last executing test programs: 3.28354134s ago: executing program 4: futex(0x0, 0x5, 0x0, 0x0, &(0x7f0000000140), 0x35000000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000cb000/0x1000)=nil, 0x1000, 0x6, 0x100010, 0xffffffffffffffff, 0x841ea000) sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0xa4200, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) open_tree(0xffffffffffffff9c, 0x0, 0x0) r2 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c) connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001040)=[{{&(0x7f0000000180)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000300)="de6219128b3626dd41489fce85bd39aaf973f6827e0b1bf58e04f329295898b4e225a32708c361a430cad28b360d5f4ee1f23bd78c5206dfeaee717b3b507d8e65b2a7fd0ac90c314110dd075f538e6a2c6059fb887d351f66f9dee746fe65b50035f855dc8232dac7436073d029f3e149d0d5b212a3afe6d125803ef2c303659700697fb80d0cec80b60642da861c9271955b14483a39094f2cfe9badb8562404b956287654f3bce128f7084a52", 0xae}, {&(0x7f0000000400)="1c6fea2e73b4241ce9ea66917d133d68cb6e9d6eea75cd813aac6960ed7e399ec24f08b256a33f3e6481108cfb4e0d6ac98f59435dd4f7fef15121000592b410cfb6e3e4748b1c82bd270ac2d5a2b9ab3466191c7b810fdd9500b65ff94eda4ed4416a49e3425ca658130a963695cd8230deab68d25a92052efba52bd641ea61dd2411452a8765e9d491f799831b3a401646640aa80bda39e686ced4b5c85fc910d2475df3df38e788835197e57444afbc7a057b09f36619b9695163dcc19c", 0xbf}, {&(0x7f00000004c0)="3939f1b648245d91e419f67f787c9f27d9e740ebd90bef71bf4fb66d6f5b01ccf331ea866f2bf4125b4f3fca824e083ad0789286a0d542064d826a8d6cd6801ac18f73f6c28356a1855cc73a06fc997437e0e2ad0f82110a140ead084e76cff0145eebda6eaba22ac3b5b92da3c14f752d6f1fdf4f3c5beddd04fa8c3f27e5be72939147f83036394958a3a74ac68d5f64e182f1d5", 0x95}], 0x4, &(0x7f0000000580)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x1f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_tos_u8={{0x11}}], 0x60}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000600)="2009e4f5f086859d76446399affa462f4b33e3fc482bff9f875396d67021284f2fb6c53a8f633c8556ef80003a", 0x2d}, {0x0}, {&(0x7f0000000780)="2b34664e167d05df0e85e5f872283d5cf6014ff2dff113cb52a11c3aa7c106203bdda1ba6fc6ef1787a85cdf15bfc134b2cf8fd41428f296d59fe86df2689ca2a9a153024275db8dd7d9277343c5f796547d63a6ff1164bd64d9a66f0b8b9447a17babacd680054392f19215446df2f43144fdc784cdf95836c3cbc54ae3cc5aaa7f4f3180ffdc6e586f86a5291fc9ef3e77e4451095595c", 0x98}, {0x0}, {&(0x7f0000000280)="742697b03d73b4", 0x7}], 0x5, &(0x7f0000000a40)=[@ip_ttl={{0x14, 0x0, 0x2, 0x20}}], 0x18}}, {{&(0x7f0000000a80)={0x2, 0x0, @private=0xa010102}, 0x10, 0x0}}, {{&(0x7f0000000d00)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000f00)=[{0x0}, {&(0x7f000001aa80)}, {&(0x7f0000000e40)}], 0x3}}], 0x4, 0x880) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0xffdf}], 0x1) 2.808368792s ago: executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmmsg(r0, &(0x7f0000000380)=[{{&(0x7f0000000580)=@nl=@proc, 0x80, &(0x7f0000001900)=[{&(0x7f0000000600)='B', 0x1}], 0x1}}, {{&(0x7f0000000200)=@nl=@proc, 0x80, &(0x7f0000000340)=[{&(0x7f0000000280)='6', 0x1}], 0x1, &(0x7f0000000400)=ANY=[], 0x28}}], 0x2, 0x0) 2.656955786s ago: executing program 4: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) sched_getattr(0x0, &(0x7f0000000000)={0x38}, 0x38, 0x0) 2.648876627s ago: executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x40001) ppoll(&(0x7f0000000c40)=[{r0}], 0x1, &(0x7f0000000240)={0x0, 0x989680}, 0x0, 0x0) 2.518672471s ago: executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x3c, 0x3, 0xa, 0x801, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_POLICY={0x8}, @NFTA_CHAIN_HOOK={0x4}, @NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_FLAGS={0x8}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x84}}, 0x0) 2.508288494s ago: executing program 0: ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x37, 0x4, 0x0, 0x0, 0xdc, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x7e, 0x0, 0x9, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x8]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x16}}, {@remote, 0x4}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101, 0x800}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) 2.374224451s ago: executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0) memfd_create(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) io_setup(0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) r2 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "02000b", 0x48, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x6558, 0x4, 0x0, [], "97de0000"}}}}}}}, 0x0) 1.834653226s ago: executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001440)={'\x00', 0x2}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x30c) 1.56064093s ago: executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r1, &(0x7f00000010c0)=ANY=[], 0x1a3) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a000000000000000000000000000066c9fa720b18c638090001"], 0x48}}, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @dev}, @redirect={0x3, 0x0, 0x0, @broadcast=0x1000000, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @local, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote}]}, @timestamp_addr={0x44, 0x24, 0x0, 0x1, 0x0, [{@broadcast}, {}, {@dev}, {@broadcast}]}]}}}}}}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 1.529830856s ago: executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_LOOKUP_BATCH(0x12, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x10000}, 0x38) 1.417465161s ago: executing program 1: socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x3a, 0x1, &(0x7f00000000c0), 0xff2a) syz_emit_ethernet(0x66, &(0x7f0000000140)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\a\x00', 0x30, 0x3a, 0x0, @local, @mcast2, {[], @dest_unreach={0x1, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "0100", 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}, @loopback}}}}}}}, 0x0) 1.355142036s ago: executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x10) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @dev}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@rr={0x7, 0x3, 0x8b}, @noop]}}}], 0x38}, 0x0) 1.321579783s ago: executing program 1: mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/dvb_usb_anysee', 0x0, 0x0) symlinkat(&(0x7f00000001c0)='./bus\x00', r0, &(0x7f0000000180)='./file2\x00') ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(r0, 0x4068aea3, 0x0) symlinkat(&(0x7f0000000280)='./file2/file0\x00', r0, &(0x7f0000000100)='./file2\x00') 1.197374565s ago: executing program 3: timer_create(0x0, 0x0, &(0x7f0000000100)) socket$inet_tcp(0x2, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0), 0x0, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/37, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r5) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000380)}, 0x20) recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r6}, 0x10) r7 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_mreq(r7, 0x29, 0x8, 0x0, &(0x7f00000002c0)) socket$inet6_tcp(0xa, 0x1, 0x0) 1.171319485s ago: executing program 4: syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009980708b5192100c7980000000109021b00012000ac00090400000107000009090585cf"], 0x0) 1.124222841s ago: executing program 1: r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x3d, 0x2, 0x0, "8baadc68379dd10200e6fff749686b10ff85a510ec01000000419d6bc2cb00"}) 1.058885871s ago: executing program 0: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902"], 0x0) syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000040)=ANY=[@ANYBLOB="02010000020000402505a1a4ff00000003010976f3b7a1dceca8d809040000000206000006240600005005240000000d240f0100000000000000000008241c00000002"], 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x903d01) r1 = syz_open_dev$evdev(&(0x7f0000000800), 0x0, 0x0) ioctl$EVIOCGMASK(r1, 0x5452, &(0x7f0000000100)={0x3, 0x0, 0x0}) write$char_usb(r0, &(0x7f0000000040)="e2", 0x2778) 956.991175ms ago: executing program 1: r0 = io_uring_setup(0x36df, &(0x7f00000001c0)) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r1, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 816.605164ms ago: executing program 2: socketpair(0x29, 0x800, 0x5, 0x0) r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'geneve0\x00'}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36b31fa7e35ce95d04"], &(0x7f0000281ffc)='GPL\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x20, 0x0, &(0x7f00000001c0)="5cdd3086ddff006633c9bbac88a8862c00dffd0013dd00000000000000008100", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 755.241585ms ago: executing program 1: ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x37, 0x4, 0x0, 0x0, 0xdc, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x7e, 0x0, 0x9, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x8]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x16}}, {@remote, 0x4}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101, 0x800}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) 740.125058ms ago: executing program 3: socket$netlink(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 678.298412ms ago: executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r1, &(0x7f00000010c0)=ANY=[], 0x1a3) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a000000000000000000000000000066c9fa720b18c638090001"], 0x48}}, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @dev}, @redirect={0x3, 0x0, 0x0, @broadcast=0x1000000, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @local, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote}]}, @timestamp_addr={0x44, 0x24, 0x0, 0x1, 0x0, [{@broadcast}, {}, {@dev}, {@broadcast}]}]}}}}}}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 604.02293ms ago: executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_LOOKUP_BATCH(0x12, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x10000}, 0x38) 553.529235ms ago: executing program 3: socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x3a, 0x1, &(0x7f00000000c0), 0xff2a) syz_emit_ethernet(0x66, &(0x7f0000000140)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\a\x00', 0x30, 0x3a, 0x0, @local, @mcast2, {[], @dest_unreach={0x1, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "0100", 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}, @loopback}}}}}}}, 0x0) 470.462424ms ago: executing program 2: set_mempolicy(0x0, &(0x7f0000000440)=0xc346, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='memory.events\x00', 0x275a, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000340)) 444.399815ms ago: executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'gre0\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x11, 0x0, r1}, 0x14) 339.940226ms ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001440)={'\x00', 0x2}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x30c) 299.439018ms ago: executing program 2: mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/dvb_usb_anysee', 0x0, 0x0) symlinkat(&(0x7f00000001c0)='./bus\x00', r0, &(0x7f0000000180)='./file2\x00') ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(r0, 0x4068aea3, 0x0) symlinkat(&(0x7f0000000280)='./file2/file0\x00', r0, &(0x7f0000000100)='./file2\x00') 104.248664ms ago: executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x2, @pix_mp={0x0, 0x0, 0x32315659}}) 0s ago: executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) socket$isdn(0x22, 0x2, 0x26) mknod(0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, 0xfffffffffffffffc, &(0x7f0000000140)=0x4) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a400000ff000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01"], 0x104}}, 0x0) socket$inet6(0xa, 0x2, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000003580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r4) ioctl$SIOCSIFHWADDR(r4, 0x8914, 0x0) ioctl$TUNSETTXFILTER(r5, 0x400454d1, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1d1341, 0x0) write$cgroup_devices(r6, &(0x7f0000000000)=ANY=[@ANYBLOB="1e0306003c5c980128876360864666702c1ffe80"], 0xffdd) epoll_create(0x200) kernel console output (not intermixed with test programs): set [1, 0] type 2 family 0 port 6081 - 0 [ 384.615204][ T9447] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 384.630199][ T785] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 384.677196][ T9447] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 384.707780][ T9447] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 384.882101][ T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 384.903251][ T9516] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 384.924330][ T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 384.949996][ T785] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 385.001853][ T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 385.032745][ T785] usb 1-1: config 0 descriptor?? [ 385.099947][ T746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.133845][ T746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 385.272016][ T2438] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.282615][ T9516] veth0_vlan: entered promiscuous mode [ 385.301934][ T2438] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 385.350982][ T9516] veth1_vlan: entered promiscuous mode [ 385.440361][ T5197] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 385.482812][ T9516] veth0_macvtap: entered promiscuous mode [ 385.502633][ T785] cm6533_jd 0003:0D8C:0022.000B: unknown main item tag 0x0 [ 385.516625][ T9516] veth1_macvtap: entered promiscuous mode [ 385.541910][ T785] cm6533_jd 0003:0D8C:0022.000B: unknown main item tag 0x0 [ 385.577042][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.578247][ T785] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.000B/input/input21 [ 385.622750][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.653517][ T5197] usb 3-1: New USB device found, idVendor=14b2, idProduct=3302, bcdDevice=1b.fe [ 385.663575][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.681123][ T5197] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 385.683125][ T785] cm6533_jd 0003:0D8C:0022.000B: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 385.711630][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.732668][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.744580][ T5197] usb 3-1: config 0 descriptor?? [ 385.764704][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.789925][ T5197] r8712u: register rtl8712_netdev_ops to netdev_ops [ 385.815444][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.826162][ T5197] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 385.851207][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.893947][ T9516] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 385.895216][ T785] usb 1-1: USB disconnect, device number 9 [ 385.980871][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.012384][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.035072][ T5197] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed [ 386.045974][ T5197] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 386.046795][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.053493][ T5197] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 386.079052][ T5197] usb 3-1: USB disconnect, device number 20 [ 386.098125][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.114413][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.132682][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.147185][ T9516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.166719][ T9516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.187119][ T9516] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 386.327798][ T9516] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.350797][ T9516] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.369380][ T9516] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.385437][ T9516] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.610134][ T2461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.665526][ T2461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.735995][ T2461] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.744027][ T2461] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 387.126215][ T2461] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.373351][ T2461] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.512126][ T2461] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.686147][ T2461] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.122919][ T2461] bridge_slave_1: left allmulticast mode [ 388.145046][ T2461] bridge_slave_1: left promiscuous mode [ 388.155947][ T4489] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 388.157719][ T5193] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 388.181355][ T4489] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 388.191499][ T4489] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 388.202473][ T4489] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 388.213658][ T29] audit: type=1326 audit(1719107626.911:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9841 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f156367d0a9 code=0x0 [ 388.235816][ C1] vkms_vblank_simulate: vblank timer overrun [ 388.244275][ T4489] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 388.252897][ T4489] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 388.268307][ T2461] bridge0: port 2(bridge_slave_1) entered disabled state [ 388.325904][ T2461] bridge_slave_0: left allmulticast mode [ 388.363295][ T2461] bridge_slave_0: left promiscuous mode [ 388.392509][ T2461] bridge0: port 1(bridge_slave_0) entered disabled state [ 388.497496][ T5193] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 388.530895][ T5193] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.559070][ T5193] usb 4-1: config 0 descriptor?? [ 389.000593][ T5193] gs_usb 4-1:0.0: Configuring for 1 interfaces [ 389.409336][ T5193] gs_usb 4-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 389.822650][ T2461] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 389.850058][ T2461] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 389.870298][ T2461] bond0 (unregistering): Released all slaves [ 390.050474][ T5193] usb 4-1: USB disconnect, device number 12 [ 390.316388][ T5147] Bluetooth: hci2: command tx timeout [ 390.757057][ T2461] hsr_slave_0: left promiscuous mode [ 390.799567][ T2461] hsr_slave_1: left promiscuous mode [ 390.850374][ T2461] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 390.887981][ T2461] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 390.933101][ T2461] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 390.948850][ T2461] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 391.007787][ T2461] veth1_macvtap: left promiscuous mode [ 391.015918][ T2461] veth0_macvtap: left promiscuous mode [ 391.016383][ T4489] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 391.021904][ T2461] veth1_vlan: left promiscuous mode [ 391.036647][ T4489] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 391.046796][ T4489] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 391.048042][ T2461] veth0_vlan: left promiscuous mode [ 391.061274][ T4489] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 391.070434][ T4489] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 391.078254][ T4489] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 391.809023][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888076333000: rx timeout, send abort [ 391.817850][ C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff888076333000: 0x20000: (3) A timeout occurred and this is the connection abort to close the session. [ 392.044800][ T2461] team0 (unregistering): Port device team_slave_1 removed [ 392.124920][ T2461] team0 (unregistering): Port device team_slave_0 removed [ 392.396498][ T4489] Bluetooth: hci2: command tx timeout [ 393.126101][ T4489] Bluetooth: hci4: command tx timeout [ 393.338431][ T9853] chnl_net:caif_netlink_parms(): no params data found [ 393.578977][ T9929] chnl_net:caif_netlink_parms(): no params data found [ 393.797630][ T9853] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.805178][ T9853] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.813161][ T9853] bridge_slave_0: entered allmulticast mode [ 393.820505][ T9853] bridge_slave_0: entered promiscuous mode [ 393.862173][ T9853] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.873254][ T9853] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.883692][ T9853] bridge_slave_1: entered allmulticast mode [ 393.894273][ T9853] bridge_slave_1: entered promiscuous mode [ 393.907143][ T9981] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 393.922019][ T9981] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 394.024697][ T9929] bridge0: port 1(bridge_slave_0) entered blocking state [ 394.063985][ T9929] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.105276][ T9929] bridge_slave_0: entered allmulticast mode [ 394.123592][ T9929] bridge_slave_0: entered promiscuous mode [ 394.176065][ T2461] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.300320][ T9929] bridge0: port 2(bridge_slave_1) entered blocking state [ 394.323905][ T9929] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.342147][ T9929] bridge_slave_1: entered allmulticast mode [ 394.355852][ T9929] bridge_slave_1: entered promiscuous mode [ 394.413069][ T2461] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.451458][ T9853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 394.476059][ T4489] Bluetooth: hci2: command tx timeout [ 394.515098][ T2461] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.538841][ T9853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 394.719624][ T2461] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.721552][T10002] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 394.778391][ T9929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 394.829836][ T9853] team0: Port device team_slave_0 added [ 394.839673][ T9853] team0: Port device team_slave_1 added [ 394.907776][ T9929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 395.004644][ T9853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 395.032210][ T9853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 395.072778][ T9853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 395.146275][ T9853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 395.155260][ T9853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 395.197755][ T4489] Bluetooth: hci4: command tx timeout [ 395.204118][ T9853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 395.270207][ T9929] team0: Port device team_slave_0 added [ 395.380994][ T9929] team0: Port device team_slave_1 added [ 395.572001][ T9929] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 395.593372][ T9929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 395.655530][ T9929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 395.703612][ T2461] bridge_slave_1: left allmulticast mode [ 395.743399][ T2461] bridge_slave_1: left promiscuous mode [ 395.760236][ T2461] bridge0: port 2(bridge_slave_1) entered disabled state [ 395.779119][ T2461] bridge_slave_0: left allmulticast mode [ 395.804186][ T2461] bridge_slave_0: left promiscuous mode [ 395.821848][ T2461] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.465003][ T25] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 396.555863][ T4489] Bluetooth: hci2: command tx timeout [ 397.005536][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 397.025043][ T25] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 397.051873][ T25] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 397.105166][ T25] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 397.117867][ T25] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 397.153765][ T25] usb 4-1: config 1 interface 1 has no altsetting 0 [ 397.170998][ T25] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 397.206473][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.234448][ T25] usb 4-1: Product: syz [ 397.248670][ T25] usb 4-1: Manufacturer: syz [ 397.253549][ T25] usb 4-1: SerialNumber: syz [ 397.282809][ T4489] Bluetooth: hci4: command tx timeout [ 397.546440][ T25] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 397.627165][ T25] usb 4-1: USB disconnect, device number 13 [ 397.728028][ T29] audit: type=1326 audit(1719107636.461:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10040 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59f907d0a9 code=0x0 [ 397.775055][ T2461] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 397.790262][ T2461] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 397.800820][ T2461] bond0 (unregistering): Released all slaves [ 397.815253][ T9853] hsr_slave_0: entered promiscuous mode [ 397.824589][ T9853] hsr_slave_1: entered promiscuous mode [ 397.833046][ T9929] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 397.859190][ T9929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 397.894948][ T9929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 397.952712][ T5571] udevd[5571]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 398.000022][T10045] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 398.140527][ T9929] hsr_slave_0: entered promiscuous mode [ 398.150098][ T9929] hsr_slave_1: entered promiscuous mode [ 398.158785][ T9929] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 398.167234][ T9929] Cannot create hsr debugfs directory [ 398.294777][T10052] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 398.305881][T10052] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'. [ 398.325012][ T2461] hsr_slave_0: left promiscuous mode [ 398.336808][ T2461] hsr_slave_1: left promiscuous mode [ 398.344963][ T2461] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 398.355902][ T2461] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 398.369742][ T2461] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 398.383796][ T2461] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 398.417521][ T2461] veth1_macvtap: left promiscuous mode [ 398.428551][ T2461] veth0_macvtap: left promiscuous mode [ 398.450351][ T2461] veth1_vlan: left promiscuous mode [ 398.464381][ T2461] veth0_vlan: left promiscuous mode [ 399.367048][ T4489] Bluetooth: hci4: command tx timeout [ 399.671102][ T2461] team0 (unregistering): Port device team_slave_1 removed [ 399.746197][ T2461] team0 (unregistering): Port device team_slave_0 removed [ 400.441150][T10079] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 400.466000][T10079] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 400.541619][ T29] audit: type=1326 audit(1719107639.271:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10084 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x0 [ 400.885620][ T932] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 401.069964][ T932] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 401.097284][ T932] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 401.128338][ T932] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 401.174199][ T932] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 401.185087][ T932] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.221415][ T932] usb 1-1: config 0 descriptor?? [ 401.239531][T10091] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 401.627486][ T9853] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 401.655677][ T9853] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 401.678319][ T9853] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 401.700883][ T932] plantronics 0003:047F:FFFF.000C: unknown main item tag 0xd [ 401.719942][ T9853] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 401.747401][ T932] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 401.778030][ T932] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 402.076177][ T25] usb 1-1: USB disconnect, device number 10 [ 402.184408][ T9853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 402.238717][T10123] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 402.258484][ T9853] 8021q: adding VLAN 0 to HW filter on device team0 [ 402.305226][ T5197] bridge0: port 1(bridge_slave_0) entered blocking state [ 402.312457][ T5197] bridge0: port 1(bridge_slave_0) entered forwarding state [ 402.377778][ T9929] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 402.409137][ T9929] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 402.434251][ T5197] bridge0: port 2(bridge_slave_1) entered blocking state [ 402.441478][ T5197] bridge0: port 2(bridge_slave_1) entered forwarding state [ 402.505232][ T9929] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 402.552889][ T9929] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 402.842418][ T9853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 403.039896][ T9929] 8021q: adding VLAN 0 to HW filter on device bond0 [ 403.072506][ T9853] veth0_vlan: entered promiscuous mode [ 403.078748][ T29] audit: type=1326 audit(1719107641.801:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.130913][ T29] audit: type=1326 audit(1719107641.811:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.167964][ T29] audit: type=1326 audit(1719107641.811:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.191195][ T29] audit: type=1326 audit(1719107641.811:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.193859][ T9929] 8021q: adding VLAN 0 to HW filter on device team0 [ 403.257521][ T29] audit: type=1326 audit(1719107641.821:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.276671][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 403.287599][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 403.325708][ T29] audit: type=1326 audit(1719107641.841:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.338609][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 403.355788][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 403.389097][ T29] audit: type=1326 audit(1719107641.841:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.396163][ T9853] veth1_vlan: entered promiscuous mode [ 403.417547][ T29] audit: type=1326 audit(1719107641.841:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.453486][ T29] audit: type=1326 audit(1719107641.861:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.482530][ T29] audit: type=1326 audit(1719107641.861:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 403.553266][ T9853] veth0_macvtap: entered promiscuous mode [ 403.597573][ T9853] veth1_macvtap: entered promiscuous mode [ 403.699003][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.716025][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.743426][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.780315][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.791270][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 403.807849][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.820969][ T9853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 403.860230][ T9929] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 403.912824][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 403.957346][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 403.983507][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 404.017851][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 404.052328][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 404.078013][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 404.096825][ T9853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 404.117506][ T9853] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 404.132689][ T9853] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 404.162493][ T9853] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 404.179632][ T9853] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 404.512193][ T746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 404.535748][ T746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 404.674816][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 404.695273][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 404.696545][ T9929] veth0_vlan: entered promiscuous mode [ 404.742790][ T9929] veth1_vlan: entered promiscuous mode [ 404.862703][ T9929] veth0_macvtap: entered promiscuous mode [ 404.878502][ T9929] veth1_macvtap: entered promiscuous mode [ 404.952813][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 404.990335][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.025812][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 405.067010][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.102619][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 405.141021][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.162827][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 405.203788][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.228249][ T9929] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 405.249468][T10231] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 405.288612][T10241] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 405.317462][T10231] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 405.326354][T10231] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 405.335091][T10231] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 405.344255][T10231] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 405.425300][T10231] vxlan0: entered promiscuous mode [ 405.476821][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 405.491948][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.512770][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 405.530634][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.549736][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 405.560912][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.575880][ T9929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 405.603786][ T9929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.632094][ T9929] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 405.663216][T10251] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 405.712085][ T9929] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.752789][ T9929] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.791278][ T9929] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.793909][T10248] hub 6-0:1.0: USB hub found [ 405.856368][ T9929] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.856985][T10248] hub 6-0:1.0: 1 port detected [ 406.164014][T10267] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 406.232677][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 406.288724][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 406.405172][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 406.467661][T10280] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 406.506136][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 406.627111][T10285] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 406.998119][T10298] xt_CT: You must specify a L4 protocol and not use inversions on it [ 407.117345][ T1100] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.135964][ T5197] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 407.330036][ T1100] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.369427][ T5197] usb 2-1: config 7 descriptor has 1 excess byte, ignoring [ 407.410151][ T5197] usb 2-1: config 7 has 1 interface, different from the descriptor's value: 2 [ 407.465636][ T5197] usb 2-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84 [ 407.489257][ T5197] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 407.505786][ T5197] usb 2-1: Product: syz [ 407.518686][ T5197] usb 2-1: Manufacturer: syz [ 407.526116][T10303] hub 6-0:1.0: USB hub found [ 407.533557][T10303] hub 6-0:1.0: 1 port detected [ 407.542540][ T5197] usb 2-1: SerialNumber: syz [ 407.576535][ T5197] rndis_host 2-1:7.0: skipping garbage [ 407.598666][ T5197] usb 2-1: bad CDC descriptors [ 407.622259][ T5197] option 2-1:7.0: GSM modem (1-port) converter detected [ 407.666870][ T1100] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.949932][ T5194] usb 2-1: USB disconnect, device number 15 [ 407.957143][ T1100] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.987182][ T5194] option 2-1:7.0: device disconnected [ 408.287964][ T1100] bridge_slave_1: left allmulticast mode [ 408.312724][ T5147] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 408.322779][ T5147] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 408.325733][ T53] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 408.339223][ T53] Bluetooth: hci3: Injecting HCI hardware error event [ 408.348615][ T53] Bluetooth: hci3: hardware error 0x00 [ 408.357395][ T5147] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 408.369817][ T5147] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 408.385215][ T5147] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 408.397693][ T1100] bridge_slave_1: left promiscuous mode [ 408.408352][ T5147] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 408.408622][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.442559][ T1100] bridge_slave_0: left allmulticast mode [ 408.449975][ T1100] bridge_slave_0: left promiscuous mode [ 408.456489][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 408.476805][ T932] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 408.689519][ T932] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 408.721388][ T932] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 408.762609][ T932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.802924][ T932] usb 4-1: config 0 descriptor?? [ 409.440390][ T45] usb 4-1: USB disconnect, device number 14 [ 409.620041][ T6589] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 409.648638][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 409.673098][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 409.687738][ T1100] bond0 (unregistering): Released all slaves [ 409.716542][T10334] warning: `syz-executor.1' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 409.819935][ T6589] usb 5-1: Using ep0 maxpacket: 32 [ 409.833649][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 409.833666][ T29] audit: type=1326 audit(1719107648.561:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10340 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe7d607d0a9 code=0x0 [ 409.842880][ T6589] usb 5-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=e7.87 [ 409.933428][ T6589] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.006530][ T6589] usb 5-1: config 0 descriptor?? [ 410.032295][ T29] audit: type=1326 audit(1719107648.751:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.090025][ T6589] usb 5-1: probing VID:PID(2201:012C) [ 410.091962][ T6589] usb 5-1: Could not find two sets of bulk-in/out endpoint pairs [ 410.137830][ T6589] vub300 5-1:0.0: probe with driver vub300 failed with error -22 [ 410.144250][ T29] audit: type=1326 audit(1719107648.751:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.144302][ T29] audit: type=1326 audit(1719107648.791:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.144434][ T29] audit: type=1326 audit(1719107648.791:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.144474][ T29] audit: type=1326 audit(1719107648.801:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd54d07ce0b code=0x7ffc0000 [ 410.144513][ T29] audit: type=1326 audit(1719107648.801:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.144552][ T29] audit: type=1326 audit(1719107648.801:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.144590][ T29] audit: type=1326 audit(1719107648.801:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.144629][ T29] audit: type=1326 audit(1719107648.801:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x7ffc0000 [ 410.339769][ T5194] usb 5-1: USB disconnect, device number 17 [ 410.527981][ T4489] Bluetooth: hci1: command tx timeout [ 410.528943][ T53] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 410.607697][T10366] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 410.713625][ T1100] hsr_slave_0: left promiscuous mode [ 410.752173][ T1100] hsr_slave_1: left promiscuous mode [ 410.772325][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 410.772376][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 410.801827][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 410.801859][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 410.832381][ T1100] veth1_macvtap: left promiscuous mode [ 410.832462][ T1100] veth0_macvtap: left promiscuous mode [ 410.832633][ T1100] veth1_vlan: left promiscuous mode [ 410.832774][ T1100] veth0_vlan: left promiscuous mode [ 411.916339][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 411.979187][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 412.566662][ T53] Bluetooth: hci1: command tx timeout [ 412.971676][T10323] chnl_net:caif_netlink_parms(): no params data found [ 413.519956][T10410] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 413.532433][T10323] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.563366][T10323] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.599895][T10323] bridge_slave_0: entered allmulticast mode [ 413.622595][T10323] bridge_slave_0: entered promiscuous mode [ 413.646124][T10323] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.679036][T10323] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.718107][T10323] bridge_slave_1: entered allmulticast mode [ 413.756971][T10323] bridge_slave_1: entered promiscuous mode [ 413.925865][T10323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.972036][T10323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 414.085081][ T5193] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 414.112345][T10323] team0: Port device team_slave_0 added [ 414.133887][T10323] team0: Port device team_slave_1 added [ 414.243863][T10323] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 414.268674][T10323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.315351][T10323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 414.316151][ T5193] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 414.350408][T10323] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 414.367744][T10323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.386402][ T5193] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 414.420697][ T6589] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 414.434981][T10323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 414.443595][ T5193] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 414.501500][ T5193] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 414.530072][ T5193] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.559611][ T5193] usb 5-1: config 0 descriptor?? [ 414.597098][T10323] hsr_slave_0: entered promiscuous mode [ 414.627489][ T6589] usb 2-1: config 0 has no interfaces? [ 414.633730][ T6589] usb 2-1: language id specifier not provided by device, defaulting to English [ 414.643404][T10323] hsr_slave_1: entered promiscuous mode [ 414.649181][ T53] Bluetooth: hci1: command tx timeout [ 414.666905][T10323] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 414.674621][T10323] Cannot create hsr debugfs directory [ 414.681835][ T6589] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 414.695712][ T6589] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 414.703930][ T6589] usb 2-1: SerialNumber: äµ½ [ 414.715015][ T6589] usb 2-1: config 0 descriptor?? [ 414.937447][ T932] usb 2-1: USB disconnect, device number 16 [ 414.997898][ T5193] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 415.026888][ T5193] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 415.052950][ T5193] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 415.176964][ T29] audit: type=1326 audit(1719107653.911:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10446 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd54d07d0a9 code=0x0 [ 415.332140][ T5193] usb 5-1: USB disconnect, device number 18 [ 415.521577][T10457] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 415.952557][T10323] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 415.991965][T10323] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 416.054196][T10323] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 416.105226][T10323] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 416.439091][T10323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 416.519584][T10323] 8021q: adding VLAN 0 to HW filter on device team0 [ 416.587266][ T785] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.594432][ T785] bridge0: port 1(bridge_slave_0) entered forwarding state [ 416.664689][ T785] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.672018][ T785] bridge0: port 2(bridge_slave_1) entered forwarding state [ 416.723168][ T53] Bluetooth: hci1: command tx timeout [ 416.886025][ T5196] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 416.976146][T10323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 417.098452][ T5196] usb 4-1: config 0 has no interfaces? [ 417.118936][T10323] veth0_vlan: entered promiscuous mode [ 417.124419][ T5196] usb 4-1: language id specifier not provided by device, defaulting to English [ 417.164399][ T5196] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 417.166096][T10323] veth1_vlan: entered promiscuous mode [ 417.185475][ T5196] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 417.213887][ T5196] usb 4-1: SerialNumber: äµ½ [ 417.262032][ T5196] usb 4-1: config 0 descriptor?? [ 417.313614][T10323] veth0_macvtap: entered promiscuous mode [ 417.351158][T10323] veth1_macvtap: entered promiscuous mode [ 417.419074][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.464682][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.506933][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.529296][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.549951][ T932] usb 4-1: USB disconnect, device number 15 [ 417.566767][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.598629][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.629905][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.685416][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.708193][T10323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 417.766998][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.795457][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.815498][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.835416][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.855700][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.886410][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.906554][T10323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.938777][T10323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.968308][T10323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 418.037310][T10323] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.075961][T10323] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.106219][T10323] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.134275][T10323] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.308120][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 418.508051][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.556246][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.653500][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.679282][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 419.278497][T10542] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 419.325865][T10542] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 419.334659][T10542] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 419.343628][T10542] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 419.352472][T10542] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 419.415704][T10542] vxlan0: entered promiscuous mode [ 419.429333][T10519] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 419.470217][T10519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.495455][ T5193] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 419.510789][T10519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.550436][T10519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.577735][T10519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.612097][T10519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.643150][T10519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.663864][T10519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.685396][ T5193] usb 1-1: Using ep0 maxpacket: 8 [ 419.699079][T10519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.722628][T10519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.733373][ T5193] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 419.745587][T10519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.753665][ T5193] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 419.764754][T10519] vlan2: entered promiscuous mode [ 419.774624][T10519] batadv_slave_0: entered promiscuous mode [ 419.775508][ T5193] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 419.808657][T10519] batadv_slave_0: left promiscuous mode [ 419.825503][ T5193] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 419.859423][ T5193] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 419.885537][ T5193] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.064528][T10545] xt_CT: You must specify a L4 protocol and not use inversions on it [ 420.145223][ T5193] usb 1-1: GET_CAPABILITIES returned 0 [ 420.170733][ T5193] usbtmc 1-1:16.0: can't read capabilities [ 420.435640][ T29] audit: type=1326 audit(1719107659.171:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 420.511449][ T29] audit: type=1326 audit(1719107659.191:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 420.598287][ T29] audit: type=1326 audit(1719107659.191:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 420.671081][ T29] audit: type=1326 audit(1719107659.191:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 420.730469][ T29] audit: type=1326 audit(1719107659.191:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 420.811743][ T29] audit: type=1326 audit(1719107659.201:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 420.865433][ T29] audit: type=1326 audit(1719107659.201:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 420.867899][ T932] usb 1-1: USB disconnect, device number 11 [ 420.924991][ T29] audit: type=1326 audit(1719107659.201:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 421.003988][ T29] audit: type=1326 audit(1719107659.201:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 421.064058][ T29] audit: type=1326 audit(1719107659.201:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19f967d0a9 code=0x7ffc0000 [ 421.105462][ T785] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 421.295381][ T785] usb 5-1: Using ep0 maxpacket: 32 [ 421.309478][ T785] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 421.325511][ T785] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 421.361088][ T785] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 421.385427][ T785] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 421.406812][ T785] usb 5-1: Product: syz [ 421.411028][ T785] usb 5-1: Manufacturer: syz [ 421.425506][ T785] usb 5-1: SerialNumber: syz [ 421.437157][ T785] usb 5-1: config 0 descriptor?? [ 421.455983][ T785] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 421.478563][ T785] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 422.077896][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 422.108420][ T5196] usb 5-1: USB disconnect, device number 19 [ 422.110103][ C0] ldusb 5-1:0.0: usb_submit_urb failed (-19) [ 422.124929][ T5196] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 423.812642][T10598] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 424.676258][ T5196] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 424.845621][ T5196] usb 5-1: device descriptor read/64, error -71 [ 425.120331][ T5196] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 425.295608][ T5194] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 425.305478][ T5196] usb 5-1: device descriptor read/64, error -71 [ 425.430832][ T5196] usb usb5-port1: attempt power cycle [ 425.535990][ T5194] usb 1-1: Using ep0 maxpacket: 32 [ 425.559906][ T5194] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 38, changing to 9 [ 425.584263][ T5194] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 425.607275][ T5194] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.636351][ T5194] hub 1-1:4.0: bad descriptor, ignoring hub [ 425.646727][ T5194] hub 1-1:4.0: probe with driver hub failed with error -5 [ 425.671971][ T5194] usbhid 1-1:4.0: couldn't find an input interrupt endpoint [ 425.865624][ T5196] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 425.916669][ T5196] usb 5-1: device descriptor read/8, error -71 [ 426.198707][ T5196] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 426.259224][ T5196] usb 5-1: device descriptor read/8, error -71 [ 426.385874][ T5196] usb usb5-port1: unable to enumerate USB device [ 426.535732][ T5196] usb 1-1: USB disconnect, device number 12 [ 426.981281][T10630] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 427.020722][T10630] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 427.029538][T10630] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 427.038524][T10630] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 427.047397][T10630] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 427.108327][T10630] vxlan0: entered promiscuous mode [ 427.504195][T10636] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 427.929656][T10641] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 427.964386][T10641] netlink: 208 bytes leftover after parsing attributes in process `syz-executor.0'. [ 428.450681][ T29] kauditd_printk_skb: 36 callbacks suppressed [ 428.450700][ T29] audit: type=1326 audit(1719107667.181:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 428.556816][ T29] audit: type=1326 audit(1719107667.181:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 428.665395][ T29] audit: type=1326 audit(1719107667.221:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 428.741620][ T29] audit: type=1326 audit(1719107667.221:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 428.835474][ T29] audit: type=1326 audit(1719107667.221:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 428.858631][ C1] vkms_vblank_simulate: vblank timer overrun [ 428.936174][ T29] audit: type=1326 audit(1719107667.281:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 428.959050][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.100660][ T29] audit: type=1326 audit(1719107667.281:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 429.123684][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.236711][ T29] audit: type=1326 audit(1719107667.341:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 429.259483][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.355642][ T29] audit: type=1326 audit(1719107667.351:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 429.411802][ T29] audit: type=1326 audit(1719107667.351:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x7ffc0000 [ 430.195819][ T785] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 430.395745][ T785] usb 5-1: Using ep0 maxpacket: 32 [ 430.407657][ T785] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 430.430830][ T785] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 430.460495][ T785] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 430.466810][T10672] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 430.479917][ T785] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.512708][ T785] usb 5-1: config 0 descriptor?? [ 430.527447][T10672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.528796][ T785] hub 5-1:0.0: USB hub found [ 430.585660][T10672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.606627][T10672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.643030][T10672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.681902][T10672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.701419][T10672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.713823][T10672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.740331][ T785] hub 5-1:0.0: 1 port detected [ 430.745529][T10672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.763630][T10672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.774754][T10672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.793138][T10672] vlan2: entered promiscuous mode [ 430.803094][T10672] batadv_slave_0: entered promiscuous mode [ 430.813313][T10672] batadv_slave_0: left promiscuous mode [ 431.423539][ T785] hub 5-1:0.0: activate --> -90 [ 431.865693][ T4489] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 431.877778][ T4489] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 431.887048][ T4489] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 431.928673][ T4489] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 431.937092][ T4489] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 431.944743][ T4489] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 432.077411][ T5199] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 432.130338][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.238759][ T785] usb 5-1-port1: cannot disable (err = -71) [ 432.245213][ T932] usb 5-1: USB disconnect, device number 24 [ 432.267883][ T785] usb 5-1: Failed to suspend device, error -19 [ 432.279077][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.299369][ T5199] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 432.313963][ T5199] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.353705][ T5199] usb 1-1: config 0 descriptor?? [ 432.371856][ T5199] cp210x 1-1:0.0: cp210x converter detected [ 432.431852][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.638386][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.805651][ T5199] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -121 [ 433.026350][T10695] chnl_net:caif_netlink_parms(): no params data found [ 433.058710][ T12] bridge_slave_1: left allmulticast mode [ 433.084868][ T12] bridge_slave_1: left promiscuous mode [ 433.091455][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.133900][ T12] bridge_slave_0: left allmulticast mode [ 433.150195][ T12] bridge_slave_0: left promiscuous mode [ 433.172743][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.236005][ T5199] usb 1-1: cp210x converter now attached to ttyUSB0 [ 433.464049][ T6589] usb 1-1: USB disconnect, device number 13 [ 433.484339][ T6589] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 433.544068][ T6589] cp210x 1-1:0.0: device disconnected [ 433.755777][ T785] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 433.965571][ T785] usb 5-1: Using ep0 maxpacket: 8 [ 433.974949][ T785] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 434.015470][ T785] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 434.053624][ T785] usb 5-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 434.075598][ T53] Bluetooth: hci0: command tx timeout [ 434.089094][ T785] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 434.118372][ T785] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 434.130485][ T785] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.160603][ T785] usbtmc 5-1:16.0: bulk endpoints not found [ 434.435846][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 434.465247][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 434.490143][ T12] bond0 (unregistering): Released all slaves [ 434.541680][T10711] tipc: Started in network mode [ 434.546930][T10711] tipc: Node identity ffffffff, cluster identity 4711 [ 434.575102][T10711] tipc: Node number set to 4294967295 [ 434.666080][ T12] IPVS: stopping master sync thread 10457 ... [ 435.174019][ T12] hsr_slave_0: left promiscuous mode [ 435.194127][ T12] hsr_slave_1: left promiscuous mode [ 435.215610][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 435.240081][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 435.263917][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 435.295626][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 435.380374][ T12] veth1_macvtap: left promiscuous mode [ 435.396474][ T12] veth0_macvtap: left promiscuous mode [ 435.408976][ T12] veth1_vlan: left promiscuous mode [ 435.422638][ T12] veth0_vlan: left promiscuous mode [ 436.160840][ T53] Bluetooth: hci0: command tx timeout [ 436.377603][ T5193] usb 5-1: USB disconnect, device number 25 [ 436.508286][T10746] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 436.849979][ T12] team0 (unregistering): Port device team_slave_1 removed [ 436.897938][T10755] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 436.954733][ T12] team0 (unregistering): Port device team_slave_0 removed [ 438.081863][T10695] bridge0: port 1(bridge_slave_0) entered blocking state [ 438.099732][T10695] bridge0: port 1(bridge_slave_0) entered disabled state [ 438.125806][T10695] bridge_slave_0: entered allmulticast mode [ 438.141935][T10695] bridge_slave_0: entered promiscuous mode [ 438.172783][T10695] bridge0: port 2(bridge_slave_1) entered blocking state [ 438.213330][T10695] bridge0: port 2(bridge_slave_1) entered disabled state [ 438.238708][ T53] Bluetooth: hci0: command tx timeout [ 438.240490][T10695] bridge_slave_1: entered allmulticast mode [ 438.259554][T10695] bridge_slave_1: entered promiscuous mode [ 438.463699][T10695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 438.502966][T10695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 438.516294][ T29] kauditd_printk_skb: 24 callbacks suppressed [ 438.516370][ T29] audit: type=1326 audit(1719107677.251:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f19f967d0a9 code=0x0 [ 438.634723][T10695] team0: Port device team_slave_0 added [ 438.642264][ T785] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 438.664207][T10695] team0: Port device team_slave_1 added [ 438.745990][T10695] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 438.746009][T10695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 438.746034][T10695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 438.748137][T10695] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 438.748154][T10695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 438.748178][T10695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 438.859575][ T785] usb 1-1: New USB device found, idVendor=0f11, idProduct=1000, bcdDevice=be.42 [ 438.859610][ T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.861947][ T785] usb 1-1: config 0 descriptor?? [ 438.864384][ T785] ldusb 1-1:0.0: Interrupt in endpoint not found [ 438.917211][T10695] hsr_slave_0: entered promiscuous mode [ 439.057354][T10695] hsr_slave_1: entered promiscuous mode [ 439.063385][T10695] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 439.063472][T10695] Cannot create hsr debugfs directory [ 439.095846][ T5193] usb 1-1: USB disconnect, device number 14 [ 439.143409][T10781] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 439.210794][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.372568][ T4489] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 439.379092][ T4489] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 439.379965][ T4489] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 439.381151][ T4489] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 439.384264][ T4489] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 439.387947][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.392199][ T4489] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 439.580495][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.759046][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 440.267745][T10807] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 440.288096][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880792ea000: rx timeout, send abort [ 440.315487][ T53] Bluetooth: hci0: command tx timeout [ 440.402480][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.409246][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.726272][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880792e8800: rx timeout, send abort [ 440.746594][ T12] bridge_slave_1: left allmulticast mode [ 440.767496][ T12] bridge_slave_1: left promiscuous mode [ 440.773441][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 440.796950][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880792ea000: abort rx timeout. Force session deactivation [ 440.898619][ T12] bridge_slave_0: left allmulticast mode [ 440.905237][ T12] bridge_slave_0: left promiscuous mode [ 440.953899][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 441.234600][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880792e8800: abort rx timeout. Force session deactivation [ 441.438377][ T53] Bluetooth: hci4: command tx timeout [ 441.501564][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 441.522137][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 441.533004][ T12] bond0 (unregistering): Released all slaves [ 441.701988][T10787] chnl_net:caif_netlink_parms(): no params data found [ 442.247917][T10787] bridge0: port 1(bridge_slave_0) entered blocking state [ 442.264591][T10787] bridge0: port 1(bridge_slave_0) entered disabled state [ 442.274668][T10787] bridge_slave_0: entered allmulticast mode [ 442.282080][ T4489] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 442.297505][ T4489] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 442.316931][ T4489] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 442.325469][ T4489] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 442.335962][T10787] bridge_slave_0: entered promiscuous mode [ 442.344460][ T4489] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 442.352706][ T4489] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 442.400171][ T12] hsr_slave_0: left promiscuous mode [ 442.427129][ T12] hsr_slave_1: left promiscuous mode [ 442.429988][T10862] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 442.447600][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 442.455058][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 442.477687][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 442.489798][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 442.520985][ T12] veth1_macvtap: left promiscuous mode [ 442.527035][ T12] veth0_macvtap: left promiscuous mode [ 442.532878][ T12] veth1_vlan: left promiscuous mode [ 442.538861][ T12] veth0_vlan: left promiscuous mode [ 443.012895][ T12] team0 (unregistering): Port device team_slave_1 removed [ 443.059558][ T12] team0 (unregistering): Port device team_slave_0 removed [ 443.450054][T10787] bridge0: port 2(bridge_slave_1) entered blocking state [ 443.461937][T10787] bridge0: port 2(bridge_slave_1) entered disabled state [ 443.469502][T10787] bridge_slave_1: entered allmulticast mode [ 443.477882][T10787] bridge_slave_1: entered promiscuous mode [ 443.515471][ T53] Bluetooth: hci4: command tx timeout [ 443.592687][T10695] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 443.660586][T10787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 443.690927][T10787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 443.706306][T10695] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 443.743671][T10695] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 443.895112][T10695] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 443.922825][T10787] team0: Port device team_slave_0 added [ 443.939145][T10787] team0: Port device team_slave_1 added [ 444.022559][T10787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 444.030975][T10787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 444.065951][T10787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 444.097969][T10787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 444.104937][T10787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 444.136910][T10787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 444.243578][T10787] hsr_slave_0: entered promiscuous mode [ 444.253080][T10787] hsr_slave_1: entered promiscuous mode [ 444.263611][T10787] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 444.272068][T10787] Cannot create hsr debugfs directory [ 444.406822][ T53] Bluetooth: hci2: command tx timeout [ 444.480233][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 444.499806][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.753544][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 444.765219][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.893748][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 444.905720][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.941064][T10859] chnl_net:caif_netlink_parms(): no params data found [ 445.024711][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 445.036712][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.274339][T10859] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.286165][T10859] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.293439][T10859] bridge_slave_0: entered allmulticast mode [ 445.313298][T10859] bridge_slave_0: entered promiscuous mode [ 445.324203][T10859] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.331711][T10859] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.340471][T10859] bridge_slave_1: entered allmulticast mode [ 445.349438][T10859] bridge_slave_1: entered promiscuous mode [ 445.371113][T10695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 445.595768][ T53] Bluetooth: hci4: command tx timeout [ 445.784711][T10859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.827890][T10859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.872699][ T12] bridge_slave_1: left allmulticast mode [ 445.895606][ T12] bridge_slave_1: left promiscuous mode [ 445.905674][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.940293][ T12] bridge_slave_0: left allmulticast mode [ 445.955737][ T12] bridge_slave_0: left promiscuous mode [ 445.972013][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 446.255638][ T4489] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 446.278867][ T4489] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 446.289407][ T4489] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 446.317078][ T4489] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 446.336129][ T4489] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 446.345941][ T4489] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 446.475746][ T53] Bluetooth: hci2: command tx timeout [ 446.586213][T10922] [U] VÔ3¸ [ 446.908572][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 446.921494][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 446.932104][ T12] bond0 (unregistering): Released all slaves [ 446.981550][T10859] team0: Port device team_slave_0 added [ 447.063268][T10859] team0: Port device team_slave_1 added [ 447.128841][ T12] IPVS: stopping master sync thread 10366 ... [ 447.192710][T10695] 8021q: adding VLAN 0 to HW filter on device team0 [ 447.307885][ T785] bridge0: port 1(bridge_slave_0) entered blocking state [ 447.315187][ T785] bridge0: port 1(bridge_slave_0) entered forwarding state [ 447.345636][T10941] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 447.372388][T10859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 447.380686][T10859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 447.415344][T10859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 447.444584][ T785] bridge0: port 2(bridge_slave_1) entered blocking state [ 447.451918][ T785] bridge0: port 2(bridge_slave_1) entered forwarding state [ 447.512706][T10859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 447.527013][T10859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 447.553432][ C0] vkms_vblank_simulate: vblank timer overrun [ 447.564011][T10859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 447.683037][ T53] Bluetooth: hci4: command tx timeout [ 447.845547][ T12] hsr_slave_0: left promiscuous mode [ 447.864299][ T12] hsr_slave_1: left promiscuous mode [ 447.878680][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 447.895529][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 447.917266][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 447.924822][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 447.974051][ T12] veth1_macvtap: left promiscuous mode [ 447.981071][ T12] veth0_macvtap: left promiscuous mode [ 447.988154][ T12] veth1_vlan: left promiscuous mode [ 447.993501][ T12] veth0_vlan: left promiscuous mode [ 448.395680][ T53] Bluetooth: hci3: command tx timeout [ 448.501651][ T12] team0 (unregistering): Port device team_slave_1 removed [ 448.548399][ T12] team0 (unregistering): Port device team_slave_0 removed [ 448.555745][ T53] Bluetooth: hci2: command tx timeout [ 449.049669][T10859] hsr_slave_0: entered promiscuous mode [ 449.066845][T10859] hsr_slave_1: entered promiscuous mode [ 449.193756][T10787] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 449.299362][T10787] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 449.309759][T10787] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 449.366168][T10787] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 449.483865][T10921] chnl_net:caif_netlink_parms(): no params data found [ 449.641133][T10695] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 449.960430][T10921] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.985802][T10921] bridge0: port 1(bridge_slave_0) entered disabled state [ 449.993287][T10921] bridge_slave_0: entered allmulticast mode [ 450.014824][T10921] bridge_slave_0: entered promiscuous mode [ 450.024904][T10921] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.032711][T10921] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.040492][T10921] bridge_slave_1: entered allmulticast mode [ 450.048341][T10921] bridge_slave_1: entered promiscuous mode [ 450.220665][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 450.241105][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.307248][T10921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 450.322835][T10921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 450.366294][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 450.377000][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.444251][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 450.456455][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.475745][ T53] Bluetooth: hci3: command tx timeout [ 450.492876][T10921] team0: Port device team_slave_0 added [ 450.548310][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 450.562976][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.605005][T10921] team0: Port device team_slave_1 added [ 450.636028][ T53] Bluetooth: hci2: command tx timeout [ 450.683278][T10695] veth0_vlan: entered promiscuous mode [ 450.718412][T10921] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 450.737582][T10921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.769678][T10921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 450.802096][T10695] veth1_vlan: entered promiscuous mode [ 450.861035][T10787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 450.886657][T10921] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 450.893639][T10921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.927775][T10921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 451.178444][T10921] hsr_slave_0: entered promiscuous mode [ 451.198311][T10921] hsr_slave_1: entered promiscuous mode [ 451.204905][T10921] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 451.218339][T10921] Cannot create hsr debugfs directory [ 451.249483][ T12] bridge_slave_1: left allmulticast mode [ 451.255174][ T12] bridge_slave_1: left promiscuous mode [ 451.263752][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.274694][ T12] bridge_slave_0: left allmulticast mode [ 451.311862][ T12] bridge_slave_0: left promiscuous mode [ 451.320025][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.994743][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 452.012029][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 452.027838][ T12] bond0 (unregistering): Released all slaves [ 452.082219][T10787] 8021q: adding VLAN 0 to HW filter on device team0 [ 452.102700][T11028] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 452.142842][T11028] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 452.226631][ T12] IPVS: stopping master sync thread 10781 ... [ 452.242837][T10859] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 452.342281][T10859] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 452.359936][ T785] bridge0: port 1(bridge_slave_0) entered blocking state [ 452.367140][ T785] bridge0: port 1(bridge_slave_0) entered forwarding state [ 452.395506][T10695] veth0_macvtap: entered promiscuous mode [ 452.453290][T10859] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 452.475271][T10695] veth1_macvtap: entered promiscuous mode [ 452.508423][T10859] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 452.532365][ T5199] bridge0: port 2(bridge_slave_1) entered blocking state [ 452.539553][ T5199] bridge0: port 2(bridge_slave_1) entered forwarding state [ 452.555846][ T4489] Bluetooth: hci3: command tx timeout [ 452.726739][ T12] hsr_slave_0: left promiscuous mode [ 452.739504][ T12] hsr_slave_1: left promiscuous mode [ 452.757891][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 452.775830][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 452.794282][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 452.805450][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 452.832288][ T12] veth1_macvtap: left promiscuous mode [ 452.855463][ T12] veth0_macvtap: left promiscuous mode [ 452.865790][ T12] veth1_vlan: left promiscuous mode [ 452.871171][ T12] veth0_vlan: left promiscuous mode [ 453.771708][ T12] team0 (unregistering): Port device team_slave_1 removed [ 453.848863][ T12] team0 (unregistering): Port device team_slave_0 removed [ 454.157328][ T4489] Bluetooth: hci1: command 0x0406 tx timeout [ 454.291578][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 454.302579][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 454.316911][T10695] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 454.447284][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 454.459610][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 454.479867][T10695] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 454.620275][T10695] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.630113][T10695] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.639699][ T53] Bluetooth: hci3: command tx timeout [ 454.645460][T10695] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.654289][T10695] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.680696][T11112] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it! [ 454.842480][T10787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 454.897517][ T29] audit: type=1326 audit(1719107693.631:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11116 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x0 [ 454.912754][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 454.940364][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 454.995549][T10859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 455.041126][ T746] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.046782][T10787] veth0_vlan: entered promiscuous mode [ 455.050493][ T746] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.103910][T10787] veth1_vlan: entered promiscuous mode [ 455.118187][T10859] 8021q: adding VLAN 0 to HW filter on device team0 [ 455.218424][ T785] bridge0: port 1(bridge_slave_0) entered blocking state [ 455.225679][ T785] bridge0: port 1(bridge_slave_0) entered forwarding state [ 455.266890][ T785] bridge0: port 2(bridge_slave_1) entered blocking state [ 455.274111][ T785] bridge0: port 2(bridge_slave_1) entered forwarding state [ 455.291720][T10921] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 455.311642][T10787] veth0_macvtap: entered promiscuous mode [ 455.327146][T10921] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 455.352968][T10787] veth1_macvtap: entered promiscuous mode [ 455.369214][T10921] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 455.404372][T10921] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 455.504895][T10787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.516695][T10787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.533043][T10787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.550382][T10787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.564172][T10787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 455.631651][T10787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.656415][T10787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.671544][T10787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.690446][T10787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.702970][T10787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 455.742170][T10787] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.752235][T10787] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.769578][T10787] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.789860][T10787] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.818541][T10859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 456.004895][T10921] 8021q: adding VLAN 0 to HW filter on device bond0 [ 456.034685][T10859] veth0_vlan: entered promiscuous mode [ 456.122448][T10921] 8021q: adding VLAN 0 to HW filter on device team0 [ 456.162193][T10859] veth1_vlan: entered promiscuous mode [ 456.232805][T11129] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 456.234283][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 456.248819][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 456.281373][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 456.288530][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 456.331177][ T746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 456.340992][ T746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 456.442997][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 456.451570][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 456.573265][T10859] veth0_macvtap: entered promiscuous mode [ 456.670998][T10859] veth1_macvtap: entered promiscuous mode [ 456.765928][T10921] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 456.848192][T10859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 456.859245][T10859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 456.869895][T10859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 456.894305][T10859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 456.905078][T10859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 456.926463][T10859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 456.947468][T10859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 456.994593][T10859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 457.007630][T10859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.019332][T10859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 457.030368][T10859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.041912][T10859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 457.054625][T10859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.069012][T10859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 457.104535][T10921] veth0_vlan: entered promiscuous mode [ 457.115771][ T25] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 457.157130][T10859] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.170815][T10859] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.190145][T10859] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.205374][T10859] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 457.232880][T10921] veth1_vlan: entered promiscuous mode [ 457.317795][ T25] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 457.356025][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.404099][ T25] usb 1-1: config 0 descriptor?? [ 457.417827][ T25] cp210x 1-1:0.0: cp210x converter detected [ 457.424485][T10921] veth0_macvtap: entered promiscuous mode [ 457.509201][T10921] veth1_macvtap: entered promiscuous mode [ 457.533541][ T2461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 457.555445][ T2461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 457.572036][T11154] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 457.602779][ T2461] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 457.624307][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.626718][ T2461] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 457.650068][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.655686][T11154] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 457.672687][T11154] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 457.674616][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.689869][T11154] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 457.725612][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.742109][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.753843][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.770070][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.780951][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.800298][T10921] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 457.853876][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 457.875619][ T25] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 457.884029][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.906619][ T25] usb 1-1: cp210x converter now attached to ttyUSB0 [ 457.927749][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 457.971798][T11163] xt_policy: output policy not valid in PREROUTING and INPUT [ 457.979684][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.004510][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.021132][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.031967][T10921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.051190][T10921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.114885][T10921] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 458.137912][ T25] usb 1-1: USB disconnect, device number 15 [ 458.170780][ T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 458.210009][T10921] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.228785][T10921] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.246178][ T25] cp210x 1-1:0.0: device disconnected [ 458.258767][T10921] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.287693][T10921] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.523621][ T746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.551148][ T746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.597895][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.622298][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.891403][T11189] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 458.918306][T11189] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 459.071846][T11189] netlink: 'syz-executor.3': attribute type 29 has an invalid length. [ 459.348933][T11191] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 459.556245][T11220] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 459.858292][T11239] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 460.305889][T11246] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 460.622260][ T29] audit: type=1326 audit(1719107699.331:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa500e7d0a9 code=0x0 [ 460.841501][T11288] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 460.850595][T11288] macvtap1: entered promiscuous mode [ 460.857264][T11288] macvtap1: entered allmulticast mode [ 460.862857][T11288] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 460.881692][T11290] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 461.128036][T11295] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 461.617125][T11320] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 461.817288][T11331] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 462.440097][ T4489] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 462.452694][ T4489] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 462.463430][ T4489] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 462.473434][ T4489] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 462.483868][ T4489] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 462.499511][ T4489] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 462.876516][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.026487][T11363] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 463.212272][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.410491][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.579774][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.662739][T11357] chnl_net:caif_netlink_parms(): no params data found [ 463.758100][T11391] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 463.924823][T11403] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 463.940230][T11403] (unnamed net_device) (uninitialized): option mode: invalid value (129) [ 463.978430][T11357] bridge0: port 1(bridge_slave_0) entered blocking state [ 463.999136][T11357] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.007938][T11357] bridge_slave_0: entered allmulticast mode [ 464.015980][T11357] bridge_slave_0: entered promiscuous mode [ 464.027561][T11357] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.039259][T11357] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.045035][T11409] input: syz1 as /devices/virtual/input/input24 [ 464.061562][T11357] bridge_slave_1: entered allmulticast mode [ 464.088199][T11357] bridge_slave_1: entered promiscuous mode [ 464.238908][ T11] bridge_slave_1: left allmulticast mode [ 464.264059][ T11] bridge_slave_1: left promiscuous mode [ 464.284438][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.305383][ T11] bridge_slave_0: left allmulticast mode [ 464.311188][ T11] bridge_slave_0: left promiscuous mode [ 464.328339][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.537213][ T5197] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 464.635789][ T53] Bluetooth: hci0: command tx timeout [ 464.735518][ T5197] usb 1-1: Using ep0 maxpacket: 16 [ 464.743911][ T5197] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 464.778197][ T5197] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 464.792543][ T5197] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.831424][ T5197] usb 1-1: config 0 descriptor?? [ 465.074970][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 465.091012][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 465.102784][ T11] bond0 (unregistering): Released all slaves [ 465.127890][T11357] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 465.141453][T11357] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 465.151151][T11422] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 465.160948][T11425] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 465.256272][T11417] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 465.301278][T11417] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 465.323468][T11440] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 465.337055][ T5197] hid (null): unknown global tag 0xd [ 465.347247][ T5197] hid (null): unknown global tag 0xe [ 465.376764][ T5197] hid-generic 0003:0158:0100.000E: unknown main item tag 0x1 [ 465.399459][ T5197] hid-generic 0003:0158:0100.000E: unexpected long global item [ 465.410738][ T5197] hid-generic 0003:0158:0100.000E: probe with driver hid-generic failed with error -22 [ 465.444291][T11357] team0: Port device team_slave_0 added [ 465.592558][ T5197] usb 1-1: USB disconnect, device number 16 [ 465.669021][T11357] team0: Port device team_slave_1 added [ 465.801236][T11457] netlink: 'syz-executor.1': attribute type 5 has an invalid length. [ 465.829562][T11457] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 466.126860][T11357] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 466.223840][T11357] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 466.249974][ C1] vkms_vblank_simulate: vblank timer overrun [ 466.333423][T11357] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 466.438073][ T11] hsr_slave_0: left promiscuous mode [ 466.460881][ T11] hsr_slave_1: left promiscuous mode [ 466.490757][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 466.522249][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 466.572872][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 466.632822][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 466.725711][ T53] Bluetooth: hci0: command tx timeout [ 466.733334][ T11] veth1_macvtap: left promiscuous mode [ 466.742557][ T11] veth0_macvtap: left promiscuous mode [ 466.751276][ T11] veth1_vlan: left promiscuous mode [ 466.762318][ T11] veth0_vlan: left promiscuous mode [ 467.304888][ T11] team0 (unregistering): Port device team_slave_1 removed [ 467.354958][ T11] team0 (unregistering): Port device team_slave_0 removed [ 467.896082][T11357] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 467.903062][T11357] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 467.937585][T11357] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 468.016392][T11485] sch_fq: defrate 0 ignored. [ 468.134114][T11357] hsr_slave_0: entered promiscuous mode [ 468.157740][T11357] hsr_slave_1: entered promiscuous mode [ 468.190045][T11357] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 468.190078][T11357] Cannot create hsr debugfs directory [ 468.799438][ T53] Bluetooth: hci0: command tx timeout [ 469.522966][T11520] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 469.537757][T11520] macvtap1: entered promiscuous mode [ 469.574473][T11520] macvtap1: entered allmulticast mode [ 469.606176][T11520] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 470.026528][ T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.310640][ T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.356383][T11542] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 470.379656][T11542] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 470.400041][T11542] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 470.430982][ T4489] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 470.445649][ T4489] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 470.455089][T11542] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 470.466560][ T4489] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 470.477433][T11542] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 470.495039][ T4489] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 470.506016][ T4489] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 470.515833][ T4489] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 470.618080][ T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.711435][T11357] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 470.730681][T11357] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 470.786909][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode [ 470.846219][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.875556][ T4489] Bluetooth: hci0: command tx timeout [ 470.898342][T11357] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 470.942017][T11357] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 471.350294][ T35] bridge_slave_1: left allmulticast mode [ 471.390278][ T35] bridge_slave_1: left promiscuous mode [ 471.390469][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.396150][ T35] bridge_slave_0: left allmulticast mode [ 471.396179][ T35] bridge_slave_0: left promiscuous mode [ 471.396384][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.477447][T11594] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 472.117555][ T29] audit: type=1326 audit(1719107710.841:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.159180][ T29] audit: type=1326 audit(1719107710.841:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.205381][ T29] audit: type=1326 audit(1719107710.881:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.255263][ T29] audit: type=1326 audit(1719107710.881:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.325894][ T29] audit: type=1326 audit(1719107710.881:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.368041][ T29] audit: type=1326 audit(1719107710.881:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.415539][ T29] audit: type=1326 audit(1719107710.881:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.468673][ T29] audit: type=1326 audit(1719107710.881:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.520241][ T29] audit: type=1326 audit(1719107710.881:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.521591][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 472.543022][ C0] vkms_vblank_simulate: vblank timer overrun [ 472.560357][ T29] audit: type=1326 audit(1719107710.881:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11600 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661047d0a9 code=0x7ffc0000 [ 472.594596][ T4489] Bluetooth: hci4: command tx timeout [ 472.606548][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 472.632798][ T35] bond0 (unregistering): Released all slaves [ 472.783604][T11554] chnl_net:caif_netlink_parms(): no params data found [ 472.974373][T11646] xt_TPROXY: Can be used only with -p tcp or -p udp [ 472.991594][T11357] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.309864][T11357] 8021q: adding VLAN 0 to HW filter on device team0 [ 473.406355][T11661] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 473.420174][T11554] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.437123][T11554] bridge0: port 1(bridge_slave_0) entered disabled state [ 473.444811][T11554] bridge_slave_0: entered allmulticast mode [ 473.452892][T11554] bridge_slave_0: entered promiscuous mode [ 473.487305][ T25] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 473.525433][ T35] hsr_slave_0: left promiscuous mode [ 473.531806][ T35] hsr_slave_1: left promiscuous mode [ 473.541964][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 473.552800][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 473.577156][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 473.584805][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 473.633800][ T35] veth1_macvtap: left promiscuous mode [ 473.639777][ T35] veth0_macvtap: left promiscuous mode [ 473.646612][ T35] veth1_vlan: left promiscuous mode [ 473.652148][ T35] veth0_vlan: left promiscuous mode [ 473.705439][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 473.712480][ T25] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 473.721051][ T25] usb 2-1: config 179 has no interface number 0 [ 473.743116][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 473.754375][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 473.766788][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 473.778752][ T25] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 473.790382][ T25] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 473.803814][ T25] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 473.812994][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.839941][T11658] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 473.855590][ T5199] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 474.051688][ T5199] usb 1-1: Using ep0 maxpacket: 16 [ 474.065585][ T5199] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 474.113363][ T5199] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 474.123611][ T5199] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.141349][ T5199] usb 1-1: config 0 descriptor?? [ 474.223578][ T25] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input25 [ 474.356746][ T25] usb 2-1: USB disconnect, device number 17 [ 474.362720][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 474.362754][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 474.401054][ T25] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 474.590842][ T35] team0 (unregistering): Port device team_slave_1 removed [ 474.611095][T11677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 474.633160][T11677] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 474.645517][ T4489] Bluetooth: hci4: command tx timeout [ 474.647918][ T5199] hid (null): unknown global tag 0xd [ 474.656596][ T5199] hid (null): unknown global tag 0xe [ 474.664182][ T5199] hid-generic 0003:0158:0100.000F: unknown main item tag 0x1 [ 474.671775][ T5199] hid-generic 0003:0158:0100.000F: unexpected long global item [ 474.688304][ T5199] hid-generic 0003:0158:0100.000F: probe with driver hid-generic failed with error -22 [ 474.703602][ T35] team0 (unregistering): Port device team_slave_0 removed [ 474.878064][ T25] usb 1-1: USB disconnect, device number 17 [ 475.348226][T11554] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.359114][T11554] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.367510][T11554] bridge_slave_1: entered allmulticast mode [ 475.374361][T11554] bridge_slave_1: entered promiscuous mode [ 475.499600][ T6589] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.506805][ T6589] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.535340][ T6589] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.542560][ T6589] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.562243][T11554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 475.632645][T11554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 475.800422][T11554] team0: Port device team_slave_0 added [ 475.841772][T11554] team0: Port device team_slave_1 added [ 475.843986][T11702] xt_TPROXY: Can be used only with -p tcp or -p udp [ 476.032112][T11703] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 476.071402][T11703] macvtap1: entered promiscuous mode [ 476.077494][T11703] macvtap1: entered allmulticast mode [ 476.083059][T11703] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 476.163846][T11554] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 476.182224][T11554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 476.208152][ C0] vkms_vblank_simulate: vblank timer overrun [ 476.253991][T11554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 476.325046][T11554] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 476.361552][T11554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 476.405047][T11554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 476.582944][T11357] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 476.629117][T11554] hsr_slave_0: entered promiscuous mode [ 476.665713][ T8] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 476.674949][T11554] hsr_slave_1: entered promiscuous mode [ 476.708333][T11554] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 476.715646][ T4489] Bluetooth: hci4: command tx timeout [ 476.722175][T11554] Cannot create hsr debugfs directory [ 476.865742][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 476.873647][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 476.890020][ T8] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 476.906032][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.941477][ T8] usb 5-1: config 0 descriptor?? [ 477.076018][T11357] veth0_vlan: entered promiscuous mode [ 477.160870][T11357] veth1_vlan: entered promiscuous mode [ 477.243269][T11357] veth0_macvtap: entered promiscuous mode [ 477.272323][T11357] veth1_macvtap: entered promiscuous mode [ 477.358811][T11357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.386635][T11727] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 477.403084][T11727] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 477.403456][T11357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.433358][T11357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.442038][ T8] hid (null): unknown global tag 0xd [ 477.444569][T11357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.460082][ T8] hid (null): unknown global tag 0xe [ 477.468054][T11357] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 477.481277][ T8] hid-generic 0003:0158:0100.0010: unknown main item tag 0x1 [ 477.495045][ T8] hid-generic 0003:0158:0100.0010: unexpected long global item [ 477.505901][ T8] hid-generic 0003:0158:0100.0010: probe with driver hid-generic failed with error -22 [ 477.661918][ T25] usb 5-1: USB disconnect, device number 26 [ 477.734674][T11357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.751433][T11357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.786596][T11357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.809121][T11357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.831767][T11357] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 477.872491][T11357] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.885685][T11357] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.895370][T11357] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.925364][T11357] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.988565][T11772] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 477.996968][T11772] macvtap1: entered promiscuous mode [ 478.003035][T11772] macvtap1: entered allmulticast mode [ 478.008808][T11772] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 478.426391][T11554] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 478.427492][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.449393][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.470268][T11554] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 478.507082][T11554] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 478.540542][T11554] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 478.602109][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.623277][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.795778][ T4489] Bluetooth: hci4: command tx timeout [ 478.871798][T11554] 8021q: adding VLAN 0 to HW filter on device bond0 [ 478.969139][T11554] 8021q: adding VLAN 0 to HW filter on device team0 [ 479.018582][ T5199] bridge0: port 1(bridge_slave_0) entered blocking state [ 479.025760][ T5199] bridge0: port 1(bridge_slave_0) entered forwarding state [ 479.122817][ T5199] bridge0: port 2(bridge_slave_1) entered blocking state [ 479.130055][ T5199] bridge0: port 2(bridge_slave_1) entered forwarding state [ 479.396619][T11554] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 479.666773][T11554] veth0_vlan: entered promiscuous mode [ 479.691294][T11842] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 479.757847][T11554] veth1_vlan: entered promiscuous mode [ 479.948045][T11554] veth0_macvtap: entered promiscuous mode [ 479.987550][T11554] veth1_macvtap: entered promiscuous mode [ 480.111107][T11554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.162560][T11554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.198507][T11554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.247819][T11554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.265045][T11554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.283821][T11554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.331939][T11554] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 480.390052][T11554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.431495][T11554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.476319][T11554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.509532][T11554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.541265][T11554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.562357][T11554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.609860][T11554] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 480.655786][T11554] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.704597][T11554] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.718635][T11554] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.737250][T11554] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.004428][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.039277][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.111858][ T2461] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.124871][ T2461] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.265513][ T785] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 481.317335][ T5199] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 481.475457][ T785] usb 5-1: Using ep0 maxpacket: 8 [ 481.488363][ T785] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 481.525438][ T785] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 481.542679][ T5199] usb 1-1: config 0 has no interfaces? [ 481.556832][ T785] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 481.566102][ T5199] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 481.585888][ T5199] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.593968][ T785] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.614987][ T5199] usb 1-1: config 0 descriptor?? [ 481.888102][T11903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 481.910992][ T785] usb 5-1: string descriptor 0 read error: -71 [ 481.928754][T11903] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 481.931747][ T785] hub 5-1:32.0: USB hub found [ 481.956402][ T785] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 481.979293][T11903] [ 481.981662][T11903] ===================================================== [ 481.988604][T11903] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 481.996075][T11903] 6.10.0-rc4-syzkaller-00301-g5f583a3162ff #0 Not tainted [ 482.003183][T11903] ----------------------------------------------------- [ 482.010099][T11903] syz-executor.0/11903 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 482.018182][T11903] ffff888066c75408 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x19e/0x4d0 [ 482.026999][T11903] [ 482.026999][T11903] and this task is already holding: [ 482.034457][T11903] ffff88806be1b028 (&client->buffer_lock){-.-.}-{2:2}, at: evdev_pass_values+0xf2/0xad0 [ 482.037659][ T785] usb 5-1: USB disconnect, device number 27 [ 482.044211][T11903] which would create a new lock dependency: [ 482.044223][T11903] (&client->buffer_lock){-.-.}-{2:2} -> (&new->fa_lock){....}-{2:2} [ 482.044266][T11903] [ 482.044266][T11903] but this new dependency connects a HARDIRQ-irq-safe lock: [ 482.044274][T11903] (&client->buffer_lock){-.-.}-{2:2} [ 482.044291][T11903] [ 482.044291][T11903] ... which became HARDIRQ-irq-safe at: [ 482.044299][T11903] lock_acquire+0x1ed/0x550 [ 482.044320][T11903] _raw_spin_lock+0x2e/0x40 [ 482.044350][T11903] evdev_pass_values+0xf2/0xad0 [ 482.044366][T11903] evdev_events+0x1c2/0x300 [ 482.044379][T11903] input_pass_values+0x84d/0x1200 [ 482.044394][T11903] input_event_dispose+0x402/0x650 [ 482.115827][T11903] input_handle_event+0xa71/0xbe0 [ 482.120941][T11903] input_event+0xa4/0xd0 [ 482.125264][T11903] hidinput_hid_event+0x138c/0x1ca0 [ 482.130544][T11903] hid_process_event+0x439/0x590 [ 482.135557][T11903] hid_report_raw_event+0x1002/0x18a0 [ 482.141001][T11903] hid_input_report+0x416/0x500 [ 482.145936][T11903] hid_irq_in+0x4a0/0x6d0 [ 482.150345][T11903] __usb_hcd_giveback_urb+0x42c/0x6e0 [ 482.155793][T11903] dummy_timer+0x830/0x45d0 [ 482.160370][T11903] __hrtimer_run_queues+0x59b/0xd50 [ 482.165649][T11903] hrtimer_interrupt+0x396/0x990 [ 482.170664][T11903] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 482.176814][T11903] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 482.182525][T11903] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 482.188588][T11903] finish_task_switch+0x1ea/0x870 [ 482.193690][T11903] __schedule+0x17f0/0x4a20 [ 482.198273][T11903] preempt_schedule_common+0x84/0xd0 [ 482.203628][T11903] preempt_schedule+0xe1/0xf0 [ 482.208380][T11903] preempt_schedule_thunk+0x1a/0x30 [ 482.213767][T11903] try_to_wake_up+0x9a1/0x1470 [ 482.218609][T11903] wake_up_q+0xc8/0x120 [ 482.223016][T11903] futex_wake+0x523/0x5c0 [ 482.227427][T11903] do_futex+0x392/0x560 [ 482.231652][T11903] __se_sys_futex+0x3f9/0x480 [ 482.236403][T11903] do_syscall_64+0xf3/0x230 [ 482.240985][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.246984][T11903] [ 482.246984][T11903] to a HARDIRQ-irq-unsafe lock: [ 482.253985][T11903] (tasklist_lock){.+.+}-{2:2} [ 482.254009][T11903] [ 482.254009][T11903] ... which became HARDIRQ-irq-unsafe at: [ 482.266635][T11903] ... [ 482.266646][T11903] lock_acquire+0x1ed/0x550 [ 482.273827][T11903] _raw_read_lock+0x36/0x50 [ 482.278413][T11903] __do_wait+0x12d/0x850 [ 482.282739][T11903] do_wait+0x1e9/0x560 [ 482.286893][T11903] kernel_wait+0xe9/0x240 [ 482.291302][T11903] call_usermodehelper_exec_work+0xbd/0x230 [ 482.297274][T11903] process_scheduled_works+0xa2c/0x1830 [ 482.303098][T11903] worker_thread+0x86d/0xd70 [ 482.307762][T11903] kthread+0x2f0/0x390 [ 482.311906][T11903] ret_from_fork+0x4b/0x80 [ 482.316411][T11903] ret_from_fork_asm+0x1a/0x30 [ 482.321255][T11903] [ 482.321255][T11903] other info that might help us debug this: [ 482.321255][T11903] [ 482.331488][T11903] Chain exists of: [ 482.331488][T11903] &client->buffer_lock --> &new->fa_lock --> tasklist_lock [ 482.331488][T11903] [ 482.344801][T11903] Possible interrupt unsafe locking scenario: [ 482.344801][T11903] [ 482.353109][T11903] CPU0 CPU1 [ 482.358457][T11903] ---- ---- [ 482.363981][T11903] lock(tasklist_lock); [ 482.368212][T11903] local_irq_disable(); [ 482.374950][T11903] lock(&client->buffer_lock); [ 482.382312][T11903] lock(&new->fa_lock); [ 482.389082][T11903] [ 482.392535][T11903] lock(&client->buffer_lock); [ 482.397561][T11903] [ 482.397561][T11903] *** DEADLOCK *** [ 482.397561][T11903] [ 482.405690][T11903] 7 locks held by syz-executor.0/11903: [ 482.411217][T11903] #0: ffff888024473110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x272/0x7c0 [ 482.420354][T11903] #1: ffff88801a716230 (&dev->event_lock#2){-.-.}-{2:2}, at: input_inject_event+0xc5/0x340 [ 482.430651][T11903] #2: ffffffff8e333fa0 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0xd6/0x340 [ 482.440309][T11903] #3: ffffffff8e333fa0 (rcu_read_lock){....}-{1:2}, at: input_pass_values+0x9d/0x1200 [ 482.449958][T11903] #4: ffffffff8e333fa0 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x6f/0x300 [ 482.459192][T11903] #5: ffff88806be1b028 (&client->buffer_lock){-.-.}-{2:2}, at: evdev_pass_values+0xf2/0xad0 [ 482.469385][T11903] #6: ffffffff8e333fa0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x55/0x4d0 [ 482.478442][T11903] [ 482.478442][T11903] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 482.488849][T11903] -> (&client->buffer_lock){-.-.}-{2:2} { [ 482.494574][T11903] IN-HARDIRQ-W at: [ 482.498549][T11903] lock_acquire+0x1ed/0x550 [ 482.504721][T11903] _raw_spin_lock+0x2e/0x40 [ 482.510986][T11903] evdev_pass_values+0xf2/0xad0 [ 482.517512][T11903] evdev_events+0x1c2/0x300 [ 482.523654][T11903] input_pass_values+0x84d/0x1200 [ 482.530316][T11903] input_event_dispose+0x402/0x650 [ 482.537068][T11903] input_handle_event+0xa71/0xbe0 [ 482.543825][T11903] input_event+0xa4/0xd0 [ 482.549709][T11903] hidinput_hid_event+0x138c/0x1ca0 [ 482.556547][T11903] hid_process_event+0x439/0x590 [ 482.563120][T11903] hid_report_raw_event+0x1002/0x18a0 [ 482.570367][T11903] hid_input_report+0x416/0x500 [ 482.576860][T11903] hid_irq_in+0x4a0/0x6d0 [ 482.583024][T11903] __usb_hcd_giveback_urb+0x42c/0x6e0 [ 482.590057][T11903] dummy_timer+0x830/0x45d0 [ 482.596215][T11903] __hrtimer_run_queues+0x59b/0xd50 [ 482.603077][T11903] hrtimer_interrupt+0x396/0x990 [ 482.609656][T11903] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 482.617276][T11903] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 482.624553][T11903] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 482.632262][T11903] finish_task_switch+0x1ea/0x870 [ 482.638935][T11903] __schedule+0x17f0/0x4a20 [ 482.645079][T11903] preempt_schedule_common+0x84/0xd0 [ 482.652113][T11903] preempt_schedule+0xe1/0xf0 [ 482.658452][T11903] preempt_schedule_thunk+0x1a/0x30 [ 482.665381][T11903] try_to_wake_up+0x9a1/0x1470 [ 482.671784][T11903] wake_up_q+0xc8/0x120 [ 482.677659][T11903] futex_wake+0x523/0x5c0 [ 482.683631][T11903] do_futex+0x392/0x560 [ 482.689426][T11903] __se_sys_futex+0x3f9/0x480 [ 482.695748][T11903] do_syscall_64+0xf3/0x230 [ 482.701892][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.709434][T11903] IN-SOFTIRQ-W at: [ 482.713402][T11903] lock_acquire+0x1ed/0x550 [ 482.719541][T11903] _raw_spin_lock+0x2e/0x40 [ 482.725686][T11903] evdev_pass_values+0xf2/0xad0 [ 482.732262][T11903] evdev_events+0x1c2/0x300 [ 482.738580][T11903] input_pass_values+0x84d/0x1200 [ 482.745243][T11903] input_event_dispose+0x402/0x650 [ 482.751997][T11903] input_handle_event+0xa71/0xbe0 [ 482.758666][T11903] input_event+0xa4/0xd0 [ 482.764635][T11903] hidinput_hid_event+0x138c/0x1ca0 [ 482.771473][T11903] hid_process_event+0x439/0x590 [ 482.778071][T11903] hid_report_raw_event+0x1002/0x18a0 [ 482.785084][T11903] hid_input_report+0x416/0x500 [ 482.791576][T11903] hid_irq_in+0x4a0/0x6d0 [ 482.797550][T11903] __usb_hcd_giveback_urb+0x42c/0x6e0 [ 482.804561][T11903] dummy_timer+0x830/0x45d0 [ 482.810789][T11903] __hrtimer_run_queues+0x59b/0xd50 [ 482.817647][T11903] hrtimer_interrupt+0x396/0x990 [ 482.824226][T11903] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 482.831851][T11903] sysvec_apic_timer_interrupt+0x52/0xc0 [ 482.839130][T11903] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 482.846760][T11903] _raw_spin_unlock_irq+0x29/0x50 [ 482.853428][T11903] __run_timer_base+0x1c0/0x8e0 [ 482.859920][T11903] run_timer_softirq+0xb7/0x170 [ 482.866410][T11903] handle_softirqs+0x2c4/0x970 [ 482.872812][T11903] __irq_exit_rcu+0xf4/0x1c0 [ 482.879062][T11903] irq_exit_rcu+0x9/0x30 [ 482.884944][T11903] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 482.892223][T11903] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 482.899858][T11903] finish_task_switch+0x1ea/0x870 [ 482.906527][T11903] __schedule+0x17f0/0x4a20 [ 482.912667][T11903] preempt_schedule_common+0x84/0xd0 [ 482.919586][T11903] preempt_schedule+0xe1/0xf0 [ 482.925895][T11903] preempt_schedule_thunk+0x1a/0x30 [ 482.932730][T11903] try_to_wake_up+0x9a1/0x1470 [ 482.939132][T11903] wake_up_q+0xc8/0x120 [ 482.944921][T11903] futex_wake+0x523/0x5c0 [ 482.950888][T11903] do_futex+0x392/0x560 [ 482.956693][T11903] __se_sys_futex+0x3f9/0x480 [ 482.963004][T11903] do_syscall_64+0xf3/0x230 [ 482.969151][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.976688][T11903] INITIAL USE at: [ 482.980569][T11903] lock_acquire+0x1ed/0x550 [ 482.986634][T11903] _raw_spin_lock+0x2e/0x40 [ 482.992694][T11903] evdev_pass_values+0xf2/0xad0 [ 482.999097][T11903] evdev_events+0x1c2/0x300 [ 483.005153][T11903] input_pass_values+0x84d/0x1200 [ 483.011812][T11903] input_event_dispose+0x36c/0x650 [ 483.018478][T11903] input_handle_event+0xa71/0xbe0 [ 483.025140][T11903] input_inject_event+0x22f/0x340 [ 483.031716][T11903] evdev_write+0x672/0x7c0 [ 483.037682][T11903] vfs_write+0x2a2/0xc90 [ 483.043475][T11903] ksys_write+0x1a0/0x2c0 [ 483.049355][T11903] do_syscall_64+0xf3/0x230 [ 483.055413][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.062896][T11903] } [ 483.065381][T11903] ... key at: [] evdev_open.__key.24+0x0/0x20 [ 483.073520][T11903] [ 483.073520][T11903] the dependencies between the lock to be acquired [ 483.073528][T11903] and HARDIRQ-irq-unsafe lock: [ 483.087024][T11903] -> (tasklist_lock){.+.+}-{2:2} { [ 483.092317][T11903] HARDIRQ-ON-R at: [ 483.096458][T11903] lock_acquire+0x1ed/0x550 [ 483.102954][T11903] _raw_read_lock+0x36/0x50 [ 483.109465][T11903] __do_wait+0x12d/0x850 [ 483.115779][T11903] do_wait+0x1e9/0x560 [ 483.121843][T11903] kernel_wait+0xe9/0x240 [ 483.128171][T11903] call_usermodehelper_exec_work+0xbd/0x230 [ 483.136049][T11903] process_scheduled_works+0xa2c/0x1830 [ 483.143578][T11903] worker_thread+0x86d/0xd70 [ 483.150162][T11903] kthread+0x2f0/0x390 [ 483.156224][T11903] ret_from_fork+0x4b/0x80 [ 483.162644][T11903] ret_from_fork_asm+0x1a/0x30 [ 483.169394][T11903] SOFTIRQ-ON-R at: [ 483.173533][T11903] lock_acquire+0x1ed/0x550 [ 483.180028][T11903] _raw_read_lock+0x36/0x50 [ 483.186607][T11903] __do_wait+0x12d/0x850 [ 483.192839][T11903] do_wait+0x1e9/0x560 [ 483.198894][T11903] kernel_wait+0xe9/0x240 [ 483.205238][T11903] call_usermodehelper_exec_work+0xbd/0x230 [ 483.213116][T11903] process_scheduled_works+0xa2c/0x1830 [ 483.220645][T11903] worker_thread+0x86d/0xd70 [ 483.227234][T11903] kthread+0x2f0/0x390 [ 483.233295][T11903] ret_from_fork+0x4b/0x80 [ 483.239718][T11903] ret_from_fork_asm+0x1a/0x30 [ 483.246472][T11903] INITIAL USE at: [ 483.250525][T11903] lock_acquire+0x1ed/0x550 [ 483.256930][T11903] _raw_write_lock_irq+0xd3/0x120 [ 483.263850][T11903] copy_process+0x228b/0x3dc0 [ 483.270512][T11903] kernel_clone+0x226/0x8f0 [ 483.276911][T11903] user_mode_thread+0x132/0x1a0 [ 483.283662][T11903] rest_init+0x23/0x300 [ 483.289733][T11903] start_kernel+0x47a/0x500 [ 483.296174][T11903] x86_64_start_reservations+0x2a/0x30 [ 483.303545][T11903] x86_64_start_kernel+0x99/0xa0 [ 483.310476][T11903] common_startup_64+0x13e/0x147 [ 483.317323][T11903] INITIAL READ USE at: [ 483.321898][T11903] lock_acquire+0x1ed/0x550 [ 483.328747][T11903] _raw_read_lock+0x36/0x50 [ 483.335596][T11903] __do_wait+0x12d/0x850 [ 483.342195][T11903] do_wait+0x1e9/0x560 [ 483.348689][T11903] kernel_wait+0xe9/0x240 [ 483.355355][T11903] call_usermodehelper_exec_work+0xbd/0x230 [ 483.363576][T11903] process_scheduled_works+0xa2c/0x1830 [ 483.371452][T11903] worker_thread+0x86d/0xd70 [ 483.378461][T11903] kthread+0x2f0/0x390 [ 483.384860][T11903] ret_from_fork+0x4b/0x80 [ 483.391623][T11903] ret_from_fork_asm+0x1a/0x30 [ 483.398731][T11903] } [ 483.401388][T11903] ... key at: [] tasklist_lock+0x18/0x40 [ 483.409276][T11903] ... acquired at: [ 483.413258][T11903] lock_acquire+0x1ed/0x550 [ 483.417946][T11903] _raw_read_lock+0x36/0x50 [ 483.422626][T11903] send_sigio+0xfc/0x360 [ 483.427057][T11903] kill_fasync+0x23a/0x4d0 [ 483.431633][T11903] lease_break_callback+0x26/0x30 [ 483.436825][T11903] __break_lease+0x6d5/0x1820 [ 483.441763][T11903] do_dentry_open+0x89e/0x1720 [ 483.446697][T11903] path_openat+0x289f/0x3280 [ 483.451538][T11903] do_filp_open+0x235/0x490 [ 483.456289][T11903] do_sys_openat2+0x13e/0x1d0 [ 483.461138][T11903] __x64_sys_openat+0x247/0x2a0 [ 483.466151][T11903] do_syscall_64+0xf3/0x230 [ 483.470942][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.477074][T11903] [ 483.479392][T11903] -> (&f->f_owner.lock){...-}-{2:2} { [ 483.484871][T11903] IN-SOFTIRQ-R at: [ 483.488932][T11903] lock_acquire+0x1ed/0x550 [ 483.495257][T11903] _raw_read_lock_irqsave+0xdd/0x130 [ 483.502810][T11903] send_sigurg+0x29/0x3c0 [ 483.509060][T11903] sk_send_sigurg+0x75/0x2f0 [ 483.515570][T11903] tcp_check_urg+0x207/0x740 [ 483.522016][T11903] tcp_urg+0x15c/0x450 [ 483.527912][T11903] tcp_rcv_established+0xfac/0x2020 [ 483.535017][T11903] tcp_v4_do_rcv+0x965/0xc60 [ 483.541426][T11903] tcp_v4_rcv+0x2d90/0x37b0 [ 483.547744][T11903] ip_protocol_deliver_rcu+0x225/0x430 [ 483.555015][T11903] ip_local_deliver_finish+0x33f/0x5f0 [ 483.562336][T11903] NF_HOOK+0x3a4/0x450 [ 483.568215][T11903] NF_HOOK+0x3a4/0x450 [ 483.574266][T11903] __netif_receive_skb+0x2bf/0x650 [ 483.581197][T11903] process_backlog+0x391/0x7d0 [ 483.587864][T11903] __napi_poll+0xcb/0x490 [ 483.594007][T11903] net_rx_action+0x7bb/0x10a0 [ 483.600581][T11903] handle_softirqs+0x2c4/0x970 [ 483.607157][T11903] __irq_exit_rcu+0xf4/0x1c0 [ 483.613554][T11903] irq_exit_rcu+0x9/0x30 [ 483.619606][T11903] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 483.627315][T11903] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 483.635198][T11903] acpi_safe_halt+0x21/0x30 [ 483.641507][T11903] acpi_idle_enter+0xe4/0x140 [ 483.648077][T11903] cpuidle_enter_state+0x112/0x480 [ 483.655005][T11903] cpuidle_enter+0x5d/0xa0 [ 483.661235][T11903] do_idle+0x375/0x5d0 [ 483.667113][T11903] cpu_startup_entry+0x42/0x60 [ 483.673686][T11903] rest_init+0x2dc/0x300 [ 483.679738][T11903] start_kernel+0x47a/0x500 [ 483.686056][T11903] x86_64_start_reservations+0x2a/0x30 [ 483.693330][T11903] x86_64_start_kernel+0x99/0xa0 [ 483.700075][T11903] common_startup_64+0x13e/0x147 [ 483.706827][T11903] INITIAL USE at: [ 483.710793][T11903] lock_acquire+0x1ed/0x550 [ 483.717022][T11903] _raw_write_lock_irq+0xd3/0x120 [ 483.723773][T11903] f_modown+0x38/0x340 [ 483.729561][T11903] f_setown+0x14f/0x200 [ 483.735437][T11903] do_fcntl+0x67d/0x1730 [ 483.741398][T11903] __se_sys_fcntl+0xd2/0x1c0 [ 483.747713][T11903] do_syscall_64+0xf3/0x230 [ 483.753940][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.761564][T11903] INITIAL READ USE at: [ 483.765961][T11903] lock_acquire+0x1ed/0x550 [ 483.772624][T11903] _raw_read_lock_irqsave+0xdd/0x130 [ 483.780065][T11903] send_sigurg+0x29/0x3c0 [ 483.786566][T11903] sk_send_sigurg+0x75/0x2f0 [ 483.793318][T11903] tcp_check_urg+0x207/0x740 [ 483.800067][T11903] tcp_urg+0x15c/0x450 [ 483.806296][T11903] tcp_rcv_established+0xfac/0x2020 [ 483.813652][T11903] tcp_v4_do_rcv+0x965/0xc60 [ 483.820398][T11903] __release_sock+0x214/0x350 [ 483.827233][T11903] release_sock+0x61/0x1f0 [ 483.833801][T11903] tcp_sendmsg+0x3a/0x50 [ 483.840202][T11903] __sock_sendmsg+0x1a6/0x270 [ 483.847041][T11903] __sys_sendto+0x3a4/0x4f0 [ 483.853700][T11903] __x64_sys_sendto+0xde/0x100 [ 483.860618][T11903] do_syscall_64+0xf3/0x230 [ 483.867285][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.875338][T11903] } [ 483.877906][T11903] ... key at: [] init_file.__key+0x0/0x20 [ 483.885786][T11903] ... acquired at: [ 483.889657][T11903] lock_acquire+0x1ed/0x550 [ 483.894316][T11903] _raw_read_lock_irqsave+0xdd/0x130 [ 483.899760][T11903] send_sigio+0x33/0x360 [ 483.904161][T11903] kill_fasync+0x23a/0x4d0 [ 483.908738][T11903] mousedev_write+0x993/0x9e0 [ 483.913585][T11903] vfs_write+0x2a2/0xc90 [ 483.917995][T11903] ksys_write+0x1a0/0x2c0 [ 483.922489][T11903] do_syscall_64+0xf3/0x230 [ 483.927164][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.933221][T11903] [ 483.935532][T11903] -> (&new->fa_lock){....}-{2:2} { [ 483.940667][T11903] INITIAL USE at: [ 483.944643][T11903] lock_acquire+0x1ed/0x550 [ 483.950701][T11903] _raw_write_lock_irq+0xd3/0x120 [ 483.957276][T11903] fasync_remove_entry+0xff/0x1d0 [ 483.963850][T11903] __fput+0x745/0x8b0 [ 483.969379][T11903] task_work_run+0x24f/0x310 [ 483.975517][T11903] syscall_exit_to_user_mode+0x168/0x370 [ 483.982700][T11903] do_syscall_64+0x100/0x230 [ 483.988841][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.996287][T11903] INITIAL READ USE at: [ 484.000688][T11903] lock_acquire+0x1ed/0x550 [ 484.007182][T11903] _raw_read_lock_irqsave+0xdd/0x130 [ 484.014623][T11903] kill_fasync+0x19e/0x4d0 [ 484.021024][T11903] mousedev_write+0x993/0x9e0 [ 484.027779][T11903] vfs_write+0x2a2/0xc90 [ 484.034007][T11903] ksys_write+0x1a0/0x2c0 [ 484.040321][T11903] do_syscall_64+0xf3/0x230 [ 484.046902][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.054881][T11903] } [ 484.057365][T11903] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 484.066033][T11903] ... acquired at: [ 484.069819][T11903] lock_acquire+0x1ed/0x550 [ 484.074481][T11903] _raw_read_lock_irqsave+0xdd/0x130 [ 484.079920][T11903] kill_fasync+0x19e/0x4d0 [ 484.084581][T11903] evdev_pass_values+0x58a/0xad0 [ 484.089679][T11903] evdev_events+0x1c2/0x300 [ 484.094343][T11903] input_pass_values+0x84d/0x1200 [ 484.099530][T11903] input_event_dispose+0x36c/0x650 [ 484.104805][T11903] input_handle_event+0xa71/0xbe0 [ 484.109990][T11903] input_inject_event+0x22f/0x340 [ 484.115183][T11903] evdev_write+0x672/0x7c0 [ 484.119761][T11903] vfs_write+0x2a2/0xc90 [ 484.124177][T11903] ksys_write+0x1a0/0x2c0 [ 484.128663][T11903] do_syscall_64+0xf3/0x230 [ 484.133329][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.139385][T11903] [ 484.141715][T11903] [ 484.141715][T11903] stack backtrace: [ 484.147596][T11903] CPU: 1 PID: 11903 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00301-g5f583a3162ff #0 [ 484.158074][T11903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 484.168227][T11903] Call Trace: [ 484.171517][T11903] [ 484.174456][T11903] dump_stack_lvl+0x241/0x360 [ 484.179166][T11903] ? __pfx_dump_stack_lvl+0x10/0x10 [ 484.184375][T11903] ? __pfx__printk+0x10/0x10 [ 484.188973][T11903] ? print_shortest_lock_dependencies+0xf2/0x160 [ 484.195304][T11903] validate_chain+0x4de0/0x5900 [ 484.200148][T11903] ? mark_lock+0x9a/0x350 [ 484.204472][T11903] ? __pfx_validate_chain+0x10/0x10 [ 484.209847][T11903] ? rcu_is_watching+0x15/0xb0 [ 484.214607][T11903] ? __pfx_validate_chain+0x10/0x10 [ 484.219827][T11903] ? trace_pelt_se_tp+0x3d/0x140 [ 484.224760][T11903] ? register_lock_class+0x102/0x980 [ 484.230122][T11903] ? __pfx_register_lock_class+0x10/0x10 [ 484.235745][T11903] ? look_up_lock_class+0x77/0x160 [ 484.240850][T11903] ? mark_lock+0x9a/0x350 [ 484.245170][T11903] __lock_acquire+0x1346/0x1fd0 [ 484.250036][T11903] lock_acquire+0x1ed/0x550 [ 484.254540][T11903] ? kill_fasync+0x19e/0x4d0 [ 484.259127][T11903] ? __pfx_lock_acquire+0x10/0x10 [ 484.264145][T11903] ? __pfx_lock_acquire+0x10/0x10 [ 484.269422][T11903] _raw_read_lock_irqsave+0xdd/0x130 [ 484.274693][T11903] ? kill_fasync+0x19e/0x4d0 [ 484.279273][T11903] ? __pfx__raw_read_lock_irqsave+0x10/0x10 [ 484.285155][T11903] kill_fasync+0x19e/0x4d0 [ 484.289557][T11903] ? kill_fasync+0x55/0x4d0 [ 484.294044][T11903] evdev_pass_values+0x58a/0xad0 [ 484.298971][T11903] ? evdev_pass_values+0x5c1/0xad0 [ 484.304071][T11903] evdev_events+0x1c2/0x300 [ 484.308555][T11903] ? evdev_events+0x6f/0x300 [ 484.313148][T11903] ? __pfx_evdev_events+0x10/0x10 [ 484.318181][T11903] input_pass_values+0x84d/0x1200 [ 484.323207][T11903] ? input_pass_values+0x9d/0x1200 [ 484.328318][T11903] input_event_dispose+0x36c/0x650 [ 484.333427][T11903] input_handle_event+0xa71/0xbe0 [ 484.338446][T11903] ? _raw_spin_lock_irqsave+0xe1/0x120 [ 484.343902][T11903] ? __pfx_input_handle_event+0x10/0x10 [ 484.349444][T11903] input_inject_event+0x22f/0x340 [ 484.354458][T11903] ? input_inject_event+0xd6/0x340 [ 484.359560][T11903] evdev_write+0x672/0x7c0 [ 484.363968][T11903] ? __pfx_evdev_write+0x10/0x10 [ 484.368893][T11903] ? bpf_lsm_file_permission+0x9/0x10 [ 484.374254][T11903] ? security_file_permission+0x7f/0xa0 [ 484.379793][T11903] ? rw_verify_area+0x1d2/0x6b0 [ 484.384638][T11903] ? __pfx_evdev_write+0x10/0x10 [ 484.389646][T11903] vfs_write+0x2a2/0xc90 [ 484.393880][T11903] ? __pfx_vfs_write+0x10/0x10 [ 484.398631][T11903] ? do_futex+0x33b/0x560 [ 484.402947][T11903] ? __fget_files+0x29/0x470 [ 484.407528][T11903] ? __fget_files+0x3f6/0x470 [ 484.412191][T11903] ? __fget_files+0x29/0x470 [ 484.416773][T11903] ksys_write+0x1a0/0x2c0 [ 484.421093][T11903] ? __pfx_ksys_write+0x10/0x10 [ 484.425940][T11903] ? do_syscall_64+0x100/0x230 [ 484.430729][T11903] ? do_syscall_64+0xb6/0x230 [ 484.435417][T11903] do_syscall_64+0xf3/0x230 [ 484.439927][T11903] ? clear_bhb_loop+0x35/0x90 [ 484.444601][T11903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.450510][T11903] RIP: 0033:0x7fa500e7d0a9 [ 484.455009][T11903] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 484.474604][T11903] RSP: 002b:00007fa501ba00c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 484.483010][T11903] RAX: ffffffffffffffda RBX: 00007fa500fb3f80 RCX: 00007fa500e7d0a9 [ 484.491059][T11903] RDX: 0000000000002778 RSI: 0000000020000040 RDI: 0000000000000005 2024/06/23 01:55:20 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 484.499019][T11903] RBP: 00007fa500eec074 R08: 0000000000000000 R09: 0000000000000000 [ 484.506993][T11903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.514966][T11903] R13: 000000000000000b R14: 00007fa500fb3f80 R15: 00007fa5010dfaa8 [ 484.522942][T11903] [ 484.571021][ T4489] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 484.579416][ T4489] Bluetooth: hci0: Injecting HCI hardware error event [ 484.586367][ T53] Bluetooth: hci0: hardware error 0x00 [ 484.837532][ T5196] usb 1-1: USB disconnect, device number 18 [ 484.847940][ T5572] udevd[5572]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory