.169980][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800 [ 243.182617][ T30] R13: 00005625c5d3e6f0 R14: 0000000000000001 R15: 00005625c5d2c910 [ 243.190780][ T30] [ 243.193913][ T30] INFO: task syz.2.159:5752 blocked for more than 143 seconds. [ 243.209766][ T30] Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 [ 243.228893][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 243.243623][ T30] task:syz.2.159 state:D stack:26816 pid:5752 tgid:5750 ppid:5217 flags:0x00004004 [ 243.257357][ T30] Call Trace: [ 243.260669][ T30] [ 243.263620][ T30] __schedule+0x17ae/0x4a10 [ 243.272860][ T30] ? __pfx___schedule+0x10/0x10 [ 243.277889][ T30] ? __pfx_lock_release+0x10/0x10 [ 243.282938][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 243.294937][ T30] ? schedule+0x90/0x320 [ 243.299192][ T30] schedule+0x14b/0x320 [ 243.303700][ T30] schedule_preempt_disabled+0x13/0x30 [ 243.309613][ T30] __mutex_lock+0x6a4/0xd70 [ 243.314143][ T30] ? __mutex_lock+0x527/0xd70 [ 243.318967][ T30] ? bdev_release+0x184/0x700 [ 243.323773][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 243.330389][ T30] ? __fsnotify_parent+0x20c/0x5e0 [ 243.335586][ T30] bdev_release+0x184/0x700 [ 243.340720][ T30] blkdev_release+0x15/0x20 [ 243.345457][ T30] ? __pfx_blkdev_release+0x10/0x10 [ 243.350666][ T30] __fput+0x24a/0x8a0 [ 243.354724][ T30] task_work_run+0x24f/0x310 [ 243.359321][ T30] ? __pfx_task_work_run+0x10/0x10 [ 243.364462][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 243.370189][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 243.376030][ T30] do_syscall_64+0x100/0x230 [ 243.380629][ T30] ? clear_bhb_loop+0x35/0x90 [ 243.385550][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.391457][ T30] RIP: 0033:0x7f93b5d7cef9 [ 243.395996][ T30] RSP: 002b:00007f93b6b6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.404463][ T30] RAX: 0000000000000000 RBX: 00007f93b5f35f80 RCX: 00007f93b5d7cef9 [ 243.412753][ T30] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 243.420871][ T30] RBP: 00007f93b5def046 R08: 0000000000000000 R09: 0000000000000000 [ 243.428864][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.439577][ T30] R13: 0000000000000000 R14: 00007f93b5f35f80 R15: 00007fff6923efe8 [ 243.447717][ T30] [ 243.450827][ T30] INFO: task syz.2.159:5754 blocked for more than 144 seconds. [ 243.474461][ T30] Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 [ 243.482141][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 243.504518][ T30] task:syz.2.159 state:D stack:20464 pid:5754 tgid:5750 ppid:5217 flags:0x00004004 [ 243.524536][ T30] Call Trace: [ 243.527978][ T30] [ 243.530923][ T30] __schedule+0x17ae/0x4a10 [ 243.547962][ T30] ? __pfx___schedule+0x10/0x10 [ 243.552888][ T30] ? __pfx_lock_release+0x10/0x10 [ 243.574486][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.580548][ T30] ? schedule+0x90/0x320 [ 243.594480][ T30] schedule+0x14b/0x320 [ 243.598701][ T30] io_schedule+0x8d/0x110 [ 243.603084][ T30] folio_wait_bit_common+0x882/0x12b0 [ 243.624722][ T30] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 243.630598][ T30] ? __pfx_wake_page_function+0x10/0x10 [ 243.644569][ T30] ? __filemap_get_folio+0x769/0xc10 [ 243.649973][ T30] do_read_cache_folio+0xb9/0x820 [ 243.674672][ T30] ? __pfx_blkdev_read_folio+0x10/0x10 [ 243.680213][ T30] read_part_sector+0xb3/0x330 [ 243.694493][ T30] adfspart_check_POWERTEC+0xc8/0x8f0 [ 243.699939][ T30] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 243.714461][ T30] ? snprintf+0xda/0x120 [ 243.718768][ T30] ? __pfx_adfspart_check_POWERTEC+0x10/0x10 [ 243.735771][ T30] ? alloc_pages_mpol_noprof+0x417/0x680 [ 243.741483][ T30] ? vsnprintf+0x1cc3/0x1da0 [ 243.755366][ T30] ? vsnprintf+0x184/0x1da0 [ 243.759942][ T30] ? __pfx_snprintf+0x10/0x10 [ 243.771386][ T30] ? __kasan_kmalloc+0x98/0xb0 [ 243.784479][ T30] bdev_disk_changed+0x72c/0x13d0 [ 243.789583][ T30] ? __pfx_bdev_disk_changed+0x10/0x10 [ 243.797407][ T30] blkdev_get_whole+0x2d2/0x450 [ 243.802306][ T30] bdev_open+0x2d4/0xc60 [ 243.806634][ T30] blkdev_open+0x3e8/0x570 [ 243.811061][ T30] ? __pfx_blkdev_open+0x10/0x10 [ 243.816525][ T30] do_dentry_open+0x970/0x1440 [ 243.821337][ T30] vfs_open+0x3e/0x330 [ 243.825449][ T30] path_openat+0x2b3e/0x3470 [ 243.830035][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 243.835592][ T30] ? __lock_acquire+0x137a/0x2040 [ 243.840663][ T30] ? __pfx_path_openat+0x10/0x10 [ 243.845685][ T30] do_filp_open+0x235/0x490 [ 243.851068][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 243.856257][ T30] ? _raw_spin_unlock+0x28/0x50 [ 243.861152][ T30] ? alloc_fd+0x5a1/0x640 [ 243.865631][ T30] do_sys_openat2+0x13e/0x1d0 [ 243.870340][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 243.878247][ T30] __x64_sys_openat+0x247/0x2a0 [ 243.883304][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 243.888739][ T30] ? exc_page_fault+0x590/0x8c0 [ 243.893594][ T30] ? do_syscall_64+0xb6/0x230 [ 243.898376][ T30] do_syscall_64+0xf3/0x230 [ 243.902993][ T30] ? clear_bhb_loop+0x35/0x90 [ 243.907805][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.913702][ T30] RIP: 0033:0x7f93b5d7b890 [ 243.918809][ T30] RSP: 002b:00007f93b6b4bb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 243.927312][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f93b5d7b890 [ 243.935375][ T30] RDX: 0000000000000000 RSI: 00007f93b6b4bc10 RDI: 00000000ffffff9c [ 243.943357][ T30] RBP: 00007f93b6b4bc10 R08: 0000000000000000 R09: 002364626e2f7665 [ 243.952341][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 243.960443][ T30] R13: 0000000000000001 R14: 00007f93b5f36058 R15: 00007fff6923efe8 [ 243.968519][ T30] [ 243.971580][ T30] [ 243.971580][ T30] Showing all locks held in the system: [ 243.979381][ T30] 2 locks held by kworker/0:0/8: [ 243.984331][ T30] #0: ffff88801a880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 243.998075][ T30] #1: ffffc900000d7d00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 244.008665][ T30] 3 locks held by kworker/u8:1/12: [ 244.013806][ T30] #0: ffff88801a889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 244.044755][ T30] #1: ffffc90000117d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 244.056442][ T30] #2: ffffffff8fa79f48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 244.065584][ T30] 3 locks held by kworker/1:0/25: [ 244.070621][ T30] #0: ffff88801a880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 244.081725][ T30] #1: ffffc900001f7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 244.092995][ T30] #2: ffffffff8fa79f48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 244.106407][ T30] 1 lock held by khungtaskd/30: [ 244.111293][ T30] #0: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 244.123033][ T30] 5 locks held by kworker/u8:4/61: [ 244.136367][ T30] #0: ffff88801b6e3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 244.147735][ T30] #1: ffffc900015cfd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 244.167504][ T30] #2: ffffffff8fa6d390 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 244.181549][ T30] #3: ffffffff8fa79f48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 244.194084][ T30] #4: ffffffff8e73d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 244.205413][ T30] 2 locks held by kworker/u8:7/2895: [ 244.210713][ T30] 2 locks held by getty/4971: [ 244.217153][ T30] #0: ffff8880304830a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 244.227466][ T30] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 244.237633][ T30] 1 lock held by udevd/5233: [ 244.242222][ T30] #0: ffff888025ab44c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60 [ 244.251618][ T30] 6 locks held by kworker/1:5/5272: [ 244.256836][ T30] #0: ffff888020e80148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 244.269217][ T30] #1: ffffc90003ddfd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 244.281153][ T30] #2: ffff888028e91190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 244.290170][ T30] #3: ffff88805749b190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 244.299483][ T30] #4: ffff8880222f7160 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 244.309227][ T30] #5: ffffffff8e5e1850 (umhelper_sem){++++}-{3:3}, at: usermodehelper_read_trylock+0x140/0x300 [ 244.319902][ T30] 1 lock held by syz.2.159/5752: [ 244.328212][ T30] #0: ffff888025ab44c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x184/0x700 [ 244.337955][ T30] 1 lock held by syz.2.159/5754: [ 244.342871][ T30] #0: ffff888025ab44c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60 [ 244.352413][ T30] 4 locks held by syz.2.502/7069: [ 244.357471][ T30] #0: ffff888053a10d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 244.368092][ T30] #1: ffff888053a10078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 244.377952][ T30] #2: ffffffff8fbe5a68 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 244.388130][ T30] #3: ffffffff8e73d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 244.399095][ T30] 1 lock held by syz-executor/9183: [ 244.404288][ T30] #0: ffffffff8fa79f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 244.413776][ T30] 3 locks held by syz.0.1331/9234: [ 244.418919][ T30] #0: ffff8880297d4d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 244.429016][ T30] #1: ffff8880297d4078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 244.440786][ T30] #2: ffffffff8fbe5a68 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 244.450915][ T30] 3 locks held by syz.1.1343/9267: [ 244.456069][ T30] #0: ffff888024a7cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 244.466711][ T30] #1: ffff888024a7c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 244.476462][ T30] #2: ffffffff8fbe5a68 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 244.486711][ T30] 1 lock held by syz.4.1348/9278: [ 244.491737][ T30] #0: ffffffff8fa79f48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 244.501205][ T30] [ 244.503761][ T30] ============================================= [ 244.503761][ T30] [ 244.515965][ T30] NMI backtrace for cpu 1 [ 244.520420][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 [ 244.530937][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 244.541010][ T30] Call Trace: [ 244.544302][ T30] [ 244.547259][ T30] dump_stack_lvl+0x241/0x360 [ 244.551949][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.557230][ T30] ? __pfx__printk+0x10/0x10 [ 244.561813][ T30] ? vprintk_emit+0x667/0x7c0 [ 244.566486][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 244.571505][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 244.576447][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 244.581915][ T30] ? _printk+0xd5/0x120 [ 244.586081][ T30] ? __pfx__printk+0x10/0x10 [ 244.590939][ T30] ? __wake_up_klogd+0xcc/0x110 [ 244.595793][ T30] ? __pfx__printk+0x10/0x10 [ 244.600421][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 244.605449][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 244.611423][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 244.617408][ T30] watchdog+0xff4/0x1040 [ 244.622084][ T30] ? watchdog+0x1ea/0x1040 [ 244.626499][ T30] ? __pfx_watchdog+0x10/0x10 [ 244.631170][ T30] kthread+0x2f0/0x390 [ 244.635235][ T30] ? __pfx_watchdog+0x10/0x10 [ 244.639908][ T30] ? __pfx_kthread+0x10/0x10 [ 244.644498][ T30] ret_from_fork+0x4b/0x80 [ 244.648917][ T30] ? __pfx_kthread+0x10/0x10 [ 244.653500][ T30] ret_from_fork_asm+0x1a/0x30 [ 244.658272][ T30] [ 244.662327][ T30] Sending NMI from CPU 1 to CPUs 0: [ 244.668226][ C0] NMI backtrace for cpu 0 [ 244.668240][ C0] CPU: 0 UID: 0 PID: 61 Comm: kworker/u8:4 Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 [ 244.668260][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 244.668271][ C0] Workqueue: netns cleanup_net [ 244.668293][ C0] RIP: 0010:strlen+0x43/0x70 [ 244.668312][ C0] Code: 00 00 00 fc ff df 48 89 fb 49 89 c4 48 89 d8 48 c1 e8 03 42 0f b6 04 38 84 c0 75 12 48 ff c3 49 8d 44 24 01 43 80 7c 26 01 00 <75> dd eb 13 89 d9 80 e1 07 38 c1 7c e5 48 89 df e8 18 a6 4d f6 eb [ 244.668332][ C0] RSP: 0018:ffffc900015cf230 EFLAGS: 00000202 [ 244.668346][ C0] RAX: 0000000000000001 RBX: ffff88802ef209b2 RCX: 000000002ef20901 [ 244.668357][ C0] RDX: 0000000000000000 RSI: 00000000fffffff8 RDI: ffff88802ef209b0 [ 244.668368][ C0] RBP: ffff88802ef20940 R08: ffffffff82338441 R09: 1ffffffff27f4d09 [ 244.668380][ C0] R10: dffffc0000000000 R11: fffffbfff27f4d0a R12: 0000000000000000 [ 244.668391][ C0] R13: ffff88802ef20978 R14: ffff88802ef209b0 R15: dffffc0000000000 [ 244.668404][ C0] FS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 244.668417][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.668429][ C0] CR2: 00007fb136667d60 CR3: 000000000e534000 CR4: 00000000003506f0 [ 244.668442][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 244.668452][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 244.668462][ C0] Call Trace: [ 244.668468][ C0] [ 244.668476][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 244.668497][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 244.668521][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 244.668541][ C0] ? nmi_handle+0x2a/0x5a0 [ 244.668565][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 244.668584][ C0] ? nmi_handle+0x14f/0x5a0 [ 244.668598][ C0] ? nmi_handle+0x2a/0x5a0 [ 244.668621][ C0] ? strlen+0x43/0x70 [ 244.668637][ C0] ? default_do_nmi+0x63/0x160 [ 244.668658][ C0] ? exc_nmi+0x123/0x1f0 [ 244.668678][ C0] ? end_repeat_nmi+0xf/0x53 [ 244.668702][ C0] ? xlate_dir+0x1b1/0x2b0 [ 244.668726][ C0] ? strlen+0x43/0x70 [ 244.668742][ C0] ? strlen+0x43/0x70 [ 244.668760][ C0] ? strlen+0x43/0x70 [ 244.668776][ C0] [ 244.668782][ C0] [ 244.668788][ C0] xlate_dir+0x17c/0x2b0 [ 244.668813][ C0] xlate_dir+0x4d/0x2b0 [ 244.668835][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 244.668858][ C0] put_links+0x98/0x4a0 [ 244.668881][ C0] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 244.668904][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 244.668923][ C0] drop_sysctl_table+0xf2/0x4c0 [ 244.668949][ C0] ? __pfx_drop_sysctl_table+0x10/0x10 [ 244.668970][ C0] ? kvfree_call_rcu+0x48c/0x790 [ 244.668997][ C0] ? __pfx_kvfree_call_rcu+0x10/0x10 [ 244.669018][ C0] ? proc_invalidate_siblings_dcache+0x2b/0x6e0 [ 244.669042][ C0] ? proc_invalidate_siblings_dcache+0x6cd/0x6e0 [ 244.669069][ C0] drop_sysctl_table+0x361/0x4c0 [ 244.669096][ C0] ? __pfx_drop_sysctl_table+0x10/0x10 [ 244.669116][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 244.669135][ C0] ? __pfx___might_resched+0x10/0x10 [ 244.669157][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 244.669174][ C0] ? lockdep_rtnl_is_held+0x26/0x40 [ 244.669197][ C0] unregister_sysctl_table+0x41/0x60 [ 244.669219][ C0] mpls_dev_sysctl_unregister+0x8b/0xc0 [ 244.669240][ C0] mpls_dev_notify+0x563/0x7a0 [ 244.669262][ C0] notifier_call_chain+0x19f/0x3e0 [ 244.669287][ C0] unregister_netdevice_many_notify+0xd81/0x1c40 [ 244.669322][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 244.669354][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 244.669379][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 244.669406][ C0] default_device_exit_batch+0xa0f/0xa90 [ 244.669428][ C0] ? __pfx___might_resched+0x10/0x10 [ 244.669448][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 244.669465][ C0] ? __pfx_rdma_dev_exit_net+0x10/0x10 [ 244.669491][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 244.669505][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 244.669523][ C0] cleanup_net+0x89d/0xcc0 [ 244.669543][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 244.669567][ C0] ? process_scheduled_works+0x945/0x1830 [ 244.669586][ C0] process_scheduled_works+0xa2c/0x1830 [ 244.669623][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 244.669648][ C0] ? assign_work+0x364/0x3d0 [ 244.669670][ C0] worker_thread+0x86d/0xd10 [ 244.669699][ C0] ? __kthread_parkme+0x169/0x1d0 [ 244.669723][ C0] ? __pfx_worker_thread+0x10/0x10 [ 244.669743][ C0] kthread+0x2f0/0x390 [ 244.669766][ C0] ? __pfx_worker_thread+0x10/0x10 [ 244.669785][ C0] ? __pfx_kthread+0x10/0x10 [ 244.669808][ C0] ret_from_fork+0x4b/0x80 [ 244.669829][ C0] ? __pfx_kthread+0x10/0x10 [ 244.669851][ C0] ret_from_fork_asm+0x1a/0x30 [ 244.669882][ C0] [ 244.674638][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 244.674655][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 [ 244.674676][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 244.674687][ T30] Call Trace: [ 244.674695][ T30] [ 244.674703][ T30] dump_stack_lvl+0x241/0x360 [ 244.674730][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.674749][ T30] ? __pfx__printk+0x10/0x10 [ 244.674764][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 244.674794][ T30] ? vscnprintf+0x5d/0x90 [ 244.674817][ T30] panic+0x349/0x860 [ 244.674836][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 244.674859][ T30] ? __pfx_panic+0x10/0x10 [ 244.674874][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 244.674894][ T30] ? __irq_work_queue_local+0x137/0x410 [ 244.674917][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 244.674935][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 244.674956][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 244.674979][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 244.675003][ T30] watchdog+0x1033/0x1040 [ 244.675028][ T30] ? watchdog+0x1ea/0x1040 [ 244.675055][ T30] ? __pfx_watchdog+0x10/0x10 [ 244.675077][ T30] kthread+0x2f0/0x390 [ 244.675100][ T30] ? __pfx_watchdog+0x10/0x10 [ 244.675121][ T30] ? __pfx_kthread+0x10/0x10 [ 244.675145][ T30] ret_from_fork+0x4b/0x80 [ 244.675166][ T30] ? __pfx_kthread+0x10/0x10 [ 244.675189][ T30] ret_from_fork_asm+0x1a/0x30 [ 244.675224][ T30] [ 244.679175][ T30] Kernel Offset: disabled [ 245.299037][ T30] Rebooting in 86400 seconds..