last executing test programs: 3.122712275s ago: executing program 1 (id=4909): io_uring_setup(0x3632, &(0x7f0000000040)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xd, 0x0, &(0x7f0000000040)) 2.940845609s ago: executing program 1 (id=4912): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, &(0x7f00000024c0)) 2.597378824s ago: executing program 2 (id=4918): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001bc0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000600000000000000000000008500000041000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x8, 0x0, &(0x7f0000000200)="67773e264c91d48b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) 2.387504932s ago: executing program 2 (id=4922): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(rfc4543(gcm_base(ctr(aes-aesni),ghash-generic)))\x00'}, 0x58) close_range(r0, 0xffffffffffffffff, 0x0) 2.224204837s ago: executing program 0 (id=4925): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004001) setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000000), 0x4) recvmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x40000060) 1.932135602s ago: executing program 0 (id=4928): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.859016464s ago: executing program 1 (id=4929): setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=@framed={{}, [@printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) 1.770138679s ago: executing program 3 (id=4930): openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x42d00) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sysvipc/msg\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.701028133s ago: executing program 1 (id=4931): r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x8940) writev(r0, &(0x7f0000002500)=[{&(0x7f0000001400)="2c81", 0x2}], 0x1) 1.676537167s ago: executing program 2 (id=4932): r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r1, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) 1.610256152s ago: executing program 0 (id=4933): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r0, 0x84, 0x80, 0x0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r1, 0x28, 0xfffff7f7, 0x0, &(0x7f00000002c0)) 1.559181521s ago: executing program 1 (id=4934): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) fstat(r1, &(0x7f0000000040)) 1.508752524s ago: executing program 0 (id=4935): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002380)="1b0000001a007f029e741683c28f7b331d00"/27, 0x1b}], 0x1}, 0x0) 1.415699617s ago: executing program 1 (id=4936): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_4ADDR={0x5}]}, 0x24}}, 0x0) 1.362282416s ago: executing program 0 (id=4937): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) stat(0x0, 0x0) 1.314658518s ago: executing program 4 (id=4938): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) r2 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) mount$9p_fd(0x20100000, &(0x7f0000000380)='.\x00', &(0x7f0000000100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESOCT=r2]) 1.084091555s ago: executing program 4 (id=4939): r0 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 867.788309ms ago: executing program 4 (id=4940): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x80800, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 769.466689ms ago: executing program 3 (id=4941): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0) close(r0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r0, 0x62, 0xfffffffffffffffc}, 0x10) 636.157158ms ago: executing program 4 (id=4942): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f004b00000008000300", @ANYRES32=r2], 0x6f4}}, 0x0) 576.07565ms ago: executing program 3 (id=4943): socketpair$unix(0x1, 0x2, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local}, 0x1c) 477.25105ms ago: executing program 2 (id=4944): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000040)={&(0x7f00000000c0)="82", 0x1}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000100)={&(0x7f0000000000)="a8", 0x1}) close(r0) 429.370769ms ago: executing program 3 (id=4945): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf32(r0, &(0x7f0000000480)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x58) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 329.638157ms ago: executing program 4 (id=4946): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0) 282.487224ms ago: executing program 2 (id=4947): sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=@getneightbl={0x14, 0x42, 0x727d4c0aeeddad0d, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 170.299946ms ago: executing program 3 (id=4948): unshare(0x20040480) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) shutdown(r0, 0x2) poll(&(0x7f0000000140)=[{r0, 0x2000}], 0x1, 0x40f) 85.244051ms ago: executing program 2 (id=4949): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fchmod(r0, 0x0) 35.371095ms ago: executing program 4 (id=4950): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) linkat(r0, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1400) 26.65117ms ago: executing program 0 (id=4951): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x38, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0xbf3a}, @NL80211_MESHCONF_NOLEARN={0x5, 0x1e, 0x1}, @NL80211_MESHCONF_PATH_REFRESH_TIME={0x8, 0x9, 0x7}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x400080c1}, 0x0) 0s ago: executing program 3 (id=4952): r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff) r1 = socket$packet(0x11, 0x2, 0x300) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0) keyctl$read(0xb, r0, &(0x7f00000010c0)=""/4096, 0x1000) kernel console output (not intermixed with test programs): New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.787406][ T5238] usb 5-1: config 0 descriptor?? [ 284.019290][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 284.235144][ T5238] hid-led 0003:04D8:F372.0036: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.4-1/input0 [ 284.313091][ T5238] hid-led 0003:04D8:F372.0036: Greynut Luxafor initialized [ 284.609219][ T5238] usb 5-1: USB disconnect, device number 24 [ 284.631276][ T8] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 284.649334][ T1171] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 284.670166][ T1171] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 284.683942][T11245] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2560'. [ 284.702666][ T1171] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 284.711916][ T1171] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 284.722622][T11245] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2560'. [ 284.733994][ T1171] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 284.747258][ T1171] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 284.756812][ T1171] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 284.795707][ T1171] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 284.807759][ T1171] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 284.818750][ T1171] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 284.829040][ T1171] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 284.862958][ T1171] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 284.894661][ T1171] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 284.907746][T11252] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.915287][T11252] bridge0: port 1(bridge_slave_0) entered forwarding state [ 284.916092][ T1171] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 284.967075][ T1171] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 284.985106][ T1171] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 285.002957][ T1171] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 286.333778][ T1171] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 286.531146][ T1171] usb 4-1: Using ep0 maxpacket: 8 [ 286.549353][ T1171] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 286.579946][ T1171] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 286.633324][ T1171] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 239, changing to 11 [ 286.675537][ T1171] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9059, setting to 1024 [ 286.693759][ T1171] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 286.718520][ T1171] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 286.730647][ T1171] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 286.745368][ T1171] usb 4-1: Product: syz [ 286.749598][ T1171] usb 4-1: Manufacturer: syz [ 286.768638][ T1171] usb 4-1: SerialNumber: syz [ 286.795442][ T1171] usb 4-1: config 0 descriptor?? [ 286.816129][ T1171] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input38 [ 286.864114][ C1] kbtab 4-1:0.0: kbtab_irq - usb_submit_urb failed with result -1 [ 287.145347][ T9] usb 4-1: USB disconnect, device number 31 [ 287.557101][T11345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2600'. [ 287.823226][T11358] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 287.836627][T11357] xt_CT: You must specify a L4 protocol and not use inversions on it [ 288.241289][T11380] sch_fq: defrate 0 ignored. [ 288.473227][T11388] hsr0: entered promiscuous mode [ 288.482620][T11388] macvlan2: entered allmulticast mode [ 288.496840][T11388] hsr0: entered allmulticast mode [ 288.506969][T11388] hsr_slave_0: entered allmulticast mode [ 288.527014][T11388] hsr_slave_1: entered allmulticast mode [ 288.551965][T11388] hsr0: left allmulticast mode [ 288.564372][T11388] hsr_slave_0: left allmulticast mode [ 288.569981][T11388] hsr_slave_1: left allmulticast mode [ 288.645513][T11392] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2622'. [ 288.663994][T11392] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2622'. [ 289.720402][T11442] netlink: 'syz.0.2644': attribute type 10 has an invalid length. [ 289.859064][T11442] team0: Port device wlan1 added [ 289.901893][T11441] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 290.174155][ T5238] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 290.361713][T11459] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2652'. [ 290.386090][ T5238] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 290.403729][ T5238] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 290.435494][ T5238] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 290.463691][ T5238] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 290.488903][ T5238] usb 4-1: SerialNumber: syz [ 290.618558][T11469] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2657'. [ 290.628849][T11469] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 290.720023][ T5238] usb 4-1: 0:2 : does not exist [ 290.768756][ T5238] usb 4-1: USB disconnect, device number 32 [ 291.665908][T11507] syz.1.2675: attempt to access beyond end of device [ 291.665908][T11507] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 291.700863][T11507] hpfs: hpfs_map_sector(): read error [ 291.805266][T11515] syzkaller0: tun_chr_ioctl cmd 2147767520 [ 291.843827][ T25] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 292.040595][ T25] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 292.068245][ T25] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 292.105690][ T25] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 292.126895][ T25] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 292.170580][ T25] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 292.190444][ T25] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 292.221208][ T25] usb 4-1: Product: syz [ 292.229941][ T25] usb 4-1: Manufacturer: syz [ 292.257704][ T25] cdc_wdm 4-1:1.0: skipping garbage [ 292.263114][ T25] cdc_wdm 4-1:1.0: skipping garbage [ 292.279953][ T25] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 292.295250][ T25] cdc_wdm 4-1:1.0: Unknown control protocol [ 292.590272][T11546] netlink: 'syz.0.2693': attribute type 1 has an invalid length. [ 292.620316][T11546] netlink: 9328 bytes leftover after parsing attributes in process `syz.0.2693'. [ 292.653750][T11546] netlink: 'syz.0.2693': attribute type 2 has an invalid length. [ 292.676541][T11546] netlink: 'syz.0.2693': attribute type 1 has an invalid length. [ 293.022234][ T25] usb 4-1: USB disconnect, device number 33 [ 294.778140][T11621] netlink: 31 bytes leftover after parsing attributes in process `syz.4.2726'. [ 294.804782][T11621] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2726'. [ 295.184016][ T5238] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 295.259699][ T29] audit: type=1804 audit(1725948813.800:85): pid=11641 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.2734" name="/" dev="pidfs" ino=11938 res=1 errno=0 [ 295.397987][ T5238] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 295.430628][ T5238] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.462969][ T5238] usb 3-1: config 0 descriptor?? [ 295.478230][ T5238] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 295.803866][ T1171] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 295.885278][ T5238] gspca_cpia1: usb_control_msg 03, error -71 [ 295.901861][ T5238] gspca_cpia1: usb_control_msg 01, error -71 [ 295.918431][ T5238] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0) [ 295.937067][ T5238] usb 3-1: USB disconnect, device number 35 [ 295.951559][T11665] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2745'. [ 296.004800][ T1171] usb 2-1: Using ep0 maxpacket: 16 [ 296.022257][ T1171] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 296.057509][ T1171] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 296.084679][ T1171] usb 2-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00 [ 296.116977][ T1171] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.146309][ T1171] usb 2-1: config 0 descriptor?? [ 296.326279][T11678] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2751'. [ 296.613146][ T1171] input: HID 041e:3100 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:041E:3100.0037/input/input39 [ 296.723637][ T1171] creative-sb0540 0003:041E:3100.0037: input,hidraw0: USB HID v0.00 Device [HID 041e:3100] on usb-dummy_hcd.1-1/input0 [ 296.811491][ T1171] usb 2-1: USB disconnect, device number 24 [ 297.693719][ T29] audit: type=1326 audit(1725948816.230:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 297.736501][ T29] audit: type=1326 audit(1725948816.240:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 297.785537][ T29] audit: type=1326 audit(1725948816.240:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 297.877300][ T29] audit: type=1326 audit(1725948816.240:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 297.954009][ T29] audit: type=1326 audit(1725948816.240:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 298.016300][ T29] audit: type=1326 audit(1725948816.270:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 298.073099][T11757] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2788'. [ 298.088584][ T29] audit: type=1326 audit(1725948816.270:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 298.163052][ T29] audit: type=1326 audit(1725948816.270:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 298.242186][ T29] audit: type=1326 audit(1725948816.270:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11742 comm="syz.2.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcd4e774ea7 code=0x7ffc0000 [ 298.297360][T11761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2790'. [ 299.258712][T11792] option changes via remount are deprecated (pid=11791 comm=syz.2.2804) [ 299.393822][ T25] kernel write not supported for file /snd/seq (pid: 25 comm: kworker/1:0) [ 300.014757][ T5272] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 300.066185][T11824] input: syz0 as /devices/virtual/input/input40 [ 300.216878][ T5272] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 300.234704][ T5272] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.254838][ T5272] usb 5-1: config 0 descriptor?? [ 300.265535][ T5272] cp210x 5-1:0.0: cp210x converter detected [ 300.880963][ T5272] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 300.905564][ T5272] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 300.935581][ T5272] usb 5-1: cp210x converter now attached to ttyUSB0 [ 300.951414][ T5272] usb 5-1: USB disconnect, device number 25 [ 300.971251][ T5272] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 300.983315][T11860] vcan0: entered allmulticast mode [ 300.993912][ T5272] cp210x 5-1:0.0: device disconnected [ 301.767198][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 301.767221][ T29] audit: type=1326 audit(1725948820.300:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 301.869892][ T29] audit: type=1326 audit(1725948820.300:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 301.914115][ T46] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 301.936879][ T29] audit: type=1326 audit(1725948820.320:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 302.003732][ T29] audit: type=1326 audit(1725948820.320:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 302.053037][ T29] audit: type=1326 audit(1725948820.320:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 302.113674][ T29] audit: type=1326 audit(1725948820.320:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 302.122843][ T46] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 302.135708][ C0] vkms_vblank_simulate: vblank timer overrun [ 302.156959][ T29] audit: type=1326 audit(1725948820.320:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 302.157017][ T29] audit: type=1326 audit(1725948820.320:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 302.186161][ T46] usb 3-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 302.201305][ C0] vkms_vblank_simulate: vblank timer overrun [ 302.263785][ T29] audit: type=1326 audit(1725948820.320:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11884 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 302.300916][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.322683][ T46] usb 3-1: config 0 descriptor?? [ 302.348275][ T46] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 302.461201][ T2514] Bluetooth: hci5: Frame reassembly failed (-84) [ 302.474425][T11906] netlink: 'syz.3.2857': attribute type 10 has an invalid length. [ 302.482420][T11906] netem: change failed [ 302.544711][T11912] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2860'. [ 302.559506][T11912] netlink: 'syz.0.2860': attribute type 1 has an invalid length. [ 302.710456][ T46] usb 3-1: USB disconnect, device number 36 [ 303.633723][ T25] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 303.831882][ T25] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 303.856058][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.865265][ T25] usb 3-1: Product: syz [ 303.869608][ T25] usb 3-1: Manufacturer: syz [ 303.877596][ T25] usb 3-1: SerialNumber: syz [ 303.888285][ T25] usb 3-1: config 0 descriptor?? [ 304.474062][ T5230] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 304.475834][ T4613] Bluetooth: hci5: command 0x1003 tx timeout [ 304.527269][ T25] usb 3-1: Firmware version (0.0) predates our first public release. [ 304.546336][ T25] usb 3-1: Please update to version 0.2 or newer [ 304.677317][ T25] usb 3-1: USB disconnect, device number 37 [ 305.718632][T11996] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2899'. [ 305.752080][ T29] audit: type=1326 audit(1725948824.290:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11975 comm="syz.4.2890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7fc00000 [ 306.973945][T12034] bridge0: port 3(vlan0) entered blocking state [ 307.001963][T12034] bridge0: port 3(vlan0) entered disabled state [ 307.035319][T12034] vlan0: entered allmulticast mode [ 307.073769][T12034] veth0_vlan: entered allmulticast mode [ 307.104648][T12034] vlan0: entered promiscuous mode [ 307.138000][T12034] bridge0: port 3(vlan0) entered blocking state [ 307.144606][T12034] bridge0: port 3(vlan0) entered forwarding state [ 307.212275][T12034] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 307.361791][T12041] netlink: 'syz.1.2920': attribute type 10 has an invalid length. [ 307.382481][T12041] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 307.407930][T12041] team0: Port device netdevsim0 added [ 307.434668][T12046] netlink: 'syz.1.2920': attribute type 10 has an invalid length. [ 307.533201][T12046] team0: Port device netdevsim0 removed [ 307.572675][T12046] bond0: (slave netdevsim0): Enslaving as an active interface with a down link [ 307.610383][T12053] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2925'. [ 307.623430][T12053] netem: unknown loss type 13 [ 307.642763][T12053] netem: change failed [ 308.014153][ T25] usb 3-1: new full-speed USB device number 38 using dummy_hcd [ 308.078883][T12070] netlink: 'syz.3.2934': attribute type 11 has an invalid length. [ 308.199198][ T25] usb 3-1: New USB device found, idVendor=07ca, idProduct=b808, bcdDevice=db.2f [ 308.219421][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.243694][ T25] usb 3-1: Product: syz [ 308.248034][ T25] usb 3-1: Manufacturer: syz [ 308.270167][ T25] usb 3-1: SerialNumber: syz [ 308.280280][ T25] usb 3-1: config 0 descriptor?? [ 308.543432][T12092] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2945'. [ 308.694977][T12098] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2948'. [ 308.715398][ T25] dvb-usb: found a 'AVerMedia AVerTV DVB-T Volar' in warm state. [ 308.743058][ T25] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 308.763369][ T25] dvbdev: DVB: registering new adapter (AVerMedia AVerTV DVB-T Volar) [ 308.781963][ T25] usb 3-1: media controller created [ 308.814350][ T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 308.886974][ T25] DVB: Unable to find symbol dib7000p_attach() [ 308.896010][T12108] sctp: [Deprecated]: syz.1.2952 (pid 12108) Use of struct sctp_assoc_value in delayed_ack socket option. [ 308.896010][T12108] Use struct sctp_sack_info instead [ 308.913177][ T25] dvb-usb: no frontend was attached by 'AVerMedia AVerTV DVB-T Volar' [ 309.013995][ T25] rc_core: IR keymap rc-dib0700-rc5 not found [ 309.020260][ T25] Registered IR keymap rc-empty [ 309.025783][ T25] dvb-usb: could not initialize remote control. [ 309.032214][ T25] dvb-usb: AVerMedia AVerTV DVB-T Volar successfully initialized and connected. [ 309.052239][ T25] usb 3-1: USB disconnect, device number 38 [ 309.071397][ T25] dvb-usb: AVerMedia AVerTV DVB-T Volar successfully deinitialized and disconnected. [ 309.123714][ T46] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 309.314075][ T46] usb 4-1: Using ep0 maxpacket: 16 [ 309.330750][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 309.354027][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 309.398065][ T46] usb 4-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00 [ 309.419975][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.439982][ T46] usb 4-1: config 0 descriptor?? [ 309.677334][T12128] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2961'. [ 309.721331][T12131] hsr0: entered promiscuous mode [ 309.874614][ T46] logitech 0003:046D:CA03.0038: item fetching failed at offset 0/5 [ 309.904258][ T46] logitech 0003:046D:CA03.0038: parse failed [ 309.910434][ T46] logitech 0003:046D:CA03.0038: probe with driver logitech failed with error -22 [ 310.117412][ T46] usb 4-1: USB disconnect, device number 34 [ 310.373615][T12154] netlink: 16255 bytes leftover after parsing attributes in process `syz.4.2973'. [ 310.466464][T12158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2974'. [ 310.887453][T12169] ɶƣ0GC!: entered promiscuous mode [ 311.613751][ T29] audit: type=1326 audit(1725948830.150:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 311.718394][ T29] audit: type=1326 audit(1725948830.150:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 311.807834][ T29] audit: type=1326 audit(1725948830.190:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 311.865083][ T29] audit: type=1326 audit(1725948830.190:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 311.921027][ T29] audit: type=1326 audit(1725948830.200:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 311.968779][ T29] audit: type=1326 audit(1725948830.200:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 312.046389][ T29] audit: type=1326 audit(1725948830.210:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 312.126740][ T29] audit: type=1326 audit(1725948830.210:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcd4e774ea7 code=0x7ffc0000 [ 312.175851][ T29] audit: type=1326 audit(1725948830.210:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcd4e719869 code=0x7ffc0000 [ 312.229854][ T29] audit: type=1326 audit(1725948830.210:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12205 comm="syz.2.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcd4e774ea7 code=0x7ffc0000 [ 312.340676][T12235] CUSE: info not properly terminated [ 313.633993][T12284] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 313.858927][T12296] netlink: 191416 bytes leftover after parsing attributes in process `syz.1.3036'. [ 314.501915][T12321] netlink: 'syz.3.3048': attribute type 21 has an invalid length. [ 314.521238][T12321] netlink: 128 bytes leftover after parsing attributes in process `syz.3.3048'. [ 314.541931][T12321] netlink: 'syz.3.3048': attribute type 4 has an invalid length. [ 314.551574][T12321] netlink: 'syz.3.3048': attribute type 5 has an invalid length. [ 314.569141][T12321] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3048'. [ 314.934202][T12341] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3057'. [ 315.074903][T12345] netlink: 'syz.4.3060': attribute type 1 has an invalid length. [ 315.160407][T12349] tap0: tun_chr_ioctl cmd 1074025677 [ 315.173933][T12349] tap0: linktype set to 6 [ 315.945730][T12379] Invalid/unusable pipe [ 316.189220][T12385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3077'. [ 316.387736][T12385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3077'. [ 316.603887][T12394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3080'. [ 316.646037][T12396] option changes via remount are deprecated (pid=12395 comm=syz.1.3081) [ 317.035432][T12405] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3085'. [ 317.438238][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.450483][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.840747][T12461] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3109'. [ 318.874054][T12461] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 319.497792][T12486] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 319.799752][ T5238] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 320.007981][ T5238] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 320.031678][ T5238] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 320.059352][T12512] kvm: user requested TSC rate below hardware speed [ 320.079465][ T5238] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 320.099905][ T5238] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 320.123975][ T5238] usb 3-1: Manufacturer: syz [ 320.131531][ T5238] usb 3-1: config 0 descriptor?? [ 320.307419][ T5238] rc_core: IR keymap rc-hauppauge not found [ 320.313493][ T5238] Registered IR keymap rc-empty [ 320.339280][ T5238] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 320.381422][ T5238] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input42 [ 320.398175][T12488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 320.446306][T12488] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 320.528276][ T46] usb 3-1: USB disconnect, device number 39 [ 320.674823][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 321.367374][T12546] sctp: [Deprecated]: syz.1.3148 (pid 12546) Use of struct sctp_assoc_value in delayed_ack socket option. [ 321.367374][T12546] Use struct sctp_sack_info instead [ 321.458260][T12561] input: syz1 as /devices/virtual/input/input43 [ 321.899885][T12583] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3164'. [ 322.159276][T12597] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 322.309694][T12602] netlink: 'syz.1.3173': attribute type 12 has an invalid length. [ 322.324970][T12602] netlink: 'syz.1.3173': attribute type 11 has an invalid length. [ 322.334506][T12602] netlink: 190580 bytes leftover after parsing attributes in process `syz.1.3173'. [ 322.998850][T12634] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3189'. [ 323.360300][ T29] kauditd_printk_skb: 34 callbacks suppressed [ 323.360330][ T29] audit: type=1326 audit(1725948841.900:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12652 comm="syz.3.3197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 323.431171][ T29] audit: type=1326 audit(1725948841.900:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12652 comm="syz.3.3197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 323.505093][ T29] audit: type=1326 audit(1725948841.900:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12652 comm="syz.3.3197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 323.558797][ T29] audit: type=1326 audit(1725948841.900:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12652 comm="syz.3.3197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 323.609071][T12659] batadv_slave_1: entered allmulticast mode [ 323.650008][T12659] batadv_slave_1: left allmulticast mode [ 323.902164][T12672] input: syz0 as /devices/virtual/input/input44 [ 323.957046][T12676] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 324.088276][T12678] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3208'. [ 324.265930][T12684] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3211'. [ 324.309879][T12684] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 324.318375][T12684] macsec1: entered promiscuous mode [ 324.329459][T12684] macsec1: entered allmulticast mode [ 324.336254][T12684] mac80211_hwsim hwsim12 wlan0: entered allmulticast mode [ 324.963940][T12711] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 325.665204][T12726] syz.1.3231 (12726) used greatest stack depth: 18072 bytes left [ 327.925492][T12824] tap0: tun_chr_ioctl cmd 99999999 [ 328.176514][ T29] audit: type=1326 audit(1725948846.700:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12826 comm="syz.3.3277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 328.239151][ T29] audit: type=1326 audit(1725948846.700:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12826 comm="syz.3.3277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 328.323501][ T29] audit: type=1326 audit(1725948846.700:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12826 comm="syz.3.3277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 328.764479][ T5272] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 328.814458][T12846] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 328.967761][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.990219][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 329.064907][ T5272] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 329.093675][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.110826][ T5272] usb 2-1: config 0 descriptor?? [ 329.164955][T12859] netlink: 'syz.3.3291': attribute type 1 has an invalid length. [ 329.172809][T12859] netlink: 9328 bytes leftover after parsing attributes in process `syz.3.3291'. [ 329.203669][T12859] netlink: 'syz.3.3291': attribute type 1 has an invalid length. [ 329.569202][ T5272] cp2112 0003:10C4:EA90.0039: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0 [ 329.755602][ T5272] cp2112 0003:10C4:EA90.0039: error requesting version [ 329.781788][ T5272] cp2112 0003:10C4:EA90.0039: probe with driver cp2112 failed with error -71 [ 329.802260][ T5272] usb 2-1: USB disconnect, device number 25 [ 329.844255][ T5238] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 329.929128][T12876] nbd: device at index 0 is going down [ 330.053644][ T5238] usb 3-1: Using ep0 maxpacket: 16 [ 330.061102][ T5238] usb 3-1: config 0 has no interfaces? [ 330.070167][ T5238] usb 3-1: New USB device found, idVendor=05ac, idProduct=026c, bcdDevice= 0.00 [ 330.089644][ T5238] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.107835][ T5238] usb 3-1: config 0 descriptor?? [ 330.334281][ T5238] usb 3-1: USB disconnect, device number 40 [ 330.727251][ T5344] usb 5-1: new full-speed USB device number 26 using dummy_hcd [ 330.929019][ T5344] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 330.950415][ T5344] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x1D, changing to 0xD [ 331.034891][ T5344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 16349, setting to 64 [ 331.046705][ T5344] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 331.092165][ T5344] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 331.104848][ T5344] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 331.124193][ T5344] usb 5-1: Manufacturer: syz [ 331.135580][ T5344] usb 5-1: config 0 descriptor?? [ 331.145534][T12897] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 331.163889][ T5344] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 331.430221][ T1171] usb 5-1: USB disconnect, device number 26 [ 331.557733][T12932] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3324'. [ 331.819275][T12940] overlayfs: conflicting options: nfs_export=on,index=off [ 332.015925][T12948] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.3332'. [ 332.351558][T12962] netlink: 'syz.2.3339': attribute type 1 has an invalid length. [ 332.380523][T12962] netlink: 9364 bytes leftover after parsing attributes in process `syz.2.3339'. [ 332.400182][T12962] netlink: 'syz.2.3339': attribute type 2 has an invalid length. [ 332.428278][T12962] netlink: 'syz.2.3339': attribute type 1 has an invalid length. [ 332.452152][T12966] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3341'. [ 332.480156][T12966] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3341'. [ 332.623226][T12976] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 333.523693][ T5344] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 333.717284][ T5344] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 333.737632][ T5344] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 333.773605][ T5344] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024 [ 333.799592][ T5344] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 333.827447][ T5344] usb 2-1: New USB device found, idVendor=2304, idProduct=021a, bcdDevice=18.29 [ 333.838070][ T5344] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.848756][ T5344] usb 2-1: Product: syz [ 333.860056][ T5344] usb 2-1: Manufacturer: syz [ 333.867917][ T5344] usb 2-1: SerialNumber: syz [ 333.885956][ T5344] usb 2-1: config 0 descriptor?? [ 333.895838][ T5344] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2304:021a, interface 0, class 0) [ 333.911188][ T5344] em28xx 2-1:0.0: Video interface 0 found: isoc [ 334.188391][ T5344] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 334.297326][ T5344] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 334.319012][ T5344] em28xx 2-1:0.0: board has no eeprom [ 334.406573][ T5344] em28xx 2-1:0.0: Identified as Pinnacle Dazzle DVC 90/100/101/107 / Kaiser Baas Video to DVD maker / Kworld DVD Maker 2 / Plextor ConvertX PX-AV100U (card=9) [ 334.444913][ T5344] em28xx 2-1:0.0: analog set to isoc mode. [ 334.451204][ T1171] em28xx 2-1:0.0: Registering V4L2 extension [ 334.484531][ T5344] usb 2-1: USB disconnect, device number 26 [ 334.492943][ T5344] em28xx 2-1:0.0: Disconnecting em28xx [ 334.557666][ T1171] em28xx 2-1:0.0: Config register raw data: 0xffffffed [ 334.572342][ T1171] em28xx 2-1:0.0: AC97 chip type couldn't be determined [ 334.602452][ T1171] em28xx 2-1:0.0: No AC97 audio processor [ 334.634288][ T1171] usb 2-1: Decoder not found [ 334.639254][ T1171] em28xx 2-1:0.0: failed to create media graph [ 334.653368][ T1171] em28xx 2-1:0.0: V4L2 device video71 deregistered [ 334.674751][ T1171] em28xx 2-1:0.0: Remote control support is not available for this card. [ 334.684144][ T5344] em28xx 2-1:0.0: Closing input extension [ 334.698300][ T5344] em28xx 2-1:0.0: Freeing device [ 334.873749][ T54] Bluetooth: hci4: command 0x0405 tx timeout [ 335.224767][ T5344] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 335.436139][ T5344] usb 2-1: unable to get BOS descriptor or descriptor too short [ 335.466210][ T5344] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 335.478964][ T5344] usb 2-1: can't read configurations, error -71 [ 335.533768][ T5238] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 335.544120][ T1171] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 335.743804][ T1171] usb 4-1: Using ep0 maxpacket: 32 [ 335.752504][ T5238] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 335.762771][ T1171] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 335.783952][ T5238] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.792191][ T1171] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.803441][ T5238] usb 3-1: config 0 descriptor?? [ 335.821821][ T1171] usb 4-1: config 0 descriptor?? [ 335.831805][ T1171] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 336.054327][ T5238] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 336.062990][ T5238] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 336.084830][ T5238] [drm:udl_init] *ERROR* Selecting channel failed [ 336.120282][ T5238] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 336.142894][ T5238] [drm] Initialized udl on minor 2 [ 336.158262][ T5238] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 336.195225][ T5238] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 336.210151][ T9] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 336.225559][ T5238] usb 3-1: USB disconnect, device number 41 [ 336.245878][ T9] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 336.274408][ T9] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 336.686602][ T1171] gspca_nw80x: reg_r err -71 [ 336.693700][ T1171] nw80x 4-1:0.0: probe with driver nw80x failed with error -71 [ 336.734182][ T1171] usb 4-1: USB disconnect, device number 35 [ 337.265138][T13122] netlink: 'syz.4.3410': attribute type 6 has an invalid length. [ 337.273272][T13122] netlink: 168 bytes leftover after parsing attributes in process `syz.4.3410'. [ 337.952086][T13152] netlink: 105108 bytes leftover after parsing attributes in process `syz.4.3424'. [ 337.993847][T13152] netlink: 'syz.4.3424': attribute type 1 has an invalid length. [ 338.094517][T13156] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3426'. [ 338.135044][T13156] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3426'. [ 338.720835][T13170] trusted_key: encrypted_key: keyword 'upw' not recognized [ 338.928474][ T29] audit: type=1326 audit(1725948857.470:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 339.016413][ T29] audit: type=1326 audit(1725948857.470:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 339.117193][ T29] audit: type=1326 audit(1725948857.500:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 339.183616][ T29] audit: type=1326 audit(1725948857.500:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 339.257708][ T29] audit: type=1326 audit(1725948857.500:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 339.341617][ T29] audit: type=1326 audit(1725948857.500:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 339.401435][ T29] audit: type=1326 audit(1725948857.500:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 339.463323][ T29] audit: type=1326 audit(1725948857.510:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1493374ea7 code=0x7ffc0000 [ 339.526390][ T29] audit: type=1326 audit(1725948857.510:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1493319869 code=0x7ffc0000 [ 339.577220][ T29] audit: type=1326 audit(1725948857.510:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13180 comm="syz.3.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1493374ea7 code=0x7ffc0000 [ 340.112088][T13211] program syz.2.3450 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 340.302365][T13216] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3452'. [ 340.762079][T13237] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3463'. [ 340.793745][ T46] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 340.986204][ T46] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 341.000859][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.018974][ T46] usb 3-1: config 0 descriptor?? [ 341.029949][ T46] cp210x 3-1:0.0: cp210x converter detected [ 341.164470][ T5272] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 341.356265][ T5272] usb 5-1: config 0 has no interfaces? [ 341.362059][ T5272] usb 5-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 341.371888][ T5272] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.383769][ T5272] usb 5-1: config 0 descriptor?? [ 341.453716][ T46] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 341.477612][ T46] usb 3-1: cp210x converter now attached to ttyUSB0 [ 341.602347][ T1171] usb 5-1: USB disconnect, device number 27 [ 341.686425][ T5272] usb 3-1: USB disconnect, device number 42 [ 341.697647][ T5272] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 341.706905][ T5272] cp210x 3-1:0.0: device disconnected [ 342.302885][T13269] program syz.3.3479 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 342.757572][T13294] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3491'. [ 343.513871][ T5272] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 343.514187][ T5238] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 343.706908][ T5272] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 343.718409][ T5272] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 343.733239][ T5272] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 343.733751][ T5238] usb 2-1: Using ep0 maxpacket: 32 [ 343.742881][ T5272] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.774223][ T5272] usb 5-1: config 0 descriptor?? [ 343.776301][ T5238] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 343.799385][ T5238] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.827167][ T5238] usb 2-1: Product: syz [ 343.831419][ T5238] usb 2-1: Manufacturer: syz [ 343.837030][ T5238] usb 2-1: SerialNumber: syz [ 343.854750][ T5238] usb 2-1: config 0 descriptor?? [ 343.863199][ T5238] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 343.974140][ T1171] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 344.184193][ T1171] usb 4-1: Using ep0 maxpacket: 32 [ 344.208878][ T1171] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 344.218715][T13314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 344.244097][ T1171] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.252282][ T1171] usb 4-1: Product: syz [ 344.273597][ T1171] usb 4-1: Manufacturer: syz [ 344.278873][ T1171] usb 4-1: SerialNumber: syz [ 344.304968][ T1171] usb 4-1: config 0 descriptor?? [ 344.324974][ T1171] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 344.542531][T13314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 344.601388][ T5272] sony 0003:054C:024B.003A: unknown main item tag 0x0 [ 344.605133][ T5238] gspca_ov534_9: reg_w failed -110 [ 344.622350][ T5272] sony 0003:054C:024B.003A: unknown main item tag 0x0 [ 344.651000][ T5272] sony 0003:054C:024B.003A: unexpected long global item [ 344.674606][ T5272] sony 0003:054C:024B.003A: parse failed [ 344.680430][ T5272] sony 0003:054C:024B.003A: probe with driver sony failed with error -22 [ 344.872647][ T5272] usb 5-1: USB disconnect, device number 28 [ 345.179716][ T1171] gspca_stk1135: reg_w 0x5 err -71 [ 345.186851][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.193424][ T1171] gspca_stk1135: Sensor write failed [ 345.203831][ T5238] gspca_ov534_9: Unknown sensor 0000 [ 345.203930][ T5238] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22 [ 345.234295][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.254250][ T1171] gspca_stk1135: Sensor write failed [ 345.263301][T13360] netlink: 'syz.0.3521': attribute type 1 has an invalid length. [ 345.263982][ T5238] usb 2-1: USB disconnect, device number 29 [ 345.279336][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.286358][ T1171] gspca_stk1135: Sensor read failed [ 345.289206][T13360] netlink: 9372 bytes leftover after parsing attributes in process `syz.0.3521'. [ 345.293603][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.307832][ T1171] gspca_stk1135: Sensor read failed [ 345.315234][ T1171] gspca_stk1135: Detected sensor type unknown (0x0) [ 345.320637][T13360] netlink: 'syz.0.3521': attribute type 1 has an invalid length. [ 345.328862][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.362456][ T1171] gspca_stk1135: Sensor read failed [ 345.378579][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.393682][ T1171] gspca_stk1135: Sensor read failed [ 345.399116][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.413940][ T1171] gspca_stk1135: Sensor write failed [ 345.419428][ T1171] gspca_stk1135: serial bus timeout: status=0x00 [ 345.434470][ T1171] gspca_stk1135: Sensor write failed [ 345.443243][ T1171] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71 [ 345.473072][ T1171] usb 4-1: USB disconnect, device number 36 [ 345.584280][T13370] netlink: 372 bytes leftover after parsing attributes in process `syz.0.3527'. [ 346.264543][ T1171] kernel write not supported for file /uhid (pid: 1171 comm: kworker/0:2) [ 346.568296][T13412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3547'. [ 347.199549][ T5272] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 347.207694][ T25] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 347.383075][T13456] netlink: 'syz.1.3568': attribute type 14 has an invalid length. [ 347.392410][T13456] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3568'. [ 347.393868][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 347.421151][ T5272] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 347.439435][ T5272] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 347.449894][ T5272] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 347.463305][ T5272] usb 5-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00 [ 347.474010][ T5272] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.474183][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 347.503091][ T5272] usb 5-1: config 0 descriptor?? [ 347.523685][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 347.541915][ T25] usb 3-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00 [ 347.553005][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.566006][ T25] usb 3-1: config 0 descriptor?? [ 347.592906][T13460] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3570'. [ 347.945860][ T5272] hid-alps 0003:044E:120B.003B: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.4-1/input0 [ 347.998760][ T25] apple 0003:05AC:0247.003C: unknown main item tag 0x0 [ 348.017290][ T25] apple 0003:05AC:0247.003C: unknown main item tag 0x0 [ 348.043672][ T25] apple 0003:05AC:0247.003C: item fetching failed at offset 2/160 [ 348.062656][ T25] apple 0003:05AC:0247.003C: parse failed [ 348.072147][ T25] apple 0003:05AC:0247.003C: probe with driver apple failed with error -22 [ 348.135866][ T5272] usb 5-1: USB disconnect, device number 29 [ 348.281756][ T1171] usb 3-1: USB disconnect, device number 43 [ 349.164102][T13500] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3586'. [ 349.180193][T13504] tun0: tun_chr_ioctl cmd 1074025681 [ 349.201041][T13500] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3586'. [ 349.428669][T13516] tap0: tun_chr_ioctl cmd 1074025672 [ 349.451273][T13516] tap0: ignored: set checksum disabled [ 349.623745][T13525] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 349.634575][T13525] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 349.678680][T13525] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 349.686021][T13525] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 349.692028][T13530] netlink: 'syz.2.3599': attribute type 1 has an invalid length. [ 349.705715][T13530] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.3599'. [ 349.706732][T13525] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 349.721524][T13525] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 349.735634][T13525] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 349.751760][T13525] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 349.929085][T13542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3604'. [ 349.938754][T13542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3604'. [ 349.971904][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 349.971925][ T29] audit: type=1400 audit(1725948868.510:176): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=13543 comm="syz.1.3605" dest=20002 netif=wpan0 [ 350.073894][ T5344] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 350.121498][T13550] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3609'. [ 350.256821][ T5344] usb 5-1: Using ep0 maxpacket: 8 [ 350.275126][ T5344] usb 5-1: config 0 has an invalid interface number: 52 but max is 0 [ 350.298353][ T5344] usb 5-1: config 0 has an invalid descriptor of length 72, skipping remainder of the config [ 350.323570][ T5344] usb 5-1: config 0 has no interface number 0 [ 350.330646][ T5344] usb 5-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xA2, changing to 0x82 [ 350.343335][ T5344] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x82 has an invalid bInterval 231, changing to 11 [ 350.390479][ T5344] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x82 has invalid maxpacket 25303, setting to 1024 [ 350.410473][ T5344] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 350.434904][ T5344] usb 5-1: config 0 interface 52 has no altsetting 0 [ 350.462710][ T5344] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 350.493408][ T5344] usb 5-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 350.514034][ T5344] usb 5-1: Product: syz [ 350.524692][ T5344] usb 5-1: SerialNumber: syz [ 350.555824][ T5344] usb 5-1: config 0 descriptor?? [ 350.789786][T13573] netlink: 'syz.2.3619': attribute type 1 has an invalid length. [ 350.802995][ T5344] input: syz (Stick) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.52/input/input45 [ 351.098177][ T1171] usb 5-1: USB disconnect, device number 30 [ 351.315285][T13595] netlink: 16126 bytes leftover after parsing attributes in process `syz.0.3629'. [ 351.343889][T13595] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.3629'. [ 351.674426][ T5230] Bluetooth: hci0: command 0x0406 tx timeout [ 351.753905][ T5230] Bluetooth: hci4: command 0x0405 tx timeout [ 351.754426][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 351.760078][ T5230] Bluetooth: hci1: command 0x0406 tx timeout [ 351.923302][T13619] netlink: 'syz.0.3640': attribute type 10 has an invalid length. [ 351.986183][T13619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 352.021455][T13619] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 352.031241][ T1110] bond0: (slave batadv0): interface is now down [ 352.041096][T13621] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check. [ 352.084552][ T11] bond0: (slave batadv0): interface is now down [ 352.091135][ T11] bond0: now running without any active interface! [ 352.352115][ T29] audit: type=1400 audit(1725948870.890:177): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=13631 comm="syz.1.3646" dest=20002 netif=wpan0 [ 352.619117][T13639] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3649'. [ 352.663497][T13639] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3649'. [ 352.853284][T13648] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 352.905693][T13652] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 353.282845][T13666] bond0: option miimon: invalid value (18446744073072082944) [ 353.323811][T13666] bond0: option miimon: allowed values 0 - 2147483647 [ 353.687202][T13683] vlan0: vlans aren't supported yet for dev_uc|mc_add() [ 353.754035][ T5230] Bluetooth: hci0: command 0x0406 tx timeout [ 353.833978][ T5230] Bluetooth: hci2: command 0x0406 tx timeout [ 353.834006][ T4613] Bluetooth: hci4: command 0x0405 tx timeout [ 353.847778][ T54] Bluetooth: hci1: command 0x0406 tx timeout [ 354.045531][ T5238] kernel write not supported for file /amidi2 (pid: 5238 comm: kworker/0:4) [ 354.062627][T13703] block nbd4: NBD_DISCONNECT [ 354.268546][T13714] netlink: 'syz.2.3684': attribute type 1 has an invalid length. [ 354.299583][T13714] __nla_validate_parse: 3 callbacks suppressed [ 354.299607][T13714] netlink: 9352 bytes leftover after parsing attributes in process `syz.2.3684'. [ 354.323162][T13715] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3682'. [ 354.333474][T13714] netlink: 'syz.2.3684': attribute type 1 has an invalid length. [ 354.351414][T13714] netlink: 'syz.2.3684': attribute type 2 has an invalid length. [ 355.655071][T13768] io-wq is not configured for unbound workers [ 355.750863][T13774] can0: slcan on ttyS3. [ 355.780901][T13776] misc userio: No port type given on /dev/userio [ 355.805163][ T5344] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 355.827797][T13774] can0 (unregistered): slcan off ttyS3. [ 355.954259][ T5238] usb 2-1: new full-speed USB device number 30 using dummy_hcd [ 356.003668][ T5344] usb 5-1: Using ep0 maxpacket: 16 [ 356.015874][ T5344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 356.041389][ T5344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 356.064125][ T5344] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 356.083696][ T5344] usb 5-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 356.092234][ T5344] usb 5-1: Product: syz [ 356.103641][ T5344] usb 5-1: Manufacturer: syz [ 356.117868][ T5344] usb 5-1: config 0 descriptor?? [ 356.161634][ T5238] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 356.178070][ T5238] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.203390][ T5238] usb 2-1: config 0 descriptor?? [ 356.555911][ T5344] kovaplus 0003:1E7D:2D50.003D: unknown main item tag 0x0 [ 356.563196][ T5344] kovaplus 0003:1E7D:2D50.003D: unknown main item tag 0x0 [ 356.573158][ T5344] kovaplus 0003:1E7D:2D50.003D: unknown main item tag 0x0 [ 356.582835][ T5344] kovaplus 0003:1E7D:2D50.003D: unknown main item tag 0x0 [ 356.590421][ T5344] kovaplus 0003:1E7D:2D50.003D: unknown main item tag 0x0 [ 356.598707][ T5344] kovaplus 0003:1E7D:2D50.003D: unknown main item tag 0x0 [ 356.609063][ T5344] kovaplus 0003:1E7D:2D50.003D: unknown main item tag 0x0 [ 356.632135][ T5344] kovaplus 0003:1E7D:2D50.003D: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.4-1/input0 [ 356.666370][ T5238] [drm:udl_init] *ERROR* Selecting channel failed [ 356.685812][ T5238] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 356.692680][ T5238] [drm] Initialized udl on minor 2 [ 356.701090][ T5238] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 356.714048][ T5238] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 356.722658][ T1171] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 356.733137][ T5238] usb 2-1: USB disconnect, device number 30 [ 356.739998][ T1171] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 356.888241][ T29] audit: type=1326 audit(1725948875.430:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13800 comm="syz.0.3723" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fab3b57def9 code=0x0 [ 356.972721][ T5344] kovaplus 0003:1E7D:2D50.003D: couldn't init struct kovaplus_device [ 356.994654][ T5344] kovaplus 0003:1E7D:2D50.003D: couldn't install mouse [ 357.026933][ T5344] kovaplus 0003:1E7D:2D50.003D: probe with driver kovaplus failed with error -71 [ 357.057514][ T5344] usb 5-1: USB disconnect, device number 31 [ 358.065601][T13835] program syz.2.3737 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 358.397349][ T5344] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 358.614002][ T5344] usb 5-1: Using ep0 maxpacket: 16 [ 358.629271][ T5344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 358.664231][ T5344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 358.696925][ T5344] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 358.717306][ T5344] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.740096][ T5344] usb 5-1: config 0 descriptor?? [ 359.220008][ T5344] corsair 0003:1B1C:1B02.003E: unknown main item tag 0x0 [ 359.242701][ T5344] corsair 0003:1B1C:1B02.003E: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.4-1/input0 [ 359.418218][ T5344] corsair 0003:1B1C:1B02.003E: Read invalid backlight brightness: db. [ 359.430226][T13884] ieee802154 phy0 wpan0: encryption failed: -90 [ 359.633093][ T5344] usb 5-1: USB disconnect, device number 32 [ 359.875071][T13905] input: syz1 as /devices/virtual/input/input46 [ 360.299176][T13925] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3777'. [ 360.414079][ T5344] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 360.626157][ T5344] usb 4-1: Using ep0 maxpacket: 16 [ 360.649520][ T5344] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.681003][ T5344] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 360.721300][ T5344] usb 4-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice= 0.40 [ 360.743806][T13947] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3788'. [ 360.752850][T13947] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3788'. [ 360.762014][ T5344] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.773056][ T5344] usb 4-1: Product: syz [ 360.777583][ T5344] usb 4-1: Manufacturer: syz [ 360.782379][ T5344] usb 4-1: SerialNumber: syz [ 360.787212][T13947] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3788'. [ 360.807932][ T5344] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input47 [ 361.037572][T13960] netlink: 1136 bytes leftover after parsing attributes in process `syz.2.3794'. [ 361.201797][ T25] usb 4-1: USB disconnect, device number 37 [ 361.325235][ T5272] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 361.525779][ T5272] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 361.536658][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.565653][ T5272] usb 2-1: config 0 descriptor?? [ 361.578102][ T5272] cp210x 2-1:0.0: cp210x converter detected [ 362.005528][ T5272] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 362.222327][ T5272] cp210x 2-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 362.249228][ T5272] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 362.276247][ T5272] usb 2-1: cp210x converter now attached to ttyUSB0 [ 362.297262][ T5272] usb 2-1: USB disconnect, device number 31 [ 362.325675][ T5272] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 362.354077][ T5272] cp210x 2-1:0.0: device disconnected [ 362.383696][T13993] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 362.412262][ T2514] Bluetooth: hci5: Frame reassembly failed (-84) [ 362.646841][T14002] delete_channel: no stack [ 362.663419][T14001] delete_channel: no stack [ 363.296275][T14032] netlink: 'syz.2.3828': attribute type 1 has an invalid length. [ 363.308219][T14032] netlink: 'syz.2.3828': attribute type 7 has an invalid length. [ 363.318075][T14032] netlink: 'syz.2.3828': attribute type 1 has an invalid length. [ 363.326163][T14032] netlink: 'syz.2.3828': attribute type 1 has an invalid length. [ 363.349901][T14032] bridge0: port 1(bridge_slave_0) entered blocking state [ 363.357273][T14032] bridge0: port 1(bridge_slave_0) entered forwarding state [ 363.489275][T14040] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3832'. [ 363.663082][T14049] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3836'. [ 364.062364][T14069] netlink: 'syz.4.3847': attribute type 19 has an invalid length. [ 364.394017][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 364.894093][ T25] usb 2-1: new full-speed USB device number 32 using dummy_hcd [ 364.961345][ T2514] Bluetooth: hci5: Frame reassembly failed (-84) [ 364.978370][T14111] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 365.095757][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 365.123661][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 365.134798][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 365.153657][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 365.171871][ T25] usb 2-1: config 0 descriptor?? [ 365.182027][ T25] hub 2-1:0.0: USB hub found [ 365.390031][ T25] hub 2-1:0.0: config failed, can't read hub descriptor (err -90) [ 365.595766][ T25] usbhid 2-1:0.0: can't add hid device: -71 [ 365.604668][ T25] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 365.646127][ T25] usb 2-1: USB disconnect, device number 32 [ 366.152193][T14146] team0: entered promiscuous mode [ 366.180217][T14146] team_slave_0: entered promiscuous mode [ 366.190099][T14146] team_slave_1: entered promiscuous mode [ 366.214501][T14149] team0: left promiscuous mode [ 366.219561][T14149] team_slave_0: left promiscuous mode [ 366.226769][T14149] team_slave_1: left promiscuous mode [ 366.376541][T14153] "syz.3.3883" (14153) uses obsolete ecb(arc4) skcipher [ 366.481842][T14164] program syz.1.3887 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 366.753390][T14177] netlink: 201400 bytes leftover after parsing attributes in process `syz.3.3893'. [ 366.947668][T14185] batadv0: entered promiscuous mode [ 366.953887][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 366.961845][T14185] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 367.392618][ T29] audit: type=1326 audit(1725948885.930:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14208 comm="syz.1.3907" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x0 [ 367.452471][T14213] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3909'. [ 367.597228][ T29] audit: type=1326 audit(1725948886.140:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14219 comm="syz.4.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 367.637112][ T29] audit: type=1326 audit(1725948886.140:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14219 comm="syz.4.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 367.671260][ T29] audit: type=1326 audit(1725948886.170:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14219 comm="syz.4.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 367.708794][ T29] audit: type=1326 audit(1725948886.170:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14219 comm="syz.4.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 367.755507][T14228] netem: incorrect ge model size [ 367.761463][ T29] audit: type=1326 audit(1725948886.170:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14219 comm="syz.4.3912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 367.784464][T14228] netem: change failed [ 367.967426][ T54] Bluetooth: hci2: unexpected event for opcode 0x1003 [ 369.086378][T14282] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.108323][T14282] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.243229][ T29] audit: type=1326 audit(1725948887.780:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14288 comm="syz.3.3945" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f149337def9 code=0x0 [ 370.050888][T14321] netlink: 632 bytes leftover after parsing attributes in process `syz.4.3958'. [ 370.247787][T14326] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3960'. [ 370.565178][ T25] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 370.696397][T14353] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 370.714011][T14353] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 370.750240][T14353] Error parsing options; rc = [-22] [ 370.790845][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 370.817659][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 370.838647][ T25] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 370.863611][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 370.913444][ T25] usb 3-1: config 0 descriptor?? [ 371.343417][ T25] isku 0003:1E7D:319C.003F: unknown main item tag 0x0 [ 371.377179][ T25] isku 0003:1E7D:319C.003F: unknown main item tag 0x0 [ 371.397750][T14372] netlink: 64859 bytes leftover after parsing attributes in process `syz.4.3980'. [ 371.398338][ T25] isku 0003:1E7D:319C.003F: unknown main item tag 0x0 [ 371.433874][ T25] isku 0003:1E7D:319C.003F: unknown main item tag 0x0 [ 371.440749][ T25] isku 0003:1E7D:319C.003F: unknown main item tag 0x0 [ 371.478937][ T25] isku 0003:1E7D:319C.003F: unknown main item tag 0x0 [ 371.503704][ T25] isku 0003:1E7D:319C.003F: unknown main item tag 0x0 [ 371.534125][ T25] isku 0003:1E7D:319C.003F: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0 [ 371.820224][ T4613] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 371.832732][ T4613] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 371.848201][ T25] usb 3-1: USB disconnect, device number 44 [ 371.848789][ T4613] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 371.869968][ T4613] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 371.879078][ T4613] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 371.887135][ T4613] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 371.995488][ T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 372.005938][ T54] Bluetooth: hci2: Injecting HCI hardware error event [ 372.016304][ T4613] Bluetooth: hci2: hardware error 0x00 [ 372.270936][T14385] chnl_net:caif_netlink_parms(): no params data found [ 372.432786][T14385] bridge0: port 1(bridge_slave_0) entered blocking state [ 372.471696][T14385] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.502975][T14385] bridge_slave_0: entered allmulticast mode [ 372.548510][T14385] bridge_slave_0: entered promiscuous mode [ 372.569901][T14399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3987'. [ 372.610050][T14385] bridge0: port 2(bridge_slave_1) entered blocking state [ 372.630076][T14385] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.652280][T14385] bridge_slave_1: entered allmulticast mode [ 372.673355][T14385] bridge_slave_1: entered promiscuous mode [ 372.832963][T14385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 372.869899][T14385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 373.025917][T14385] team0: Port device team_slave_0 added [ 373.049528][T14385] team0: Port device team_slave_1 added [ 373.171803][T14385] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 373.209779][T14385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.259636][T14385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 373.286627][T14385] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 373.311534][T14385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.382338][T14385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 373.589750][T14385] hsr_slave_0: entered promiscuous mode [ 373.603021][T14385] hsr_slave_1: entered promiscuous mode [ 373.630121][T14385] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 373.641720][T14385] Cannot create hsr debugfs directory [ 373.916940][ T54] Bluetooth: hci5: command tx timeout [ 374.075795][ T4613] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 374.101946][T14454] bridge0: port 1(bridge_slave_0) entered disabled state [ 374.128705][T14454] bridge0: port 1(bridge_slave_0) entered disabled state [ 374.386810][T14385] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.610993][T14385] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.073451][T14385] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.124114][T14477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4023'. [ 375.284514][T14385] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.734084][T14385] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 375.774197][T14385] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 375.817782][T14385] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 375.850373][T14385] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 375.881284][T14513] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 375.996598][ T4613] Bluetooth: hci5: command tx timeout [ 376.151767][T14523] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) ! [ 376.211240][T14385] 8021q: adding VLAN 0 to HW filter on device bond0 [ 376.263230][T14385] 8021q: adding VLAN 0 to HW filter on device team0 [ 376.314737][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.321954][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 376.388164][T14532] hsr0: entered promiscuous mode [ 376.516462][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.523742][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 377.212338][T14385] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 377.404622][T14385] veth0_vlan: entered promiscuous mode [ 377.449589][T14385] veth1_vlan: entered promiscuous mode [ 377.583192][T14385] veth0_macvtap: entered promiscuous mode [ 377.646145][T14385] veth1_macvtap: entered promiscuous mode [ 377.729670][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.765224][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.778400][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.790032][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.800824][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.816658][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.830344][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.842141][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.927975][T14385] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 377.957404][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.990584][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.019524][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.034279][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.047983][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.059864][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.081107][ T4613] Bluetooth: hci5: command tx timeout [ 378.109533][T14385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.142988][T14385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.190710][T14385] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 378.250064][T14385] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.278053][T14385] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.303791][T14385] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.312665][T14385] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.408856][ T29] audit: type=1400 audit(1725948896.950:186): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=14592 comm="syz.3.4077" src=1280 dest=20002 netif=wpan0 [ 378.877724][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.885563][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.941723][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 379.025673][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 379.233927][ T1121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 379.243243][ T1121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 379.849620][T14646] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4099'. [ 379.861963][T14646] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4099'. [ 380.154369][ T4613] Bluetooth: hci5: command tx timeout [ 380.203365][T14660] netlink: 2060 bytes leftover after parsing attributes in process `syz.3.4105'. [ 380.230305][T14660] netlink: 'syz.3.4105': attribute type 1 has an invalid length. [ 380.264032][T14660] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.4105'. [ 380.282123][T14665] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 380.293830][ T5272] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 380.430978][T14672] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) ! [ 380.454191][ T5344] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 380.481830][ T5272] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 380.511925][ T5272] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.527761][ T5272] usb 5-1: config 0 descriptor?? [ 380.545478][ T5272] cp210x 5-1:0.0: cp210x converter detected [ 380.664719][ T5344] usb 2-1: Using ep0 maxpacket: 8 [ 380.676488][ T5344] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 380.688399][ T5344] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.703610][ T5344] usb 2-1: Product: syz [ 380.713178][ T5344] usb 2-1: Manufacturer: syz [ 380.732782][ T5344] usb 2-1: SerialNumber: syz [ 380.742823][ T5344] usb 2-1: config 0 descriptor?? [ 380.784751][ T5238] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 380.968048][ T5272] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 380.973875][ T5344] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 380.993176][ T5238] usb 4-1: config 220 has too many interfaces: 184, using maximum allowed: 32 [ 381.005165][ T5238] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 184 [ 381.010953][ T5272] usb 5-1: cp210x converter now attached to ttyUSB0 [ 381.026238][ T5238] usb 4-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85 [ 381.042665][ T5238] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 381.068640][ T5238] gspca_main: sn9c2028-2.14.0 probing 0c45:8008 [ 381.232997][ T46] usb 5-1: USB disconnect, device number 33 [ 381.244652][ T46] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 381.272316][ T46] cp210x 5-1:0.0: device disconnected [ 381.307695][ T5238] gspca_sn9c2028: read1 error -32 [ 381.314738][ T5238] gspca_sn9c2028: read1 error -32 [ 381.525979][ T46] usb 4-1: USB disconnect, device number 38 [ 381.560285][T14689] kernel profiling enabled (shift: 0) [ 381.586201][ T5344] usb write operation failed. (-71) [ 381.600592][ T5344] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 381.612733][ T5344] dvbdev: DVB: registering new adapter (Terratec H7) [ 381.626214][ T5344] usb 2-1: media controller created [ 381.631910][ T5344] usb read operation failed. (-71) [ 381.645082][ T5344] usb write operation failed. (-71) [ 381.656117][ T5344] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 381.669955][ T5344] usb 2-1: USB disconnect, device number 33 [ 381.814260][ T5238] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 382.014783][ T5238] usb 3-1: Using ep0 maxpacket: 32 [ 382.028796][ T5238] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 382.045128][ T5238] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 382.060228][ T5238] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 382.076651][ T5238] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.090856][ T5238] usb 3-1: config 0 descriptor?? [ 382.116291][ T5238] hub 3-1:0.0: USB hub found [ 382.223130][ T29] audit: type=1326 audit(1725948900.760:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 382.274516][T14699] Failed to get privilege flags for destination (handle=0x2:0x0) [ 382.285296][ T29] audit: type=1326 audit(1725948900.760:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 382.353694][ T29] audit: type=1326 audit(1725948900.810:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 382.392893][ T5238] hub 3-1:0.0: 1 port detected [ 382.422516][ T29] audit: type=1326 audit(1725948900.810:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 382.470710][T14689] syz.0.4119: vmalloc error: size 729808896, failed to allocated page array size 1425408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 382.501141][ T29] audit: type=1326 audit(1725948900.810:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 382.539298][T14689] CPU: 1 UID: 0 PID: 14689 Comm: syz.0.4119 Not tainted 6.11.0-rc7-syzkaller-00017-gbc83b4d1f086 #0 [ 382.550156][T14689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 382.560229][T14689] Call Trace: [ 382.563533][T14689] [ 382.566493][T14689] dump_stack_lvl+0x241/0x360 [ 382.571200][T14689] ? __pfx_dump_stack_lvl+0x10/0x10 [ 382.576420][T14689] ? __pfx__printk+0x10/0x10 [ 382.581069][T14689] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 382.587549][T14689] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 382.594084][T14689] warn_alloc+0x278/0x410 [ 382.598455][T14689] ? __pfx_warn_alloc+0x10/0x10 [ 382.603340][T14689] ? profile_init+0xb1/0x100 [ 382.607954][T14689] ? __get_vm_area_node+0x23d/0x270 [ 382.613179][T14689] __vmalloc_node_range_noprof+0x6a2/0x1400 [ 382.619107][T14689] ? _printk+0xd5/0x120 [ 382.623302][T14689] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 382.629655][T14689] ? rcu_is_watching+0x15/0xb0 [ 382.634444][T14689] ? rcu_is_watching+0x15/0xb0 [ 382.639235][T14689] ? profile_init+0xb1/0x100 [ 382.643845][T14689] ? __pfx_sysfs_kf_write+0x10/0x10 [ 382.649077][T14689] vzalloc_noprof+0x79/0x90 [ 382.653609][T14689] ? profile_init+0xb1/0x100 [ 382.658223][T14689] profile_init+0xb1/0x100 [ 382.662661][T14689] profiling_store+0x6c/0xf0 [ 382.667283][T14689] kernfs_fop_write_iter+0x3a1/0x500 [ 382.672863][T14689] vfs_write+0xa72/0xc90 [ 382.677142][T14689] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 382.683165][T14689] ? __pfx_vfs_write+0x10/0x10 [ 382.687955][T14689] ? do_futex+0x33b/0x560 [ 382.692329][T14689] ksys_write+0x1a0/0x2c0 [ 382.696881][T14689] ? __pfx_ksys_write+0x10/0x10 [ 382.701758][T14689] ? do_syscall_64+0x100/0x230 [ 382.706571][T14689] ? do_syscall_64+0xb6/0x230 [ 382.711275][T14689] do_syscall_64+0xf3/0x230 [ 382.715825][T14689] ? clear_bhb_loop+0x35/0x90 [ 382.720537][T14689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.726477][T14689] RIP: 0033:0x7fe70277def9 [ 382.731005][T14689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 382.750818][T14689] RSP: 002b:00007fe703621038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 382.759274][T14689] RAX: ffffffffffffffda RBX: 00007fe702935f80 RCX: 00007fe70277def9 [ 382.767281][T14689] RDX: 0000000000000048 RSI: 0000000020000280 RDI: 0000000000000003 [ 382.775266][T14689] RBP: 00007fe7027f09f6 R08: 0000000000000000 R09: 0000000000000000 [ 382.783250][T14689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 382.791236][T14689] R13: 0000000000000000 R14: 00007fe702935f80 R15: 00007ffcdfd0cd48 [ 382.799359][T14689] [ 382.809304][ T29] audit: type=1326 audit(1725948900.810:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 382.863598][T14689] Mem-Info: [ 382.864481][ T29] audit: type=1326 audit(1725948900.810:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 382.867550][T14689] active_anon:230 inactive_anon:3278 isolated_anon:0 [ 382.867550][T14689] active_file:12549 inactive_file:40076 isolated_file:0 [ 382.867550][T14689] unevictable:1472 dirty:411 writeback:0 [ 382.867550][T14689] slab_reclaimable:7593 slab_unreclaimable:99278 [ 382.867550][T14689] mapped:24384 shmem:1242 pagetables:834 [ 382.867550][T14689] sec_pagetables:0 bounce:0 [ 382.867550][T14689] kernel_misc_reclaimable:0 [ 382.867550][T14689] free:1316392 free_pcp:3124 free_cma:0 [ 382.937040][ C0] vkms_vblank_simulate: vblank timer overrun [ 382.950278][ T29] audit: type=1326 audit(1725948900.810:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 383.000536][T14689] Node 0 active_anon:920kB inactive_anon:12912kB active_file:50068kB inactive_file:160304kB unevictable:4352kB isolated(anon):0kB isolated(file):0kB mapped:97484kB dirty:1644kB writeback:0kB shmem:3432kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10068kB pagetables:3236kB sec_pagetables:0kB all_unreclaimable? no [ 383.033182][ C0] vkms_vblank_simulate: vblank timer overrun [ 383.038233][ T29] audit: type=1326 audit(1725948900.810:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14696 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f944fd7def9 code=0x7ffc0000 [ 383.057368][ T5238] usb 3-1: USB disconnect, device number 45 [ 383.125285][T14689] Node 1 active_anon:0kB inactive_anon:0kB active_file:128kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 383.200750][T14689] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 383.228200][ C0] vkms_vblank_simulate: vblank timer overrun [ 383.247261][T14689] lowmem_reserve[]: 0 2469 2470 0 0 [ 383.252902][T14689] Node 0 DMA32 free:1298792kB boost:0kB min:34244kB low:42804kB high:51364kB reserved_highatomic:0KB active_anon:916kB inactive_anon:14864kB active_file:49056kB inactive_file:160240kB unevictable:4364kB writepending:1648kB present:3129332kB managed:2557024kB mlocked:2828kB bounce:0kB free_pcp:1708kB local_pcp:420kB free_cma:0kB [ 383.276825][T14719] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 383.284130][ C0] vkms_vblank_simulate: vblank timer overrun [ 383.366451][T14689] lowmem_reserve[]: 0 0 1 0 0 [ 383.371298][T14689] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1000kB inactive_file:64kB unevictable:0kB writepending:4kB present:1048576kB managed:1128kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 383.429487][T14689] lowmem_reserve[]: 0 0 0 0 0 [ 383.449628][T14689] Node 1 Normal free:3945588kB boost:0kB min:55644kB low:69552kB high:83460kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:128kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:8536kB local_pcp:1096kB free_cma:0kB [ 383.535455][T14689] lowmem_reserve[]: 0 0 0 0 0 [ 383.541268][T14689] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 383.579632][T14689] Node 0 DMA32: 3*4kB (UME) 21*8kB (E) 30*16kB (UE) 338*32kB (UME) 273*64kB (UME) 16*128kB (ME) 18*256kB (UME) 9*512kB (ME) 7*1024kB (UME) 6*2048kB (UM) 298*4096kB (UM) = 1280276kB [ 383.607790][T14689] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 383.621230][T14689] Node 1 Normal: 0*4kB 9*8kB (UM) 8*16kB (UM) 7*32kB (UM) 8*64kB (UM) 10*128kB (UM) 8*256kB (UM) 6*512kB (UM) 4*1024kB (UM) 5*2048kB (UM) 958*4096kB (UM) = 3945640kB [ 383.641265][T14689] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 383.677733][T14689] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 383.688803][T14689] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 383.705155][T14689] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 383.734934][T14689] 54373 total pagecache pages [ 383.739989][T14689] 0 pages in swap cache [ 383.784361][T14689] Free swap = 123476kB [ 383.788691][T14689] Total swap = 124996kB [ 383.792971][T14689] 2097051 pages RAM [ 383.817598][T14689] 0 pages HighMem/MovableOnly [ 383.822366][T14689] 426393 pages reserved [ 383.846037][T14689] 0 pages cma reserved [ 384.579179][T14740] program syz.2.4143 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 384.621199][T14740] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 384.622541][ T5238] kernel write not supported for file /sg0 (pid: 5238 comm: kworker/0:4) [ 384.834323][T14744] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4144'. [ 385.899029][T14784] tun0: tun_chr_ioctl cmd 1074025675 [ 385.923614][T14784] tun0: persist disabled [ 386.009683][T14786] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 386.181516][T14796] netlink: 'syz.0.4168': attribute type 1 has an invalid length. [ 386.220419][T14796] netlink: 9380 bytes leftover after parsing attributes in process `syz.0.4168'. [ 386.992199][T14821] netlink: 'syz.0.4178': attribute type 6 has an invalid length. [ 387.371699][ T29] audit: type=1326 audit(1725948905.910:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14837 comm="syz.0.4184" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe70277def9 code=0x0 [ 389.191327][T14893] Process accounting resumed [ 389.330128][T14895] netlink: 'syz.0.4211': attribute type 1 has an invalid length. [ 389.394083][T14895] netlink: 9320 bytes leftover after parsing attributes in process `syz.0.4211'. [ 389.432024][T14895] netlink: 'syz.0.4211': attribute type 1 has an invalid length. [ 389.473483][T14895] netlink: 'syz.0.4211': attribute type 2 has an invalid length. [ 389.843847][ T5272] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 389.997651][T14915] Process accounting resumed [ 390.015161][T14917] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4220'. [ 390.054343][ T5272] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 390.083663][ T5272] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 390.118534][ T5272] usb 5-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 390.154811][ T5272] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 390.190221][ T5272] usb 5-1: config 0 descriptor?? [ 390.275433][T14925] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 390.619389][ T5272] steelseries 0003:1038:12B6.0040: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.4-1/input0 [ 390.829218][T14944] delete_channel: no stack [ 390.856870][T14948] netlink: 277 bytes leftover after parsing attributes in process `syz.0.4234'. [ 390.924337][ T5271] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 391.089036][ T5272] usb 5-1: USB disconnect, device number 34 [ 391.123783][ T5271] usb 2-1: Using ep0 maxpacket: 32 [ 391.131125][ T5271] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.166297][ T5271] usb 2-1: config 0 has no interfaces? [ 391.171887][ T5271] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 391.192005][ T5271] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.214162][ T5271] usb 2-1: config 0 descriptor?? [ 391.347075][T14966] program syz.2.4242 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 391.470540][ T5238] usb 2-1: USB disconnect, device number 34 [ 391.939632][T14984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4250'. [ 391.950547][ T29] audit: type=1326 audit(1725948910.490:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.004730][ T29] audit: type=1326 audit(1725948910.520:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.052635][ T29] audit: type=1326 audit(1725948910.530:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.075119][ T29] audit: type=1326 audit(1725948910.530:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.163687][ T29] audit: type=1326 audit(1725948910.530:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.233705][ T29] audit: type=1326 audit(1725948910.530:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.289172][ T29] audit: type=1326 audit(1725948910.530:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.354355][ T29] audit: type=1326 audit(1725948910.530:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.449236][ T29] audit: type=1326 audit(1725948910.530:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14983 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149337def9 code=0x7ffc0000 [ 392.605683][ T29] audit: type=1326 audit(1725948911.150:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 392.627270][ C0] vkms_vblank_simulate: vblank timer overrun [ 392.656774][ T29] audit: type=1326 audit(1725948911.150:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 392.678366][ C0] vkms_vblank_simulate: vblank timer overrun [ 392.711870][T15016] netlink: 43 bytes leftover after parsing attributes in process `syz.0.4266'. [ 392.722789][ T29] audit: type=1326 audit(1725948911.180:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 392.744488][ C0] vkms_vblank_simulate: vblank timer overrun [ 392.758793][ T29] audit: type=1326 audit(1725948911.240:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 392.784596][ T29] audit: type=1326 audit(1725948911.240:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 392.853449][ T29] audit: type=1326 audit(1725948911.240:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 392.875861][ C0] vkms_vblank_simulate: vblank timer overrun [ 392.887668][ T29] audit: type=1326 audit(1725948911.240:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 392.909422][ C0] vkms_vblank_simulate: vblank timer overrun [ 392.980141][T15025] netlink: 248 bytes leftover after parsing attributes in process `syz.1.4271'. [ 392.999820][ T29] audit: type=1326 audit(1725948911.250:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcd4e774ea7 code=0x7ffc0000 [ 393.077038][ T29] audit: type=1326 audit(1725948911.250:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15009 comm="syz.2.4263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcd4e719869 code=0x7ffc0000 [ 393.181114][T15030] program syz.2.4273 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 393.385752][ T5238] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 393.584385][ T5238] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 393.624143][ T5238] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.654618][ T5238] usb 4-1: Product: syz [ 393.658912][ T5238] usb 4-1: Manufacturer: syz [ 393.698286][ T5238] usb 4-1: SerialNumber: syz [ 393.737677][ T5238] usb 4-1: config 0 descriptor?? [ 393.835196][ T8] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 394.000162][ T5238] hso 4-1:0.0: Failed to find BULK IN ep [ 394.034773][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 394.046034][ T5238] usb-storage 4-1:0.0: USB Mass Storage device detected [ 394.071162][ T8] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 394.111803][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.168714][ T8] usb 3-1: config 0 descriptor?? [ 394.240050][ T8] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 394.254611][ T5238] usb 4-1: USB disconnect, device number 39 [ 395.065531][ T5272] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 395.075941][ T8] gspca_sunplus: reg_w_riv err -71 [ 395.091705][ T8] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 395.155313][ T8] usb 3-1: USB disconnect, device number 46 [ 395.301780][ T5272] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 395.314446][ T5272] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.334597][ T5272] usb 2-1: Product: syz [ 395.343666][ T5272] usb 2-1: Manufacturer: syz [ 395.348358][ T5272] usb 2-1: SerialNumber: syz [ 395.373776][ T5272] usb 2-1: config 0 descriptor?? [ 395.381045][T15078] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 395.400281][ T5272] ch341 2-1:0.0: ch341-uart converter detected [ 396.008897][T15100] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4303'. [ 396.245653][ T5272] usb 2-1: failed to send control message: -71 [ 396.251944][ T5272] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 396.275518][ T5272] usb 2-1: USB disconnect, device number 35 [ 396.293828][ T5272] ch341 2-1:0.0: device disconnected [ 396.333368][T15112] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4310'. [ 396.419180][T15116] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 396.432429][T15118] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 396.984141][ T5238] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 397.165483][ T5238] usb 4-1: Using ep0 maxpacket: 8 [ 397.175734][ T5238] usb 4-1: config 167 has too many interfaces: 202, using maximum allowed: 32 [ 397.186676][ T5238] usb 4-1: config 167 has 1 interface, different from the descriptor's value: 202 [ 397.207257][ T5238] usb 4-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29 [ 397.225574][ T5238] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.240754][ T5238] usb 4-1: Product: syz [ 397.250266][ T5238] usb 4-1: Manufacturer: syz [ 397.255805][ T5238] usb 4-1: SerialNumber: syz [ 397.273981][ T5238] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state. [ 397.289442][ T5238] dvb-usb: bulk message failed: -22 (3/0) [ 397.327853][ T5238] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 397.340982][ T5238] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author) [ 397.358303][ T5238] usb 4-1: media controller created [ 397.397981][ T5238] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 397.438110][ T5238] dvb-usb: bulk message failed: -22 (6/0) [ 397.449416][ T5238] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author' [ 397.480941][ T5238] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input50 [ 397.510314][ T5238] dvb-usb: schedule remote query interval to 150 msecs. [ 397.525486][ T5238] dvb-usb: bulk message failed: -22 (3/0) [ 397.554238][ T5238] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected. [ 397.684528][ T5238] dvb-usb: bulk message failed: -22 (1/0) [ 397.692055][ T5238] dvb-usb: error while querying for an remote control event. [ 397.871515][ T1171] dvb-usb: bulk message failed: -22 (1/0) [ 397.884492][ T1171] dvb-usb: error while querying for an remote control event. [ 397.915048][ T1171] usb 4-1: USB disconnect, device number 40 [ 397.982015][ T1171] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected. [ 399.294692][T15227] netlink: 'syz.2.4366': attribute type 9 has an invalid length. [ 399.309720][T15227] netlink: 335 bytes leftover after parsing attributes in process `syz.2.4366'. [ 399.594079][ T8] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 399.814367][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 399.866620][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 399.903715][ T8] usb 5-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00 [ 399.943737][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 399.955747][ T8] usb 5-1: config 0 descriptor?? [ 400.441783][ T8] sony 0003:1345:3008.0041: unknown main item tag 0x0 [ 400.450023][T15264] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4382'. [ 400.459296][ T8] sony 0003:1345:3008.0041: unknown main item tag 0x0 [ 400.462458][T15264] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4382'. [ 400.478540][ T8] sony 0003:1345:3008.0041: unknown main item tag 0x0 [ 400.493626][ T8] sony 0003:1345:3008.0041: unknown main item tag 0x0 [ 400.510389][ T8] sony 0003:1345:3008.0041: hiddev0,hidraw0: USB HID v80.00 Device [HID 1345:3008] on usb-dummy_hcd.4-1/input0 [ 400.524928][ T8] sony 0003:1345:3008.0041: failed to claim input [ 400.593670][ T5238] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 400.702466][ T8] usb 5-1: USB disconnect, device number 35 [ 400.805519][ T5238] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 400.822784][ T5238] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.856435][ T5238] usb 4-1: config 0 descriptor?? [ 400.873158][ T5238] cp210x 4-1:0.0: cp210x converter detected [ 401.281563][ T5238] usb 4-1: cp210x converter now attached to ttyUSB0 [ 401.519486][ T5271] usb 4-1: USB disconnect, device number 41 [ 401.537880][ T5271] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 401.595645][ T5271] cp210x 4-1:0.0: device disconnected [ 401.808160][T15306] mkiss: ax0: crc mode is auto. [ 401.907846][T15309] mkiss: ax0: crc mode is auto. [ 402.009720][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 402.009741][ T29] audit: type=1326 audit(1725948920.550:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15314 comm="syz.1.4405" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x0 [ 402.037841][ C0] vkms_vblank_simulate: vblank timer overrun [ 402.221172][T15324] netpci0: tun_chr_ioctl cmd 1074025677 [ 402.229111][T15324] netpci0: linktype set to 0 [ 402.265057][T15328] PKCS7: Unknown OID: [5] 0.0 [ 402.270682][T15328] PKCS7: Only support pkcs7_signedData type [ 402.473923][ T8] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 402.677537][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 402.695411][T15346] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 402.697852][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 402.714548][ T8] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 402.731914][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.755109][ T8] usb 5-1: config 0 descriptor?? [ 403.196844][ T8] holtek_kbd 0003:04D9:A055.0042: unknown main item tag 0x0 [ 403.210331][ T8] holtek_kbd 0003:04D9:A055.0042: item fetching failed at offset 3/5 [ 403.221469][ T8] holtek_kbd 0003:04D9:A055.0042: probe with driver holtek_kbd failed with error -22 [ 403.426800][ T8] usb 5-1: USB disconnect, device number 36 [ 404.113732][ T5272] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 404.319184][ T5272] usb 2-1: Using ep0 maxpacket: 16 [ 404.340383][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.363565][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 404.393845][ T5272] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 404.402947][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.446305][ T5272] usb 2-1: config 0 descriptor?? [ 404.722568][ T8] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0 [ 404.751294][ T8] hid-generic 0000:0000:0000.0043: hidraw0: HID v0.00 Device [syz0] on syz0 [ 404.872535][ T5272] corsair 0003:1B1C:1B02.0044: hidraw1: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.1-1/input0 [ 404.958361][T15398] devtmpfs: Cannot change global quota limit on remount [ 405.044587][T15402] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 405.187610][T15408] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 405.285371][T15412] IPv6: sit1: Disabled Multicast RS [ 405.349661][ T5238] usb 2-1: USB disconnect, device number 36 [ 405.953475][T15434] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 406.694595][T15457] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4472'. [ 407.017379][T15462] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4474'. [ 407.072259][ T29] audit: type=1326 audit(1725948925.610:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.137722][ T29] audit: type=1326 audit(1725948925.610:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.213692][ T29] audit: type=1326 audit(1725948925.610:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.273659][ T29] audit: type=1326 audit(1725948925.610:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.330096][ T29] audit: type=1326 audit(1725948925.610:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.383838][ T29] audit: type=1326 audit(1725948925.610:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.431122][ T29] audit: type=1326 audit(1725948925.610:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.489365][ T29] audit: type=1326 audit(1725948925.610:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.551622][ T29] audit: type=1326 audit(1725948925.610:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 407.589402][T15485] Process accounting resumed [ 407.635828][T15486] IPv6: sit1: Disabled Multicast RS [ 407.643852][ T29] audit: type=1326 audit(1725948925.610:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15465 comm="syz.1.4477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f877def9 code=0x7ffc0000 [ 408.067074][T15502] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4492'. [ 408.357596][T15515] Process accounting resumed [ 408.369620][ T8] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 408.703070][T15529] eth0_vlan: renamed from bridge_slave_1 (while UP) [ 408.792161][T15531] netlink: 'syz.4.4508': attribute type 3 has an invalid length. [ 408.803854][T15531] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4508'. [ 408.832886][T15531] netlink: 'syz.4.4508': attribute type 3 has an invalid length. [ 409.195286][T15541] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 409.260014][T15543] Process accounting resumed [ 409.899556][T15574] netlink: 392 bytes leftover after parsing attributes in process `syz.1.4527'. [ 411.064384][T15619] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4546'. [ 411.213455][T15623] Invalid ELF section header overflow [ 411.289117][T15625] mkiss: ax0: crc mode is auto. [ 411.358892][T15629] netlink: 188 bytes leftover after parsing attributes in process `syz.2.4552'. [ 411.480277][ T4613] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 411.499101][T15630] mkiss: ax0: crc mode is auto. [ 412.253893][ T5271] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 412.407013][T15671] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 412.457937][ T5271] usb 5-1: Using ep0 maxpacket: 32 [ 412.488708][ T5271] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 412.530764][ T5271] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 412.550864][ T5271] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 412.573584][ T5271] usb 5-1: Product: syz [ 412.577859][ T5271] usb 5-1: Manufacturer: syz [ 412.598826][ T5271] usb 5-1: SerialNumber: syz [ 412.616572][ T5271] usb 5-1: config 0 descriptor?? [ 412.623917][T15658] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 412.644531][ T5271] hub 5-1:0.0: bad descriptor, ignoring hub [ 412.678458][ T5271] hub 5-1:0.0: probe with driver hub failed with error -5 [ 412.702881][ T5271] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input51 [ 412.967484][ T8] usb 5-1: USB disconnect, device number 37 [ 412.967491][ C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 413.171080][T15696] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4584'. [ 413.254124][T15697] use of bytesused == 0 is deprecated and will be removed in the future, [ 413.284081][T15697] use the actual size instead. [ 413.909663][T15733] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4601'. [ 414.001771][T15739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4603'. [ 414.038413][T15739] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4603'. [ 414.042075][T15735] ptrace attach of "./syz-executor exec"[15737] was attempted by "./syz-executor exec"[15735] [ 414.511356][T15761] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4614'. [ 414.645691][T15766] loop6: detected capacity change from 0 to 524288000 [ 414.657139][T15768] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4618'. [ 414.686500][T15768] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4618'. [ 415.054320][ T1171] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 415.278282][ T1171] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.304471][ T1171] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.336067][ T1171] usb 3-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 415.356054][ T1171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.390590][ T1171] usb 3-1: config 0 descriptor?? [ 415.862882][ T1171] steelseries 0003:1038:12B6.0045: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.2-1/input0 [ 416.048274][T15813] netlink: 'syz.3.4639': attribute type 1 has an invalid length. [ 416.273249][T15820] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4642'. [ 416.344473][ T9] usb 3-1: USB disconnect, device number 48 [ 416.434914][ T46] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 416.640747][ T46] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 416.673814][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.719370][ T46] usb 5-1: config 0 descriptor?? [ 416.742949][ T46] gspca_main: spca508-2.14.0 probing 8086:0110 [ 416.748459][T15839] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4649'. [ 416.943890][ T46] gspca_spca508: reg_read err -32 [ 416.973705][ T46] gspca_spca508: reg_read err -32 [ 417.057641][T15849] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4655'. [ 417.183316][ T46] gspca_spca508: reg_read err -71 [ 417.192848][ T46] gspca_spca508: reg_read err -71 [ 417.205198][ T46] gspca_spca508: reg write: error -71 [ 417.216490][ T46] spca508 5-1:0.0: probe with driver spca508 failed with error -71 [ 417.243238][ T46] usb 5-1: USB disconnect, device number 38 [ 417.420996][T15862] sch_tbf: burst 0 is lower than device lo mtu (14) ! [ 417.983052][T15886] cannot load conntrack support for proto=3 [ 419.164750][T15933] __nla_validate_parse: 1 callbacks suppressed [ 419.164773][T15933] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.4694'. [ 420.397322][T15984] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4718'. [ 420.762729][T15994] MPI: mpi too large (185152 bits) [ 422.269317][T16039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4742'. [ 422.883084][T16067] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4755'. [ 423.152643][T16082] program syz.0.4763 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 423.451404][T16097] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4770'. [ 423.623762][ T5271] usb 5-1: new full-speed USB device number 39 using dummy_hcd [ 423.709837][ T29] audit: type=1400 audit(1725948942.250:253): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=16111 comm="syz.1.4776" dest=20002 netif=wpan0 [ 423.845654][ T5271] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 423.875955][ T5271] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 423.913758][ T5271] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 423.926360][ T5271] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.944391][ T5271] usb 5-1: Product: syz [ 423.948779][ T5271] usb 5-1: Manufacturer: syz [ 423.958892][ T5271] usb 5-1: SerialNumber: syz [ 423.986573][T16080] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 424.251477][ T5271] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 424.277701][ T5271] usb 5-1: USB disconnect, device number 39 [ 424.376192][T16129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4784'. [ 425.071883][T16156] sp0: Synchronizing with TNC [ 425.506815][T16170] syz.4.4800 (16170): /proc/16170/oom_adj is deprecated, please use /proc/16170/oom_score_adj instead. [ 425.768150][T16180] mkiss: ax0: crc mode is auto. [ 425.875139][T16180] Falling back ldisc for ttyS3. [ 425.993398][T16190] sp0: Synchronizing with TNC [ 426.240291][T14940] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 426.423665][T14940] usb 4-1: Using ep0 maxpacket: 16 [ 426.439460][T14940] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 426.448725][T14940] usb 4-1: config 0 has no interface number 0 [ 426.456048][ T5271] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 426.465519][T14940] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 426.475813][T14940] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 426.489457][T14940] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 426.498798][T14940] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 426.507051][T14940] usb 4-1: Product: syz [ 426.511368][T14940] usb 4-1: Manufacturer: syz [ 426.516100][T14940] usb 4-1: SerialNumber: syz [ 426.526445][T14940] usb 4-1: config 0 descriptor?? [ 426.532316][T16189] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 426.542529][T16189] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 426.664602][ T5271] usb 3-1: Using ep0 maxpacket: 8 [ 426.676700][ T5271] usb 3-1: New USB device found, idVendor=17cc, idProduct=0815, bcdDevice=47.b7 [ 426.687689][ T5271] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.699260][ T5271] usb 3-1: config 0 descriptor?? [ 426.710150][ T5271] usb 3-1: selecting invalid altsetting 1 [ 426.717041][ T5271] snd-usb-caiaq 3-1:0.0: can't set alt interface. [ 426.723833][ T5271] usb 3-1: unable to init card! (ret=-5) [ 426.730306][ T5271] snd-usb-caiaq 3-1:0.0: probe with driver snd-usb-caiaq failed with error -5 [ 426.795594][T16189] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 426.812836][T16189] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 426.929395][ T8] usb 3-1: USB disconnect, device number 49 [ 427.445914][T14940] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 427.464835][T14940] asix 4-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 427.485836][T14940] asix 4-1:0.251: probe with driver asix failed with error -71 [ 427.504105][T14940] usb 4-1: USB disconnect, device number 42 [ 428.274645][T16257] loop0: detected capacity change from 0 to 1 [ 428.306703][T16257] Dev loop0: unable to read RDB block 1 [ 428.312850][T16257] loop0: unable to read partition table [ 428.352832][T16257] loop0: partition table beyond EOD, truncated [ 428.372753][T16257] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 428.372753][T16257] ) failed (rc=-5) [ 429.365171][T16296] netlink: 'syz.2.4856': attribute type 2 has an invalid length. [ 429.471945][T16301] tipc: Started in network mode [ 429.492221][T16301] tipc: Node identity UNC_PROT, cluster identity 4711 [ 429.506484][T16301] tipc: Enabling of bearer rejected, failed to enable media [ 429.592119][T16308] netlink: 'syz.3.4862': attribute type 1 has an invalid length. [ 429.613678][T16308] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4862'. [ 429.672739][T16311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4865'. [ 430.648558][ T29] audit: type=1326 audit(1725948949.190:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 430.728177][ T29] audit: type=1326 audit(1725948949.190:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 430.794168][ T29] audit: type=1326 audit(1725948949.220:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 430.846891][T16367] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4891'. [ 430.857016][ T29] audit: type=1326 audit(1725948949.220:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 430.879997][ T29] audit: type=1326 audit(1725948949.220:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 430.909434][ T29] audit: type=1326 audit(1725948949.220:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 430.938283][ T29] audit: type=1326 audit(1725948949.220:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 431.006989][ T29] audit: type=1326 audit(1725948949.230:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 431.069767][ T29] audit: type=1326 audit(1725948949.230:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16359 comm="syz.2.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4e77def9 code=0x7ffc0000 [ 431.092757][T16375] tap0: tun_chr_ioctl cmd 1074025677 [ 431.110013][T16375] tap0: linktype set to 780 [ 431.408694][T16392] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4902'. [ 432.180286][T16416] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4913'. [ 433.772540][ T46] kernel write not supported for file /sg0 (pid: 46 comm: kworker/1:1) [ 434.494141][T16489] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.4942'. [ 434.874641][ T4613] Bluetooth: hci5: command tx timeout [ 435.011280][T16504] [ 435.013671][T16504] ===================================================== [ 435.020694][T16504] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 435.028160][T16504] 6.11.0-rc7-syzkaller-00017-gbc83b4d1f086 #0 Not tainted [ 435.035528][T16504] ----------------------------------------------------- [ 435.042455][T16504] syz.2.4949/16504 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 435.050188][T16504] ffffffff8e40a058 (tasklist_lock){.+.+}-{2:2}, at: send_sigio+0xfc/0x360 [ 435.058834][T16504] [ 435.058834][T16504] and this task is already holding: [ 435.066208][T16504] ffff8880764a2d98 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x33/0x360 [ 435.075036][T16504] which would create a new lock dependency: [ 435.080939][T16504] (&f->f_owner.lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2} [ 435.088897][T16504] [ 435.088897][T16504] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 435.098368][T16504] (&dev->event_lock#2){..-.}-{2:2} [ 435.098410][T16504] [ 435.098410][T16504] ... which became SOFTIRQ-irq-safe at: [ 435.111330][T16504] lock_acquire+0x1ed/0x550 [ 435.115952][T16504] _raw_spin_lock_irqsave+0xd5/0x120 [ 435.121351][T16504] input_inject_event+0xc5/0x340 [ 435.126388][T16504] led_trigger_event+0x138/0x210 [ 435.131519][T16504] kbd_bh+0x1b5/0x290 [ 435.135614][T16504] tasklet_action_common+0x321/0x4d0 [ 435.141009][T16504] handle_softirqs+0x2c4/0x970 [ 435.145876][T16504] __irq_exit_rcu+0xf4/0x1c0 [ 435.150592][T16504] irq_exit_rcu+0x9/0x30 [ 435.154959][T16504] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 435.160721][T16504] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 435.167075][T16504] __tasklet_schedule_common+0x1fd/0x270 [ 435.173436][T16504] vt_set_leds_compute_shiftstate+0x68/0x90 [ 435.179552][T16504] redraw_screen+0x97c/0xe90 [ 435.184238][T16504] complete_change_console+0xd1/0x730 [ 435.189792][T16504] console_callback+0x17b/0x460 [ 435.194750][T16504] process_scheduled_works+0xa2c/0x1830 [ 435.200412][T16504] worker_thread+0x86d/0xd10 [ 435.205199][T16504] kthread+0x2f0/0x390 [ 435.209907][T16504] ret_from_fork+0x4b/0x80 [ 435.214425][T16504] ret_from_fork_asm+0x1a/0x30 [ 435.219349][T16504] [ 435.219349][T16504] to a SOFTIRQ-irq-unsafe lock: [ 435.226736][T16504] (tasklist_lock){.+.+}-{2:2} [ 435.226775][T16504] [ 435.226775][T16504] ... which became SOFTIRQ-irq-unsafe at: [ 435.239526][T16504] ... [ 435.239536][T16504] lock_acquire+0x1ed/0x550 [ 435.246726][T16504] _raw_read_lock+0x36/0x50 [ 435.251421][T16504] __do_wait+0x12d/0x850 [ 435.255848][T16504] do_wait+0x1e9/0x560 [ 435.260103][T16504] kernel_wait+0xe9/0x240 [ 435.264528][T16504] call_usermodehelper_exec_work+0xbd/0x230 [ 435.270519][T16504] process_scheduled_works+0xa2c/0x1830 [ 435.276196][T16504] worker_thread+0x86d/0xd10 [ 435.280991][T16504] kthread+0x2f0/0x390 [ 435.285253][T16504] ret_from_fork+0x4b/0x80 [ 435.289855][T16504] ret_from_fork_asm+0x1a/0x30 [ 435.294806][T16504] [ 435.294806][T16504] other info that might help us debug this: [ 435.294806][T16504] [ 435.305351][T16504] Chain exists of: [ 435.305351][T16504] &dev->event_lock#2 --> &f->f_owner.lock --> tasklist_lock [ 435.305351][T16504] [ 435.318790][T16504] Possible interrupt unsafe locking scenario: [ 435.318790][T16504] [ 435.327236][T16504] CPU0 CPU1 [ 435.332612][T16504] ---- ---- [ 435.338063][T16504] lock(tasklist_lock); [ 435.342346][T16504] local_irq_disable(); [ 435.349101][T16504] lock(&dev->event_lock#2); [ 435.356493][T16504] lock(&f->f_owner.lock); [ 435.363533][T16504] [ 435.367077][T16504] lock(&dev->event_lock#2); [ 435.372051][T16504] [ 435.372051][T16504] *** DEADLOCK *** [ 435.372051][T16504] [ 435.380195][T16504] 5 locks held by syz.2.4949/16504: [ 435.385480][T16504] #0: ffff88805e14a420 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 435.394762][T16504] #1: ffff88805c04caa0 (&type->i_mutex_dir_key#5){++++}-{3:3}, at: chmod_common+0x1bb/0x4c0 [ 435.405153][T16504] #2: ffffffff9a16ea70 (&fsnotify_mark_srcu){.+.+}-{0:0}, at: fsnotify+0x53d/0x1f70 [ 435.414656][T16504] #3: ffff88802735b100 (&mark->lock){+.+.}-{2:2}, at: dnotify_handle_event+0x61/0x440 [ 435.424336][T16504] #4: ffff8880764a2d98 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x33/0x360 [ 435.433577][T16504] [ 435.433577][T16504] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 435.443981][T16504] -> (&dev->event_lock#2){..-.}-{2:2} { [ 435.449766][T16504] IN-SOFTIRQ-W at: [ 435.453928][T16504] lock_acquire+0x1ed/0x550 [ 435.460455][T16504] _raw_spin_lock_irqsave+0xd5/0x120 [ 435.467758][T16504] input_inject_event+0xc5/0x340 [ 435.474695][T16504] led_trigger_event+0x138/0x210 [ 435.481818][T16504] kbd_bh+0x1b5/0x290 [ 435.487799][T16504] tasklet_action_common+0x321/0x4d0 [ 435.495093][T16504] handle_softirqs+0x2c4/0x970 [ 435.501861][T16504] __irq_exit_rcu+0xf4/0x1c0 [ 435.508488][T16504] irq_exit_rcu+0x9/0x30 [ 435.514737][T16504] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 435.522380][T16504] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 435.530372][T16504] __tasklet_schedule_common+0x1fd/0x270 [ 435.538009][T16504] vt_set_leds_compute_shiftstate+0x68/0x90 [ 435.545931][T16504] redraw_screen+0x97c/0xe90 [ 435.552527][T16504] complete_change_console+0xd1/0x730 [ 435.559909][T16504] console_callback+0x17b/0x460 [ 435.566772][T16504] process_scheduled_works+0xa2c/0x1830 [ 435.574328][T16504] worker_thread+0x86d/0xd10 [ 435.581013][T16504] kthread+0x2f0/0x390 [ 435.587091][T16504] ret_from_fork+0x4b/0x80 [ 435.593895][T16504] ret_from_fork_asm+0x1a/0x30 [ 435.600699][T16504] INITIAL USE at: [ 435.604968][T16504] lock_acquire+0x1ed/0x550 [ 435.611569][T16504] _raw_spin_lock_irqsave+0xd5/0x120 [ 435.619125][T16504] input_inject_event+0xc5/0x340 [ 435.625987][T16504] kbd_led_trigger_activate+0xb8/0x100 [ 435.633451][T16504] led_trigger_set+0x582/0x9c0 [ 435.640221][T16504] led_trigger_set_default+0x229/0x260 [ 435.647697][T16504] led_classdev_register_ext+0x6e6/0x8a0 [ 435.655344][T16504] input_leds_connect+0x489/0x630 [ 435.662374][T16504] input_register_device+0xd3b/0x1110 [ 435.669754][T16504] atkbd_connect+0x752/0xa00 [ 435.676281][T16504] serio_driver_probe+0x7f/0xa0 [ 435.683050][T16504] really_probe+0x2b8/0xad0 [ 435.689652][T16504] __driver_probe_device+0x1a2/0x390 [ 435.696854][T16504] driver_probe_device+0x50/0x430 [ 435.703886][T16504] __driver_attach+0x45f/0x710 [ 435.710567][T16504] bus_for_each_dev+0x239/0x2b0 [ 435.717338][T16504] serio_handle_event+0x1c7/0x920 [ 435.724388][T16504] process_scheduled_works+0xa2c/0x1830 [ 435.731882][T16504] worker_thread+0x86d/0xd10 [ 435.738393][T16504] kthread+0x2f0/0x390 [ 435.744405][T16504] ret_from_fork+0x4b/0x80 [ 435.750753][T16504] ret_from_fork_asm+0x1a/0x30 [ 435.757443][T16504] } [ 435.760114][T16504] ... key at: [] input_allocate_device.__key.5+0x0/0x20 [ 435.769328][T16504] -> (&new->fa_lock){....}-{2:2} { [ 435.774579][T16504] INITIAL USE at: [ 435.778563][T16504] lock_acquire+0x1ed/0x550 [ 435.784812][T16504] _raw_write_lock_irq+0xd3/0x120 [ 435.791586][T16504] fasync_remove_entry+0xff/0x1d0 [ 435.798447][T16504] lease_modify+0x1a0/0x390 [ 435.804693][T16504] locks_remove_file+0x57d/0x10c0 [ 435.811462][T16504] __fput+0x1ab/0x8a0 [ 435.817203][T16504] task_work_run+0x24f/0x310 [ 435.823636][T16504] syscall_exit_to_user_mode+0x168/0x370 [ 435.831014][T16504] do_syscall_64+0x100/0x230 [ 435.837352][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.845606][T16504] INITIAL READ USE at: [ 435.850025][T16504] lock_acquire+0x1ed/0x550 [ 435.856710][T16504] _raw_read_lock_irqsave+0xdd/0x130 [ 435.864275][T16504] kill_fasync+0x19e/0x4d0 [ 435.870874][T16504] lease_break_callback+0x26/0x30 [ 435.878081][T16504] __break_lease+0x6d5/0x1820 [ 435.884936][T16504] do_dentry_open+0x8be/0x1440 [ 435.891874][T16504] vfs_open+0x3e/0x330 [ 435.898116][T16504] path_openat+0x2b3e/0x3470 [ 435.904890][T16504] do_filp_open+0x235/0x490 [ 435.911571][T16504] do_sys_openat2+0x13e/0x1d0 [ 435.918441][T16504] __x64_sys_open+0x225/0x270 [ 435.925475][T16504] do_syscall_64+0xf3/0x230 [ 435.932183][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.940261][T16504] } [ 435.942853][T16504] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 435.951623][T16504] ... acquired at: [ 435.955513][T16504] lock_acquire+0x1ed/0x550 [ 435.960297][T16504] _raw_read_lock_irqsave+0xdd/0x130 [ 435.965774][T16504] kill_fasync+0x19e/0x4d0 [ 435.970385][T16504] mousedev_notify_readers+0x719/0xc80 [ 435.976024][T16504] mousedev_event+0x5d9/0x1390 [ 435.980969][T16504] input_handler_events_default+0x107/0x1c0 [ 435.987041][T16504] input_pass_values+0x286/0x860 [ 435.992165][T16504] input_event_dispose+0x30f/0x600 [ 435.997541][T16504] input_handle_event+0xa71/0xbe0 [ 436.002920][T16504] input_inject_event+0x22f/0x340 [ 436.008124][T16504] evdev_write+0x672/0x7c0 [ 436.012829][T16504] vfs_write+0x2a2/0xc90 [ 436.017445][T16504] ksys_write+0x1a0/0x2c0 [ 436.021966][T16504] do_syscall_64+0xf3/0x230 [ 436.026657][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.032741][T16504] [ 436.035089][T16504] -> (&f->f_owner.lock){....}-{2:2} { [ 436.040587][T16504] INITIAL USE at: [ 436.044488][T16504] lock_acquire+0x1ed/0x550 [ 436.050584][T16504] _raw_write_lock_irq+0xd3/0x120 [ 436.057195][T16504] f_modown+0x38/0x340 [ 436.062839][T16504] generic_setlease+0xbdb/0x15a0 [ 436.069349][T16504] fcntl_setlease+0x404/0x540 [ 436.075599][T16504] do_fcntl+0x28f/0x1730 [ 436.081415][T16504] __se_sys_fcntl+0xd2/0x1c0 [ 436.087665][T16504] do_syscall_64+0xf3/0x230 [ 436.093739][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.101203][T16504] INITIAL READ USE at: [ 436.105538][T16504] lock_acquire+0x1ed/0x550 [ 436.112049][T16504] _raw_read_lock_irqsave+0xdd/0x130 [ 436.119351][T16504] send_sigurg+0x29/0x3c0 [ 436.125717][T16504] sk_send_sigurg+0x75/0x2f0 [ 436.132352][T16504] queue_oob+0x572/0x730 [ 436.138609][T16504] unix_stream_sendmsg+0xd24/0xf80 [ 436.145754][T16504] __sock_sendmsg+0x221/0x270 [ 436.152446][T16504] ____sys_sendmsg+0x525/0x7d0 [ 436.159255][T16504] __sys_sendmsg+0x2b0/0x3a0 [ 436.165867][T16504] do_syscall_64+0xf3/0x230 [ 436.172389][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.180384][T16504] } [ 436.182887][T16504] ... key at: [] init_file.__key+0x0/0x20 [ 436.190708][T16504] ... acquired at: [ 436.194535][T16504] lock_acquire+0x1ed/0x550 [ 436.199227][T16504] _raw_read_lock_irqsave+0xdd/0x130 [ 436.204700][T16504] send_sigio+0x33/0x360 [ 436.209133][T16504] kill_fasync+0x23a/0x4d0 [ 436.213730][T16504] lease_break_callback+0x26/0x30 [ 436.218931][T16504] __break_lease+0x6d5/0x1820 [ 436.223872][T16504] do_dentry_open+0x8be/0x1440 [ 436.228812][T16504] vfs_open+0x3e/0x330 [ 436.233078][T16504] path_openat+0x2b3e/0x3470 [ 436.237850][T16504] do_filp_open+0x235/0x490 [ 436.242532][T16504] do_sys_openat2+0x13e/0x1d0 [ 436.247387][T16504] __x64_sys_open+0x225/0x270 [ 436.252261][T16504] do_syscall_64+0xf3/0x230 [ 436.256955][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.263032][T16504] [ 436.265357][T16504] [ 436.265357][T16504] the dependencies between the lock to be acquired [ 436.265367][T16504] and SOFTIRQ-irq-unsafe lock: [ 436.278896][T16504] -> (tasklist_lock){.+.+}-{2:2} { [ 436.284063][T16504] HARDIRQ-ON-R at: [ 436.288053][T16504] lock_acquire+0x1ed/0x550 [ 436.294233][T16504] _raw_read_lock+0x36/0x50 [ 436.300406][T16504] __do_wait+0x12d/0x850 [ 436.306308][T16504] do_wait+0x1e9/0x560 [ 436.312042][T16504] kernel_wait+0xe9/0x240 [ 436.318027][T16504] call_usermodehelper_exec_work+0xbd/0x230 [ 436.325589][T16504] process_scheduled_works+0xa2c/0x1830 [ 436.332794][T16504] worker_thread+0x86d/0xd10 [ 436.339074][T16504] kthread+0x2f0/0x390 [ 436.344822][T16504] ret_from_fork+0x4b/0x80 [ 436.350965][T16504] ret_from_fork_asm+0x1a/0x30 [ 436.357495][T16504] SOFTIRQ-ON-R at: [ 436.361486][T16504] lock_acquire+0x1ed/0x550 [ 436.367832][T16504] _raw_read_lock+0x36/0x50 [ 436.374357][T16504] __do_wait+0x12d/0x850 [ 436.380271][T16504] do_wait+0x1e9/0x560 [ 436.386014][T16504] kernel_wait+0xe9/0x240 [ 436.392007][T16504] call_usermodehelper_exec_work+0xbd/0x230 [ 436.399657][T16504] process_scheduled_works+0xa2c/0x1830 [ 436.406955][T16504] worker_thread+0x86d/0xd10 [ 436.413295][T16504] kthread+0x2f0/0x390 [ 436.419028][T16504] ret_from_fork+0x4b/0x80 [ 436.425667][T16504] ret_from_fork_asm+0x1a/0x30 [ 436.432095][T16504] INITIAL USE at: [ 436.436002][T16504] lock_acquire+0x1ed/0x550 [ 436.442083][T16504] _raw_write_lock_irq+0xd3/0x120 [ 436.448975][T16504] copy_process+0x228b/0x3dc0 [ 436.455240][T16504] kernel_clone+0x223/0x880 [ 436.461412][T16504] user_mode_thread+0x132/0x1a0 [ 436.467840][T16504] rest_init+0x23/0x300 [ 436.473574][T16504] start_kernel+0x47a/0x500 [ 436.479679][T16504] x86_64_start_reservations+0x2a/0x30 [ 436.486711][T16504] x86_64_start_kernel+0x9f/0xa0 [ 436.493215][T16504] common_startup_64+0x13e/0x147 [ 436.499724][T16504] INITIAL READ USE at: [ 436.504059][T16504] lock_acquire+0x1ed/0x550 [ 436.510568][T16504] _raw_read_lock+0x36/0x50 [ 436.517121][T16504] __do_wait+0x12d/0x850 [ 436.523480][T16504] do_wait+0x1e9/0x560 [ 436.529644][T16504] kernel_wait+0xe9/0x240 [ 436.536068][T16504] call_usermodehelper_exec_work+0xbd/0x230 [ 436.544052][T16504] process_scheduled_works+0xa2c/0x1830 [ 436.551606][T16504] worker_thread+0x86d/0xd10 [ 436.558257][T16504] kthread+0x2f0/0x390 [ 436.564337][T16504] ret_from_fork+0x4b/0x80 [ 436.570766][T16504] ret_from_fork_asm+0x1a/0x30 [ 436.577564][T16504] } [ 436.580069][T16504] ... key at: [] tasklist_lock+0x18/0x40 [ 436.587803][T16504] ... acquired at: [ 436.591605][T16504] lock_acquire+0x1ed/0x550 [ 436.596291][T16504] _raw_read_lock+0x36/0x50 [ 436.600977][T16504] send_sigio+0xfc/0x360 [ 436.605398][T16504] dnotify_handle_event+0x13c/0x440 [ 436.610784][T16504] fsnotify+0x18ab/0x1f70 [ 436.615316][T16504] fsnotify_change+0x24f/0x2a0 [ 436.620271][T16504] notify_change+0xc0c/0xe90 [ 436.625128][T16504] chmod_common+0x2ab/0x4c0 [ 436.629808][T16504] __x64_sys_fchmod+0xf8/0x160 [ 436.634747][T16504] do_syscall_64+0xf3/0x230 [ 436.639513][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.645689][T16504] [ 436.648025][T16504] [ 436.648025][T16504] stack backtrace: [ 436.653927][T16504] CPU: 0 UID: 0 PID: 16504 Comm: syz.2.4949 Not tainted 6.11.0-rc7-syzkaller-00017-gbc83b4d1f086 #0 [ 436.664701][T16504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 436.675062][T16504] Call Trace: [ 436.678372][T16504] [ 436.681334][T16504] dump_stack_lvl+0x241/0x360 [ 436.686122][T16504] ? __pfx_dump_stack_lvl+0x10/0x10 [ 436.691451][T16504] ? __pfx__printk+0x10/0x10 [ 436.696502][T16504] ? print_shortest_lock_dependencies+0xf2/0x160 [ 436.702965][T16504] validate_chain+0x4de0/0x5900 [ 436.707844][T16504] ? __pfx_validate_chain+0x10/0x10 [ 436.713049][T16504] ? __pfx_validate_chain+0x10/0x10 [ 436.718255][T16504] ? __pfx_validate_chain+0x10/0x10 [ 436.723462][T16504] ? unwind_get_return_address+0x91/0xc0 [ 436.729122][T16504] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.735201][T16504] ? __pfx_validate_chain+0x10/0x10 [ 436.740414][T16504] ? __lock_acquire+0x137a/0x2040 [ 436.745547][T16504] ? mark_lock+0x9a/0x350 [ 436.749898][T16504] __lock_acquire+0x137a/0x2040 [ 436.754769][T16504] lock_acquire+0x1ed/0x550 [ 436.759282][T16504] ? send_sigio+0xfc/0x360 [ 436.763722][T16504] ? __pfx_lock_acquire+0x10/0x10 [ 436.768764][T16504] ? do_raw_read_lock+0x3c/0x90 [ 436.773708][T16504] ? _raw_read_lock_irqsave+0xe9/0x130 [ 436.779182][T16504] ? __pfx__raw_read_lock_irqsave+0x10/0x10 [ 436.785443][T16504] _raw_read_lock+0x36/0x50 [ 436.789970][T16504] ? send_sigio+0xfc/0x360 [ 436.794412][T16504] send_sigio+0xfc/0x360 [ 436.798667][T16504] dnotify_handle_event+0x13c/0x440 [ 436.803886][T16504] fsnotify+0x18ab/0x1f70 [ 436.808235][T16504] ? fsnotify+0x53d/0x1f70 [ 436.812659][T16504] ? __pfx_fsnotify+0x10/0x10 [ 436.817352][T16504] ? shmem_setattr+0x912/0xee0 [ 436.822146][T16504] fsnotify_change+0x24f/0x2a0 [ 436.827012][T16504] notify_change+0xc0c/0xe90 [ 436.831709][T16504] chmod_common+0x2ab/0x4c0 [ 436.836231][T16504] ? __pfx_chmod_common+0x10/0x10 [ 436.841358][T16504] __x64_sys_fchmod+0xf8/0x160 [ 436.846132][T16504] do_syscall_64+0xf3/0x230 [ 436.850642][T16504] ? clear_bhb_loop+0x35/0x90 [ 436.855340][T16504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.861270][T16504] RIP: 0033:0x7fcd4e77def9 [ 436.865869][T16504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.885486][T16504] RSP: 002b:00007fcd4f48f038 EFLAGS: 00000246 ORIG_RAX: 000000000000005b [ 436.893933][T16504] RAX: ffffffffffffffda RBX: 00007fcd4e935f80 RCX: 00007fcd4e77def9 [ 436.901909][T16504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 436.909884][T16504] RBP: 00007fcd4e7f09f6 R08: 0000000000000000 R09: 0000000000000000 [ 436.917856][T16504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.925831][T16504] R13: 0000000000000000 R14: 00007fcd4e935f80 R15: 00007ffeb3968028 [ 436.933815][T16504] [ 440.315888][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.322286][ T1273] ieee802154 phy1 wpan1: encryption failed: -22