last executing test programs: 16.009534788s ago: executing program 4 (id=3486): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000005c0)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="140100001400b99f000000000000c04b06"], 0x114}], 0x1}, 0x0) 15.857244472s ago: executing program 4 (id=3489): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000380)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x5, r1, 0x0, &(0x7f00000003c0)="e775aaed7edf8b3c78c78b30fd5e7dda35e2afa287fb34982eab6b6473c3e4c21c30d44ebd8ac52b0d445c5884ab46e86fb58ecb002631ffa0f8a98149deec34e0e0053d4f64421eb86aff0beadd9abc9e4a6a5dbc3ebef60f579151f908ec09abb10d38287a5ef97b5b8d4d9ed10974a65ac3a4c9c60dab32d4e7303ab7f529f870e32ad7f48da724017c7dcb83f222be9f89e31e605c4baa3f6756baa98862b96d8e45b67e2ba99b84587bc9c18f1d433d626ec8ccad360611ee46ee73fe9fcb6aae84c4afdbd56dc1f7a6d5dee4c2d66f3316f02545af3bc72ac73875db278dc746ae9984c82645b928016c7fcf5749a80dca016abab6606807cb95ec33515172709b7a6a9ba0d5f2836dc84268ca4135fff3a510053864f6ae45b5755c4ca4bc8e0441dfcf47ab82d91b7c10300d5edfe283cf2f8cad02488ae471436e7feb43ac4405f81c03297da3ae5891ddd48a7232dc049a7f8a138fb493c6a323afd8cc4c3cbc13ffd74c11baba9dac2f96ab199b3260c0764329edc3ebb2e07dc8f35ac8c13d85eea5e6ace1d1e279bbb403ae28d3a7cc8769781f19e3224eb0026cccf6b3c815712904aa6101f40bac395556f47fded9e55c06564bed8f2bf84c5939300ef4a00e292b085104cc7d310c577df0158c1fb0d9d1b4fb603c46082d57917956563858cd2fa708b03f93d61b28ad5f948ff621192a8b7bdbb8ecbd59704a4f1636a5857ea84b61bf9d24de40ab9ce7430ab287631899a3619970f5c79c81e87573261aa5d9088d967cc5e6b729ddbee7b30e7342258023e95df0da162862d42177ec5275ae9a7b55649ba25d08fc56001a69c8cb8f392c3b6a1dc44a355fb1bb90d7f7529ebfb1f2447d5891886fd467705442ab43b0857d9f60c95f6bfad625f78ccebaa082716e329b503357bf5aeff33c25e64e67f5bfbd17599cb940fe8c16c585f2698309f77edfecfa6dca883571bf24c8ba55a469edfeb75d478d7e6eddd85440ea53f51cf603d1520ffe03f61b9fd3e2105c4308faf676a2f08255e5a23344b2564e7f7e525e04a8b63aafd9b3a1e397358562b238a14d43aa6d64debf3992a572a5543d6bd530fbbbde121bc36dab966cee3ad4bd3cf048ee3061971edf20485abf6f82455c4664fab2710eba2261e2cfa1410371a453adfdd77642afda532d6a27eca3b9b43a8224f3633fdb2e4cbb7d7a306789b6ed14cda477c19bba3eba4efd026ea4345efa492905c1c1c83bee00e475274e9022141f8db0b336b800c4845e2d95aeacbfa842eec905b2a48e164584f3b5ddb18693e09bc4520bf665a38afdc0879d91a1cbcf9545980ca1d914a6fd4aad1a2db8b946d9064549719771da741042161c956377e3bfdf2e541c7d2ead3fa7fd74ccc5acd8c0407c0944ba8ef22e2681b5aa79511856fcb12a9dbcd16f32a2cd03617174aced78ee24cae742968657bde4dba39a9eed43b7a59698fcbd92e36863218934ecec06bcd297d79fbef30652ef4947c6df45edb7cfb9f1fc551facc84e899df57309c74613f09189d851809647bf7b5a5d6c0539d1f37eb8e603a48f760daacd730999e560acf506de39ce8b67f699b0b5e88274221d5654f15e9cde99fcfb7b329e78e7db6d14f68d7af1ed35484bf2de7464c1aafa2644a8478a8588c3e70a171040f204193db1c0da58517f0e8f90369bdfbbd3c1f5ddb6392aa462dcd72b8051d56f03f377d458ef8e2b73be40281a4077998b1cda215ff2afa2df7c005d4e08b76bfd0fbcffa01c71434da8238507c7b37ca2f0932283b1eb3ddb5264b94fa56dc2371d0640db66b181bafdce3bfde15f3713ed843ce600745575422331180dcb1b0be580ebf1da89e73ab6318837e207a68fb4a834e2c6edfdc89139ca1bc5e821fb8110407cd4720bcdf63fd8a54dbc6929aa2517ec8a8a22e48b6ae9be3b2c3fcb7766230c236e79c072c988df8fcd0790f719e340b3f60b7bb0e5c9114d0761946b7815c373a4f825fef6aeec40599b49bd3db63890eb9641e246236821243e15d7654d304b003fc00be7da6d56eb6e3ec097b7e227640f3e94dc3307f73799f98d10f3df25dd5f035c25003041129daaf2f35b49803e1f4d88decdd9cd77309a50a1384ff5a05b6287beee2753ba5bfa135441f355fa23cae088bf4a59d2a9e2457b91e20a4e7ddfa721f9fee7b10e9b4bc3038a8880de397444a742422ad0ce84c8f94c291690ead9ba06f1f83c203789142e2a99d7fdb4ff630948785f11eb4a439a620948a3a841e25221187613bfb8537f721fa2756c3e6becc61d3be13311edbc9e43486ffe872508d702f3d1d5647324b6f08bd29b49a7b575e64c9f9e6896d7d74705e554c376c50fff04d61b8668cd35703cf282c3f46ab7b4876d8bda471507b8273355bc3da3906e5af632938f4b50d5db774c6ad85be4073b4c1b34c675f0b0b3cc06d745921c896c5ab750e202517b03775bfed7589fa929ed0bbfe981d53b6d7367997abc423d8f212ac0954980da7b281f4991d5fe6746bf7537c5141c4ca67a325970bf5b2914a66bd72231ca0cafb059b6d2a14ad456b501131f1cf319b3f39d7a9d5fe8b9dbb6eca9a527ebfccbf50dea37080fa864392ff489b44a9cdc24a6d8846ad1fbf401027e6cc64c4d4624f50cfb31f88edaad30c6f82ee523a15c733b7968ce25544ecfb84dd3bc1298beb121b83e15a21dffb7555065fe40d8c588ccd1df987c8cdc53479c799ec445cd778e8e918af72100582bc6e5a2a77b09e9c19b99b7741db117b1f2339f91db0cbec0a6fcdfbcad266d98b79c6fbf4e9be916f3b8ebb10ecc4435180728e7bb2f7ceba156df23eb00c52f65a675f574297652adc499f94572aa48752112c1d1ae55ae00", 0x800}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r1}) 15.670521797s ago: executing program 4 (id=3492): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r1, 0x8004550f, 0x0) 15.512839147s ago: executing program 4 (id=3496): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x44}}, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801}) write$cgroup_devices(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b2308217f01"], 0xffdd) 15.245557443s ago: executing program 4 (id=3503): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNGETVNETHDRSZ(r0, 0x400454cb, &(0x7f0000000040)) close(0x3) 15.099227703s ago: executing program 4 (id=3507): r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') mount$9p_fd(0x0, &(0x7f0000002700)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000026c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 2.593957356s ago: executing program 1 (id=3675): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 2.41502004s ago: executing program 1 (id=3679): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xe, 0xffff}}}, 0x24}}, 0x0) 2.148271687s ago: executing program 1 (id=3684): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setgroups(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f0000000000)) 1.854804878s ago: executing program 1 (id=3689): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x2ec, 0x65, 0x0, 0x0, 0x4, {}, [@TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_IP_TTL={0x5, 0x52, 0x8}, @TCA_FLOWER_KEY_FLAGS={0x8, 0x2f, 0x9}, @TCA_FLOWER_KEY_IP_TTL_MASK={0x5, 0x4c, 0xf}, @TCA_FLOWER_KEY_PORT_DST_MIN={0x6, 0x59, 0x4e20}, @TCA_FLOWER_KEY_TCP_FLAGS_MASK={0x6, 0x48, 0xb}]}}, @filter_kind_options=@f_route={{0xa}, {0x274, 0x2, [@TCA_ROUTE4_ACT={0xec, 0x6, [@m_csum={0x60, 0xa, 0x0, 0x0, {{0x9}, {0x4}, {0x31, 0x6, "991484448f1d00330606eae8262acc6b874adb0b5f39b5acc02b0f0c146eb28c42c5557089903d448af6c4bff6"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_nat={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_csum={0x5c, 0x0, 0x0, 0x0, {{0x9}, {0x4}, {0x2d, 0x6, "15dd5715dffe2dcdad7dc6b93445f36c3fbcc1e7958959aadbbdf06c6268e2bd21638170f239d065d6"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_ACT={0x16c, 0x6, [@m_connmark={0xc8, 0x0, 0x0, 0x0, {{0xd}, {0x4}, {0x95, 0x6, "91a991d04aa8cb411880b88050856c4a5b99aafe5cf70a535f4e162db7c30535ebf5e9ab54237bf6d2780785c80bcf9eae2d6d6d65f242d28d9992d8a093d12a497447bc2a6c4f73538dbca11ebb12d1c8ea001eac3246ebaf518402b88e3f2b51ce947977543e069be9c85124bbe592bd2ed79c20d83d312cd1c151c51eed4c8c8bce1d810f14cea570fce0fb771c34fd"}, {0xc}, {0xc}}}, @m_xt={0xa0, 0x0, 0x0, 0x0, {{0x7}, {0x28, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}]}, {0x51, 0x6, "fae989b72cd1567b9bad37bf2ce794398582215656fee24553c54ba398ca4c3830ada34a0e2befac1fe52b72b015eac1ca08b9039605ef2765a3062973a87b76aa7479a8029cc78a117261c825"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_TO={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8, 0x3, 0xa3}]}}]}, 0x2ec}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 1.423682674s ago: executing program 1 (id=3693): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8) 1.223139855s ago: executing program 2 (id=3697): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90224fc60", 0x14}], 0x1, 0x0, 0x0, 0x10}, 0x0) 997.883303ms ago: executing program 0 (id=3699): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000000)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @mcast2, 0x4}, r1}}, 0x30) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast1}, {0x2, 0x0, 0x4, @loopback}, r1}}, 0x48) 989.243453ms ago: executing program 2 (id=3700): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xff, 0x0, "4ae23ae17df2e98c69ba36c4095c911abad88f"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x3a) 910.610366ms ago: executing program 0 (id=3701): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f0000000280)={{0x6, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x829f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1075]}) 827.924315ms ago: executing program 2 (id=3702): r0 = getpgrp(0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x0, [{}, {0x0, 0x4}]}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r1 = syz_pidfd_open(r0, 0x0) pidfd_send_signal(r1, 0x0, &(0x7f0000000140)={0x0, 0x0, 0xd2000000}, 0x4) 777.735862ms ago: executing program 3 (id=3703): r0 = add_key(&(0x7f0000000040)='big_key\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000280)="4149f55b392c", 0x6, 0xfffffffffffffffb) r1 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000001940)="b3", 0x1, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f00000004c0)="719da9ac", 0x4, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000540)={r0, r1, r2}, 0x0, 0x0, 0x0) 711.251601ms ago: executing program 0 (id=3704): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x8709, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfq={{0x40}, {0x4c, 0x2, {{0x40000, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0xff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}}}]}, 0x78}}, 0x0) 667.725629ms ago: executing program 2 (id=3705): r0 = socket(0x840000000002, 0x3, 0xfa) connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, 0x0, 0x0) 609.859376ms ago: executing program 3 (id=3706): openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000280), 0x20c82, 0x0) r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 486.236432ms ago: executing program 0 (id=3707): r0 = eventfd(0x800a6) write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffffb, 0x8) write$eventfd(r0, &(0x7f0000000080), 0x8) read$eventfd(r0, &(0x7f0000000040), 0x8) 443.319239ms ago: executing program 3 (id=3708): syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 332.888763ms ago: executing program 3 (id=3709): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r0, &(0x7f0000000000)={0x23, 0x0, 0x1}, 0x10) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r1, &(0x7f0000000000)={0x23, 0x0, 0x1}, 0x10) 313.397794ms ago: executing program 0 (id=3710): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000)) 165.798132ms ago: executing program 2 (id=3711): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x4, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14}]}]}]}, 0x40}}, 0x0) 165.592242ms ago: executing program 3 (id=3712): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x4, 0x100008b}, 0x0) capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) 163.74302ms ago: executing program 1 (id=3713): mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@index_on}, {@redirect_dir_off}, {@uuid_null}, {@redirect_dir_on}]}) 114.283905ms ago: executing program 0 (id=3714): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7a, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, &(0x7f0000000080)=0x9c) 34.157598ms ago: executing program 3 (id=3715): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x10, 0x6, 0x510, 0x230, 0xf0, 0x438, 0x0, 0x738, 0x858, 0x858, 0x858, 0x858, 0x858, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x0, {0x7a00000000000000}}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@private0, @ipv4, 0x0, 0x48}}}, {{@ipv6={@dev, @loopback, [], [], 'pimreg0\x00', 'veth1_macvtap\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570) syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', @random="0600002000"}) 0s ago: executing program 2 (id=3716): mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) kernel console output (not intermixed with test programs): erface descriptor's value: 3 [ 175.074591][ T5276] usb 5-1: Using ep0 maxpacket: 32 [ 175.132971][ T5305] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 175.142287][ T5305] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.150465][ T5305] usb 4-1: Product: syz [ 175.154985][ T5305] usb 4-1: Manufacturer: syz [ 175.159871][ T5305] usb 4-1: SerialNumber: syz [ 175.165708][ T5276] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 175.175309][ T5276] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.183558][ T5276] usb 5-1: Product: syz [ 175.187757][ T5276] usb 5-1: Manufacturer: syz [ 175.192590][ T5276] usb 5-1: SerialNumber: syz [ 175.203645][ T5276] usb 5-1: config 0 descriptor?? [ 175.209715][ T8500] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 175.223394][ T5276] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 175.443696][ T5305] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71 [ 175.455377][ T5305] usb 4-1: USB disconnect, device number 11 [ 175.626732][ T5225] Bluetooth: hci6: sending frame failed (-49) [ 175.634665][ T4614] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 176.044474][ T5276] gspca_ov534_9: reg_w failed -71 [ 176.103882][ T8552] netlink: 'syz.3.1425': attribute type 28 has an invalid length. [ 176.138348][ T46] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 176.351939][ T46] usb 3-1: Using ep0 maxpacket: 8 [ 176.388327][ T5276] gspca_ov534_9: Unknown sensor 0000 [ 176.388400][ T5276] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22 [ 176.423451][ T46] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 176.434738][ T46] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 176.444774][ T46] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 176.468369][ T5276] usb 5-1: USB disconnect, device number 11 [ 176.504050][ T46] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 176.513392][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 176.521856][ T46] usb 3-1: SerialNumber: syz [ 176.536187][ T8548] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 176.569135][ T46] hub 3-1:1.0: bad descriptor, ignoring hub [ 176.575123][ T46] hub 3-1:1.0: probe with driver hub failed with error -5 [ 176.770897][ T8548] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 177.222777][ T46] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 177.484733][ T46] IPVS: starting estimator thread 0... [ 177.494437][ T8598] IPVS: nq: TCP 172.20.20.170:0 - no destination available [ 177.529513][ T8] usb 3-1: USB disconnect, device number 14 [ 177.544501][ T8] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 177.598582][ T8599] IPVS: using max 17 ests per chain, 40800 per kthread [ 177.625705][ T8605] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1449'. [ 177.645022][ T8605] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1449'. [ 178.064085][ T8614] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1452'. [ 179.441822][ T8659] smc: net device bond0 applied user defined pnetid SYZ0 [ 179.469531][ T8659] smc: ib device syz1 ibport 2 applied user defined pnetid SYZ0 [ 179.489968][ T8659] smc: net device bond0 erased user defined pnetid SYZ0 [ 179.497507][ T8659] smc: ib device syz1 ibport 2 erased user defined pnetid SYZ0 [ 180.108528][ T8] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 180.278903][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 180.292019][ T8] usb 3-1: config 0 has no interfaces? [ 180.305210][ T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 180.322012][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.345386][ T8] usb 3-1: Product: syz [ 180.349740][ T8] usb 3-1: Manufacturer: syz [ 180.354607][ T8] usb 3-1: SerialNumber: syz [ 180.370470][ T8] usb 3-1: config 0 descriptor?? [ 180.642641][ T46] usb 3-1: USB disconnect, device number 15 [ 180.868309][ T8] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 181.038057][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 181.060147][ T8] usb 2-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00 [ 181.078964][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.100103][ T8] usb 2-1: config 0 descriptor?? [ 181.125793][ T8701] syz.4.1492: attempt to access beyond end of device [ 181.125793][ T8701] loop4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 181.146559][ T8701] FAT-fs (loop4): unable to read boot sector [ 181.549407][ T8] elecom 0003:056E:00E6.000B: unknown main item tag 0x0 [ 181.559865][ T8] elecom 0003:056E:00E6.000B: unknown main item tag 0x0 [ 181.577539][ T8] elecom 0003:056E:00E6.000B: unknown main item tag 0x1 [ 181.585708][ T938] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 181.598669][ T8] elecom 0003:056E:00E6.000B: unexpected long global item [ 181.616652][ T8] elecom 0003:056E:00E6.000B: probe with driver elecom failed with error -22 [ 181.758383][ T938] usb 3-1: Using ep0 maxpacket: 8 [ 181.768940][ T46] usb 2-1: USB disconnect, device number 9 [ 181.780442][ T938] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 181.795204][ T938] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 181.818521][ T938] usb 3-1: config 135 has no interface number 0 [ 181.824827][ T938] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 181.860188][ T938] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 181.869748][ T938] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.877770][ T938] usb 3-1: Product: syz [ 181.898273][ T938] usb 3-1: Manufacturer: syz [ 181.902942][ T938] usb 3-1: SerialNumber: syz [ 181.930803][ T938] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 181.937213][ T938] usb 3-1: No valid video chain found. [ 182.119656][ T8720] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1501'. [ 182.148421][ T8720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1501'. [ 182.162245][ T46] usb 3-1: USB disconnect, device number 16 [ 182.422436][ T8727] netlink: 'syz.1.1504': attribute type 9 has an invalid length. [ 182.435174][ T8727] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1504'. [ 183.601928][ T8769] random: crng reseeded on system resumption [ 183.778406][ T5231] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 183.948961][ T5231] usb 3-1: Using ep0 maxpacket: 16 [ 183.966113][ T5231] usb 3-1: New USB device found, idVendor=07ab, idProduct=fc01, bcdDevice=28.e0 [ 183.976098][ T5231] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.996369][ T5231] usb 3-1: Product: syz [ 184.006518][ T5231] usb 3-1: Manufacturer: syz [ 184.011524][ T5231] usb 3-1: SerialNumber: syz [ 184.020107][ T5231] usb 3-1: config 0 descriptor?? [ 184.027123][ T5231] ums-freecom 3-1:0.0: USB Mass Storage device detected [ 184.168368][ T938] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 184.244640][ T9] usb 3-1: USB disconnect, device number 17 [ 184.340169][ T938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.340215][ T938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.369177][ T938] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 184.369210][ T938] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.398717][ T938] usb 5-1: config 0 descriptor?? [ 185.220464][ T938] hid-led 0003:27B8:01ED.000C: probe with driver hid-led failed with error -71 [ 185.264773][ T938] usb 5-1: USB disconnect, device number 12 [ 185.289796][ T8796] cifs: Unknown parameter 'mode' [ 186.008395][ T938] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 186.059494][ T8819] netpci0: tun_chr_ioctl cmd 1074025677 [ 186.065580][ T8819] netpci0: linktype set to 6 [ 186.199110][ T938] usb 3-1: Using ep0 maxpacket: 8 [ 186.218642][ T938] usb 3-1: config 0 has an invalid interface number: 143 but max is 0 [ 186.227172][ T938] usb 3-1: config 0 has no interface number 0 [ 186.253640][ T938] usb 3-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 186.287759][ T938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.298138][ T938] usb 3-1: config 0 descriptor?? [ 186.416950][ T8826] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 186.619981][ T938] viperboard 3-1:0.143: version 0.00 found at bus 003 address 018 [ 186.644664][ T938] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 186.658304][ T938] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5 [ 186.679638][ T938] usb 3-1: USB disconnect, device number 18 [ 187.291985][ T8846] ALSA: mixer_oss: invalid OSS volume 'P7{*;+$p' [ 187.304214][ T8846] ALSA: mixer_oss: invalid OSS volume '' [ 187.312999][ T8846] ALSA: mixer_oss: invalid OSS volume 'b$Kf7?]3sX' [ 187.325451][ T8846] ALSA: mixer_oss: invalid OSS volume 'K׍?Fg' [ 187.337338][ T8846] ALSA: mixer_oss: invalid OSS volume '.L!t8yW+$NJs' [ 188.209035][ T5225] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 188.219510][ T5225] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 188.227813][ T5225] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 188.236268][ T5225] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 188.244905][ T5225] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 188.252506][ T5225] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 188.681048][ T8879] chnl_net:caif_netlink_parms(): no params data found [ 188.889106][ T8879] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.896341][ T8879] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.928571][ T8879] bridge_slave_0: entered allmulticast mode [ 188.935622][ T8879] bridge_slave_0: entered promiscuous mode [ 188.996275][ T8879] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.018495][ T8879] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.025837][ T8879] bridge_slave_1: entered allmulticast mode [ 189.048559][ T8879] bridge_slave_1: entered promiscuous mode [ 189.131628][ T8879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.159829][ T8879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.250595][ T8879] team0: Port device team_slave_0 added [ 189.269923][ T8917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1587'. [ 189.294088][ T8879] team0: Port device team_slave_1 added [ 189.421279][ T8879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.428562][ T8879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.454622][ T8879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.467359][ T8879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.474465][ T8879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.501743][ T8879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.547736][ T8879] hsr_slave_0: entered promiscuous mode [ 189.560974][ T8879] hsr_slave_1: entered promiscuous mode [ 189.571495][ T8879] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.588267][ T8879] Cannot create hsr debugfs directory [ 189.990900][ T8879] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.142138][ T8879] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.164066][ T8931] netlink: 'syz.2.1593': attribute type 10 has an invalid length. [ 190.189925][ T8931] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1593'. [ 190.290459][ T8879] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.319008][ T5225] Bluetooth: hci6: command tx timeout [ 190.424202][ T8879] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.569593][ T8879] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 190.617544][ T8879] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 190.652394][ T8879] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 190.680471][ T8879] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 190.896183][ T8953] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1605'. [ 190.934769][ T8879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.997584][ T8879] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.059183][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.066352][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.083736][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.090931][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.158614][ T5231] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 191.359789][ T5231] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.381824][ T5231] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 191.398596][ T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 191.416497][ T5231] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 191.425351][ T8879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.458372][ T5231] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00 [ 191.467610][ T5231] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.491953][ T5231] usb 5-1: config 0 descriptor?? [ 191.543224][ T8879] veth0_vlan: entered promiscuous mode [ 191.584357][ T8879] veth1_vlan: entered promiscuous mode [ 191.591941][ T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 191.610492][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 191.635621][ T9] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 191.646344][ T8879] veth0_macvtap: entered promiscuous mode [ 191.664584][ T8879] veth1_macvtap: entered promiscuous mode [ 191.672863][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 191.713021][ T9] usb 3-1: SerialNumber: syz [ 191.714072][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.772241][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.798685][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.834701][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.864605][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.881331][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.900538][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.932276][ T5231] corsair-cpro 0003:1B1C:1D00.000D: item fetching failed at offset 3/5 [ 191.948673][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.960338][ T8879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 191.960422][ T9] usb 3-1: 0:2 : does not exist [ 191.975895][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 191.987495][ T5231] corsair-cpro 0003:1B1C:1D00.000D: probe with driver corsair-cpro failed with error -22 [ 192.019707][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.020473][ T9] usb 3-1: USB disconnect, device number 19 [ 192.045907][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.085345][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.109403][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.135841][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.141456][ T5231] usb 5-1: USB disconnect, device number 13 [ 192.158790][ T8879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.188624][ T8879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.200440][ T8879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 192.213289][ T8975] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 192.239363][ T8879] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.258571][ T8879] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.267302][ T8879] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.292760][ T8879] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.388623][ T5225] Bluetooth: hci6: command tx timeout [ 192.499890][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.507764][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.517373][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.525735][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.298305][ T5320] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 193.315271][ T9019] Process accounting resumed [ 193.478266][ T5320] usb 5-1: Using ep0 maxpacket: 8 [ 193.520424][ T5320] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 193.538361][ T5320] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 193.552830][ T5320] usb 5-1: Product: syz [ 193.577764][ T5320] usb 5-1: Manufacturer: syz [ 193.584069][ T5320] usb 5-1: SerialNumber: syz [ 193.598554][ T5320] usb 5-1: config 0 descriptor?? [ 193.609104][ T9035] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1639'. [ 193.621084][ T5320] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 194.249823][ T5320] input: gspca_zc3xx as /devices/platform/dummy_hcd.4/usb5/5-1/input/input15 [ 194.457839][ T5276] usb 5-1: USB disconnect, device number 14 [ 194.474863][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.484930][ T5225] Bluetooth: hci6: command tx timeout [ 195.418936][ T9088] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1663'. [ 195.812089][ T9102] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.353013][ T9125] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 196.554505][ T5225] Bluetooth: hci4: command 0x0406 tx timeout [ 196.562034][ T5241] Bluetooth: hci3: command 0x0406 tx timeout [ 196.569713][ T5241] Bluetooth: hci1: command 0x0406 tx timeout [ 196.576839][ T5225] Bluetooth: hci2: command 0x0406 tx timeout [ 196.583557][ T54] Bluetooth: hci6: command tx timeout [ 197.659599][ T9161] Falling back ldisc for ttyS3. [ 198.482773][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 198.482791][ T29] audit: type=1326 audit(1727216788.551:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9188 comm="syz.3.1709" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f448137def9 code=0x0 [ 198.798630][ T5276] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 198.951102][ T5276] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 198.961343][ T5276] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 198.984816][ T5276] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 199.008321][ T5276] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.019604][ T5276] usb 5-1: config 0 descriptor?? [ 199.027685][ T5276] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 199.048336][ T5276] dvb-usb: bulk message failed: -22 (3/0) [ 199.055986][ T5276] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 199.068900][ T5276] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 199.075998][ T5276] usb 5-1: media controller created [ 199.090307][ T5276] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 199.111285][ T5276] dvb-usb: bulk message failed: -22 (6/0) [ 199.117193][ T5276] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 199.143008][ T5276] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input17 [ 199.174690][ T5276] dvb-usb: schedule remote query interval to 150 msecs. [ 199.188426][ T5276] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 199.271978][ T5276] usb 5-1: USB disconnect, device number 15 [ 199.329702][ T5276] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 199.530013][ T9220] netem: incorrect ge model size [ 199.541944][ T9220] netem: change failed [ 199.813014][ T9229] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1728'. [ 199.864212][ T9229] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1728'. [ 199.900905][ T9229] sch_fq: defrate 0 ignored. [ 200.148397][ T5276] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 200.320221][ T5276] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 200.320262][ T5276] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 200.320293][ T5276] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 200.320319][ T5276] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 200.320361][ T5276] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 200.320388][ T5276] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.321558][ T9246] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1736'. [ 200.327727][ T5276] usb 4-1: config 0 descriptor?? [ 200.603949][ T9252] syzkaller0: tun_chr_ioctl cmd 1074025680 [ 200.747591][ T5276] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 200.765481][ T5276] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 200.788495][ T5276] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 200.796423][ T5276] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 200.807427][ T5276] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving [ 200.844637][ T5276] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 200.973219][ T5276] usb 4-1: USB disconnect, device number 12 [ 201.226196][ T9273] pimreg12: entered allmulticast mode [ 201.244986][ T9272] pimreg12: left allmulticast mode [ 201.545672][ T9286] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1753'. [ 201.929913][ T9301] netlink: 'syz.4.1760': attribute type 8 has an invalid length. [ 202.318607][ T5276] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 202.328596][ T5305] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 202.500118][ T5305] usb 2-1: Using ep0 maxpacket: 16 [ 202.509462][ T5276] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 202.529677][ T5305] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 202.548334][ T5276] usb 5-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 202.565306][ T5305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 202.576722][ T5276] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.592023][ T5305] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 202.609214][ T5305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.618624][ T5276] usb 5-1: config 0 descriptor?? [ 202.623805][ T5305] usb 2-1: Product: syz [ 202.631893][ T5276] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 202.644639][ T5305] usb 2-1: Manufacturer: syz [ 202.651775][ T5305] usb 2-1: SerialNumber: syz [ 202.661779][ T5305] usb 2-1: config 0 descriptor?? [ 202.671155][ T5305] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 202.680567][ T5305] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 202.688494][ T938] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 202.953966][ T938] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 202.963535][ T938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.976324][ T938] usb 4-1: Product: syz [ 202.987946][ T938] usb 4-1: Manufacturer: syz [ 202.989563][ T5276] usb 5-1: USB disconnect, device number 16 [ 202.998280][ T938] usb 4-1: SerialNumber: syz [ 203.011494][ T938] usb 4-1: config 0 descriptor?? [ 203.227524][ T938] hso 4-1:0.0: Failed to find BULK IN ep [ 203.245226][ T938] usb-storage 4-1:0.0: USB Mass Storage device detected [ 203.360875][ T5305] em28xx 2-1:0.0: chip ID is em28178 [ 203.438338][ T938] usb 4-1: USB disconnect, device number 13 [ 203.604994][ T5320] usb 2-1: USB disconnect, device number 10 [ 203.611996][ T5320] em28xx 2-1:0.0: Disconnecting em28xx [ 203.639385][ T5320] em28xx 2-1:0.0: Freeing device [ 203.658108][ T9341] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1777'. [ 203.676865][ T9341] netlink: 'syz.2.1777': attribute type 6 has an invalid length. [ 203.876332][ T9348] tipc: Started in network mode [ 203.882365][ T9348] tipc: Node identity ff, cluster identity 4711 [ 203.889903][ T9348] tipc: Enabling of bearer rejected, failed to enable media [ 204.525823][ T9366] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 205.188799][ T9390] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 205.346507][ T9396] usb usb8: usbfs: process 9396 (syz.3.1801) did not claim interface 0 before use [ 205.539454][ T9404] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1802'. [ 206.321571][ T9428] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1815'. [ 206.469615][ T9431] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1817'. [ 206.549670][ T9435] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1814'. [ 206.578291][ T9435] netlink: 'syz.3.1814': attribute type 1 has an invalid length. [ 206.586428][ T9435] netlink: 'syz.3.1814': attribute type 2 has an invalid length. [ 206.628735][ T9435] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1814'. [ 206.776065][ T9440] netlink: 'syz.0.1821': attribute type 6 has an invalid length. [ 206.808791][ T9446] sctp: [Deprecated]: syz.3.1824 (pid 9446) Use of struct sctp_assoc_value in delayed_ack socket option. [ 206.808791][ T9446] Use struct sctp_sack_info instead [ 207.880499][ T9496] kernel read not supported for file /$] (pid: 9496 comm: syz.2.1847) [ 207.890124][ T29] audit: type=1800 audit(1727216797.961:68): pid=9496 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1847" name="$]" dev="mqueue" ino=24332 res=0 errno=0 [ 208.271719][ T9509] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 208.628657][ T46] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 208.793148][ T46] usb 5-1: Using ep0 maxpacket: 8 [ 208.807611][ T9535] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1864'. [ 208.817205][ T46] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 208.830485][ T9535] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1864'. [ 208.839491][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.851222][ T46] usb 5-1: config 0 descriptor?? [ 209.345957][ T9546] program syz.0.1870 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.673770][ T46] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 209.685610][ T46] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 209.719709][ T46] asix 5-1:0.0: probe with driver asix failed with error -71 [ 209.738544][ T46] usb 5-1: USB disconnect, device number 17 [ 210.467729][ T9573] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1881'. [ 210.839335][ T9585] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1888'. [ 211.134398][ T9597] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1895'. [ 211.422976][ T46] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 211.618368][ T46] usb 5-1: Using ep0 maxpacket: 32 [ 211.635908][ T46] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.655863][ T46] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.701891][ T46] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 211.738306][ T46] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 211.746966][ T46] usb 5-1: Product: syz [ 211.779158][ T46] usb 5-1: Manufacturer: syz [ 211.802713][ T46] hub 5-1:4.0: USB hub found [ 211.853730][ T29] audit: type=1326 audit(1727216801.921:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9624 comm="syz.3.1905" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f448137def9 code=0x0 [ 212.039575][ T46] hub 5-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 212.262920][ T29] audit: type=1326 audit(1727216802.331:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.307179][ T29] audit: type=1326 audit(1727216802.331:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.351150][ T5276] usb 5-1: USB disconnect, device number 18 [ 212.378393][ T29] audit: type=1326 audit(1727216802.331:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.438475][ T29] audit: type=1326 audit(1727216802.331:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.479725][ T29] audit: type=1326 audit(1727216802.331:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.538345][ T29] audit: type=1326 audit(1727216802.331:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.590095][ T29] audit: type=1326 audit(1727216802.331:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.623774][ T29] audit: type=1326 audit(1727216802.331:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9628 comm="syz.1.1906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7fc00000 [ 212.829344][ T9655] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1916'. [ 212.858851][ T9655] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 212.939931][ T9661] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 212.987426][ T9661] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 213.001047][ T9665] netlink: 'syz.0.1922': attribute type 1 has an invalid length. [ 213.024283][ T9665] netlink: 'syz.0.1922': attribute type 4 has an invalid length. [ 213.058789][ T9665] netlink: 192 bytes leftover after parsing attributes in process `syz.0.1922'. [ 213.400845][ T9685] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1932'. [ 213.959186][ T9706] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1941'. [ 214.370308][ T9725] delete_channel: no stack [ 214.377546][ T9724] delete_channel: no stack [ 214.497476][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 214.497496][ T29] audit: type=1326 audit(1727216804.541:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 214.550937][ T9727] sp0: Synchronizing with TNC [ 214.598381][ T29] audit: type=1326 audit(1727216804.541:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 214.641338][ T29] audit: type=1326 audit(1727216804.551:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 214.695885][ T29] audit: type=1326 audit(1727216804.551:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 214.748679][ T29] audit: type=1326 audit(1727216804.561:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 214.806903][ T29] audit: type=1326 audit(1727216804.561:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 214.874756][ T29] audit: type=1326 audit(1727216804.561:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 214.978853][ T29] audit: type=1326 audit(1727216804.561:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 215.050712][ T29] audit: type=1326 audit(1727216804.561:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9728 comm="syz.0.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 215.080459][ T29] audit: type=1400 audit(1727216804.761:99): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9740 comm="syz.4.1957" dest=20002 netif=wpan0 [ 215.756908][ T9780] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 216.089039][ T5320] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 216.201209][ T9799] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1981'. [ 216.215017][ T9796] process 'syz.1.1980' launched './file1' with NULL argv: empty string added [ 216.231185][ T9799] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1981'. [ 216.250795][ T9799] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1981'. [ 216.268752][ T5320] usb 4-1: Using ep0 maxpacket: 16 [ 216.276458][ T9799] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1981'. [ 216.290332][ T5320] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.321115][ T5320] usb 4-1: config 0 interface 0 has no altsetting 0 [ 216.343301][ T5320] usb 4-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 216.379016][ T5320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.393327][ T5320] usb 4-1: config 0 descriptor?? [ 216.906735][ T5320] cougar 0003:060B:500A.000F: unexpected long global item [ 216.925327][ T5320] cougar 0003:060B:500A.000F: parse failed [ 216.937616][ T9816] sctp: [Deprecated]: syz.1.1985 (pid 9816) Use of struct sctp_assoc_value in delayed_ack socket option. [ 216.937616][ T9816] Use struct sctp_sack_info instead [ 216.948328][ T5320] cougar 0003:060B:500A.000F: probe with driver cougar failed with error -22 [ 217.123627][ T5231] usb 4-1: USB disconnect, device number 14 [ 217.357157][ T9833] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1995'. [ 217.607930][ T9843] netlink: 'syz.4.2000': attribute type 3 has an invalid length. [ 217.627726][ T9843] netlink: 'syz.4.2000': attribute type 3 has an invalid length. [ 218.265306][ T5276] kernel write not supported for file /snd/seq (pid: 5276 comm: kworker/1:3) [ 218.822210][ T9897] bridge0: entered promiscuous mode [ 218.843115][ T9897] macsec2: entered promiscuous mode [ 218.900475][ T9897] bridge0: left promiscuous mode [ 219.420560][ T9925] netlink: 'syz.4.2037': attribute type 1 has an invalid length. [ 219.473114][ T9927] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2038'. [ 219.491114][ T9929] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 219.509083][ T9929] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 219.538372][ T9927] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.545858][ T9927] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.548733][ T9929] Error parsing options; rc = [-22] [ 219.737738][ T9943] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0 [ 220.185838][ T9962] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.2054'. [ 220.257255][ T9964] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2056'. [ 220.280112][ T9964] netlink: 184 bytes leftover after parsing attributes in process `syz.4.2056'. [ 220.292644][ T29] kauditd_printk_skb: 30 callbacks suppressed [ 220.292671][ T29] audit: type=1326 audit(1727216810.361:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9966 comm="syz.3.2057" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f448137def9 code=0x0 [ 220.360830][ T9967] vlan2: entered promiscuous mode [ 220.380169][ T9967] gretap0: entered promiscuous mode [ 220.413484][ T9971] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 221.158597][ T5305] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 221.166350][ T5276] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 221.318406][ T5276] usb 2-1: Using ep0 maxpacket: 32 [ 221.331957][ T5305] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 221.342717][ T5305] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.354248][ T5276] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 221.370870][ T5305] usb 5-1: Product: syz [ 221.379929][ T5276] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 221.390360][ T5305] usb 5-1: Manufacturer: syz [ 221.404682][ T5305] usb 5-1: SerialNumber: syz [ 221.437050][ T5276] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.446671][ T5276] usb 2-1: Product: syz [ 221.458646][ T5276] usb 2-1: Manufacturer: syz [ 221.463459][ T5276] usb 2-1: SerialNumber: syz [ 221.479222][ T5305] usb 5-1: config 0 descriptor?? [ 221.486055][ T5276] usb 2-1: config 0 descriptor?? [ 221.492517][ T9991] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 221.550644][ T5276] hub 2-1:0.0: bad descriptor, ignoring hub [ 221.556722][ T5276] hub 2-1:0.0: probe with driver hub failed with error -5 [ 221.567299][ T5276] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input18 [ 221.718576][ T5305] cx82310_eth 5-1:0.0: probe with driver cx82310_eth failed with error -22 [ 221.720471][T10005] netlink: 'syz.3.2073': attribute type 12 has an invalid length. [ 221.859298][ T5277] usb 2-1: USB disconnect, device number 11 [ 221.865275][ C1] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 222.118856][ T5305] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 222.311092][ T5320] usb 5-1: USB disconnect, device number 19 [ 223.049303][T10050] vivid-001: disconnect [ 223.053726][T10047] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 223.054402][T10049] vivid-001: reconnect [ 223.275300][ T5277] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 223.449269][T10066] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2101'. [ 223.458580][ T5277] usb 2-1: Using ep0 maxpacket: 16 [ 223.474530][ T5277] usb 2-1: config 0 has no interfaces? [ 223.480402][ T5277] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 223.498996][T10067] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2102'. [ 223.508004][ T5277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.537508][ T5277] usb 2-1: config 0 descriptor?? [ 223.681065][T10075] netlink: 'syz.3.2106': attribute type 4 has an invalid length. [ 223.769130][T10048] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 224.038569][ T5276] usb 2-1: USB disconnect, device number 12 [ 224.175239][T10085] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2111'. [ 224.848072][T10101] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2119'. [ 225.345764][ T29] audit: type=1326 audit(1727216815.411:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 225.398502][ T29] audit: type=1326 audit(1727216815.411:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 225.458343][ T29] audit: type=1326 audit(1727216815.441:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 225.515699][ T29] audit: type=1326 audit(1727216815.441:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 225.576374][ T29] audit: type=1326 audit(1727216815.441:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 225.603386][ T29] audit: type=1326 audit(1727216815.451:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 225.641342][T10138] siw: device registration error -23 [ 225.654449][ T29] audit: type=1326 audit(1727216815.451:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 225.696461][ T29] audit: type=1326 audit(1727216815.451:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9668b74ea7 code=0x7ffc0000 [ 225.733270][ T29] audit: type=1326 audit(1727216815.451:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9668b19879 code=0x7ffc0000 [ 225.773681][ T29] audit: type=1326 audit(1727216815.451:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10124 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f9668b7def9 code=0x7ffc0000 [ 226.517560][T10175] Invalid/unusable pipe [ 226.881652][T10194] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2162'. [ 227.540122][T10214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2170'. [ 227.696911][T10216] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 227.910961][T10224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2175'. [ 227.962143][T10224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2175'. [ 228.300363][ T5276] IPVS: starting estimator thread 0... [ 228.438356][T10241] IPVS: using max 18 ests per chain, 43200 per kthread [ 228.623606][T10255] netlink: 'syz.3.2190': attribute type 1 has an invalid length. [ 228.641104][T10255] netlink: 9372 bytes leftover after parsing attributes in process `syz.3.2190'. [ 228.673206][T10255] netlink: 'syz.3.2190': attribute type 1 has an invalid length. [ 228.674093][T10257] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2189'. [ 229.080119][T10273] bridge0: port 3(vlan3) entered blocking state [ 229.102538][T10273] bridge0: port 3(vlan3) entered disabled state [ 229.130207][T10273] vlan3: entered allmulticast mode [ 229.157691][T10273] vlan3: left allmulticast mode [ 230.141760][T10310] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2216'. [ 230.434203][ T5320] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 230.665844][ T5320] usb 2-1: Using ep0 maxpacket: 32 [ 230.775438][ T5320] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 230.799590][ T5320] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 230.821700][ T5320] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 230.868543][ T5320] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 230.894242][ T5320] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 230.934798][ T5320] usb 2-1: Product: syz [ 230.949361][ T5320] usb 2-1: Manufacturer: syz [ 230.962590][ T5320] usb 2-1: SerialNumber: syz [ 231.009292][T10345] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2232'. [ 231.009409][ T5320] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input19 [ 231.311525][ T5320] usb 2-1: USB disconnect, device number 13 [ 231.325317][ T5320] appletouch 2-1:1.0: input: appletouch disconnected [ 231.497692][T10363] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2240'. [ 231.582825][ T5277] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 231.768282][ T5277] usb 4-1: Using ep0 maxpacket: 32 [ 231.775208][ T5277] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 231.783428][ T5277] usb 4-1: config 0 has no interface number 0 [ 231.793580][ T5277] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.814844][ T5277] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.828118][ T5277] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 231.840464][ T5277] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.871028][ T5277] usb 4-1: config 0 descriptor?? [ 232.488050][ T5277] uclogic 0003:28BD:0094.0010: pen parameters not found [ 232.495371][ T5277] uclogic 0003:28BD:0094.0010: interface is invalid, ignoring [ 232.650127][T10397] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2256'. [ 232.705069][ T5277] usb 4-1: USB disconnect, device number 15 [ 232.962346][T10405] netlink: 35 bytes leftover after parsing attributes in process `syz.2.2259'. [ 233.217104][T10412] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2262'. [ 233.431389][T10425] netlink: 'syz.1.2270': attribute type 6 has an invalid length. [ 233.448614][ T5276] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 233.467763][T10425] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2270'. [ 233.598429][ T938] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 233.600223][ T5276] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 233.615924][ T5276] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.636464][ T5276] usb 3-1: config 0 descriptor?? [ 233.829062][ T938] usb 5-1: Using ep0 maxpacket: 8 [ 233.844648][ T938] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 233.866843][ T938] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 233.876660][ T938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.886525][ T938] usb 5-1: Product: syz [ 233.918829][ T5320] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 233.926574][ T938] usb 5-1: Manufacturer: syz [ 233.938949][ T938] usb 5-1: SerialNumber: syz [ 233.957269][ T938] usb 5-1: config 0 descriptor?? [ 233.968070][ T938] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 234.065149][ T5276] [drm:udl_init] *ERROR* Selecting channel failed [ 234.082410][ T5320] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 234.091731][ T5276] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 234.091757][ T5276] [drm] Initialized udl on minor 2 [ 234.094845][ T5276] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 234.110561][ T5320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.142518][ T5320] usb 4-1: config 0 descriptor?? [ 234.145512][ T5276] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 234.157491][ T5320] cp210x 4-1:0.0: cp210x converter detected [ 234.176712][ T5277] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 234.187029][ T5276] usb 3-1: USB disconnect, device number 20 [ 234.198317][ T5277] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 234.576538][ T5320] usb 4-1: cp210x converter now attached to ttyUSB0 [ 234.584746][ T938] gspca_zc3xx: reg_w_i err -71 [ 234.776709][ T5231] usb 4-1: USB disconnect, device number 16 [ 234.786560][ T5231] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 234.820970][ T5231] cp210x 4-1:0.0: device disconnected [ 235.016400][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2283'. [ 235.109008][ T5320] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 235.189678][ T938] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 235.196726][ T938] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 235.224897][ T938] usb 5-1: USB disconnect, device number 20 [ 235.293498][ T5320] usb 2-1: config 0 has no interfaces? [ 235.313344][ T5320] usb 2-1: New USB device found, idVendor=046d, idProduct=20ee, bcdDevice= 0.00 [ 235.367634][ T5320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.407868][ T5320] usb 2-1: config 0 descriptor?? [ 235.494196][T10473] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.665716][ T5320] usb 2-1: USB disconnect, device number 14 [ 235.939026][ T938] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 236.120993][ T938] usb 4-1: config 0 has no interfaces? [ 236.126701][ T938] usb 4-1: New USB device found, idVendor=046d, idProduct=1017, bcdDevice= 0.00 [ 236.156738][ T938] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.185511][ T938] usb 4-1: config 0 descriptor?? [ 236.414505][ T938] usb 4-1: USB disconnect, device number 17 [ 236.422457][T10504] 9pnet_fd: Insufficient options for proto=fd [ 236.887162][T10491] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 236.887171][T10492] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 236.887326][T10492] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 236.893870][T10491] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 236.959458][T10491] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 236.965446][T10491] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 236.967986][T10492] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 236.999454][T10492] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 237.019621][T10492] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 237.025722][T10492] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 237.038708][T10491] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 237.055175][T10491] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 237.076921][T10491] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 237.085768][T10492] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 237.099787][T10491] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 237.116934][T10492] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 237.138307][T10492] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 237.145454][T10492] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 237.153008][T10491] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 237.172257][T10491] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 237.179989][T10492] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 237.239428][T10492] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 237.263973][T10491] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 237.284265][T10491] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 237.712625][T10531] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 237.725903][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 237.725921][ T29] audit: type=1400 audit(1727216827.791:145): lsm=SMACK fn=smack_inet_conn_request action=denied subject="?" object="_" requested=w pid=10530 comm="syz.3.2317" saddr=10.1.1.1 daddr=172.20.20.170 dest=20002 netif=wpan0 [ 237.749994][T10533] sg_write: process 372 (syz.1.2315) changed security contexts after opening file descriptor, this is not allowed. [ 237.811611][T10534] program syz.1.2315 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 238.170148][T10544] netlink: 'syz.4.2322': attribute type 42 has an invalid length. [ 238.657509][T10562] dummy0: Device is already in use. [ 238.954932][T10575] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2336'. [ 239.074321][T10578] @: renamed from veth0_vlan (while UP) [ 239.247125][T10589] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2344'. [ 239.646273][T10607] kAFS: unable to lookup cell 'onstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities [ 239.646273][T10607] vmx flags ' [ 239.776697][T10612] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2354'. [ 240.780248][ T46] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 240.941098][ T46] usb 5-1: Using ep0 maxpacket: 8 [ 240.958787][ T46] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 240.988295][ T46] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 241.004389][ T46] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 241.048309][ T46] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 241.078103][ T46] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 241.096478][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.128383][ T46] hub 5-1:1.0: bad descriptor, ignoring hub [ 241.134340][ T46] hub 5-1:1.0: probe with driver hub failed with error -5 [ 241.168970][ T46] cdc_wdm 5-1:1.0: skipping garbage [ 241.178337][ T46] cdc_wdm 5-1:1.0: skipping garbage [ 241.199944][ T46] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 241.213991][ T46] cdc_wdm 5-1:1.0: Unknown control protocol [ 241.448667][ T46] usb 5-1: USB disconnect, device number 21 [ 242.476079][T10694] netlink: 'syz.2.2389': attribute type 21 has an invalid length. [ 242.512856][T10694] netlink: 'syz.2.2389': attribute type 1 has an invalid length. [ 242.640098][T10692] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 242.677458][T10692] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 242.930057][T10706] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 242.960191][T10706] batman_adv: batadv0: Adding interface: gretap1 [ 242.976552][T10706] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 243.017919][ T9] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 243.023331][T10706] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 243.129874][T10708] netdevsim netdevsim0 netdevsim0: Unsupported IPsec algorithm [ 243.189698][ T9] usb 3-1: too many configurations: 65, using maximum allowed: 8 [ 243.210336][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.249033][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.290536][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.318825][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.344449][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.375418][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.410159][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.436568][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.472076][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.519993][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.570529][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.626530][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.681286][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.708089][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.778965][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.805621][T10727] ɶƣ0GC!: entered promiscuous mode [ 243.811024][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.844158][ T9] usb 3-1: New USB device found, idVendor=04b4, idProduct=07b1, bcdDevice= 0.00 [ 243.875169][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.936682][ T9] usb 3-1: config 0 descriptor?? [ 244.361893][T10751] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 244.430698][ T9] cypress 0003:04B4:07B1.0011: unknown main item tag 0x0 [ 244.471092][ T9] cypress 0003:04B4:07B1.0011: unknown main item tag 0x0 [ 244.514910][ T9] cypress 0003:04B4:07B1.0011: unknown main item tag 0x0 [ 244.579293][ T9] cypress 0003:04B4:07B1.0011: hidraw0: USB HID v0.00 Device [HID 04b4:07b1] on usb-dummy_hcd.2-1/input0 [ 244.641376][ T9] usb 3-1: USB disconnect, device number 21 [ 244.648464][ T5320] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 244.810594][ T5320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.835115][ T5320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.879122][ T5320] usb 2-1: New USB device found, idVendor=056a, idProduct=0101, bcdDevice= 0.00 [ 244.902561][ T5320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.935458][T10629] coredump: 1036(syz.2.2355): written to core: VMAs: 36, size 99647488; core: 73892918 bytes, pos 99655680 [ 244.963803][ T5320] usb 2-1: config 0 descriptor?? [ 245.173500][T10765] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2419'. [ 245.182607][T10765] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2419'. [ 245.413046][ T5320] wacom 0003:056A:0101.0012: unknown main item tag 0x0 [ 245.463119][ T5320] wacom 0003:056A:0101.0012: hidraw0: USB HID v0.00 Device [HID 056a:0101] on usb-dummy_hcd.1-1/input0 [ 245.829189][ T46] usb 2-1: USB disconnect, device number 15 [ 246.490907][T10807] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 246.883434][T10820] program syz.3.2445 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 246.943026][T10823] bridge0: entered promiscuous mode [ 246.959586][T10822] bridge0: left promiscuous mode [ 247.431063][T10847] ======================================================= [ 247.431063][T10847] WARNING: The mand mount option has been deprecated and [ 247.431063][T10847] and is ignored by this kernel. Remove the mand [ 247.431063][T10847] option from the mount to silence this warning. [ 247.431063][T10847] ======================================================= [ 247.480178][T10847] option changes via remount are deprecated (pid=10844 comm=syz.3.2457) [ 247.725727][T10853] netlink: 'syz.3.2461': attribute type 11 has an invalid length. [ 247.820188][T10857] tap0: tun_chr_ioctl cmd 1074025681 [ 248.745323][ T29] audit: type=1326 audit(1727216838.811:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 248.783728][ T29] audit: type=1326 audit(1727216838.811:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 248.843518][ T29] audit: type=1326 audit(1727216838.811:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 248.894272][ T29] audit: type=1326 audit(1727216838.811:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 248.936169][ T29] audit: type=1326 audit(1727216838.811:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 248.969060][ T29] audit: type=1326 audit(1727216838.811:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 249.007172][ T29] audit: type=1326 audit(1727216838.811:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 249.029371][ T29] audit: type=1326 audit(1727216838.811:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 249.051200][ T29] audit: type=1326 audit(1727216838.811:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10885 comm="syz.1.2477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3e57def9 code=0x7ffc0000 [ 249.328305][ T46] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 249.488714][ T46] usb 4-1: Using ep0 maxpacket: 16 [ 249.494114][T10903] Process accounting resumed [ 249.495643][ T46] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 249.523615][ T46] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 249.533096][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.552564][ T46] usb 4-1: Product: syz [ 249.561361][ T46] usb 4-1: Manufacturer: syz [ 249.571838][ T46] usb 4-1: SerialNumber: syz [ 249.600302][ T46] usb 4-1: config 0 descriptor?? [ 249.853680][ T46] usb 4-1: Not enough endpoints found in device, aborting! [ 250.023669][ T938] usb 4-1: USB disconnect, device number 18 [ 250.288825][ T5320] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 250.441487][ T5320] usb 2-1: Using ep0 maxpacket: 8 [ 250.460071][ T5320] usb 2-1: config 0 interface 0 has no altsetting 0 [ 250.489878][ T5320] usb 2-1: New USB device found, idVendor=0baf, idProduct=00f5, bcdDevice=df.c2 [ 250.518777][ T5320] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.543122][ T5320] usb 2-1: Product: syz [ 250.547363][ T5320] usb 2-1: Manufacturer: syz [ 250.568806][ T5320] usb 2-1: SerialNumber: syz [ 250.581443][ T5320] usb 2-1: config 0 descriptor?? [ 250.599594][ T5320] usb 2-1: [ueagle-atm] ADSL device founded vid (0XBAF) pid (0XF5) Rev (0XDFC2): Eagle I [ 250.780373][ T5320] usb 2-1: reset high-speed USB device number 16 using dummy_hcd [ 250.831892][T10933] binder: 10932:10933 ioctl 40046205 0 returned -22 [ 251.108865][ T938] usb 5-1: new full-speed USB device number 22 using dummy_hcd [ 251.271203][ T938] usb 5-1: unable to get BOS descriptor or descriptor too short [ 251.290109][ T938] usb 5-1: not running at top speed; connect to a high speed hub [ 251.310531][ T938] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 251.321373][ T5320] usb 2-1: device descriptor read/64, error -71 [ 251.338762][ T938] usb 5-1: config 1 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 251.368806][ T938] usb 5-1: config 1 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 251.388822][ T938] usb 5-1: config 1 interface 0 has no altsetting 0 [ 251.412652][ T938] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 251.432726][ T938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.445957][ T938] usb 5-1: Product: syz [ 251.460305][ T938] usb 5-1: Manufacturer: syz [ 251.464965][ T938] usb 5-1: SerialNumber: syz [ 251.559190][ T5320] usb 2-1: reset high-speed USB device number 16 using dummy_hcd [ 251.699636][ T938] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 251.745190][ T938] usb 5-1: USB disconnect, device number 22 [ 252.188907][ T5320] usb 2-1: [UEAGLE-ATM] interface 1 not found [ 252.195063][ T5320] ueagle-atm 2-1:0.0: usbatm_usb_probe: bind failed: -19! [ 252.229010][ T5320] usb 2-1: USB disconnect, device number 16 [ 252.480594][T10961] netlink: 'syz.4.2506': attribute type 29 has an invalid length. [ 252.588574][T10961] netlink: 'syz.4.2506': attribute type 29 has an invalid length. [ 252.598852][T10962] netlink: 'syz.4.2506': attribute type 29 has an invalid length. [ 253.236837][T10984] netlink: 'syz.1.2517': attribute type 9 has an invalid length. [ 253.281178][T10985] sctp: [Deprecated]: syz.0.2518 (pid 10985) Use of struct sctp_assoc_value in delayed_ack socket option. [ 253.281178][T10985] Use struct sctp_sack_info instead [ 253.359007][T10987] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2519'. [ 253.747344][T10994] netlink: 1024 bytes leftover after parsing attributes in process `syz.3.2522'. [ 253.777783][T10994] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 254.152529][T11004] team0: entered promiscuous mode [ 254.158748][T11004] team_slave_0: entered promiscuous mode [ 254.179627][T11004] team_slave_1: entered promiscuous mode [ 254.188758][T11004] team0: left promiscuous mode [ 254.203782][T11004] team_slave_0: left promiscuous mode [ 254.225582][T11004] team_slave_1: left promiscuous mode [ 254.242336][T11009] netlink: 'syz.3.2526': attribute type 6 has an invalid length. [ 254.278344][T11009] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2526'. [ 254.288673][ T46] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 254.462294][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.499174][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 254.578375][ T46] usb 2-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 254.598132][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.630172][ T46] usb 2-1: config 0 descriptor?? [ 255.058441][ T46] steelseries 0003:1038:12B6.0013: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.1-1/input0 [ 255.126733][T11037] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2541'. [ 255.477426][ T5305] usb 2-1: USB disconnect, device number 17 [ 255.624305][T11050] netlink: 'syz.2.2548': attribute type 49 has an invalid length. [ 255.699076][T11052] use of bytesused == 0 is deprecated and will be removed in the future, [ 255.708145][T11052] use the actual size instead. [ 255.914136][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.124809][T11068] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2555'. [ 256.231528][T11070] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2556'. [ 256.452713][T11076] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 256.487845][T11076] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 256.773552][T11082] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2561'. [ 257.057093][ T964] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.256778][ T964] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.415708][ T964] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.556244][ T964] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.802515][ T964] bridge_slave_1: left allmulticast mode [ 258.851308][ T964] bridge_slave_1: left promiscuous mode [ 258.885559][ T964] bridge0: port 2(bridge_slave_1) entered disabled state [ 258.928064][ T964] bridge_slave_0: left allmulticast mode [ 258.970048][ T964] bridge_slave_0: left promiscuous mode [ 259.020726][ T964] bridge0: port 1(bridge_slave_0) entered disabled state [ 259.391322][ T5229] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 259.400987][ T5229] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 259.410263][ T5229] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 259.420002][ T5229] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 259.427842][ T5229] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 259.436505][ T5229] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 259.450404][ T5242] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 259.460096][ T5242] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 259.467446][ T5242] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 259.476037][ T5242] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 259.810216][ T5242] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 259.819385][ T5242] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 260.706163][ T964] gretap0 (unregistering): left promiscuous mode [ 260.749159][T11133] mmap: syz.4.2586 (11133) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 261.552749][ T964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 261.602933][ T964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 261.635763][ T964] bond0 (unregistering): Released all slaves [ 261.696670][T11148] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2592'. [ 261.848895][T11148] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.856097][T11148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.909057][ T5229] Bluetooth: hci5: command tx timeout [ 262.294572][T11181] IPVS: sync thread started: state = MASTER, mcast_ifn = macvlan1, syncid = 0, id = 0 [ 263.439076][ T9] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 263.669154][ T9] usb 4-1: config 0 has an invalid interface number: 6 but max is 0 [ 263.684217][ T9] usb 4-1: config 0 has no interface number 0 [ 263.731815][ T9] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 263.808782][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.890920][ T9] usb 4-1: config 0 descriptor?? [ 263.958117][ T9] ums-realtek 4-1:0.6: USB Mass Storage device detected [ 263.988877][ T5229] Bluetooth: hci5: command tx timeout [ 264.142448][ T964] hsr_slave_0: left promiscuous mode [ 264.186835][ T9] usb 4-1: USB disconnect, device number 19 [ 264.199158][ T964] hsr_slave_1: left promiscuous mode [ 264.255733][ T964] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 264.276786][ T964] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 264.317424][ T964] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 264.355712][ T964] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 264.488066][ T964] veth1_macvtap: left promiscuous mode [ 264.521738][ T964] veth0_macvtap: left promiscuous mode [ 264.548682][ T964] veth1_vlan: left promiscuous mode [ 264.575945][ T964] veth0_vlan: left promiscuous mode [ 265.713817][T11232] xt_CT: You must specify a L4 protocol and not use inversions on it [ 266.069032][ T5229] Bluetooth: hci5: command tx timeout [ 267.044237][ T938] infiniband syz0: ib_query_port failed (-19) [ 267.052456][ T964] team0 (unregistering): Port device team_slave_1 removed [ 267.258028][ T964] team0 (unregistering): Port device team_slave_0 removed [ 268.164695][ T5229] Bluetooth: hci5: command tx timeout [ 268.808386][T11253] netem: incorrect ge model size [ 268.816055][T11253] netem: change failed [ 269.424796][T11135] chnl_net:caif_netlink_parms(): no params data found [ 269.976867][T11135] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.029843][T11135] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.065104][T11135] bridge_slave_0: entered allmulticast mode [ 270.111368][T11135] bridge_slave_0: entered promiscuous mode [ 270.151078][T11284] netlink: 'syz.3.2649': attribute type 10 has an invalid length. [ 270.170816][T11284] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 270.248483][T11284] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 270.314480][T11284] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 270.345348][T11135] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.379016][T11135] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.403098][T11135] bridge_slave_1: entered allmulticast mode [ 270.432834][T11135] bridge_slave_1: entered promiscuous mode [ 270.727147][T11295] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 270.756803][T11135] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 270.820310][T11135] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 271.042023][T11135] team0: Port device team_slave_0 added [ 271.086298][T11135] team0: Port device team_slave_1 added [ 271.260230][T11135] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 271.309173][T11135] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 271.442546][T11135] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 271.560903][T11135] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 271.600115][T11135] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 271.774259][T11135] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 272.152374][T11135] hsr_slave_0: entered promiscuous mode [ 272.243437][T11135] hsr_slave_1: entered promiscuous mode [ 272.300859][T11135] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 272.348948][T11135] Cannot create hsr debugfs directory [ 272.689798][ T9] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 272.888957][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 272.906420][ T9] usb 3-1: unable to get BOS descriptor or descriptor too short [ 272.931328][ T9] usb 3-1: config 3 has an invalid interface number: 238 but max is 0 [ 272.968891][ T9] usb 3-1: config 3 has no interface number 0 [ 273.008964][ T9] usb 3-1: config 3 interface 238 altsetting 6 has a duplicate endpoint with address 0x86, skipping [ 273.081356][ T9] usb 3-1: config 3 interface 238 has no altsetting 0 [ 273.158495][ T9] usb 3-1: New USB device found, idVendor=2040, idProduct=2010, bcdDevice=40.8b [ 273.187024][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.244529][ T9] usb 3-1: Product: syz [ 273.259921][ T9] usb 3-1: Manufacturer: syz [ 273.299880][ T9] usb 3-1: SerialNumber: syz [ 273.335884][T11318] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 273.615019][ T9] smsusb:smsusb_probe: board id=9, interface number 238 [ 273.665938][ T9] usb 3-1: USB disconnect, device number 22 [ 273.810765][T11335] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2672'. [ 273.879930][T11335] openvswitch: netlink: Tunnel attr 8192 out of range max 16 [ 273.993509][T11337] netlink: 'syz.0.2673': attribute type 12 has an invalid length. [ 274.029118][T11337] netlink: 'syz.0.2673': attribute type 29 has an invalid length. [ 274.059154][T11337] netlink: 'syz.0.2673': attribute type 2 has an invalid length. [ 274.085294][T11337] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2673'. [ 274.132717][T11135] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 274.229289][T11135] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 274.296295][T11135] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 274.360915][T11135] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 274.742171][T11352] Process accounting resumed [ 274.773016][T11352] kernel write not supported for file /asound/timers (pid: 11352 comm: syz.0.2679) [ 274.843716][T11135] 8021q: adding VLAN 0 to HW filter on device bond0 [ 274.971147][T11135] 8021q: adding VLAN 0 to HW filter on device team0 [ 275.101708][ T2975] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.108883][ T2975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 275.177664][ T2975] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.184887][ T2975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 275.449839][T11135] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 276.464269][T11135] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 276.625926][T11346] syz.2.2676 (11346): drop_caches: 1 [ 276.750186][T11135] veth0_vlan: entered promiscuous mode [ 276.820251][T11135] veth1_vlan: entered promiscuous mode [ 276.866986][T11381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2691'. [ 277.018237][T11135] veth0_macvtap: entered promiscuous mode [ 277.088099][T11135] veth1_macvtap: entered promiscuous mode [ 277.207119][T11135] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 277.263090][ T29] audit: type=1326 audit(1727216867.321:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11384 comm="syz.0.2693" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x0 [ 277.291392][T11135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 277.338219][T11135] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 277.373318][T11135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 277.409237][T11135] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 277.448362][T11135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 277.504586][T11135] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 277.577073][T11135] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 277.615168][ T29] audit: type=1326 audit(1727216867.681:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11392 comm="syz.3.2696" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f448137def9 code=0x0 [ 277.639137][T11135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 277.658268][T11135] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 277.686053][T11135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 277.711521][T11135] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 277.733321][T11135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 277.773975][T11135] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 277.791230][T11135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 277.842034][T11135] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 277.935942][T11135] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.981550][T11135] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.026831][T11135] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.085633][T11135] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.580413][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.620393][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.806750][ T2975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.844971][ T2975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.213713][T11418] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2707'. [ 280.218886][ T938] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 280.397575][ T938] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 280.412073][ T938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.441015][ T938] usb 5-1: Product: syz [ 280.445240][ T938] usb 5-1: Manufacturer: syz [ 280.472996][ T938] usb 5-1: SerialNumber: syz [ 280.487096][ T938] usb 5-1: config 0 descriptor?? [ 280.740099][ T938] usb 5-1: USB disconnect, device number 23 [ 281.129238][T11464] netlink: 'syz.2.2726': attribute type 25 has an invalid length. [ 281.251288][T11468] netlink: 'syz.2.2728': attribute type 33 has an invalid length. [ 281.260083][T11468] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2728'. [ 281.939625][T11493] vivid-007: disconnect [ 281.954807][T11492] vivid-007: reconnect [ 282.568736][ T46] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 282.657742][T11522] geneve0: invalid flags given to default FDB implementation [ 282.712532][ T5277] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 282.720777][ T46] usb 3-1: Using ep0 maxpacket: 16 [ 282.731968][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 282.744525][ T46] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 282.754190][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.762277][ T46] usb 3-1: Product: syz [ 282.770287][ T46] usb 3-1: Manufacturer: syz [ 282.774905][ T46] usb 3-1: SerialNumber: syz [ 282.807921][ T46] usb 3-1: config 0 descriptor?? [ 282.826793][ T46] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 282.845444][ T46] em28xx 3-1:0.0: DVB interface 0 found: bulk [ 282.880836][ T5277] usb 5-1: Using ep0 maxpacket: 16 [ 282.902251][ T5277] usb 5-1: config 0 has an invalid interface number: 251 but max is 0 [ 282.918456][ T5277] usb 5-1: config 0 has no interface number 0 [ 282.935031][ T5277] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 282.953716][ T5277] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 282.978082][ T5277] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 282.987894][ T5277] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.018806][ T5277] usb 5-1: Product: syz [ 283.023064][ T5277] usb 5-1: Manufacturer: syz [ 283.027714][ T5277] usb 5-1: SerialNumber: syz [ 283.047495][ T5277] usb 5-1: config 0 descriptor?? [ 283.069497][T11514] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 283.076882][T11514] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 283.111170][ T29] audit: type=1326 audit(1727216873.181:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11530 comm="syz.1.2756" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f961d37def9 code=0x0 [ 283.434873][T11514] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 283.466187][T11514] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 283.574954][ T46] em28xx 3-1:0.0: chip ID is em2710/2820 [ 283.882508][ T46] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 283.905654][ T46] em28xx 3-1:0.0: board has no eeprom [ 283.928674][ T5277] asix 5-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver [ 283.958469][ T5277] asix 5-1:0.251: probe with driver asix failed with error -524 [ 284.009028][ T46] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 284.018645][ T46] em28xx 3-1:0.0: dvb set to bulk mode. [ 284.027129][ T5277] em28xx 3-1:0.0: Binding DVB extension [ 284.048984][ T46] usb 3-1: USB disconnect, device number 23 [ 284.086424][ T46] em28xx 3-1:0.0: Disconnecting em28xx [ 284.146903][ T5277] em28xx 3-1:0.0: Registering input extension [ 284.156039][ T5307] usb 5-1: USB disconnect, device number 24 [ 284.176481][ T46] em28xx 3-1:0.0: Closing input extension [ 284.226447][ T46] em28xx 3-1:0.0: Freeing device [ 285.760464][T11590] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.2781'. [ 285.803941][T11590] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.2781'. [ 285.905912][T11597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2784'. [ 285.930588][T11597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2784'. [ 286.368242][ T938] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 286.543171][ T938] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 286.543206][ T938] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.545219][ T938] usb 2-1: config 0 descriptor?? [ 286.547156][ T938] cp210x 2-1:0.0: cp210x converter detected [ 286.992682][ T938] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 287.227625][ T938] cp210x 2-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 287.239619][ T938] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 287.256530][ T938] usb 2-1: cp210x converter now attached to ttyUSB0 [ 287.274614][ T938] usb 2-1: USB disconnect, device number 18 [ 287.291688][ T938] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 287.309291][ T938] cp210x 2-1:0.0: device disconnected [ 289.277047][T11701] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2824'. [ 289.575038][T11717] netlink: 47 bytes leftover after parsing attributes in process `syz.1.2829'. [ 289.714637][T11660] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 289.728712][T11660] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 289.802683][ T5231] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 289.976764][ T5231] usb 4-1: Using ep0 maxpacket: 8 [ 289.985232][ T5231] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 290.009048][ T5231] usb 4-1: New USB device found, idVendor=13d3, idProduct=3340, bcdDevice=ab.0b [ 290.034459][ T5231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.094437][ T5231] usb 4-1: config 0 descriptor?? [ 290.117021][ T5231] r8712u: register rtl8712_netdev_ops to netdev_ops [ 290.144620][ T5231] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 290.585478][ T5231] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed [ 290.592235][ T5231] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 290.599802][ T5231] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 290.648915][T11764] bridge_slave_0: default FDB implementation only supports local addresses [ 290.718347][ T29] audit: type=1326 audit(1727216880.771:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 290.796069][ T5320] usb 4-1: USB disconnect, device number 20 [ 290.799439][T11773] netlink: 'syz.0.2846': attribute type 11 has an invalid length. [ 290.824364][ T29] audit: type=1326 audit(1727216880.771:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 290.886590][ T29] audit: type=1326 audit(1727216880.781:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 290.926151][ T29] audit: type=1326 audit(1727216880.781:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 290.956430][ T29] audit: type=1326 audit(1727216880.781:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 291.075880][ T29] audit: type=1326 audit(1727216880.781:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 291.176429][ T29] audit: type=1326 audit(1727216880.781:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 291.243408][ T29] audit: type=1326 audit(1727216880.781:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 291.247537][T11790] netlink: 'syz.2.2851': attribute type 1 has an invalid length. [ 291.292928][T11793] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2852'. [ 291.316378][ T29] audit: type=1326 audit(1727216880.781:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 291.349205][ T29] audit: type=1326 audit(1727216880.781:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11768 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8c6f7def9 code=0x7ffc0000 [ 291.356513][T11790] netlink: 9328 bytes leftover after parsing attributes in process `syz.2.2851'. [ 291.480673][T11790] netlink: 'syz.2.2851': attribute type 2 has an invalid length. [ 291.508522][T11790] netlink: 'syz.2.2851': attribute type 1 has an invalid length. [ 291.517378][T11801] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2856'. [ 291.851384][T11823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2862'. [ 292.236056][T11843] input: syz1 as /devices/virtual/input/input25 [ 292.448877][T11854] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2873'. [ 293.048625][T11892] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 293.098981][T11892] bridge0: port 1(bridge_slave_0) entered disabled state [ 293.107429][T11892] bridge0: entered allmulticast mode [ 294.118283][ T5307] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 294.148916][ T5231] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 294.289216][ T5307] usb 2-1: Using ep0 maxpacket: 16 [ 294.301382][ T5307] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 294.324170][ T5307] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 294.326790][ T5231] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 12592, setting to 1024 [ 294.349833][ T5307] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 294.371178][ T5307] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.378195][ T5231] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024 [ 294.393143][ T5307] usb 2-1: Product: syz [ 294.401917][ T5307] usb 2-1: Manufacturer: syz [ 294.406534][ T5307] usb 2-1: SerialNumber: syz [ 294.409709][ T5231] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 294.434559][ T5307] usb 2-1: config 0 descriptor?? [ 294.453386][ T5307] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 294.463657][ T5231] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 294.485359][ T5307] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 294.488180][ T5231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 294.516351][ T5231] usb 4-1: SerialNumber: syz [ 294.538573][T11916] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 294.764480][T11916] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 295.076659][ T5307] em28xx 2-1:0.0: chip ID is em2870 [ 295.184738][ T5231] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22 [ 295.309337][ T5305] usb 2-1: USB disconnect, device number 19 [ 295.324465][ T5305] em28xx 2-1:0.0: Disconnecting em28xx [ 295.332515][ T5305] em28xx 2-1:0.0: Freeing device [ 295.428358][ T5307] usb 4-1: USB disconnect, device number 21 [ 295.744035][T11948] ax25_connect(): syz.2.2906 uses autobind, please contact jreuter@yaina.de [ 296.054790][ T29] kauditd_printk_skb: 17 callbacks suppressed [ 296.054810][ T29] audit: type=1400 audit(1727216886.081:185): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=11961 comm="syz.0.2914" dest=20002 netif=wpan0 [ 297.064776][T12007] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2936'. [ 298.059089][T12036] IPv6: Can't replace route, no match found [ 298.107468][T12038] syz.2.2947 (12038): drop_caches: 4 [ 298.310867][ T5242] Bluetooth: hci7: command 0x1003 tx timeout [ 298.356474][ T5229] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 300.136849][T12092] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 300.186143][T12094] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2976'. [ 300.212408][ T5242] Bluetooth: hci7: sending frame failed (-49) [ 300.222169][ T5229] Bluetooth: hci7: Opcode 0x1003 failed: -49 [ 301.288336][ T5305] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 301.448780][ T5305] usb 3-1: Using ep0 maxpacket: 8 [ 301.456198][ T5305] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 301.479551][ T5305] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 301.493657][ T5305] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 301.504169][ T5305] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 301.521329][ T5305] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 301.549507][ T5305] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.668843][T12150] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 301.769029][ T5305] usb 3-1: GET_CAPABILITIES returned 0 [ 301.774832][ T5305] usbtmc 3-1:16.0: can't read capabilities [ 301.992912][ T5305] usb 3-1: USB disconnect, device number 24 [ 302.109442][T12165] Process accounting resumed [ 302.118274][T12165] kernel write not supported for file /asound/timers (pid: 12165 comm: syz.4.3008) [ 303.091766][T12195] netlink: 'syz.0.3021': attribute type 14 has an invalid length. [ 303.547956][T12217] @: renamed from vlan0 (while UP) [ 304.466377][T12251] bond0: option resend_igmp: invalid value (7540) [ 304.486541][T12251] bond0: option resend_igmp: allowed values 0 - 255 [ 304.527631][T12257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3049'. [ 305.119455][T12277] tipc: Started in network mode [ 305.142550][T12277] tipc: Node identity 4, cluster identity 4711 [ 305.167929][T12277] tipc: Node number set to 4 [ 305.190049][T12277] tipc: Cannot configure node identity twice [ 305.316525][T12284] sctp: [Deprecated]: syz.3.3063 (pid 12284) Use of int in max_burst socket option deprecated. [ 305.316525][T12284] Use struct sctp_assoc_value instead [ 305.366061][T12286] block nbd2: NBD_DISCONNECT [ 305.618728][ T5231] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 305.724733][T12292] Process accounting resumed [ 305.879967][ T5231] usb 2-1: config index 0 descriptor too short (expected 106, got 36) [ 305.898536][ T5231] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 305.928189][ T5231] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 305.938076][ T5231] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 305.968221][ T5231] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.994034][ T5231] usb 2-1: config 0 descriptor?? [ 306.430697][ T5231] corsair 0003:1B1C:1B3E.0014: failed to start in urb: -90 [ 306.449878][ T5231] corsair 0003:1B1C:1B3E.0014: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.1-1/input0 [ 306.479574][T12308] program syz.4.3074 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 306.636176][ T5305] usb 2-1: USB disconnect, device number 20 [ 307.031019][T12323] vivid-007: disconnect [ 307.036890][T12322] vivid-007: reconnect [ 307.498584][T12342] sch_fq: defrate 0 ignored. [ 309.045122][T12383] kvm: user requested TSC rate below hardware speed [ 309.045164][T12384] ax25_connect(): syz.3.3107 uses autobind, please contact jreuter@yaina.de [ 310.718307][ T5231] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 310.865929][T12429] xt_CT: You must specify a L4 protocol and not use inversions on it [ 310.929559][ T5231] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 310.947416][ T5231] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.968316][ T5231] usb 4-1: Product: syz [ 310.972527][ T5231] usb 4-1: Manufacturer: syz [ 310.980405][ T5231] usb 4-1: SerialNumber: syz [ 310.987094][ T5231] usb 4-1: config 0 descriptor?? [ 311.228929][ T5305] usb 4-1: USB disconnect, device number 22 [ 313.012637][ T5231] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 313.190254][ T5231] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 313.199553][ T5231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.219711][ T5231] usb 4-1: config 0 descriptor?? [ 313.233332][ T5231] cp210x 4-1:0.0: cp210x converter detected [ 313.637761][ T5231] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 313.857152][ T5231] cp210x 4-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 313.873517][ T5231] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 313.895397][ T5231] usb 4-1: cp210x converter now attached to ttyUSB0 [ 313.918794][ T5231] usb 4-1: USB disconnect, device number 23 [ 313.943630][ T5231] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 313.978563][ T5231] cp210x 4-1:0.0: device disconnected [ 314.565857][T12511] netlink: 2060 bytes leftover after parsing attributes in process `syz.4.3159'. [ 314.609944][T12511] netlink: 'syz.4.3159': attribute type 1 has an invalid length. [ 314.617733][T12511] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.3159'. [ 315.628253][ T938] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 315.748467][ T5307] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 315.779836][ T938] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 315.794947][ T938] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 315.814989][ T938] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 315.830158][ T938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.854008][ T938] usb 3-1: config 0 descriptor?? [ 316.018287][ T5307] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 316.038886][ T5307] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 316.088326][ T5307] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 316.097730][ T5307] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 316.106627][ T5307] usb 4-1: SerialNumber: syz [ 316.302302][ T938] hid-steam 0003:28DE:1142.0015: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0 [ 316.377519][ T5307] usb 4-1: 0:2 : does not exist [ 316.398311][ T938] hid-steam 0003:28DE:1142.0015: Steam wireless receiver connected [ 316.432873][ T5307] usb 4-1: USB disconnect, device number 24 [ 316.454417][ T938] hid-steam 0003:28DE:1142.0016: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0 [ 316.510015][ T938] usb 3-1: USB disconnect, device number 25 [ 316.550733][ T938] hid-steam 0003:28DE:1142.0015: Steam wireless receiver disconnected [ 317.353679][T12599] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3199'. [ 317.364048][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.391932][T12599] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 317.553325][T12606] IPVS: nq: TCP 172.20.20.170:0 - no destination available [ 318.013691][T12628] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 318.060085][T12626] netlink: 188 bytes leftover after parsing attributes in process `syz.4.3213'. [ 319.151571][T12665] netlink: 2060 bytes leftover after parsing attributes in process `syz.1.3228'. [ 319.223395][T12665] netlink: 'syz.1.3228': attribute type 1 has an invalid length. [ 319.288354][T12665] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.3228'. [ 321.838352][ T46] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 321.958790][T12754] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 321.984042][T12754] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.988439][ T46] usb 3-1: Using ep0 maxpacket: 8 [ 322.004510][T12754] bridge0: entered allmulticast mode [ 322.009099][ T46] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 322.022440][ T46] usb 3-1: New USB device found, idVendor=13d3, idProduct=3340, bcdDevice=ab.0b [ 322.050514][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.099668][ T46] usb 3-1: config 0 descriptor?? [ 322.111282][ T46] r8712u: register rtl8712_netdev_ops to netdev_ops [ 322.117920][ T46] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 322.355886][T12768] batadv0: entered promiscuous mode [ 322.372292][T12768] macsec1: entered promiscuous mode [ 322.377714][T12768] macsec1: entered allmulticast mode [ 322.383249][T12768] batadv0: entered allmulticast mode [ 322.406610][T12768] batadv0: left allmulticast mode [ 322.423763][T12768] batadv0: left promiscuous mode [ 322.523014][ T46] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed [ 322.530024][ T46] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 322.537529][ T46] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 322.740476][ T938] usb 3-1: USB disconnect, device number 26 [ 323.648308][ T938] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 323.758631][ T5231] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 323.820587][ T938] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 323.841136][ T938] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 323.873218][ T938] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 323.890869][ T938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 323.908551][ T938] usb 3-1: SerialNumber: syz [ 323.939932][ T5231] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 323.953042][ T5231] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 323.964857][ T5231] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 323.976023][ T5231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.986390][ T5231] usb 4-1: config 0 descriptor?? [ 324.126707][ T938] usb 3-1: 0:2 : does not exist [ 324.161743][ T938] usb 3-1: USB disconnect, device number 27 [ 324.425384][ T5231] hid-steam 0003:28DE:1142.0017: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0 [ 324.509902][ T5231] hid-steam 0003:28DE:1142.0017: Steam wireless receiver connected [ 324.554731][ T5231] hid-steam 0003:28DE:1142.0018: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0 [ 324.596134][ T8] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 324.646123][ T46] usb 4-1: USB disconnect, device number 25 [ 324.658005][ T46] hid-steam 0003:28DE:1142.0017: Steam wireless receiver disconnected [ 324.713041][T12831] mkiss: ax0: crc mode is auto. [ 324.779321][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 324.800053][ T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 324.818277][ T8] usb 5-1: New USB device found, idVendor=13d3, idProduct=3340, bcdDevice=ab.0b [ 324.836363][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.846756][ T8] usb 5-1: config 0 descriptor?? [ 324.865181][ T8] r8712u: register rtl8712_netdev_ops to netdev_ops [ 324.885610][ T8] usb 5-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 325.279037][ T8] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed [ 325.285710][ T8] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 325.304427][ T8] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 325.489285][ T8] usb 5-1: USB disconnect, device number 25 [ 325.813803][T12864] macvlan2: entered promiscuous mode [ 325.843561][T12864] macvlan2: entered allmulticast mode [ 326.199119][T12874] input: syz0 as /devices/virtual/input/input28 [ 326.757772][T12893] mkiss: ax0: crc mode is auto. [ 326.954476][ T29] audit: type=1400 audit(1727216917.021:186): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="#!" requested=w pid=12899 comm="syz.4.3334" [ 327.060258][T12903] input: syz0 as /devices/virtual/input/input29 [ 327.508366][ T29] audit: type=1400 audit(1727216917.561:187): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="#!" requested=w pid=12927 comm="syz.0.3347" [ 327.632168][T12936] mkiss: ax0: crc mode is auto. [ 328.055599][T12951] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 328.363590][T12963] bridge0: port 2(bridge_slave_1) entered listening state [ 329.268007][T12989] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 330.003939][T13020] overlayfs: missing 'workdir' [ 330.033782][T13022] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 331.618373][T13080] netlink: 300 bytes leftover after parsing attributes in process `syz.4.3415'. [ 331.626023][T13082] syz.0.3417: attempt to access beyond end of device [ 331.626023][T13082] nbd0: rw=2048, sector=2, nr_sectors = 1 limit=0 [ 331.658510][T13082] hfsplus: unable to find HFS+ superblock [ 331.680363][T13084] /dev/nbd0: Can't open blockdev [ 331.829408][ T5242] Bluetooth: hci7: command 0x1003 tx timeout [ 331.838027][ T5229] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 332.249216][T13106] tipc: Started in network mode [ 332.278306][T13106] tipc: Node identity 4, cluster identity 4711 [ 332.302199][T13106] tipc: Node number set to 4 [ 332.307151][T13106] tipc: Cannot configure node identity twice [ 332.545419][T13116] syz.2.3431: attempt to access beyond end of device [ 332.545419][T13116] nbd2: rw=2048, sector=2, nr_sectors = 1 limit=0 [ 332.568611][T13116] hfsplus: unable to find HFS+ superblock [ 332.588017][T13116] zonefs (nbd2) ERROR: Not a zoned block device [ 332.702214][T13118] sctp: [Deprecated]: syz.1.3432 (pid 13118) Use of int in max_burst socket option deprecated. [ 332.702214][T13118] Use struct sctp_assoc_value instead [ 332.864374][T13128] @: renamed from vlan0 [ 333.023918][T13135] nbd: couldn't find device at index 3 [ 333.251473][T13144] hsr0: left promiscuous mode [ 333.349993][T13149] xt_CT: You must specify a L4 protocol and not use inversions on it [ 333.628477][T13155] sctp: [Deprecated]: syz.2.3450 (pid 13155) Use of int in max_burst socket option deprecated. [ 333.628477][T13155] Use struct sctp_assoc_value instead [ 333.928369][ T29] audit: type=1326 audit(1727216923.981:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13167 comm="syz.2.3457" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9bb977def9 code=0x0 [ 333.977084][T13170] sctp: [Deprecated]: syz.4.3469 (pid 13170) Use of int in max_burst socket option deprecated. [ 333.977084][T13170] Use struct sctp_assoc_value instead [ 334.096775][T13175] netlink: 300 bytes leftover after parsing attributes in process `syz.1.3458'. [ 334.370541][T13183] tap0: tun_chr_ioctl cmd 99999999 [ 335.094101][T13216] ax25_connect(): syz.0.3480 uses autobind, please contact jreuter@yaina.de [ 335.411329][T13230] tipc: New replicast peer: 255.255.255.255 [ 335.449552][T13230] tipc: Enabled bearer , priority 10 [ 335.538545][T13236] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 336.178261][ T5231] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 336.340469][ T5231] usb 3-1: Using ep0 maxpacket: 32 [ 336.356576][ T5231] usb 3-1: config 0 has an invalid interface number: 64 but max is 1 [ 336.378319][ T5231] usb 3-1: config 0 has no interface number 1 [ 336.394490][ T5231] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 336.430908][ T5231] usb 3-1: New USB device found, idVendor=1630, idProduct=0042, bcdDevice=1c.a5 [ 336.452092][ T5231] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 336.460401][ T5231] usb 3-1: Product: syz [ 336.464703][ T5231] usb 3-1: Manufacturer: syz [ 336.476428][ T5231] usb 3-1: SerialNumber: syz [ 336.490018][ T5231] usb 3-1: config 0 descriptor?? [ 336.581638][ T8] tipc: Node number set to 2049851437 [ 336.719740][ T5231] usb 3-1: bad CDC descriptors [ 336.736721][ T9] IPVS: starting estimator thread 0... [ 336.756350][ T5231] usb 3-1: USB disconnect, device number 28 [ 336.828410][T13285] IPVS: using max 18 ests per chain, 43200 per kthread [ 337.752014][ T46] IPVS: starting estimator thread 0... [ 337.888602][T13315] IPVS: using max 18 ests per chain, 43200 per kthread [ 338.061712][T13325] tipc: Started in network mode [ 338.076019][T13325] tipc: Node identity ac14140f, cluster identity 4711 [ 338.105463][T13325] tipc: New replicast peer: 255.255.255.255 [ 338.127655][T13325] tipc: Enabled bearer , priority 10 [ 338.728259][ T5231] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 338.878458][ T5231] usb 3-1: Using ep0 maxpacket: 8 [ 338.889463][ T5231] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 338.902543][ T5231] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 338.925573][ T5231] usb 3-1: config 0 has no interface number 0 [ 338.941197][ T5231] usb 3-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 338.963421][ T5231] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 338.983690][ T5231] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 338.995764][ T5231] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 339.005324][ T5231] usb 3-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0 [ 339.013489][ T5231] usb 3-1: Product: syz [ 339.021234][ T5231] usb 3-1: config 0 descriptor?? [ 339.063499][T13349] IPv6: sit1: Disabled Multicast RS [ 339.130642][ T8] tipc: Node number set to 2886997007 [ 339.645153][ T5231] usb 3-1: USB disconnect, device number 29 [ 339.873239][T13374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3554'. [ 340.348349][ T5307] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 340.498594][ T5307] usb 4-1: Using ep0 maxpacket: 32 [ 340.510753][ T5307] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 340.524261][ T5307] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 340.558381][ T5307] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 340.579365][ T5307] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 340.595785][ T5307] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.607085][ T5307] usb 4-1: config 0 descriptor?? [ 340.618878][T13380] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 340.629738][ T5307] hub 4-1:0.0: USB hub found [ 340.757292][T13401] netlink: 1 bytes leftover after parsing attributes in process `syz.0.3566'. [ 340.786810][T13401] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3566'. [ 340.820387][T13401] netlink: 1 bytes leftover after parsing attributes in process `syz.0.3566'. [ 340.842957][ T5307] hub 4-1:0.0: config failed, hub has too many ports! (err -19) [ 341.054769][ T5307] usbhid 4-1:0.0: can't add hid device: -71 [ 341.073489][ T5307] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 341.139731][ T5307] usb 4-1: USB disconnect, device number 26 [ 341.166345][T13413] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 342.027138][T13450] IPv6: sit1: Disabled Multicast RS [ 343.554054][T13492] IPv6: sit1: Disabled Multicast RS [ 343.998748][T13510] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3612'. [ 344.148422][ T46] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 344.327024][ T46] usb 2-1: Using ep0 maxpacket: 32 [ 344.335034][ T46] usb 2-1: config 0 has an invalid interface number: 64 but max is 1 [ 344.350617][ T46] usb 2-1: config 0 has no interface number 1 [ 344.368564][ T46] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 344.396814][ T46] usb 2-1: New USB device found, idVendor=1630, idProduct=0042, bcdDevice=1c.a5 [ 344.415875][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.426443][ T46] usb 2-1: Product: syz [ 344.438825][ T46] usb 2-1: Manufacturer: syz [ 344.443453][ T46] usb 2-1: SerialNumber: syz [ 344.463753][ T46] usb 2-1: config 0 descriptor?? [ 344.648651][T13534] option changes via remount are deprecated (pid=13533 comm=syz.2.3625) [ 344.687375][ T46] usb 2-1: bad CDC descriptors [ 344.711829][ T46] usb 2-1: USB disconnect, device number 21 [ 345.967385][T13562] program syz.1.3638 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 346.059676][ T46] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 346.221946][ T46] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 346.241858][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.274754][ T46] usb 4-1: config 0 descriptor?? [ 346.291008][ T46] gspca_main: spca508-2.14.0 probing 8086:0110 [ 346.501113][ T46] gspca_spca508: reg_read err -32 [ 346.518808][ T46] gspca_spca508: reg_read err -32 [ 346.749118][ T46] gspca_spca508: reg_read err -71 [ 346.764381][ T46] gspca_spca508: reg_read err -71 [ 346.764699][ T5242] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 346.770197][ T46] gspca_spca508: reg write: error -71 [ 346.783227][ T5242] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 346.783270][ T46] spca508 4-1:0.0: probe with driver spca508 failed with error -71 [ 346.798749][ T5242] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 346.809893][ T5242] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 346.821649][ T46] usb 4-1: USB disconnect, device number 27 [ 346.828994][ T5242] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 346.836313][ T5242] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 346.849929][ T5229] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 346.857272][ T5229] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 346.865692][ T5229] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 346.883875][ T5229] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 346.892995][ T5229] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 346.900483][ T5229] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 347.598624][T13605] tap0: tun_chr_ioctl cmd 1074025694 [ 347.642313][T13584] chnl_net:caif_netlink_parms(): no params data found [ 347.959280][T13623] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3663'. [ 347.998419][T13584] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.028665][T13584] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.054840][T13584] bridge_slave_0: entered allmulticast mode [ 348.074493][T13584] bridge_slave_0: entered promiscuous mode [ 348.091136][T13584] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.114495][T13584] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.137415][T13584] bridge_slave_1: entered allmulticast mode [ 348.159863][T13584] bridge_slave_1: entered promiscuous mode [ 348.166937][T13628] team0: No ports can be present during mode change [ 348.235065][T13584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 348.247453][T13584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 348.276938][T13637] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 348.344172][T13584] team0: Port device team_slave_0 added [ 348.364966][T13584] team0: Port device team_slave_1 added [ 348.408514][T13642] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3671'. [ 348.424393][T13584] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 348.432429][T13584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 348.459845][T13584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 348.491568][T13584] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 348.515786][T13584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 348.570550][T13584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 348.603178][T13647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3673'. [ 348.752113][T13584] hsr_slave_0: entered promiscuous mode [ 348.788581][T13584] hsr_slave_1: entered promiscuous mode [ 348.797694][T13584] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 348.811123][T13584] Cannot create hsr debugfs directory [ 348.950027][ T5229] Bluetooth: hci7: command tx timeout [ 349.227199][T13584] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.250499][ T29] audit: type=1326 audit(2000000005.120:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.301082][ T29] audit: type=1326 audit(2000000005.150:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.352033][ T29] audit: type=1326 audit(2000000005.170:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.416133][ T29] audit: type=1326 audit(2000000005.170:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.470473][ T29] audit: type=1326 audit(2000000005.170:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.510274][ T29] audit: type=1326 audit(2000000005.170:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.545558][T13584] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.560410][ T29] audit: type=1326 audit(2000000005.170:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.622044][ T29] audit: type=1326 audit(2000000005.170:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13669 comm="syz.1.3684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961d37def9 code=0x7ffc0000 [ 349.697025][T13584] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.883566][T13584] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.160278][T13584] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 350.181182][T13584] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 350.220645][T13584] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 350.241285][T13584] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 350.425618][T13584] 8021q: adding VLAN 0 to HW filter on device bond0 [ 350.480121][T13584] 8021q: adding VLAN 0 to HW filter on device team0 [ 350.510102][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 350.517265][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 350.545228][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 350.552426][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 350.687113][T13713] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3704'. [ 350.922199][T13727] netlink: 'syz.3.3708': attribute type 9 has an invalid length. [ 350.930145][T13727] netlink: 134688 bytes leftover after parsing attributes in process `syz.3.3708'. [ 351.028763][ T5229] Bluetooth: hci7: command tx timeout [ 351.037354][T13584] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 351.409090][T13747] [ 351.411455][T13747] ====================================================== [ 351.418462][T13747] WARNING: possible circular locking dependency detected [ 351.425468][T13747] 6.11.0-syzkaller-10045-g97d8894b6f4c #0 Not tainted [ 351.432212][T13747] ------------------------------------------------------ [ 351.439216][T13747] syz.2.3716/13747 is trying to acquire lock: [ 351.445270][T13747] ffff888079fc1498 (&mm->mmap_lock){++++}-{3:3}, at: upgrade_mmap_lock_carefully+0xb6/0x160 [ 351.455383][T13747] [ 351.455383][T13747] but task is already holding lock: [ 351.462746][T13747] ffff88805e8b71d0 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: shmem_file_write_iter+0x80/0x120 [ 351.473466][T13747] [ 351.473466][T13747] which lock already depends on the new lock. [ 351.473466][T13747] [ 351.483861][T13747] [ 351.483861][T13747] the existing dependency chain (in reverse order) is: [ 351.492865][T13747] [ 351.492865][T13747] -> #1 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}: [ 351.501561][T13747] lock_acquire+0x1ed/0x550 [ 351.506594][T13747] down_write+0x99/0x220 [ 351.511365][T13747] process_measurement+0x439/0x1fb0 [ 351.517097][T13747] ima_file_mmap+0x13d/0x2b0 [ 351.522226][T13747] security_mmap_file+0x7e7/0xa40 [ 351.527788][T13747] __se_sys_remap_file_pages+0x6e6/0xa50 [ 351.533953][T13747] do_syscall_64+0xf3/0x230 [ 351.538982][T13747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.545412][T13747] [ 351.545412][T13747] -> #0 (&mm->mmap_lock){++++}-{3:3}: [ 351.552987][T13747] validate_chain+0x18ef/0x5920 [ 351.558365][T13747] __lock_acquire+0x1384/0x2050 [ 351.563748][T13747] lock_acquire+0x1ed/0x550 [ 351.568803][T13747] down_write_killable+0xab/0x260 [ 351.574358][T13747] upgrade_mmap_lock_carefully+0xb6/0x160 [ 351.580607][T13747] lock_mm_and_find_vma+0x107/0x2f0 [ 351.586332][T13747] exc_page_fault+0x1bf/0x8c0 [ 351.591543][T13747] asm_exc_page_fault+0x26/0x30 [ 351.596928][T13747] fault_in_readable+0x165/0x2b0 [ 351.602409][T13747] fault_in_iov_iter_readable+0x229/0x280 [ 351.608651][T13747] generic_perform_write+0x259/0x6d0 [ 351.614455][T13747] shmem_file_write_iter+0xf9/0x120 [ 351.620190][T13747] vfs_write+0xa6d/0xc90 [ 351.624959][T13747] ksys_write+0x183/0x2b0 [ 351.629816][T13747] do_syscall_64+0xf3/0x230 [ 351.634844][T13747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.641267][T13747] [ 351.641267][T13747] other info that might help us debug this: [ 351.641267][T13747] [ 351.651488][T13747] Possible unsafe locking scenario: [ 351.651488][T13747] [ 351.658929][T13747] CPU0 CPU1 [ 351.664286][T13747] ---- ---- [ 351.669647][T13747] lock(&sb->s_type->i_mutex_key#11); [ 351.675121][T13747] lock(&mm->mmap_lock); [ 351.681969][T13747] lock(&sb->s_type->i_mutex_key#11); [ 351.689957][T13747] lock(&mm->mmap_lock); [ 351.694286][T13747] [ 351.694286][T13747] *** DEADLOCK *** [ 351.694286][T13747] [ 351.702429][T13747] 3 locks held by syz.2.3716/13747: [ 351.707618][T13747] #0: ffff88804bcb4d38 (&f->f_pos_lock){+.+.}-{3:3}, at: fdget_pos+0x24e/0x320 [ 351.716693][T13747] #1: ffff88807ee90420 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 351.725582][T13747] #2: ffff88805e8b71d0 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: shmem_file_write_iter+0x80/0x120 [ 351.736753][T13747] [ 351.736753][T13747] stack backtrace: [ 351.742641][T13747] CPU: 1 UID: 0 PID: 13747 Comm: syz.2.3716 Not tainted 6.11.0-syzkaller-10045-g97d8894b6f4c #0 [ 351.753066][T13747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 351.763115][T13747] Call Trace: [ 351.766397][T13747] [ 351.769332][T13747] dump_stack_lvl+0x241/0x360 [ 351.774012][T13747] ? __pfx_dump_stack_lvl+0x10/0x10 [ 351.779308][T13747] ? __pfx__printk+0x10/0x10 [ 351.783917][T13747] print_circular_bug+0x13a/0x1b0 [ 351.788954][T13747] check_noncircular+0x36a/0x4a0 [ 351.793896][T13747] ? __pfx_check_noncircular+0x10/0x10 [ 351.799440][T13747] ? lockdep_lock+0x123/0x2b0 [ 351.804118][T13747] validate_chain+0x18ef/0x5920 [ 351.808959][T13747] ? __pfx_validate_chain+0x10/0x10 [ 351.814160][T13747] ? __pfx_validate_chain+0x10/0x10 [ 351.819356][T13747] ? __pfx_validate_chain+0x10/0x10 [ 351.824547][T13747] ? mark_lock+0x9a/0x360 [ 351.828868][T13747] ? __lock_acquire+0x1384/0x2050 [ 351.833898][T13747] ? mark_lock+0x9a/0x360 [ 351.838251][T13747] __lock_acquire+0x1384/0x2050 [ 351.843118][T13747] lock_acquire+0x1ed/0x550 [ 351.847644][T13747] ? upgrade_mmap_lock_carefully+0xb6/0x160 [ 351.853546][T13747] ? __pfx_lock_acquire+0x10/0x10 [ 351.858615][T13747] ? __pfx___might_resched+0x10/0x10 [ 351.863907][T13747] ? cmp_ex_search+0x74/0xa0 [ 351.868510][T13747] ? bsearch+0x98/0xc0 [ 351.872584][T13747] down_write_killable+0xab/0x260 [ 351.877610][T13747] ? upgrade_mmap_lock_carefully+0xb6/0x160 [ 351.883512][T13747] ? upgrade_mmap_lock_carefully+0xb6/0x160 [ 351.889407][T13747] ? __pfx_down_write_killable+0x10/0x10 [ 351.895038][T13747] ? fault_in_readable+0x165/0x2b0 [ 351.900165][T13747] ? find_vma+0xf9/0x170 [ 351.904401][T13747] ? __pfx_find_vma+0x10/0x10 [ 351.909074][T13747] ? fault_in_readable+0x165/0x2b0 [ 351.914189][T13747] upgrade_mmap_lock_carefully+0xb6/0x160 [ 351.919914][T13747] lock_mm_and_find_vma+0x107/0x2f0 [ 351.925113][T13747] exc_page_fault+0x1bf/0x8c0 [ 351.929793][T13747] ? reacquire_held_locks+0x3eb/0x690 [ 351.935172][T13747] asm_exc_page_fault+0x26/0x30 [ 351.940026][T13747] RIP: 0010:fault_in_readable+0x165/0x2b0 [ 351.945749][T13747] Code: b6 ff 4c 8d b3 ff 0f 00 00 48 89 d8 4d 01 e6 49 81 e6 00 f0 ff ff 49 39 c6 72 6b e8 05 7b b6 ff 4c 39 f3 74 6e 4c 89 64 24 10 <44> 8a 23 43 0f b6 04 2f 84 c0 75 18 44 88 64 24 40 48 81 c3 00 10 [ 351.965350][T13747] RSP: 0018:ffffc90018a0fa40 EFLAGS: 00050287 [ 351.971420][T13747] RAX: ffffffff81de38bb RBX: 0000000020001000 RCX: 0000000000040000 [ 351.979390][T13747] RDX: ffffc90009129000 RSI: 00000000000000a1 RDI: 00000000000000a2 [ 351.987361][T13747] RBP: ffffc90018a0faf8 R08: ffffffff81de3858 R09: ffffffff84afe229 [ 351.995333][T13747] R10: 0000000000000002 R11: ffff88802e9d5a00 R12: 000000000000fecc [ 352.003301][T13747] R13: dffffc0000000000 R14: 0000000020010000 R15: 1ffff92003141f50 [ 352.011277][T13747] ? fault_in_iov_iter_readable+0x49/0x280 [ 352.017092][T13747] ? fault_in_readable+0xf8/0x2b0 [ 352.022121][T13747] ? fault_in_readable+0x15b/0x2b0 [ 352.027243][T13747] ? __pfx_fault_in_readable+0x10/0x10 [ 352.032705][T13747] ? inode_to_bdi+0x69/0xf0 [ 352.037209][T13747] fault_in_iov_iter_readable+0x229/0x280 [ 352.042940][T13747] generic_perform_write+0x259/0x6d0 [ 352.048247][T13747] ? __pfx_generic_perform_write+0x10/0x10 [ 352.054051][T13747] ? mnt_put_write_access_file+0xbf/0x100 [ 352.059800][T13747] ? file_update_time+0x3be/0x430 [ 352.064844][T13747] shmem_file_write_iter+0xf9/0x120 [ 352.070086][T13747] vfs_write+0xa6d/0xc90 [ 352.074333][T13747] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 352.080162][T13747] ? __pfx_vfs_write+0x10/0x10 [ 352.084935][T13747] ? fdget_pos+0x24e/0x320 [ 352.089352][T13747] ksys_write+0x183/0x2b0 [ 352.093703][T13747] ? __pfx_ksys_write+0x10/0x10 [ 352.098556][T13747] ? do_syscall_64+0x100/0x230 [ 352.103406][T13747] ? do_syscall_64+0xb6/0x230 [ 352.108087][T13747] do_syscall_64+0xf3/0x230 [ 352.112604][T13747] ? clear_bhb_loop+0x35/0x90 [ 352.117288][T13747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.123194][T13747] RIP: 0033:0x7f9bb977def9 [ 352.127626][T13747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.147235][T13747] RSP: 002b:00007f9bba530038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 352.155656][T13747] RAX: ffffffffffffffda RBX: 00007f9bb9935f80 RCX: 00007f9bb977def9 [ 352.163624][T13747] RDX: 000000000000fecc RSI: 0000000020000100 RDI: 0000000000000003 [ 352.171602][T13747] RBP: 00007f9bb97f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 352.179571][T13747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 352.187542][T13747] R13: 0000000000000000 R14: 00007f9bb9935f80 R15: 00007fffa6f84928 [ 352.195523][T13747] [ 352.449137][T13584] veth0_vlan: entered promiscuous mode [ 353.284861][ T2975] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.406739][ T2975] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.503003][ T2975] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.584170][ T2975] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.711180][ T2975] bridge_slave_1: left allmulticast mode [ 353.716855][ T2975] bridge_slave_1: left promiscuous mode [ 353.722599][ T2975] bridge0: port 2(bridge_slave_1) entered disabled state [ 353.731626][ T2975] bridge_slave_0: left allmulticast mode [ 353.737288][ T2975] bridge_slave_0: left promiscuous mode [ 353.743170][ T2975] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.915423][ T2975] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 353.929283][ T2975] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 353.942862][ T2975] bond0 (unregistering): Released all slaves [ 354.006784][ T2975] tipc: Left network mode [ 354.191445][ T2975] hsr_slave_0: left promiscuous mode [ 354.197211][ T2975] hsr_slave_1: left promiscuous mode [ 354.214476][ T2975] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 354.222071][ T2975] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 354.235038][ T2975] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 354.243999][ T2975] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 354.258139][ T2975] veth1_macvtap: left promiscuous mode [ 354.264212][ T2975] veth0_macvtap: left promiscuous mode [ 354.274118][ T2975] veth1_vlan: left promiscuous mode [ 354.279554][ T2975] veth0_vlan: left promiscuous mode [ 354.487852][ T2975] team0 (unregistering): Port device team_slave_1 removed [ 354.528552][ T2975] team0 (unregistering): Port device team_slave_0 removed [ 354.941813][ T2975] IPVS: stop unused estimator thread 0... [ 355.274010][ T2975] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.312971][ T2975] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.372863][ T2975] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.432549][ T2975] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.526986][ T2975] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.582549][ T2975] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.643055][ T2975] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.718774][ T2975] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.804107][ T2975] bridge_slave_1: left allmulticast mode [ 355.813114][ T2975] bridge_slave_1: left promiscuous mode [ 355.819029][ T2975] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.827467][ T2975] bridge_slave_0: left allmulticast mode [ 355.836468][ T2975] bridge_slave_0: left promiscuous mode [ 355.842162][ T2975] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.854219][ T2975] bridge_slave_0: left promiscuous mode [ 355.860179][ T2975] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.869058][ T2975] bridge_slave_1: left allmulticast mode [ 355.874797][ T2975] bridge_slave_1: left promiscuous mode [ 355.881009][ T2975] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.889684][ T2975] bridge_slave_0: left allmulticast mode [ 355.895341][ T2975] bridge_slave_0: left promiscuous mode [ 355.902651][ T2975] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.334309][ T2975] infiniband syz1: set down [ 356.457107][ T2975] erspan0 (unregistering): left promiscuous mode [ 356.480676][ T2975] gretap0 (unregistering): left promiscuous mode [ 356.806275][ T2975] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 356.846652][ T2975] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 356.863793][ T2975] bond0 (unregistering): Released all slaves [ 356.876779][ T12] smc: removing ib device syz1 [ 356.881891][ T2975] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 356.892107][ T2975] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 356.905502][ T2975] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 356.917606][ T2975] bond0 (unregistering): Released all slaves [ 356.930516][ T2975] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 356.941386][ T2975] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 356.951339][ T2975] bond0 (unregistering): Released all slaves [ 356.960842][ T5277] infiniband syz1: ib_query_port failed (-19) [ 357.567020][ T2975] tipc: Left network mode [ 357.594924][ T2975] tipc: Disabling bearer [ 357.600937][ T2975] tipc: Left network mode [ 357.622458][ T2975] IPVS: stopping master sync thread 11181 ... [ 357.857338][ T2975] hsr_slave_0: left promiscuous mode [ 357.866312][ T2975] hsr_slave_1: left promiscuous mode [ 357.873889][ T2975] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 357.884341][ T2975] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 357.895482][ T2975] hsr_slave_0: left promiscuous mode [ 357.904906][ T2975] hsr_slave_1: left promiscuous mode [ 357.910684][ T2975] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 357.918083][ T2975] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 357.932910][ T2975] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 357.943228][ T2975] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 357.953838][ T2975] hsr_slave_0: left promiscuous mode [ 357.962950][ T2975] hsr_slave_1: left promiscuous mode [ 357.975887][ T2975] veth0_vlan: left promiscuous mode [ 357.984373][ T2975] veth1_macvtap: left promiscuous mode [ 357.990841][ T2975] veth0_macvtap: left promiscuous mode [ 357.996381][ T2975] veth1_vlan: left promiscuous mode [ 358.004667][ T2975] @: left promiscuous mode [ 358.010143][ T2975] veth0_macvtap: left promiscuous mode [ 358.015703][ T2975] veth1_vlan: left promiscuous mode [ 358.312720][ T2975] team0 (unregistering): Port device team_slave_1 removed [ 358.343137][ T2975] team0 (unregistering): Port device team_slave_0 removed [ 358.611990][ T2975] team0 (unregistering): Port device team_slave_1 removed [ 358.641569][ T2975] team0 (unregistering): Port device team_slave_0 removed [ 358.815111][ T2975] team0 (unregistering): Port device batadv0 removed [ 359.036799][ T2975] team0 (unregistering): Port device team_slave_1 removed [ 359.073829][ T2975] team0 (unregistering): Port device team_slave_0 removed [ 359.782001][ T2975] IPVS: stop unused estimator thread 0...