last executing test programs: 7.042338506s ago: executing program 3 (id=19206): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0xfffffffffffffffd, 0x0) 6.580166377s ago: executing program 3 (id=19210): r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f00000002c0)={0x1, 0x5}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) read(r0, 0x0, 0x0) 6.537926804s ago: executing program 4 (id=19211): r0 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'none\x00', 0xf}, 0x2c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), r1) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0) 5.047362962s ago: executing program 4 (id=19220): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_GETFMT(r0, 0xffffffff80000400, 0x0, &(0x7f0000000c80)) 4.876998792s ago: executing program 2 (id=19221): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0) read(r1, &(0x7f0000000200)=""/202, 0xca) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}}) tkill(r0, 0x7) 4.573776525s ago: executing program 3 (id=19224): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0xc, &(0x7f0000000040)=@gcm_256={{}, "a2879a2323b8254e", "86dd270f98c60203791922c5acce09cc4c1afd8c02f79131becff587e9572ef9", "770c937d", "5590a6b25e516d6a"}, 0x38) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$KDGKBMETA(r0, 0x4b4b, &(0x7f0000000040)) 4.414392881s ago: executing program 2 (id=19225): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in={{0x2, 0x0, @remote}}}, &(0x7f0000000000)=0x9c) 4.246417434s ago: executing program 4 (id=19227): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000014c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001600)='/', 0x1}], 0x1}}], 0x1, 0x0) 4.066334146s ago: executing program 3 (id=19229): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1a003}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 3.981746069s ago: executing program 2 (id=19230): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x2, 0x2, 0x4}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[@ANYBLOB="b702000001000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83116752ddb11cfafffa3837841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc40700a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e30df414b315f651c8412392191fa83ee830548f11e1036a8debd64c490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cd17b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0544c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e1700000000000000000000000000000832b99df00000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cb5ee3a7c9ef89edbdf42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf80300cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9874620e322d9348900000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2bca0f4557869ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a35df8574eb49e972f7976eafee43a6c17009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54aba40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be206af7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c708e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d5040000000000000000000000000000074f21ec2b57bb2daf8fab7cd564d1e84c93af254ab029e6cd168007b9a10a6664d9d264aceede0183b2306c440b2c81c9e120ece36a61b0b015ea6716decf8783e0845fa975b6e5f7f4dd4abe2a95e764ae13288d4439ec29066d9bc9f26212615423c3d8d58901a6b51a93c8aacb19c416d5260662031a295f2b33295a60db77b5f082bdc48cd06c6cd01e7a40e456d829d277c77c2ca9159c82a391a24d5f6193228d93e2fd99cd0cdeefa9b7c5ea02c5454ef4c6631e6766ffcba3cce4ab13c69622675683ab1f05edbb09641c9dba535b319a21a00287645449a61eefc00a2a8f6955d6573023325bc00ca0facb69d67c8b95e29b36c4a5f84a959262c382de9a411be7b9b500ca329e5eefcd323490eed4bcbcba4764618bf51a08498a64b0e19c00e33480b27c2b12c326e6bf10234f883be00900009ad2fbdf6bae"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) 3.592056419s ago: executing program 2 (id=19232): r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000340)='cgroup.stat\x00', 0x300, 0x0) open_by_handle_at(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001"], 0x10040) 3.238121953s ago: executing program 4 (id=19233): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setrlimit(0x9, &(0x7f0000000000)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 2.949603044s ago: executing program 1 (id=19234): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000980)=ANY=[], 0x0, 0x26, 0x8, 0x8000a, 0x3793}, 0x20) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70}) 2.765886201s ago: executing program 2 (id=19235): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000140)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r1, @ANYBLOB="0000000002000000b70500000800000085000000c500000095"], &(0x7f0000000640)='syzkaller\x00', 0x8, 0xff6, &(0x7f0000001e00)=""/4086}, 0x90) 2.724140339s ago: executing program 3 (id=19236): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000005, 0x12, r1, 0x0) r2 = socket(0x15, 0x5, 0x0) getsockopt(r2, 0x200000000114, 0x2716, 0x0, &(0x7f0000000040)) 2.41972415s ago: executing program 0 (id=19237): r0 = socket$inet(0x2, 0x3, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vxcan0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000"], 0x0}, 0x90) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000008000000000000007e1b1f2995"], &(0x7f0000000000)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x302, 0x0, &(0x7f0000000380)='\x00', 0x0}, 0x48) 2.391039502s ago: executing program 2 (id=19238): syz_usb_connect$uac1(0x0, 0x99, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000086b1d01014000010203010902870003010000000904000000010100000a24010000000201020c240800000000ff533ea72909040100000102000009040101010102000007240100040000090501090000000000072501000000000900000000010200000904020101010220000e240201740200002304473ed87007240100000000090582092000000000"], 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.331981872s ago: executing program 1 (id=19239): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1f02ffff0000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r0], 0x40}}, 0x0) 2.160955407s ago: executing program 3 (id=19240): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) syz_usb_control_io(r0, 0x0, 0x0) write$UHID_INPUT(r2, &(0x7f0000000040)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b07333b6c1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) 1.976897786s ago: executing program 0 (id=19241): ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000480)={'syztnl0\x00', &(0x7f0000000180)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x3b, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @broadcast}}}}) unshare(0x2c020400) msgget$private(0x0, 0x0) msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0) msgrcv(0x0, &(0x7f00000004c0)={0x0, ""/4}, 0x2000, 0x0, 0x0) 1.921814356s ago: executing program 4 (id=19242): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x0, 0x400}]}) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 1.907736214s ago: executing program 1 (id=19243): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000640), 0x802, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r0, &(0x7f0000000c80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 1.672012336s ago: executing program 0 (id=19244): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)=""/246, 0xf6}], 0x1, &(0x7f0000000180)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000323000/0x2000)=nil], 0x0, &(0x7f0000001500), 0x0) 1.434452612s ago: executing program 1 (id=19245): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000004c0)={0x28, r2, 0x107, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_BSSID={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000015}, 0x800) 1.263528407s ago: executing program 0 (id=19246): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r2, 0x0) ioctl$VT_RESIZE(r0, 0x5609, 0x0) 955.276274ms ago: executing program 1 (id=19247): r0 = syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2) r1 = syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000300)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) 813.167613ms ago: executing program 0 (id=19248): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r1, &(0x7f0000000000), 0x100000008) ioctl$EVIOCGVERSION(r1, 0x40084503, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0) 408.142286ms ago: executing program 4 (id=19249): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000180)={0x8f, 0x0, 0xa}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 395.176281ms ago: executing program 1 (id=19250): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={r2}, 0x8) 0s ago: executing program 0 (id=19251): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x81, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): =11763 comm="syz.4.18056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc039573ea7 code=0x7ffc0000 [ 1205.794097][ T29] audit: type=1326 audit(2000000690.955:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11763 comm="syz.4.18056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc039518859 code=0x7ffc0000 [ 1205.871110][ T29] audit: type=1326 audit(2000000690.955:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11763 comm="syz.4.18056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc039573ea7 code=0x7ffc0000 [ 1205.874171][T11787] netlink: 136 bytes leftover after parsing attributes in process `syz.1.18065'. [ 1206.025958][T11787] netlink: 89 bytes leftover after parsing attributes in process `syz.1.18065'. [ 1206.852044][T20177] bond0: (slave bond_slave_0): interface is now down [ 1206.861712][T20177] bond0: (slave bond_slave_1): interface is now down [ 1206.896120][T20177] bond0: now running without any active interface! [ 1207.245152][T11832] fuse: Bad value for 'user_id' [ 1207.250079][T11832] fuse: Bad value for 'user_id' [ 1208.121675][T11869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18103'. [ 1208.384196][T11876] gretap0: entered promiscuous mode [ 1208.458357][T11876] gretap0: left promiscuous mode [ 1208.517347][T11879] sctp: [Deprecated]: syz.3.18107 (pid 11879) Use of int in maxseg socket option. [ 1208.517347][T11879] Use struct sctp_assoc_value instead [ 1208.856394][T11887] syz.3.18112[11887] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1208.856567][T11887] syz.3.18112[11887] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1209.404900][T11905] netlink: 16126 bytes leftover after parsing attributes in process `syz.2.18121'. [ 1209.439186][T11905] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.18121'. [ 1209.735547][ T7213] usb 2-1: new high-speed USB device number 104 using dummy_hcd [ 1209.906224][ T5283] usb 3-1: new low-speed USB device number 34 using dummy_hcd [ 1209.940505][ T7213] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1209.950028][ T7213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1209.964262][ T7213] usb 2-1: config 0 descriptor?? [ 1209.983286][ T7213] cp210x 2-1:0.0: cp210x converter detected [ 1210.105214][ T5283] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1210.123352][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1210.152614][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1210.184809][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1210.218957][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1210.251930][ T5283] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1210.269633][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1210.279952][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1210.301776][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1210.345719][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1210.399941][ T5283] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1210.407536][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1210.438833][ T7213] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1210.452679][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1210.473353][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1210.515553][ T5283] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1210.540955][ T5283] usb 3-1: string descriptor 0 read error: -22 [ 1210.558383][ T5283] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1210.568774][ T5283] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1210.617629][ T5283] adutux 3-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1210.699840][ T7213] cp210x 2-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 1210.707482][ T7213] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 1210.733508][ T7213] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1210.751245][ T7213] usb 2-1: USB disconnect, device number 104 [ 1210.783568][ T7213] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1210.791822][ T7213] cp210x 2-1:0.0: device disconnected [ 1210.952384][ T1094] usb 3-1: USB disconnect, device number 34 [ 1211.702558][ T7213] usb 4-1: new high-speed USB device number 103 using dummy_hcd [ 1211.894766][T11954] Falling back ldisc for ptm0. [ 1211.908206][ T7213] usb 4-1: Using ep0 maxpacket: 16 [ 1211.913592][ T29] kauditd_printk_skb: 154 callbacks suppressed [ 1211.913611][ T29] audit: type=1400 audit(2000000697.165:964): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=11957 comm="syz.0.18144" daddr=255.255.255.255 [ 1211.941138][ T7213] usb 4-1: config 0 has an invalid descriptor of length 253, skipping remainder of the config [ 1211.963456][ T7213] usb 4-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25 [ 1211.991110][ T7213] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1212.012967][ T7213] usb 4-1: Product: syz [ 1212.017205][ T7213] usb 4-1: Manufacturer: syz [ 1212.040639][ T7213] usb 4-1: SerialNumber: syz [ 1212.056549][ T7213] usb 4-1: config 0 descriptor?? [ 1212.311719][ T7213] usb 4-1: USB disconnect, device number 103 [ 1212.367566][T11972] netlink: 44 bytes leftover after parsing attributes in process `syz.2.18153'. [ 1212.378440][T11969] netlink: 144316 bytes leftover after parsing attributes in process `syz.0.18149'. [ 1212.636580][T11980] netlink: 20 bytes leftover after parsing attributes in process `syz.2.18157'. [ 1212.782821][ T59] usb 2-1: new full-speed USB device number 105 using dummy_hcd [ 1212.904991][ T29] audit: type=1400 audit(2000000698.100:965): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=11988 comm="syz.0.18161" dest=20002 [ 1212.981486][ T59] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1213.004328][ T59] usb 2-1: not running at top speed; connect to a high speed hub [ 1213.028756][ T59] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1213.057431][ T59] usb 2-1: config 1 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1213.090175][ T59] usb 2-1: config 1 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1213.130670][ T59] usb 2-1: config 1 interface 0 has no altsetting 0 [ 1213.151547][ T59] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1213.168554][ T59] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1213.174186][T11991] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 1213.188453][ T59] usb 2-1: Product: syz [ 1213.196434][ T59] usb 2-1: Manufacturer: syz [ 1213.207620][ T59] usb 2-1: SerialNumber: syz [ 1213.464122][ T59] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 1213.502192][ T59] usb 2-1: USB disconnect, device number 105 [ 1215.066391][T12062] virtio-fs: tag <(null)> not found [ 1215.706320][T12089] netlink: 300 bytes leftover after parsing attributes in process `syz.3.18207'. [ 1215.865671][ T29] audit: type=1400 audit(2000000700.869:966): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=12093 comm="syz.4.18210" daddr=255.255.255.255 dest=20000 [ 1216.204827][ T5283] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 1216.368091][T12116] netlink: 20 bytes leftover after parsing attributes in process `syz.3.18221'. [ 1216.386584][T12116] netlink: 56 bytes leftover after parsing attributes in process `syz.3.18221'. [ 1216.409144][T12116] netlink: 20 bytes leftover after parsing attributes in process `syz.3.18221'. [ 1216.420584][ T5283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1216.450389][ T5283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1216.460284][ T5283] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1216.510827][ T5283] usb 3-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00 [ 1216.533242][ T5283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1216.553967][ T5283] usb 3-1: config 0 descriptor?? [ 1217.001994][ T5283] playstation 0003:054C:0BA0.00CE: unknown main item tag 0x0 [ 1217.020305][ T5283] playstation 0003:054C:0BA0.00CE: unbalanced collection at end of report description [ 1217.039290][ T5283] playstation 0003:054C:0BA0.00CE: Parse failed [ 1217.049671][ T5283] playstation 0003:054C:0BA0.00CE: probe with driver playstation failed with error -22 [ 1217.240363][ T5283] usb 3-1: USB disconnect, device number 35 [ 1217.754993][ T5310] usb 4-1: new high-speed USB device number 104 using dummy_hcd [ 1217.972730][ T5310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1217.999793][ T5310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1218.023049][ T5310] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1218.055304][ T5310] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 1218.069157][ T5310] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1218.088815][ T5310] usb 4-1: config 0 descriptor?? [ 1218.325734][T12141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1218.362491][T12141] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1218.398592][ T5310] usbhid 4-1:0.0: can't add hid device: -71 [ 1218.417195][ T5310] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 1218.435217][ T5310] usb 4-1: USB disconnect, device number 104 [ 1218.953337][ T7213] usb 4-1: new high-speed USB device number 105 using dummy_hcd [ 1219.176960][ T7213] usb 4-1: Using ep0 maxpacket: 8 [ 1219.197162][ T7213] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 1219.240871][ T7213] usb 4-1: config 0 has no interface number 0 [ 1219.252100][ T7213] usb 4-1: config 0 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1219.289362][ T7213] usb 4-1: config 0 interface 1 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 0 [ 1219.309658][ T7213] usb 4-1: config 0 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1219.329643][ T7213] usb 4-1: config 0 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1219.348552][ T7213] usb 4-1: config 0 interface 1 has no altsetting 0 [ 1219.360208][ T7213] usb 4-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 1219.372960][ T7213] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1219.384294][ T7213] usb 4-1: config 0 descriptor?? [ 1219.664954][ T7213] usb 4-1: USB disconnect, device number 105 [ 1220.034376][T12208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18262'. [ 1220.311566][ T7213] kernel write not supported for file /887/projid_map (pid: 7213 comm: kworker/1:1) [ 1220.528731][T12223] sp0: Synchronizing with TNC [ 1220.754932][T12233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18274'. [ 1220.797369][T12234] sp0: Synchronizing with TNC [ 1220.908700][T12240] ptrace attach of "./syz-executor exec"[5237] was attempted by "./syz-executor exec"[12240] [ 1220.978063][T12243] sctp: [Deprecated]: syz.0.18279 (pid 12243) Use of int in maxseg socket option. [ 1220.978063][T12243] Use struct sctp_assoc_value instead [ 1221.083655][ T7213] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 1221.300733][ T7213] usb 3-1: Using ep0 maxpacket: 16 [ 1221.320704][ T7213] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1221.347960][ T7213] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1221.381051][ T7213] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1221.405660][ T7213] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.424060][ T7213] usb 3-1: Product: syz [ 1221.428472][ T7213] usb 3-1: Manufacturer: syz [ 1221.450142][ T7213] usb 3-1: SerialNumber: syz [ 1221.469342][ T7213] usb 3-1: config 0 descriptor?? [ 1221.504434][ T7213] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1221.549899][ T7213] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 1221.735292][ T63] Bluetooth: hci6: Frame reassembly failed (-84) [ 1222.187397][ T7213] em28xx 3-1:0.0: chip ID is em28178 [ 1222.277796][T12280] netlink: 8 bytes leftover after parsing attributes in process `syz.4.18296'. [ 1222.299104][T12280] netlink: 20 bytes leftover after parsing attributes in process `syz.4.18296'. [ 1222.456541][ T7213] usb 3-1: USB disconnect, device number 36 [ 1222.472405][ T7213] em28xx 3-1:0.0: Disconnecting em28xx [ 1222.498284][ T7213] em28xx 3-1:0.0: Freeing device [ 1223.561617][ T5310] usb 2-1: new high-speed USB device number 106 using dummy_hcd [ 1223.796177][ T5310] usb 2-1: Using ep0 maxpacket: 16 [ 1223.824588][ T5310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1223.849266][ T5310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1223.866668][ T5310] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 1223.876158][T17181] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1223.917336][ T5310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1223.958733][ T5310] usb 2-1: config 0 descriptor?? [ 1224.256413][ T5310] usbhid 2-1:0.0: can't add hid device: -71 [ 1224.262532][ T5310] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 1224.300705][ T5310] usb 2-1: USB disconnect, device number 106 [ 1224.884209][T12368] netlink: 152 bytes leftover after parsing attributes in process `syz.4.18337'. [ 1224.906023][T12368] netlink: 20 bytes leftover after parsing attributes in process `syz.4.18337'. [ 1224.919054][ T5310] usb 2-1: new high-speed USB device number 107 using dummy_hcd [ 1225.145364][ T5310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1225.167922][ T5310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1225.189481][ T5310] usb 2-1: New USB device found, idVendor=07fa, idProduct=0847, bcdDevice= 0.00 [ 1225.208323][ T5310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1225.235952][ T5310] usb 2-1: config 0 descriptor?? [ 1225.252121][ T5310] HFC-S_USB 2-1:0.0: probe with driver HFC-S_USB failed with error -5 [ 1225.495610][ T5310] usbhid 2-1:0.0: can't add hid device: -71 [ 1225.503642][ T5310] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 1225.523384][T12380] netlink: 24 bytes leftover after parsing attributes in process `syz.4.18342'. [ 1225.532645][ T5310] usb 2-1: USB disconnect, device number 107 [ 1225.710532][ T9] usb 4-1: new high-speed USB device number 106 using dummy_hcd [ 1225.924409][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 1225.931039][T12388] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1225.934931][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1225.972698][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1225.986610][ T9] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1226.005046][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1226.034937][ T9] usb 4-1: Product: syz [ 1226.039160][ T9] usb 4-1: Manufacturer: syz [ 1226.044059][ T9] usb 4-1: SerialNumber: syz [ 1226.051097][ T9] usb 4-1: config 0 descriptor?? [ 1226.059960][ T9] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1226.073612][ T9] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 1226.728244][ T9] em28xx 4-1:0.0: chip ID is em2870 [ 1226.776524][T12413] netlink: 'syz.0.18358': attribute type 6 has an invalid length. [ 1226.822365][T12413] netlink: 168 bytes leftover after parsing attributes in process `syz.0.18358'. [ 1227.004944][ T7213] usb 4-1: USB disconnect, device number 106 [ 1227.020711][ T7213] em28xx 4-1:0.0: Disconnecting em28xx [ 1227.036689][ T7213] em28xx 4-1:0.0: Freeing device [ 1227.114633][T12426] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18362'. [ 1227.682473][T12446] netlink: 68 bytes leftover after parsing attributes in process `syz.3.18372'. [ 1229.132101][ T1094] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 1229.349226][ T1094] usb 3-1: Using ep0 maxpacket: 32 [ 1229.376370][ T1094] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 1229.398793][ T1094] usb 3-1: config 0 has no interface number 0 [ 1229.414833][ T1094] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1229.430912][ T1094] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1229.451443][ T1094] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 1229.463149][ T1094] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1229.487481][ T1094] usb 3-1: config 0 descriptor?? [ 1230.160729][ T1094] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:28BD:0094.00CF/input/input205 [ 1230.283814][ T1094] uclogic 0003:28BD:0094.00CF: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.2-1/input1 [ 1230.439503][ T9] usb 3-1: USB disconnect, device number 37 [ 1230.554737][ T29] audit: type=1326 audit(2000000714.607:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12526 comm="syz.1.18411" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x0 [ 1231.130648][T12539] option changes via remount are deprecated (pid=12538 comm=syz.4.18416) [ 1231.538250][T12546] netlink: 40 bytes leftover after parsing attributes in process `syz.4.18419'. [ 1233.462717][T12580] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1234.371193][ T1094] usb 2-1: new high-speed USB device number 108 using dummy_hcd [ 1234.595765][ T1094] usb 2-1: Using ep0 maxpacket: 32 [ 1234.606903][ T1094] usb 2-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 1234.630591][ T1094] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1234.654190][T12606] netlink: 16 bytes leftover after parsing attributes in process `syz.4.18444'. [ 1234.667087][ T1094] usb 2-1: config 0 descriptor?? [ 1234.683618][ T1094] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 1235.078591][ T7213] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.133036][ T7213] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.184213][ T7213] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.280358][ T7213] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.302835][ T29] audit: type=1326 audit(2000000719.049:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12609 comm="syz.2.18445" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3475b7cef9 code=0x0 [ 1235.338730][T12611] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1235.376599][ T9793] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.451574][ T9793] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.573744][ T1094] gspca_sunplus: reg_w_riv err -71 [ 1235.579054][ T1094] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 1235.611986][ T1094] usb 2-1: USB disconnect, device number 108 [ 1235.697484][ T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.804441][ T7213] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.879993][ T7213] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1235.975688][ T7213] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1236.369773][T12626] program syz.0.18452 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1236.393762][T12627] syz.4.18453[12627] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1236.394056][T12627] syz.4.18453[12627] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1237.271142][T12653] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18463'. [ 1237.388514][T12653] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18463'. [ 1237.891779][T12670] netlink: 'syz.1.18471': attribute type 1 has an invalid length. [ 1237.921276][T12670] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.18471'. [ 1237.951895][T12670] netlink: 'syz.1.18471': attribute type 1 has an invalid length. [ 1238.627301][ T7213] usb 5-1: new high-speed USB device number 85 using dummy_hcd [ 1238.848993][T12697] bridge0: port 3(veth0_to_bridge) entered blocking state [ 1238.883818][T12697] bridge0: port 3(veth0_to_bridge) entered disabled state [ 1238.891175][ T7213] usb 5-1: config 220 has too many interfaces: 184, using maximum allowed: 32 [ 1238.923669][ T7213] usb 5-1: config 220 has 1 interface, different from the descriptor's value: 184 [ 1238.935544][T12697] veth0_to_bridge: entered allmulticast mode [ 1238.947842][ T7213] usb 5-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85 [ 1238.956951][ T7213] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1238.981583][T12697] veth0_to_bridge: entered promiscuous mode [ 1239.035626][ T7213] gspca_main: sn9c2028-2.14.0 probing 0c45:8008 [ 1239.312128][ T7213] gspca_sn9c2028: read1 error -32 [ 1239.335085][ T7213] gspca_sn9c2028: read1 error -32 [ 1239.492815][T12711] netlink: 16 bytes leftover after parsing attributes in process `syz.1.18489'. [ 1239.621406][ T7213] usb 5-1: USB disconnect, device number 85 [ 1241.203020][ T6430] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1241.222116][ T6430] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1241.233399][ T6430] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1241.245557][ T6430] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1241.270444][ T6430] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1241.284853][ T6430] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1241.377087][ T7064] syz_tun (unregistering): left promiscuous mode [ 1241.399398][ T7064] syz_tun (unregistering): left allmulticast mode [ 1241.441505][ T7064] team0: Port device syz_tun removed [ 1241.617584][T12756] netdevsim netdevsim4 netdevsim0: Unsupported IPsec algorithm [ 1241.899127][ T7213] usb 2-1: new high-speed USB device number 109 using dummy_hcd [ 1241.957321][ T3308] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1242.006017][ T3308] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 1242.122713][ T7213] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1242.143593][ T7213] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1242.179333][ T7213] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1242.195123][ T7213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1242.209496][ T7213] usb 2-1: SerialNumber: syz [ 1242.269602][ T3308] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1242.291392][ T3308] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 1242.325917][T12747] lo speed is unknown, defaulting to 1000 [ 1242.332073][T12768] netlink: 'syz.2.18514': attribute type 6 has an invalid length. [ 1242.456104][ T7213] usb 2-1: 0:2 : does not exist [ 1242.510705][ T7213] usb 2-1: USB disconnect, device number 109 [ 1242.530811][ T3308] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1242.551698][ T3308] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 1242.604441][T12778] No such timeout policy "syz0" [ 1242.850053][ T3308] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1242.872035][ T3308] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 1242.935527][T12786] devtmpfs: Bad value for 'usrquota_block_hardlimit' [ 1243.283038][T12747] chnl_net:caif_netlink_parms(): no params data found [ 1243.488283][ T3308] bridge0: port 4(hsr0) entered disabled state [ 1243.541465][ T3308] team0: left allmulticast mode [ 1243.556896][T17181] Bluetooth: hci4: command tx timeout [ 1243.565970][ T3308] team_slave_0: left allmulticast mode [ 1243.596738][ T3308] team_slave_1: left allmulticast mode [ 1243.627498][ T3308] dummy0: left allmulticast mode [ 1243.656666][ T3308] team0: left promiscuous mode [ 1243.678197][ T3308] team_slave_0: left promiscuous mode [ 1243.708261][ T3308] team_slave_1: left promiscuous mode [ 1243.718887][ T3308] dummy0: left promiscuous mode [ 1243.724627][ T3308] bridge0: port 3(team0) entered disabled state [ 1243.773587][ T3308] –eth0_vlan: left allmulticast mode [ 1243.779164][ T3308] –eth0_vlan: left promiscuous mode [ 1243.798576][ T3308] bridge0: port 2(–eth0_vlan) entered disabled state [ 1243.837594][ T3308] bridge_slave_0: left promiscuous mode [ 1243.843578][ T3308] bridge0: port 1(bridge_slave_0) entered disabled state [ 1245.351300][ T3308] team0: Port device bridge4 removed [ 1245.478104][ T3308] bond1 (unregistering): Released all slaves [ 1245.524279][ T3308] bond2 (unregistering): Released all slaves [ 1245.573954][ T3308] bond3 (unregistering): Released all slaves [ 1245.609847][ T3308] bond4 (unregistering): Released all slaves [ 1245.653112][ T3308] bond5 (unregistering): Released all slaves [ 1245.722944][ T29] audit: type=1326 audit(2000000728.794:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1245.750712][T12810] sch_tbf: burst 8 is lower than device lo mtu (14) ! [ 1245.777852][ T29] audit: type=1326 audit(2000000728.794:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1245.801323][T17181] Bluetooth: hci4: command tx timeout [ 1245.817666][ T29] audit: type=1326 audit(2000000728.813:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1245.824660][T12747] bridge0: port 1(bridge_slave_0) entered blocking state [ 1245.840588][ T29] audit: type=1326 audit(2000000728.813:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1245.870431][ T29] audit: type=1326 audit(2000000728.813:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1245.893479][ T29] audit: type=1326 audit(2000000728.850:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1245.930367][T12747] bridge0: port 1(bridge_slave_0) entered disabled state [ 1245.945542][T12747] bridge_slave_0: entered allmulticast mode [ 1245.964050][T12747] bridge_slave_0: entered promiscuous mode [ 1245.972182][ T3308] Êü: left promiscuous mode [ 1245.985215][ T29] audit: type=1326 audit(2000000728.850:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1246.090421][ T29] audit: type=1326 audit(2000000728.850:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1246.133572][ T29] audit: type=1326 audit(2000000728.859:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1246.140812][T12747] bridge0: port 2(bridge_slave_1) entered blocking state [ 1246.162683][T12747] bridge0: port 2(bridge_slave_1) entered disabled state [ 1246.170341][T12747] bridge_slave_1: entered allmulticast mode [ 1246.177974][T12747] bridge_slave_1: entered promiscuous mode [ 1246.196963][ T29] audit: type=1326 audit(2000000728.859:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12824 comm="syz.1.18535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8977cef9 code=0x7ffc0000 [ 1246.226363][T12830] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18538'. [ 1246.383755][ T3308] tipc: Disabling bearer [ 1246.389552][ T3308] tipc: Left network mode [ 1246.478336][T12747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1246.539777][T12747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1246.616205][ T3308] IPVS: stopping backup sync thread 29602 ... [ 1246.772591][T12747] team0: Port device team_slave_0 added [ 1246.843936][T12747] team0: Port device team_slave_1 added [ 1247.054014][ T1094] usb 3-1: new full-speed USB device number 38 using dummy_hcd [ 1247.107077][T12747] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1247.128189][T12747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1247.170745][T12747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1247.181844][ T9] usb 2-1: new high-speed USB device number 110 using dummy_hcd [ 1247.197273][T12747] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1247.204597][T12747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1247.232777][T12747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1247.301563][ T1094] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1247.320084][ T1094] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x1D, changing to 0xD [ 1247.342925][ T1094] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 16349, setting to 64 [ 1247.362816][ T1094] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1247.389166][ T9] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 1247.398704][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1247.416504][ T9] usb 2-1: Product: syz [ 1247.423563][ T1094] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1247.434243][ T9] usb 2-1: Manufacturer: syz [ 1247.448393][ T1094] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1247.456889][ T1094] usb 3-1: Manufacturer: syz [ 1247.463009][ T9] usb 2-1: SerialNumber: syz [ 1247.473995][ T9] usb 2-1: config 0 descriptor?? [ 1247.482023][ T1094] usb 3-1: config 0 descriptor?? [ 1247.488046][T12850] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1247.516552][ T1094] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 1247.667369][T12747] hsr_slave_0: entered promiscuous mode [ 1247.685456][T12747] hsr_slave_1: entered promiscuous mode [ 1247.705708][T12747] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1247.726969][T12747] Cannot create hsr debugfs directory [ 1247.784843][ T1094] usb 3-1: USB disconnect, device number 38 [ 1247.968208][ T9] usb 2-1: Firmware: major: 152, minor: 239, hardware type: HULUSB (4) [ 1247.995735][T17181] Bluetooth: hci4: command tx timeout [ 1248.217460][ T9] usb 2-1: failed to fetch extended address, random address set [ 1248.377103][ T3308] hsr_slave_0: left promiscuous mode [ 1248.383383][ T3308] hsr_slave_1: left promiscuous mode [ 1248.421733][ T3308] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1248.440414][ T3308] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1248.458951][ T3308] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1248.473940][ T3308] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1248.521130][ T3308] veth1_macvtap: left promiscuous mode [ 1248.537756][ T3308] veth0_macvtap: left promiscuous mode [ 1248.543699][ T3308] veth1_vlan: left promiscuous mode [ 1248.549705][ T3308] veth0_vlan: left promiscuous mode [ 1248.874963][ T3308] pim6reg527 (unregistering): left allmulticast mode [ 1249.879589][ T3308] team0 (unregistering): Port device team_slave_1 removed [ 1249.965621][ T3308] team0 (unregistering): Port device team_slave_0 removed [ 1250.228184][T17181] Bluetooth: hci4: command tx timeout [ 1250.621788][ T3308] team0 (unregistering): Port device dummy0 removed [ 1250.840191][ T9] usb 2-1: USB disconnect, device number 110 [ 1251.480349][ T5310] kernel write not supported for file /media0 (pid: 5310 comm: kworker/0:7) [ 1251.714987][ T9] usb 5-1: new low-speed USB device number 86 using dummy_hcd [ 1251.825763][ T3308] IPVS: stop unused estimator thread 0... [ 1251.964011][ T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 1251.982861][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1252.003830][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1252.021841][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1252.054504][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1252.088428][ T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 1252.115356][T12747] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1252.119859][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1252.153496][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1252.165471][T12747] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1252.195038][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1252.200360][T12747] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1252.225917][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1252.254367][T12747] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1252.257121][ T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 1252.280968][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1252.301204][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1252.322697][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1252.360986][ T9] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1252.405829][ T9] usb 5-1: string descriptor 0 read error: -22 [ 1252.417453][ T9] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1252.455238][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1252.504083][ T9] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1252.579243][T12747] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1252.651393][T12747] 8021q: adding VLAN 0 to HW filter on device team0 [ 1252.695672][T20177] bridge0: port 1(bridge_slave_0) entered blocking state [ 1252.702933][T20177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1252.755922][ T2521] bridge0: port 2(bridge_slave_1) entered blocking state [ 1252.763210][ T2521] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1253.003060][ T25] usb 5-1: USB disconnect, device number 86 [ 1253.114866][T12934] netlink: 'syz.2.18585': attribute type 1 has an invalid length. [ 1253.138392][T12934] netlink: 9372 bytes leftover after parsing attributes in process `syz.2.18585'. [ 1253.163818][T12934] netlink: 'syz.2.18585': attribute type 1 has an invalid length. [ 1253.264182][T12747] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1253.411275][T12747] veth0_vlan: entered promiscuous mode [ 1253.486045][T12747] veth1_vlan: entered promiscuous mode [ 1253.581493][T12747] veth0_macvtap: entered promiscuous mode [ 1253.620125][T12747] veth1_macvtap: entered promiscuous mode [ 1253.675944][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.709897][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.747650][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.780158][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.810583][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.853580][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.856390][T12961] input: syz0 as /devices/virtual/input/input206 [ 1253.883509][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.928511][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.946973][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1253.957694][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1253.972489][T12747] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1254.000974][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1254.025915][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.053857][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1254.088922][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.109698][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1254.142553][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.171110][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1254.182272][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.204161][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1254.220232][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1254.244976][T12747] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1254.312149][T12747] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1254.365793][T12747] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1254.399900][T12747] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1254.408708][T12747] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1254.752602][ T2521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1254.791218][ T2521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1254.892497][ T3308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1254.920364][ T3308] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1257.481029][T13059] program syz.0.18638 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1258.073320][ T6430] Bluetooth: hci6: sending frame failed (-49) [ 1258.083365][T17181] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 1258.348129][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 1258.348152][ T29] audit: type=1326 audit(2000000740.606:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b7437cef9 code=0x7ffc0000 [ 1258.375847][ C0] vkms_vblank_simulate: vblank timer overrun [ 1258.463914][T13087] program syz.0.18651 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1258.494220][ T29] audit: type=1326 audit(2000000740.606:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b7437cef9 code=0x7ffc0000 [ 1258.610358][ T29] audit: type=1326 audit(2000000740.624:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1b7437cef9 code=0x7ffc0000 [ 1258.681488][ T29] audit: type=1326 audit(2000000740.624:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b7437cef9 code=0x7ffc0000 [ 1258.763754][ T29] audit: type=1326 audit(2000000740.634:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1b7437cef9 code=0x7ffc0000 [ 1258.818298][ T29] audit: type=1326 audit(2000000740.634:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b7437cef9 code=0x7ffc0000 [ 1258.901317][ T29] audit: type=1326 audit(2000000740.634:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1b74373ea7 code=0x7ffc0000 [ 1258.941535][ T29] audit: type=1326 audit(2000000740.634:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1b74318859 code=0x7ffc0000 [ 1259.040566][ T29] audit: type=1326 audit(2000000740.634:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1b74373ea7 code=0x7ffc0000 [ 1259.119165][ T29] audit: type=1326 audit(2000000740.634:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz.3.18650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1b74318859 code=0x7ffc0000 [ 1259.563444][ T1094] usb 4-1: new high-speed USB device number 107 using dummy_hcd [ 1259.790801][ T1094] usb 4-1: config 0 has an invalid interface number: 104 but max is 0 [ 1259.804287][T13126] netlink: 32 bytes leftover after parsing attributes in process `syz.1.18670'. [ 1259.813728][ T1094] usb 4-1: config 0 has no interface number 0 [ 1259.827564][ T1094] usb 4-1: config 0 interface 104 has no altsetting 0 [ 1259.839417][T13126] netlink: 32 bytes leftover after parsing attributes in process `syz.1.18670'. [ 1259.862438][ T1094] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9 [ 1259.882775][ T1094] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1259.892101][T13126] netlink: 32 bytes leftover after parsing attributes in process `syz.1.18670'. [ 1259.905519][ T1094] usb 4-1: Product: syz [ 1259.909833][ T1094] usb 4-1: Manufacturer: syz [ 1259.936214][ T1094] usb 4-1: SerialNumber: syz [ 1259.964686][ T1094] usb 4-1: config 0 descriptor?? [ 1259.982757][ T1094] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 1260.209091][ T1094] gspca_vc032x: reg_r err -71 [ 1260.213837][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.227789][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.243375][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.253661][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.264141][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.296623][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.310607][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.327786][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.344238][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.350515][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.371539][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.385166][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.406826][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.419771][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.426502][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.440582][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.457004][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.472442][ T1094] gspca_vc032x: I2c Bus Busy Wait 00 [ 1260.487338][ T1094] gspca_vc032x: Unknown sensor... [ 1260.535107][ T1094] vc032x 4-1:0.104: probe with driver vc032x failed with error -22 [ 1260.577538][ T1094] usb 4-1: USB disconnect, device number 107 [ 1261.106388][T13162] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1261.905529][ T5283] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 1262.108419][ T5283] usb 5-1: Using ep0 maxpacket: 16 [ 1262.131846][ T5283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1262.180633][ T5283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1262.226022][ T5283] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 1262.266053][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1262.312296][ T5283] usb 5-1: config 0 descriptor?? [ 1262.548721][T13194] netlink: 152 bytes leftover after parsing attributes in process `syz.1.18697'. [ 1262.575507][T13194] netlink: 20 bytes leftover after parsing attributes in process `syz.1.18697'. [ 1262.612381][ T5283] usbhid 5-1:0.0: can't add hid device: -71 [ 1262.618458][ T5283] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1262.656551][ T5283] usb 5-1: USB disconnect, device number 87 [ 1263.199422][ T1094] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 1263.455006][ T1094] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1263.495954][ T1094] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1263.537725][ T1094] usb 5-1: New USB device found, idVendor=07fa, idProduct=0847, bcdDevice= 0.00 [ 1263.562451][ T1094] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1263.595713][ T1094] usb 5-1: config 0 descriptor?? [ 1263.611170][ T1094] HFC-S_USB 5-1:0.0: probe with driver HFC-S_USB failed with error -5 [ 1263.630162][T13233] netlink: 24 bytes leftover after parsing attributes in process `syz.2.18716'. [ 1263.631042][T13231] netlink: 'syz.3.18714': attribute type 6 has an invalid length. [ 1263.676550][T13231] netlink: 168 bytes leftover after parsing attributes in process `syz.3.18714'. [ 1263.878210][ T1094] usbhid 5-1:0.0: can't add hid device: -71 [ 1263.888268][ T1094] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1263.928799][ T1094] usb 5-1: USB disconnect, device number 88 [ 1264.078607][ C0] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1264.086362][ C0] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1264.121592][T13244] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1264.128765][T13244] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1264.162225][T13244] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1264.169628][T13244] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1264.267485][T13243] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1264.275044][T13243] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1264.900392][ T5310] usb 4-1: new high-speed USB device number 108 using dummy_hcd [ 1265.134933][ T5310] usb 4-1: Using ep0 maxpacket: 8 [ 1265.151949][ T5310] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1265.197266][ T5310] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 1265.218020][ T5310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 1265.250826][ T5310] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 1265.305214][ T5310] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1265.348736][ T5310] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 1265.358136][ T5310] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 1265.379976][ T5310] usb 4-1: Product: syz [ 1265.390155][ T5310] usb 4-1: Manufacturer: syz [ 1265.395233][ T5310] usb 4-1: SerialNumber: syz [ 1265.402521][ T5310] usb 4-1: config 0 descriptor?? [ 1265.648095][ T5310] radio-si470x 4-1:0.0: si470x_get_report: usb_control_msg returned -32 [ 1265.665974][ T5310] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -5 [ 1265.693262][ T5310] usb 4-1: USB disconnect, device number 108 [ 1265.901747][ T25] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 1266.129050][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 1266.142112][ T25] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1266.182228][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1266.207179][ T25] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1266.224961][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1266.233046][ T25] usb 3-1: Product: syz [ 1266.246309][ T25] usb 3-1: Manufacturer: syz [ 1266.250949][ T25] usb 3-1: SerialNumber: syz [ 1266.266333][ T25] usb 3-1: config 0 descriptor?? [ 1266.283484][ T25] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1266.310491][ T25] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 1266.948719][ T25] em28xx 3-1:0.0: chip ID is em2870 [ 1267.208240][ T5310] usb 3-1: USB disconnect, device number 39 [ 1267.228606][ T5310] em28xx 3-1:0.0: Disconnecting em28xx [ 1267.249981][ T5310] em28xx 3-1:0.0: Freeing device [ 1268.013711][ T25] usb 4-1: new high-speed USB device number 109 using dummy_hcd [ 1268.241948][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1268.267617][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1268.301750][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1268.324024][ T25] usb 4-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00 [ 1268.340378][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1268.361538][ T25] usb 4-1: config 0 descriptor?? [ 1268.829328][ T25] playstation 0003:054C:0BA0.00D0: unknown main item tag 0x0 [ 1268.844915][ T25] playstation 0003:054C:0BA0.00D0: unbalanced collection at end of report description [ 1268.867447][ T25] playstation 0003:054C:0BA0.00D0: Parse failed [ 1268.873832][ T25] playstation 0003:054C:0BA0.00D0: probe with driver playstation failed with error -22 [ 1268.962452][ T1094] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 1269.117431][ T7213] usb 4-1: USB disconnect, device number 109 [ 1269.176683][ T1094] usb 5-1: Using ep0 maxpacket: 32 [ 1269.207031][ T1094] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 1269.229821][ T1094] usb 5-1: config 0 has no interface number 0 [ 1269.236000][ T1094] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1269.274334][ T1094] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1269.293978][ T1094] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 1269.317522][ T1094] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1269.359540][ T1094] usb 5-1: config 0 descriptor?? [ 1269.775183][ T25] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 1269.973662][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1270.004254][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1270.037507][ T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1270.080130][ T25] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 1270.115753][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1270.133337][ T1094] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0094.00D1/input/input207 [ 1270.155441][ T25] usb 3-1: config 0 descriptor?? [ 1270.241730][ T1094] uclogic 0003:28BD:0094.00D1: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.4-1/input1 [ 1270.405665][T13342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1270.445140][T13342] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1270.482711][ T25] usbhid 3-1:0.0: can't add hid device: -71 [ 1270.502937][ T25] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1270.517363][ T9] usb 5-1: USB disconnect, device number 89 [ 1270.539773][ T25] usb 3-1: USB disconnect, device number 40 [ 1271.112192][ T25] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 1271.304601][ T25] usb 3-1: Using ep0 maxpacket: 8 [ 1271.321646][ T25] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 1271.336707][ T25] usb 3-1: config 0 has no interface number 0 [ 1271.353718][ T25] usb 3-1: config 0 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1271.368817][ T25] usb 3-1: config 0 interface 1 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 0 [ 1271.378551][ T25] usb 3-1: config 0 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1271.422362][ T25] usb 3-1: config 0 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1271.453817][ T25] usb 3-1: config 0 interface 1 has no altsetting 0 [ 1271.460522][ T25] usb 3-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 1271.485896][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1271.505564][ T25] usb 3-1: config 0 descriptor?? [ 1271.603873][ T5283] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 1271.806956][ T1094] usb 3-1: USB disconnect, device number 41 [ 1271.818033][ T5283] usb 4-1: Using ep0 maxpacket: 16 [ 1271.837120][ T5283] usb 4-1: config 0 has an invalid interface number: 214 but max is 0 [ 1271.850362][ T5283] usb 4-1: config 0 has no interface number 0 [ 1271.885711][ T5283] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 1271.906092][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1271.924317][ T5283] usb 4-1: Product: syz [ 1271.940970][ T5283] usb 4-1: Manufacturer: syz [ 1271.952580][ T5283] usb 4-1: SerialNumber: syz [ 1271.974462][ T5283] usb 4-1: config 0 descriptor?? [ 1273.005156][ T25] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 1273.209563][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1273.239572][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1273.271188][ T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1273.294577][ T25] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1273.314517][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1273.347090][ T25] usb 3-1: config 0 descriptor?? [ 1273.717393][T13387] sctp: [Deprecated]: syz.4.18787 (pid 13387) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1273.717393][T13387] Use struct sctp_sack_info instead [ 1273.801699][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.809878][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.827752][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.835236][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.859620][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.867084][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.891760][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.899228][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.923832][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.931311][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.956084][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.977265][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1273.984733][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.009413][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.019114][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.041418][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.052198][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.060244][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.098174][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.119324][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.128224][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.136041][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.159641][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.167661][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.191790][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.199260][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.223710][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.231167][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.266240][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.276790][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.284259][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.330204][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.337690][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.357168][ T59] usb 4-1: USB disconnect, device number 110 [ 1274.391384][T13396] can0: slcan on ttyS3. [ 1274.394320][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.403057][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.426537][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.434025][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.472514][ T25] plantronics 0003:047F:FFFF.00D2: unknown main item tag 0x0 [ 1274.491861][ T25] plantronics 0003:047F:FFFF.00D2: No inputs registered, leaving [ 1274.522866][ T25] plantronics 0003:047F:FFFF.00D2: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 1274.544638][T13396] can0 (unregistered): slcan off ttyS3. [ 1274.569163][ T25] usb 3-1: USB disconnect, device number 42 [ 1275.923155][T13424] bridge0: port 3(veth0_to_bridge) entered blocking state [ 1275.956975][T13424] bridge0: port 3(veth0_to_bridge) entered disabled state [ 1275.986177][T13424] veth0_to_bridge: entered allmulticast mode [ 1276.022705][T13424] veth0_to_bridge: entered promiscuous mode [ 1276.054323][T13424] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1276.122162][T13424] bridge0: port 3(veth0_to_bridge) entered blocking state [ 1276.129582][T13424] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 1276.639446][ T29] kauditd_printk_skb: 49 callbacks suppressed [ 1276.639468][ T29] audit: type=1400 audit(2000000757.701:1039): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="trusted.overlay.redirect" object="_" requested=w pid=13434 comm="syz.0.18808" daddr=fe80::aa dest=20002 [ 1276.682707][ T59] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 1276.851338][T13438] devtmpfs: Bad value for 'usrquota_block_hardlimit' [ 1276.913583][ T59] usb 3-1: Using ep0 maxpacket: 32 [ 1276.925951][ T59] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 1276.946247][ T59] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1276.967870][ T59] usb 3-1: Product: syz [ 1276.982577][ T59] usb 3-1: Manufacturer: syz [ 1276.987341][ T59] usb 3-1: SerialNumber: syz [ 1277.027683][ T59] usb 3-1: config 0 descriptor?? [ 1277.038412][ T59] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 1277.562971][ T6430] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1277.578643][ T6430] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1277.613412][ T6430] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1277.630543][ T6430] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1277.638865][ T6430] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1277.648291][ T6430] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1277.826872][ T59] gspca_ov534_9: reg_w failed -110 [ 1278.111216][ T2521] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1278.146156][ T2521] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1278.372140][ T59] gspca_ov534_9: Unknown sensor 0000 [ 1278.372246][ T59] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22 [ 1278.406302][ T2521] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1278.434963][ T2521] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1278.569287][ T59] usb 3-1: USB disconnect, device number 43 [ 1278.659914][ T2521] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1278.681325][ T2521] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1278.813541][ T2521] bond0: (slave netdevsim0): Releasing backup interface [ 1278.860567][ T2521] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1278.885980][ T2521] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1279.298210][T13447] chnl_net:caif_netlink_parms(): no params data found [ 1279.716287][T13471] sch_tbf: burst 8 is lower than device lo mtu (14) ! [ 1279.881178][ T2521] bridge_slave_1: left allmulticast mode [ 1279.886991][ T2521] bridge_slave_1: left promiscuous mode [ 1279.901699][ T6430] Bluetooth: hci0: command tx timeout [ 1279.914996][ T2521] bridge0: port 2(bridge_slave_1) entered disabled state [ 1280.843403][ T2521] team0: Port device bridge0 removed [ 1281.074490][ T29] audit: type=1326 audit(2000000761.854:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13478 comm="syz.4.18822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03957cef9 code=0x7fc00000 [ 1281.365707][ T2521] team0: Port device bridge3 removed [ 1282.125791][ T6430] Bluetooth: hci0: command tx timeout [ 1282.982564][ T2521] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1283.092546][ T2521] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1283.241213][ T2521] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 1283.345306][ T2521] bond0 (unregistering): Released all slaves [ 1283.409980][ T2521] bond1 (unregistering): Released all slaves [ 1283.445996][ T2521] bond2 (unregistering): Released all slaves [ 1283.665020][T13447] bridge0: port 1(bridge_slave_0) entered blocking state [ 1283.732979][T13447] bridge0: port 1(bridge_slave_0) entered disabled state [ 1283.755844][T13447] bridge_slave_0: entered allmulticast mode [ 1283.813573][T13447] bridge_slave_0: entered promiscuous mode [ 1283.842591][T13447] bridge0: port 2(bridge_slave_1) entered blocking state [ 1283.899777][T13447] bridge0: port 2(bridge_slave_1) entered disabled state [ 1283.942047][T13447] bridge_slave_1: entered allmulticast mode [ 1283.975435][T13447] bridge_slave_1: entered promiscuous mode [ 1284.349466][ T6430] Bluetooth: hci0: command tx timeout [ 1284.456128][ T2521] tipc: Disabling bearer [ 1284.461227][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1284.473986][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1284.486544][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1284.499283][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1284.513028][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1284.525635][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1284.538154][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1284.550815][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1284.564383][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1284.577020][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1284.624058][ T2521] tipc: Disabling bearer [ 1284.648966][ T2521] tipc: Left network mode [ 1285.164853][T13447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1285.261974][T13447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1285.708044][ T29] audit: type=1400 audit(2000000766.184:1041): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=13534 comm="syz.4.18844" dest=20000 [ 1285.871034][ T29] audit: type=1804 audit(2000000766.343:1042): pid=13539 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.18846" name="/newroot/2416/file0/bus" dev="hugetlbfs" ino=156598 res=1 errno=0 [ 1286.028071][T13447] team0: Port device team_slave_0 added [ 1286.351446][ T2521] mac80211_hwsim hwsim4 wlan1 (unregistering): left allmulticast mode [ 1286.574873][ T6430] Bluetooth: hci0: command tx timeout [ 1287.064597][T13447] team0: Port device team_slave_1 added [ 1287.571573][ T2521] mac80211_hwsim hwsim2 wlan0 (unregistering): left allmulticast mode [ 1287.626946][ T2521] mac80211_hwsim hwsim2 wlan0 (unregistering): left promiscuous mode [ 1288.178875][T13447] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1288.186492][T13447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1288.326917][T13447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1288.630840][T13447] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1288.679899][T13447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1288.850110][T13447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1289.536837][ T2521] hsr_slave_0: left promiscuous mode [ 1289.590104][ T2521] hsr_slave_1: left promiscuous mode [ 1289.661356][ T2521] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1289.680715][ T2521] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1289.779206][ T2521] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1289.813268][ C0] net_ratelimit: 7659 callbacks suppressed [ 1289.813291][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1289.821570][ T2521] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1289.831573][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1289.832075][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1289.833470][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1289.876110][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1289.888673][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1289.901263][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1289.914753][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1289.927472][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1289.939964][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1289.970153][ T2521] batman_adv: batadv0: Removing interface: virt_wifi0 [ 1290.218823][ T2521] veth0_macvtap: left promiscuous mode [ 1290.243338][ T2521] veth1_vlan: left promiscuous mode [ 1290.248764][ T2521] veth0_vlan: left promiscuous mode [ 1290.537358][ T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!! [ 1290.580274][ T29] audit: type=1400 audit(2000000770.729:1043): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="trusted.overlay.redirect" requested=w pid=13582 comm="syz.0.18868" dest=2 [ 1290.868466][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 1291.502983][ T2521] infiniband syz2: set down [ 1292.231308][T17181] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1292.243884][T17181] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1292.252862][T17181] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1292.261453][T17181] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1292.270119][T17181] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1292.277752][T17181] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1294.714632][T17181] Bluetooth: hci6: command tx timeout [ 1295.170488][ C0] net_ratelimit: 7966 callbacks suppressed [ 1295.170510][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1295.188831][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1295.201435][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1295.214985][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1295.227457][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1295.239952][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1295.252478][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1295.265978][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1295.278540][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1295.291023][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1295.939528][ T2521] team0 (unregistering): Port device team_slave_1 removed [ 1295.967712][ T35] smc: removing ib device syz2 [ 1296.317251][ T2521] team0 (unregistering): Port device team_slave_0 removed [ 1296.924812][T17181] Bluetooth: hci6: command tx timeout [ 1299.148161][T17181] Bluetooth: hci6: command tx timeout [ 1299.154583][ T2521] vcan0 (unregistering): left allmulticast mode [ 1299.520367][T13447] hsr_slave_0: entered promiscuous mode [ 1299.594715][T13447] hsr_slave_1: entered promiscuous mode [ 1300.528375][ C0] net_ratelimit: 7841 callbacks suppressed [ 1300.528401][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1300.546893][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1300.559458][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1300.572071][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1300.586099][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1300.598651][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1300.611244][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1300.623842][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1300.637406][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1300.649933][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1301.393591][T17181] Bluetooth: hci6: command tx timeout [ 1301.766066][T13639] netlink: 'syz.2.18891': attribute type 11 has an invalid length. [ 1305.032963][T13597] chnl_net:caif_netlink_parms(): no params data found [ 1305.815385][T13597] bridge0: port 1(bridge_slave_0) entered blocking state [ 1305.870914][T13597] bridge0: port 1(bridge_slave_0) entered disabled state [ 1305.885360][ C0] net_ratelimit: 7562 callbacks suppressed [ 1305.885381][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1305.903801][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1305.916312][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1305.928785][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1305.939033][T13597] bridge_slave_0: entered allmulticast mode [ 1305.942381][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1305.959303][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1305.971765][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1305.984456][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1305.990559][T13597] bridge_slave_0: entered promiscuous mode [ 1305.998013][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.015143][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1306.061284][T13597] bridge0: port 2(bridge_slave_1) entered blocking state [ 1306.084953][T13676] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1306.119048][T13597] bridge0: port 2(bridge_slave_1) entered disabled state [ 1306.141412][T13597] bridge_slave_1: entered allmulticast mode [ 1306.206721][T13597] bridge_slave_1: entered promiscuous mode [ 1306.235984][T13679] RDS: rds_bind could not find a transport for ::ffff:172.20.20.0, load rds_tcp or rds_rdma? [ 1306.650876][T13597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1306.813155][T13597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1307.557024][T13597] team0: Port device team_slave_0 added [ 1307.592772][T13597] team0: Port device team_slave_1 added [ 1307.617835][T13447] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1307.637020][T13447] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1308.045070][T13447] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1308.145720][T13447] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1308.238393][T13597] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1308.290695][T13597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1308.438940][T13597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1308.672738][T13597] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1308.710730][T13597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1308.850346][T13597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1308.940783][T13705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.18915'. [ 1309.042403][T13705] vlan3: entered promiscuous mode [ 1309.329175][T13707] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2 [ 1309.422091][T13707] gretap2: default qdisc (pfifo_fast) fail, fallback to noqueue [ 1309.446141][T13707] gretap2: entered promiscuous mode [ 1309.477573][T13707] gretap2: entered allmulticast mode [ 1310.413962][T13597] hsr_slave_0: entered promiscuous mode [ 1310.714536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!! [ 1310.811196][ T0] NOHZ tick-stop error: local softirq work is pending, handler #20a!!! [ 1310.836155][T13597] hsr_slave_1: entered promiscuous mode [ 1310.910855][T13597] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1310.939952][ T0] NOHZ tick-stop error: local softirq work is pending, handler #28a!!! [ 1310.963967][T13597] Cannot create hsr debugfs directory [ 1311.199941][ T0] NOHZ tick-stop error: local softirq work is pending, handler #88!!! [ 1311.243332][ C0] net_ratelimit: 7510 callbacks suppressed [ 1311.243357][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.261772][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.274281][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1311.286888][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1311.301254][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.315112][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.327638][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1311.340170][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1311.354312][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1311.366930][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1312.757397][T13447] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1313.044689][T13737] netlink: 'syz.2.18928': attribute type 5 has an invalid length. [ 1313.303998][T13447] 8021q: adding VLAN 0 to HW filter on device team0 [ 1314.041280][T13597] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1314.227785][ T3308] bridge0: port 1(bridge_slave_0) entered blocking state [ 1314.235056][ T3308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1314.334341][ T3308] bridge0: port 2(bridge_slave_1) entered blocking state [ 1314.341557][ T3308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1315.026115][T13597] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1315.891616][T13597] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1316.599034][ C0] net_ratelimit: 5797 callbacks suppressed [ 1316.599058][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1316.619311][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.619788][T13597] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1316.631795][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.632174][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1316.666956][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1316.681290][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.693847][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1316.706323][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1316.718840][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1316.738332][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1317.328447][T13447] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1317.958737][T13597] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1318.033673][T13597] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1318.178935][T13778] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1318.260952][T13597] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1318.322094][T13447] veth0_vlan: entered promiscuous mode [ 1318.354004][T13597] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1318.590684][T13447] veth1_vlan: entered promiscuous mode [ 1319.082007][T13447] veth0_macvtap: entered promiscuous mode [ 1319.704102][T13447] veth1_macvtap: entered promiscuous mode [ 1319.884690][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1319.975387][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.041797][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1320.088085][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.137846][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1320.148490][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.234445][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1320.290736][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.332907][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1320.384599][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.441348][T13447] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1320.510752][T13795] netlink: 20 bytes leftover after parsing attributes in process `syz.0.18950'. [ 1320.524995][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1320.589251][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.632431][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1320.697794][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.770742][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1320.817441][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.856975][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1320.905421][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1320.943050][T13447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1320.987053][T13447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.033223][T13447] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1321.220640][T13597] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1321.234433][T13447] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1321.290585][T13447] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1321.330321][T13447] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1321.372166][T13447] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1321.621257][T13597] 8021q: adding VLAN 0 to HW filter on device team0 [ 1321.882874][T13625] bridge0: port 1(bridge_slave_0) entered blocking state [ 1321.890192][T13625] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1321.965967][ C0] net_ratelimit: 7530 callbacks suppressed [ 1321.965994][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1321.984592][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1321.997149][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1322.009611][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1322.022140][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1322.034727][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1322.047209][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1322.059708][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1322.073890][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1322.086432][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1322.142663][ T3308] bridge0: port 2(bridge_slave_1) entered blocking state [ 1322.149960][ T3308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1322.540583][T20175] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1322.618934][T20175] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1322.690929][T13597] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1322.801485][T13597] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1323.035967][T13750] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1323.085907][T13750] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1324.142239][T13597] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1324.587111][T13597] veth0_vlan: entered promiscuous mode [ 1324.715956][T13597] veth1_vlan: entered promiscuous mode [ 1324.980309][T13597] veth0_macvtap: entered promiscuous mode [ 1325.058083][T13597] veth1_macvtap: entered promiscuous mode [ 1325.203990][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1325.301966][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1325.359697][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1325.421219][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1325.466657][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1325.514909][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1325.571728][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1325.642793][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1325.713490][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1325.772552][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1325.830283][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1325.897326][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1325.974493][T13597] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1326.129554][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1326.243857][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1326.253760][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1326.393622][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1326.457744][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1326.517334][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1326.575511][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1326.643339][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1326.682450][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1326.740155][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1326.796250][T13597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1326.853357][T13597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1326.945638][T13597] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1327.036943][T13597] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.079336][T13597] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.122124][T13597] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.130929][T13597] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.313163][ C0] net_ratelimit: 7957 callbacks suppressed [ 1327.313186][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1327.333433][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1327.345983][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1327.358544][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1327.371090][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1327.383670][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1327.396238][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1327.408750][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1327.421317][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1327.435746][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1327.854734][T13750] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1327.896724][T13750] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1328.175308][ T3050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1328.255077][ T3050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1329.228254][ T29] audit: type=1400 audit(2000000806.884:1044): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="trusted.overlay.redirect" requested=w pid=13892 comm="syz.0.18985" [ 1329.379332][ T7213] usb 2-1: new high-speed USB device number 111 using dummy_hcd [ 1329.602728][ T7213] usb 2-1: Using ep0 maxpacket: 32 [ 1329.652432][ T7213] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1329.743220][ T7213] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 1329.791898][ T7213] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1329.843889][ T7213] usb 2-1: Product: syz [ 1329.872113][ T7213] usb 2-1: Manufacturer: syz [ 1329.898072][ T7213] usb 2-1: SerialNumber: syz [ 1329.972997][ T6430] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1329.988515][ C1] vxcan0: j1939_tp_rxtimer: 0xffff88807e249000: rx timeout, send abort [ 1329.997349][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff88807e249000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 1330.021991][ T7213] usb 2-1: config 0 descriptor?? [ 1330.027218][ T6430] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1330.038707][ T6430] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1330.047535][ T6430] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1330.056066][ T6430] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1330.063792][ T6430] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1330.147537][ T7213] hub 2-1:0.0: bad descriptor, ignoring hub [ 1330.153551][ T7213] hub 2-1:0.0: probe with driver hub failed with error -5 [ 1330.793441][ T7213] usb 2-1: USB disconnect, device number 111 [ 1331.681316][T13899] chnl_net:caif_netlink_parms(): no params data found [ 1332.253818][ T6430] Bluetooth: hci4: command tx timeout [ 1332.274503][ T7213] usb 2-1: new high-speed USB device number 112 using dummy_hcd [ 1332.533281][ T7213] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1332.555321][ T7213] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1332.577970][T13899] bridge0: port 1(bridge_slave_0) entered blocking state [ 1332.627395][T13899] bridge0: port 1(bridge_slave_0) entered disabled state [ 1332.667835][ T7213] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1332.677324][ C0] net_ratelimit: 7787 callbacks suppressed [ 1332.677344][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1332.695717][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1332.708250][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1332.720810][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1332.723733][T13899] bridge_slave_0: entered allmulticast mode [ 1332.735457][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1332.751316][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1332.763826][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1332.776345][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1332.787624][ T7213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1332.788892][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1332.808787][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1332.849599][T13899] bridge_slave_0: entered promiscuous mode [ 1332.863860][ T7213] usb 2-1: SerialNumber: syz [ 1332.931032][T13899] bridge0: port 2(bridge_slave_1) entered blocking state [ 1333.002647][T13899] bridge0: port 2(bridge_slave_1) entered disabled state [ 1333.059447][T13899] bridge_slave_1: entered allmulticast mode [ 1333.145059][T13899] bridge_slave_1: entered promiscuous mode [ 1333.191468][T13940] hpfs: Bad magic ... probably not HPFS [ 1333.283273][ T7213] usb 2-1: 0:2 : does not exist [ 1333.288269][ T7213] usb 2-1: usbmixer: too many channels (61) in unit 5 [ 1333.474244][ T7213] usb 2-1: USB disconnect, device number 112 [ 1333.830380][T13899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1333.927784][T13899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1334.477936][ T6430] Bluetooth: hci4: command tx timeout [ 1334.568292][T13899] team0: Port device team_slave_0 added [ 1334.759034][T13899] team0: Port device team_slave_1 added [ 1335.304330][T13899] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1335.346755][T13899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1335.498056][T13899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1335.575313][T13899] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1335.624301][T13899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1335.796330][T13899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1336.281918][T13899] hsr_slave_0: entered promiscuous mode [ 1336.333894][T13899] hsr_slave_1: entered promiscuous mode [ 1336.449629][T13899] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1336.487661][T13899] Cannot create hsr debugfs directory [ 1336.701781][ T6430] Bluetooth: hci4: command tx timeout [ 1338.028259][ C0] net_ratelimit: 7946 callbacks suppressed [ 1338.028279][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1338.046437][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1338.058795][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1338.071048][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1338.083315][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1338.095644][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1338.107913][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1338.112749][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 1338.120428][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1338.141523][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1338.153824][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1338.842350][T13899] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1338.928641][ T6430] Bluetooth: hci4: command tx timeout [ 1339.358277][ T6430] Bluetooth: hci5: command 0x0405 tx timeout [ 1339.379150][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 1339.439469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c8!!! [ 1339.536177][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1340.576574][T13899] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1341.313737][T13899] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1342.001121][T13899] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1342.700038][ T7213] usb 2-1: new high-speed USB device number 113 using dummy_hcd [ 1342.946248][ T7213] usb 2-1: Using ep0 maxpacket: 8 [ 1342.964476][ T7213] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1343.034383][ T7213] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1343.112409][ T7213] usb 2-1: New USB device found, idVendor=056a, idProduct=00c5, bcdDevice= 0.00 [ 1343.170381][ T7213] usb 2-1: New USB device strings: Mfr=8, Product=0, SerialNumber=0 [ 1343.223273][ T7213] usb 2-1: Manufacturer: syz [ 1343.284239][ T7213] usb 2-1: config 0 descriptor?? [ 1343.386038][ C0] net_ratelimit: 8046 callbacks suppressed [ 1343.386073][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1343.404525][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1343.417049][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1343.429601][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1343.442185][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1343.454840][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1343.467409][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1343.479978][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1343.496835][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1343.509421][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1343.898400][ T7213] wacom 0003:056A:00C5.00D3: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 1343.945545][T13899] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1344.022093][T13899] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1344.142933][T13899] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1344.241578][T13899] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1344.261002][ T7213] usb 2-1: USB disconnect, device number 113 [ 1344.998292][T13899] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1345.247496][T13899] 8021q: adding VLAN 0 to HW filter on device team0 [ 1345.324072][T20175] bridge0: port 1(bridge_slave_0) entered blocking state [ 1345.331414][T20175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1345.489826][T13625] bridge0: port 2(bridge_slave_1) entered blocking state [ 1345.497168][T13625] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1345.589944][ T29] audit: type=1400 audit(2000000822.175:1045): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="trusted.overlay.redirect" requested=w pid=14066 comm="syz.3.19053" [ 1346.956185][T13899] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1347.015144][T14084] netlink: 'syz.2.19059': attribute type 29 has an invalid length. [ 1347.085911][T14086] netlink: 'syz.2.19059': attribute type 29 has an invalid length. [ 1347.218532][T14084] netlink: 500 bytes leftover after parsing attributes in process `syz.2.19059'. [ 1347.467088][T14091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.19061'. [ 1348.741481][ C0] net_ratelimit: 7867 callbacks suppressed [ 1348.741503][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1348.759858][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1348.772489][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1348.786715][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1348.799239][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1348.811656][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1348.824123][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1348.836581][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1348.849688][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1348.862263][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1348.972733][T13899] veth0_vlan: entered promiscuous mode [ 1349.016448][T14121] netlink: 'syz.3.19073': attribute type 13 has an invalid length. [ 1349.063503][T14121] netlink: 24859 bytes leftover after parsing attributes in process `syz.3.19073'. [ 1349.202529][T13899] veth1_vlan: entered promiscuous mode [ 1349.563263][T13899] veth0_macvtap: entered promiscuous mode [ 1349.649858][T13899] veth1_macvtap: entered promiscuous mode [ 1349.831013][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1349.907542][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1349.943949][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1350.030387][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1350.099961][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1350.167179][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1350.237409][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1350.303027][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1350.366864][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1350.451121][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1350.529121][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1350.605930][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1350.672109][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1350.740514][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1350.824486][T13899] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1351.256699][T14148] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 1351.263302][T14148] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1351.328075][T14148] vhci_hcd vhci_hcd.0: Device attached [ 1351.366518][T14149] vhci_hcd: connection closed [ 1351.369796][ T63] vhci_hcd: stop threads [ 1351.401215][ T63] vhci_hcd: release socket [ 1351.425205][ T63] vhci_hcd: disconnect device [ 1351.792558][T14155] Bluetooth: MGMT ver 1.23 [ 1352.490440][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1352.558628][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1352.644297][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1352.719088][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1352.780030][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1352.850589][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1352.920006][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1352.987090][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.051045][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1353.106329][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.188088][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1353.234962][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.289168][T13899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1353.334611][T13899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1353.408203][T13899] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1353.500968][T13899] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1353.566960][T13899] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1353.638505][T13899] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1353.707517][T13899] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1354.098373][ C0] net_ratelimit: 8016 callbacks suppressed [ 1354.098395][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1354.118662][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1354.131238][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1354.143755][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1354.156223][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1354.168817][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1354.181376][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1354.197323][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1354.209901][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1354.224215][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1354.320259][T13625] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1354.392320][T13625] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1354.571528][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1354.619324][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1354.705270][T14186] IPVS: stopping master sync thread 14187 ... [ 1354.715144][T14187] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 1355.693128][T14197] netlink: 20 bytes leftover after parsing attributes in process `syz.3.19102'. [ 1359.455354][ C0] net_ratelimit: 8050 callbacks suppressed [ 1359.455378][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1359.473792][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1359.486289][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1359.498783][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1359.511525][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1359.525930][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1359.538543][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1359.551162][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1359.563680][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1359.576350][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1361.957359][T14306] input: syz1 as /devices/virtual/input/input212 [ 1362.455681][T14316] bridge0: port 3(gretap0) entered blocking state [ 1362.495406][T14316] bridge0: port 3(gretap0) entered disabled state [ 1362.534374][T14316] gretap0: entered allmulticast mode [ 1362.572317][T14316] gretap0: entered promiscuous mode [ 1362.613173][T14316] bridge0: port 3(gretap0) entered blocking state [ 1362.622071][T14316] bridge0: port 3(gretap0) entered forwarding state [ 1362.794033][T14318] gretap0: left allmulticast mode [ 1362.827188][T14318] gretap0: left promiscuous mode [ 1362.868651][T14318] bridge0: port 3(gretap0) entered disabled state [ 1362.944549][T14324] netlink: 'syz.4.19154': attribute type 3 has an invalid length. [ 1363.046584][T14324] netlink: 'syz.4.19154': attribute type 4 has an invalid length. [ 1363.178232][T14324] netlink: 'syz.4.19154': attribute type 7 has an invalid length. [ 1363.255152][T14324] netlink: 'syz.4.19154': attribute type 8 has an invalid length. [ 1363.380353][T14329] netlink: 60 bytes leftover after parsing attributes in process `syz.3.19157'. [ 1363.445030][T14333] bridge0: entered allmulticast mode [ 1363.561981][T14324] netlink: 'syz.4.19154': attribute type 7 has an invalid length. [ 1363.654312][T14335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.19161'. [ 1363.663808][T14324] netlink: 198180 bytes leftover after parsing attributes in process `syz.4.19154'. [ 1363.841852][T14340] netlink: 5296 bytes leftover after parsing attributes in process `syz.1.19163'. [ 1364.812471][ C0] net_ratelimit: 7985 callbacks suppressed [ 1364.812497][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1364.831303][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1364.845624][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1364.858168][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1364.870675][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1364.883268][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1364.895909][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1364.908508][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1364.921001][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1364.933565][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1367.485889][ T9793] usb 3-1: new full-speed USB device number 44 using dummy_hcd [ 1367.756098][ T9793] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 1367.799206][ T9793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1367.842671][ T5283] usb 2-1: new high-speed USB device number 114 using dummy_hcd [ 1367.883110][ T9793] usb 3-1: config 0 descriptor?? [ 1368.084515][ T5283] usb 2-1: Using ep0 maxpacket: 8 [ 1368.118897][ T5283] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 1368.211387][ T5283] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1368.262461][ T5283] usb 2-1: Product: syz [ 1368.291943][ T5283] usb 2-1: Manufacturer: syz [ 1368.329590][ T5283] usb 2-1: SerialNumber: syz [ 1368.379654][ T5283] usb 2-1: config 0 descriptor?? [ 1368.430909][ T5283] gspca_main: sq930x-2.14.0 probing 2770:930c [ 1369.104086][ T9793] pegasus 3-1:0.0: probe with driver pegasus failed with error -71 [ 1369.157261][ T9793] usb 3-1: USB disconnect, device number 44 [ 1369.603183][ T5283] gspca_sq930x: reg_w 0105 0f00 failed -71 [ 1369.635368][ T5283] sq930x 2-1:0.0: probe with driver sq930x failed with error -71 [ 1369.690351][ T5283] usb 2-1: USB disconnect, device number 114 [ 1370.169903][ C0] net_ratelimit: 7977 callbacks suppressed [ 1370.169926][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1370.189717][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1370.202293][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1370.214925][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1370.227608][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1370.240183][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1370.252851][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1370.267639][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1370.280332][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1370.294161][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1370.946431][T14440] loop2: detected capacity change from 0 to 7 [ 1371.046124][T14440] Dev loop2: unable to read RDB block 7 [ 1371.073989][T14440] loop2: AHDI p1 p3 [ 1371.102967][T14440] loop2: partition table partially beyond EOD, truncated [ 1371.150103][T14440] loop2: p1 start 2048 is beyond EOD, truncated [ 1371.816490][ T5283] IPVS: starting estimator thread 0... [ 1371.915114][T14457] IPVS: using max 17 ests per chain, 40800 per kthread [ 1372.317049][T14456] tipc: Started in network mode [ 1372.363059][T14456] tipc: Node identity ac1414aa, cluster identity 4711 [ 1372.471367][T14456] tipc: Enabled bearer , priority 10 [ 1373.645275][ T5283] tipc: Node number set to 2886997162 [ 1375.526933][ C0] net_ratelimit: 6738 callbacks suppressed [ 1375.526959][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1375.545447][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1375.558081][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1375.573582][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1375.586151][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1375.599712][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1375.612255][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1375.624788][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1375.637353][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1375.649853][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1376.018689][ T5283] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 1376.163016][T14525] input: syz1 as /devices/virtual/input/input215 [ 1376.190919][ T7213] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 1376.238230][ T5283] usb 3-1: Using ep0 maxpacket: 8 [ 1376.267740][ T5283] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1376.286382][ T29] audit: type=1326 audit(2000000850.895:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14526 comm="syz.4.19242" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa3fd37cef9 code=0x0 [ 1376.350743][ T5283] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1376.401487][ T5283] usb 3-1: config 1 has no interface number 1 [ 1376.428150][ T5283] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1376.444518][ T7213] usb 4-1: Using ep0 maxpacket: 16 [ 1376.475516][ T7213] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 1376.521240][ T7213] usb 4-1: config 0 has no interface number 0 [ 1376.532006][ T5283] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1376.564597][ T7213] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1376.609408][ T5283] usb 3-1: config 1 interface 2 has no altsetting 0 [ 1376.639600][ T7213] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1376.668850][ T5283] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1376.706681][ T7213] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1376.719669][ T5283] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1376.754413][ T7213] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1376.772411][ T5283] usb 3-1: Product: syz [ 1376.776654][ T5283] usb 3-1: Manufacturer: syz [ 1376.825882][ T7213] usb 4-1: Product: syz [ 1376.834304][ T5283] usb 3-1: SerialNumber: syz [ 1376.856815][ T7213] usb 4-1: SerialNumber: syz [ 1376.900062][ T7213] usb 4-1: config 0 descriptor?? [ 1376.954499][ T7213] cm109 4-1:0.8: invalid payload size 0, expected 4 [ 1377.004758][ T7213] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input216 [ 1377.282847][ T5283] usb 3-1: 2:1 : invalid UAC_AS_GENERAL desc [ 1377.289059][ T5283] usb 3-1: selecting invalid altsetting 0 [ 1377.387232][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 1377.475856][ T5283] usb 3-1: USB disconnect, device number 45 [ 1378.035209][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1378.042424][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1378.049640][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1378.056859][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1378.064013][ C1] [ 1378.066376][ C1] ======================================================== [ 1378.073577][ C1] WARNING: possible irq lock inversion dependency detected [ 1378.080782][ C1] 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 Not tainted [ 1378.087904][ C1] -------------------------------------------------------- [ 1378.095119][ C1] syz.3.19240/14520 just changed the state of lock: [ 1378.101722][ C1] ffff88807e427230 (&dev->event_lock#2){..-.}-{2:2}, at: input_inject_event+0xc5/0x340 [ 1378.111439][ C1] but this lock took another, SOFTIRQ-READ-unsafe lock in the past: [ 1378.119427][ C1] (tasklist_lock){.+.+}-{2:2} [ 1378.119463][ C1] [ 1378.119463][ C1] [ 1378.119463][ C1] and interrupts could create inverse lock ordering between them. [ 1378.119463][ C1] [ 1378.138551][ C1] [ 1378.138551][ C1] other info that might help us debug this: [ 1378.146627][ C1] Chain exists of: [ 1378.146627][ C1] &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock [ 1378.146627][ C1] [ 1378.159637][ C1] Possible interrupt unsafe locking scenario: [ 1378.159637][ C1] [ 1378.167973][ C1] CPU0 CPU1 [ 1378.173350][ C1] ---- ---- [ 1378.178728][ C1] lock(tasklist_lock); [ 1378.182994][ C1] local_irq_disable(); [ 1378.189775][ C1] lock(&dev->event_lock#2); [ 1378.197007][ C1] lock(&new->fa_lock); [ 1378.203791][ C1] [ 1378.207253][ C1] lock(&dev->event_lock#2); [ 1378.212137][ C1] [ 1378.212137][ C1] *** DEADLOCK *** [ 1378.212137][ C1] [ 1378.220292][ C1] 4 locks held by syz.3.19240/14520: [ 1378.225598][ C1] #0: ffff888029138d78 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1378.236195][ C1] #1: ffff8880293ea548 (&udc->connect_lock){+.+.}-{3:3}, at: gadget_unbind_driver+0xbd/0x460 [ 1378.246504][ C1] #2: ffffc90000a18c00 (drivers/tty/vt/keyboard.c:274){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1378.257195][ C1] #3: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: input_handler_for_each_handle+0x29/0x1d0 [ 1378.267884][ C1] [ 1378.267884][ C1] the shortest dependencies between 2nd lock and 1st lock: [ 1378.277304][ C1] -> (tasklist_lock){.+.+}-{2:2} { [ 1378.282723][ C1] HARDIRQ-ON-R at: [ 1378.286998][ C1] lock_acquire+0x1ed/0x550 [ 1378.293708][ C1] _raw_read_lock+0x36/0x50 [ 1378.300419][ C1] __do_wait+0x12d/0x850 [ 1378.306856][ C1] do_wait+0x1e9/0x560 [ 1378.313130][ C1] kernel_wait+0xe9/0x240 [ 1378.319655][ C1] call_usermodehelper_exec_work+0xbd/0x230 [ 1378.327751][ C1] process_scheduled_works+0xa2c/0x1830 [ 1378.335502][ C1] worker_thread+0x86d/0xd10 [ 1378.342295][ C1] kthread+0x2f0/0x390 [ 1378.348571][ C1] ret_from_fork+0x4b/0x80 [ 1378.355196][ C1] ret_from_fork_asm+0x1a/0x30 [ 1378.362170][ C1] SOFTIRQ-ON-R at: [ 1378.366434][ C1] lock_acquire+0x1ed/0x550 [ 1378.373147][ C1] _raw_read_lock+0x36/0x50 [ 1378.379857][ C1] __do_wait+0x12d/0x850 [ 1378.386308][ C1] do_wait+0x1e9/0x560 [ 1378.392568][ C1] kernel_wait+0xe9/0x240 [ 1378.399104][ C1] call_usermodehelper_exec_work+0xbd/0x230 [ 1378.407204][ C1] process_scheduled_works+0xa2c/0x1830 [ 1378.414954][ C1] worker_thread+0x86d/0xd10 [ 1378.421756][ C1] kthread+0x2f0/0x390 [ 1378.428036][ C1] ret_from_fork+0x4b/0x80 [ 1378.434667][ C1] ret_from_fork_asm+0x1a/0x30 [ 1378.441644][ C1] INITIAL USE at: [ 1378.445827][ C1] lock_acquire+0x1ed/0x550 [ 1378.452453][ C1] _raw_write_lock_irq+0xd3/0x120 [ 1378.459600][ C1] copy_process+0x228b/0x3dc0 [ 1378.466404][ C1] kernel_clone+0x223/0x880 [ 1378.473030][ C1] user_mode_thread+0x132/0x1a0 [ 1378.480005][ C1] rest_init+0x23/0x300 [ 1378.486283][ C1] start_kernel+0x47a/0x500 [ 1378.492911][ C1] x86_64_start_reservations+0x2a/0x30 [ 1378.500482][ C1] x86_64_start_kernel+0x9f/0xa0 [ 1378.507532][ C1] common_startup_64+0x13e/0x147 [ 1378.514583][ C1] INITIAL READ USE at: [ 1378.519194][ C1] lock_acquire+0x1ed/0x550 [ 1378.526246][ C1] _raw_read_lock+0x36/0x50 [ 1378.533304][ C1] __do_wait+0x12d/0x850 [ 1378.540089][ C1] do_wait+0x1e9/0x560 [ 1378.546717][ C1] kernel_wait+0xe9/0x240 [ 1378.553590][ C1] call_usermodehelper_exec_work+0xbd/0x230 [ 1378.562037][ C1] process_scheduled_works+0xa2c/0x1830 [ 1378.570132][ C1] worker_thread+0x86d/0xd10 [ 1378.577275][ C1] kthread+0x2f0/0x390 [ 1378.583895][ C1] ret_from_fork+0x4b/0x80 [ 1378.590882][ C1] ret_from_fork_asm+0x1a/0x30 [ 1378.598201][ C1] } [ 1378.600973][ C1] ... key at: [] tasklist_lock+0x18/0x40 [ 1378.608982][ C1] ... acquired at: [ 1378.613075][ C1] lock_acquire+0x1ed/0x550 [ 1378.617780][ C1] _raw_read_lock+0x36/0x50 [ 1378.622490][ C1] send_sigio+0xfc/0x360 [ 1378.626930][ C1] dnotify_handle_event+0x13c/0x440 [ 1378.632335][ C1] fsnotify+0x18ab/0x1f70 [ 1378.636954][ C1] fsnotify_change+0x24f/0x2a0 [ 1378.641921][ C1] notify_change+0xc0c/0xe90 [ 1378.646714][ C1] chmod_common+0x2ab/0x4c0 [ 1378.651411][ C1] __x64_sys_fchmod+0xf8/0x160 [ 1378.656367][ C1] do_syscall_64+0xf3/0x230 [ 1378.661063][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1378.667175][ C1] [ 1378.669507][ C1] -> (&f->f_owner.lock){....}-{2:2} { [ 1378.675099][ C1] INITIAL USE at: [ 1378.679177][ C1] lock_acquire+0x1ed/0x550 [ 1378.685626][ C1] _raw_write_lock_irq+0xd3/0x120 [ 1378.692584][ C1] f_modown+0x38/0x340 [ 1378.698596][ C1] tty_fasync+0x250/0x340 [ 1378.704866][ C1] do_vfs_ioctl+0x19c8/0x2e50 [ 1378.711490][ C1] __se_sys_ioctl+0x81/0x170 [ 1378.718040][ C1] do_syscall_64+0xf3/0x230 [ 1378.724497][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1378.732334][ C1] INITIAL READ USE at: [ 1378.736858][ C1] lock_acquire+0x1ed/0x550 [ 1378.743735][ C1] _raw_read_lock_irqsave+0xdd/0x130 [ 1378.751405][ C1] send_sigurg+0x29/0x3c0 [ 1378.758114][ C1] sk_send_sigurg+0x75/0x2f0 [ 1378.765093][ C1] queue_oob+0x572/0x730 [ 1378.771719][ C1] unix_stream_sendmsg+0xd24/0xf80 [ 1378.779214][ C1] __sock_sendmsg+0x221/0x270 [ 1378.786253][ C1] ____sys_sendmsg+0x525/0x7d0 [ 1378.793396][ C1] __sys_sendmsg+0x2b0/0x3a0 [ 1378.800369][ C1] do_syscall_64+0xf3/0x230 [ 1378.807236][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1378.815495][ C1] } [ 1378.818174][ C1] ... key at: [] init_file.__key+0x0/0x20 [ 1378.826264][ C1] ... acquired at: [ 1378.830295][ C1] lock_acquire+0x1ed/0x550 [ 1378.835083][ C1] _raw_read_lock_irqsave+0xdd/0x130 [ 1378.840584][ C1] send_sigio+0x33/0x360 [ 1378.845035][ C1] kill_fasync+0x23a/0x4d0 [ 1378.849665][ C1] __se_sys_vmsplice+0xc69/0x1470 [ 1378.854887][ C1] do_syscall_64+0xf3/0x230 [ 1378.859581][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1378.865688][ C1] [ 1378.868025][ C1] -> (&new->fa_lock){....}-{2:2} { [ 1378.873276][ C1] INITIAL USE at: [ 1378.877299][ C1] lock_acquire+0x1ed/0x550 [ 1378.883573][ C1] _raw_write_lock_irq+0xd3/0x120 [ 1378.890373][ C1] fasync_remove_entry+0xff/0x1d0 [ 1378.897165][ C1] tty_fasync+0x105/0x340 [ 1378.903257][ C1] __fput+0x73e/0x8a0 [ 1378.909002][ C1] task_work_run+0x24f/0x310 [ 1378.915346][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 1378.922759][ C1] do_syscall_64+0x100/0x230 [ 1378.929112][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1378.936770][ C1] INITIAL READ USE at: [ 1378.941213][ C1] lock_acquire+0x1ed/0x550 [ 1378.947934][ C1] _raw_read_lock_irqsave+0xdd/0x130 [ 1378.955473][ C1] kill_fasync+0x19e/0x4d0 [ 1378.962122][ C1] __se_sys_vmsplice+0xc69/0x1470 [ 1378.969354][ C1] do_syscall_64+0xf3/0x230 [ 1378.976059][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1378.984160][ C1] } [ 1378.986763][ C1] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 1378.995577][ C1] ... acquired at: [ 1378.999491][ C1] lock_acquire+0x1ed/0x550 [ 1379.004211][ C1] _raw_read_lock_irqsave+0xdd/0x130 [ 1379.009720][ C1] kill_fasync+0x19e/0x4d0 [ 1379.014341][ C1] mousedev_notify_readers+0x719/0xc80 [ 1379.020004][ C1] mousedev_event+0x5d9/0x1390 [ 1379.024978][ C1] input_handler_events_default+0x107/0x1c0 [ 1379.031095][ C1] input_pass_values+0x286/0x860 [ 1379.036232][ C1] input_event_dispose+0x30f/0x600 [ 1379.041539][ C1] input_handle_event+0xa71/0xbe0 [ 1379.046759][ C1] input_inject_event+0x22f/0x340 [ 1379.051984][ C1] evdev_write+0x672/0x7c0 [ 1379.056599][ C1] vfs_write+0x2a2/0xc90 [ 1379.061047][ C1] ksys_write+0x1a0/0x2c0 [ 1379.065578][ C1] do_syscall_64+0xf3/0x230 [ 1379.070278][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1379.076372][ C1] [ 1379.078713][ C1] -> (&dev->event_lock#2){..-.}-{2:2} { [ 1379.084324][ C1] IN-SOFTIRQ-W at: [ 1379.088324][ C1] lock_acquire+0x1ed/0x550 [ 1379.094512][ C1] _raw_spin_lock_irqsave+0xd5/0x120 [ 1379.101483][ C1] input_inject_event+0xc5/0x340 [ 1379.108093][ C1] kd_sound_helper+0x101/0x210 [ 1379.114535][ C1] input_handler_for_each_handle+0x103/0x1d0 [ 1379.122190][ C1] call_timer_fn+0x18e/0x650 [ 1379.128467][ C1] __run_timer_base+0x66a/0x8e0 [ 1379.134993][ C1] run_timer_softirq+0xb7/0x170 [ 1379.141520][ C1] handle_softirqs+0x2c4/0x970 [ 1379.147968][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 1379.154240][ C1] irq_exit_rcu+0x9/0x30 [ 1379.160158][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 1379.167476][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1379.175140][ C1] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 1379.182551][ C1] usb_hcd_poll_rh_status+0x3c4/0x5a0 [ 1379.189605][ C1] dummy_pullup+0x19a/0x200 [ 1379.195790][ C1] usb_gadget_disconnect_locked+0x13c/0x4b0 [ 1379.203366][ C1] gadget_unbind_driver+0xca/0x460 [ 1379.210161][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 1379.217910][ C1] driver_detach+0x1fb/0x2d0 [ 1379.224177][ C1] bus_remove_driver+0x1f3/0x320 [ 1379.230803][ C1] usb_gadget_unregister_driver+0x4e/0x70 [ 1379.238212][ C1] raw_release+0xf9/0x1e0 [ 1379.244222][ C1] __fput+0x24a/0x8a0 [ 1379.249905][ C1] task_work_run+0x24f/0x310 [ 1379.256175][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 1379.263489][ C1] do_syscall_64+0x100/0x230 [ 1379.269752][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1379.277333][ C1] INITIAL USE at: [ 1379.281246][ C1] lock_acquire+0x1ed/0x550 [ 1379.287342][ C1] _raw_spin_lock_irqsave+0xd5/0x120 [ 1379.294261][ C1] input_inject_event+0xc5/0x340 [ 1379.300805][ C1] kbd_led_trigger_activate+0xb8/0x100 [ 1379.307854][ C1] led_trigger_set+0x582/0x9c0 [ 1379.314211][ C1] led_trigger_set_default+0x229/0x260 [ 1379.321273][ C1] led_classdev_register_ext+0x6e6/0x8a0 [ 1379.328504][ C1] input_leds_connect+0x489/0x630 [ 1379.335115][ C1] input_register_device+0xd3b/0x1110 [ 1379.342075][ C1] atkbd_connect+0x752/0xa00 [ 1379.348260][ C1] serio_driver_probe+0x7f/0xa0 [ 1379.354740][ C1] really_probe+0x2b8/0xad0 [ 1379.360861][ C1] __driver_probe_device+0x1a2/0x390 [ 1379.367735][ C1] driver_probe_device+0x50/0x430 [ 1379.374353][ C1] __driver_attach+0x45f/0x710 [ 1379.380708][ C1] bus_for_each_dev+0x239/0x2b0 [ 1379.387154][ C1] serio_handle_event+0x1c7/0x920 [ 1379.393776][ C1] process_scheduled_works+0xa2c/0x1830 [ 1379.400923][ C1] worker_thread+0x86d/0xd10 [ 1379.407112][ C1] kthread+0x2f0/0x390 [ 1379.412785][ C1] ret_from_fork+0x4b/0x80 [ 1379.418806][ C1] ret_from_fork_asm+0x1a/0x30 [ 1379.425175][ C1] } [ 1379.427692][ C1] ... key at: [] input_allocate_device.__key.5+0x0/0x20 [ 1379.436760][ C1] ... acquired at: [ 1379.440581][ C1] mark_lock+0x223/0x350 [ 1379.445046][ C1] __lock_acquire+0xbf9/0x2040 [ 1379.450020][ C1] lock_acquire+0x1ed/0x550 [ 1379.454739][ C1] _raw_spin_lock_irqsave+0xd5/0x120 [ 1379.460247][ C1] input_inject_event+0xc5/0x340 [ 1379.465384][ C1] kd_sound_helper+0x101/0x210 [ 1379.470354][ C1] input_handler_for_each_handle+0x103/0x1d0 [ 1379.476549][ C1] call_timer_fn+0x18e/0x650 [ 1379.481359][ C1] __run_timer_base+0x66a/0x8e0 [ 1379.486452][ C1] run_timer_softirq+0xb7/0x170 [ 1379.491541][ C1] handle_softirqs+0x2c4/0x970 [ 1379.496511][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 1379.501308][ C1] irq_exit_rcu+0x9/0x30 [ 1379.505755][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 1379.511600][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1379.517790][ C1] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 1379.523720][ C1] usb_hcd_poll_rh_status+0x3c4/0x5a0 [ 1379.529320][ C1] dummy_pullup+0x19a/0x200 [ 1379.534022][ C1] usb_gadget_disconnect_locked+0x13c/0x4b0 [ 1379.540118][ C1] gadget_unbind_driver+0xca/0x460 [ 1379.545443][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 1379.551713][ C1] driver_detach+0x1fb/0x2d0 [ 1379.556506][ C1] bus_remove_driver+0x1f3/0x320 [ 1379.561649][ C1] usb_gadget_unregister_driver+0x4e/0x70 [ 1379.567573][ C1] raw_release+0xf9/0x1e0 [ 1379.572106][ C1] __fput+0x24a/0x8a0 [ 1379.576289][ C1] task_work_run+0x24f/0x310 [ 1379.581074][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 1379.586900][ C1] do_syscall_64+0x100/0x230 [ 1379.591688][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1379.597799][ C1] [ 1379.600132][ C1] [ 1379.600132][ C1] stack backtrace: [ 1379.606032][ C1] CPU: 1 UID: 0 PID: 14520 Comm: syz.3.19240 Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 1379.616902][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1379.626977][ C1] Call Trace: [ 1379.630274][ C1] [ 1379.633138][ C1] dump_stack_lvl+0x241/0x360 [ 1379.637848][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1379.643077][ C1] ? print_shortest_lock_dependencies+0xf2/0x160 [ 1379.649442][ C1] ? print_irq_inversion_bug+0x329/0x3a0 [ 1379.655124][ C1] mark_lock_irq+0x80c/0xc20 [ 1379.659851][ C1] ? __pfx_mark_lock_irq+0x10/0x10 [ 1379.665031][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1379.670437][ C1] ? lockdep_lock+0x123/0x2b0 [ 1379.675148][ C1] ? save_trace+0x5a/0xb40 [ 1379.679610][ C1] mark_lock+0x223/0x350 [ 1379.683891][ C1] __lock_acquire+0xbf9/0x2040 [ 1379.688699][ C1] lock_acquire+0x1ed/0x550 [ 1379.693253][ C1] ? input_inject_event+0xc5/0x340 [ 1379.698386][ C1] ? mark_lock+0x9a/0x350 [ 1379.702764][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1379.707872][ C1] _raw_spin_lock_irqsave+0xd5/0x120 [ 1379.713202][ C1] ? input_inject_event+0xc5/0x340 [ 1379.718349][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 1379.724286][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1379.729352][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1379.734418][ C1] input_inject_event+0xc5/0x340 [ 1379.739377][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1379.745750][ C1] kd_sound_helper+0x101/0x210 [ 1379.750553][ C1] ? __pfx_kd_sound_helper+0x10/0x10 [ 1379.755875][ C1] input_handler_for_each_handle+0x103/0x1d0 [ 1379.761886][ C1] ? input_handler_for_each_handle+0x29/0x1d0 [ 1379.767987][ C1] call_timer_fn+0x18e/0x650 [ 1379.772621][ C1] ? call_timer_fn+0xc0/0x650 [ 1379.777332][ C1] ? __pfx_kd_nosound+0x10/0x10 [ 1379.782223][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 1379.787370][ C1] ? __pfx_kd_nosound+0x10/0x10 [ 1379.792254][ C1] ? __pfx_kd_nosound+0x10/0x10 [ 1379.797141][ C1] ? __pfx_kd_nosound+0x10/0x10 [ 1379.802037][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1379.807272][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 1379.812505][ C1] ? __pfx_kd_nosound+0x10/0x10 [ 1379.817395][ C1] __run_timer_base+0x66a/0x8e0 [ 1379.822294][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 1379.827696][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1379.833716][ C1] run_timer_softirq+0xb7/0x170 [ 1379.838614][ C1] handle_softirqs+0x2c4/0x970 [ 1379.843419][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 1379.848224][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 1379.853551][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 1379.858798][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 1379.863419][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 1379.868652][ C1] irq_exit_rcu+0x9/0x30 [ 1379.872919][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 1379.878591][ C1] [ 1379.881551][ C1] [ 1379.884496][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1379.890537][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 [ 1379.897076][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 fe 8a 3c f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 b3 dc a7 f5 65 8b 05 94 b2 48 74 85 c0 74 43 48 c7 04 24 0e 36 [ 1379.916719][ C1] RSP: 0018:ffffc90003cb79c0 EFLAGS: 00000206 [ 1379.922810][ C1] RAX: 7f8a9c6d7012be00 RBX: 1ffff92000796f3c RCX: ffffffff81703f9a [ 1379.930810][ C1] RDX: dffffc0000000000 RSI: ffffffff8bead560 RDI: 0000000000000001 [ 1379.938806][ C1] RBP: ffffc90003cb7a50 R08: ffffffff93fa693f R09: 1ffffffff27f4d27 [ 1379.946806][ C1] R10: dffffc0000000000 R11: fffffbfff27f4d28 R12: dffffc0000000000 [ 1379.954811][ C1] R13: 1ffff92000796f38 R14: ffffc90003cb79e0 R15: 0000000000000246 [ 1379.962813][ C1] ? mark_lock+0x9a/0x350 [ 1379.967192][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1379.973559][ C1] ? _raw_spin_unlock+0x28/0x50 [ 1379.978453][ C1] usb_hcd_poll_rh_status+0x3c4/0x5a0 [ 1379.983872][ C1] ? __pfx_usb_hcd_poll_rh_status+0x10/0x10 [ 1379.989805][ C1] dummy_pullup+0x19a/0x200 [ 1379.994335][ C1] ? __pfx_dummy_pullup+0x10/0x10 [ 1379.999387][ C1] usb_gadget_disconnect_locked+0x13c/0x4b0 [ 1380.005310][ C1] gadget_unbind_driver+0xca/0x460 [ 1380.010457][ C1] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 1380.016226][ C1] ? __pfx_gadget_unbind_driver+0x10/0x10 [ 1380.021978][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 1380.028082][ C1] driver_detach+0x1fb/0x2d0 [ 1380.032700][ C1] bus_remove_driver+0x1f3/0x320 [ 1380.037670][ C1] usb_gadget_unregister_driver+0x4e/0x70 [ 1380.043420][ C1] raw_release+0xf9/0x1e0 [ 1380.047776][ C1] ? __pfx_raw_release+0x10/0x10 [ 1380.052764][ C1] __fput+0x24a/0x8a0 [ 1380.056853][ C1] task_work_run+0x24f/0x310 [ 1380.061498][ C1] ? __pfx_task_work_run+0x10/0x10 [ 1380.066634][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 1380.072379][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 1380.078046][ C1] do_syscall_64+0x100/0x230 [ 1380.082670][ C1] ? clear_bhb_loop+0x35/0x90 [ 1380.087369][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1380.093285][ C1] RIP: 0033:0x7fa0f637cef9 [ 1380.097731][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1380.117376][ C1] RSP: 002b:00007ffe64ce7868 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1380.125820][ C1] RAX: 0000000000000000 RBX: 00007fa0f6537a80 RCX: 00007fa0f637cef9 [ 1380.133812][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 1380.141799][ C1] RBP: 00007fa0f6537a80 R08: 00007fa0f6522000 R09: 00007ffe64ce7b5f [ 1380.149790][ C1] R10: 00000000005eddbc R11: 0000000000000246 R12: 000000000013d842 [ 1380.157781][ C1] R13: 00007ffe64ce7970 R14: 0000000000000032 R15: ffffffffffffffff [ 1380.165805][ C1] [ 1380.168949][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1380.176145][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1380.183329][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1380.190489][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1380.197655][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1380.204831][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1380.375712][ T9793] usb 4-1: USB disconnect, device number 111 [ 1380.375783][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1380.495381][ T9793] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1380.883742][ C0] net_ratelimit: 7905 callbacks suppressed [ 1380.883767][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1380.902095][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1380.915334][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1380.927705][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1380.940091][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1380.952573][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1380.964999][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1380.977444][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1380.991479][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1381.012612][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1386.241075][ C0] net_ratelimit: 7089 callbacks suppressed [ 1386.241103][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1386.259462][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1386.271980][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1386.284398][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1386.296844][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:62:7f:f5:d2:04:a4, vlan:0) [ 1386.311011][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1386.323450][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1386.336964][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1386.349385][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1386.361877][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)