last executing test programs: 1m15.196538368s ago: executing program 32 (id=115): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) sendto$inet6(r0, &(0x7f0000000140)="f4", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00'}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x5}, 0x8) 1m9.082156232s ago: executing program 2 (id=159): unshare(0x2040600) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0, 0xffffffffffffffff}, 0x4) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001b00)={r1}, 0x4) 1m8.774924122s ago: executing program 2 (id=163): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x3, 0x1}}]}, 0x2c}}, 0x0) 1m8.594854115s ago: executing program 2 (id=166): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x44, r0, 0x801, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee33908f8eef16f162471f4"}, @NL80211_KEY_IDX={0xfffffffffffffe2f, 0x2, 0x4}, @NL80211_KEY_DEFAULT_TYPES={0x0, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST]}]}]}, 0x44}}, 0x0) 1m8.285128181s ago: executing program 2 (id=170): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, 0x0, &(0x7f0000000040)) 1m8.004680232s ago: executing program 2 (id=173): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0) mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00') 1m7.752914485s ago: executing program 2 (id=175): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000000004026093333400000000001090224"], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$hid(0x5, 0x2e, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xf002, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xfd, 0x5, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x413, 0x4, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200}}}}}]}}]}}, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f00000003c0)={0x18, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0) 59.911445103s ago: executing program 3 (id=237): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r0 = socket$kcm(0x2, 0xa, 0x2) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="13010000bd460e10490d1070900c010203010902120001000000000904000000d2", @ANYRES16=r0], 0x0) 57.768763473s ago: executing program 3 (id=245): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001600)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000002c41000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff010011d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcebc7586186fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35eff00006b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b58fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f58fa48f61071f548d411353965615c24c1860fd0dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5472d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9778289c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26a741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba17a647a171c2fc73a8c7541c7ffaafba62195fce77382ae962f30d4a377d760040975a44aa73a4e687d06f96f0987b980f6f883534dfc71ace539eeeb08cff54e0e05d5e0563660a3664c67d0eb9cdf4eab93ab4bf1972a2acc5c5d43dc2f2b66d7493c390d042d896a1ad772f6d4c2cf38ba0"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r0, 0x4) sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000200)="fa82", 0x6802}], 0x1}, 0x20000000) 57.399203512s ago: executing program 3 (id=247): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000ebff1100000008000300", @ANYRES32=r1, @ANYBLOB="0a000600080211000001"], 0x34}, 0x1, 0x0, 0x0, 0x4045}, 0x0) 57.027097989s ago: executing program 3 (id=250): open(&(0x7f0000000000)='./bus\x00', 0x60942, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./bus\x00', &(0x7f0000000400), 0x1000007, &(0x7f0000000040)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}}) open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) 56.644392879s ago: executing program 3 (id=252): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10) 56.169972857s ago: executing program 3 (id=256): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan1\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x135}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}}, 0x0) 55.166123779s ago: executing program 33 (id=256): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan1\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x135}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}}, 0x0) 52.568686421s ago: executing program 34 (id=175): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000000004026093333400000000001090224"], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$hid(0x5, 0x2e, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xf002, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xfd, 0x5, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x413, 0x4, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200}}}}}]}}]}}, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f00000003c0)={0x18, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0) 34.080206074s ago: executing program 5 (id=419): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000180)='./file0/../file0\x00') fchdir(r0) open(&(0x7f00009e1000)='./file0\x00', 0x14200, 0x0) 33.970029958s ago: executing program 5 (id=420): r0 = gettid() prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x0) readv(r1, &(0x7f0000002940)=[{&(0x7f00000000c0)=""/121, 0x80}, {0x0}], 0x10000000000000fb) tkill(r0, 0x7) 33.693154265s ago: executing program 5 (id=424): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r2, 0x201, 0x2000000, 0x0, {{}, {}, {0x8, 0x11, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) 33.389685885s ago: executing program 5 (id=427): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x121) 33.153269108s ago: executing program 5 (id=431): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x48000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r2, 0x4068aea3, &(0x7f0000000000)={0xa3, 0x0, 0x0}) ioctl$KVM_SET_MSRS(r2, 0xc008aec1, &(0x7f00000001c0)=ANY=[]) 32.712096128s ago: executing program 5 (id=434): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xae, 0x48, 0x81, 0x20, 0x4f1, 0x1001, 0x1963, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xfa, 0x0, 0x0, 0x49, 0xab, 0x6b}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 32.290959132s ago: executing program 35 (id=434): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xae, 0x48, 0x81, 0x20, 0x4f1, 0x1001, 0x1963, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xfa, 0x0, 0x0, 0x49, 0xab, 0x6b}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 31.391404902s ago: executing program 6 (id=447): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @tick=0xb, {0x0, 0xb8}, {}, @control={0x9, 0x0, 0xa}}, {0x0, 0x0, 0x0, 0x0, @time={0x0, 0x3ff}, {0x6, 0x4}, {}, @connect={{0x6, 0x2}, {0x0, 0xc}}}], 0x38) 31.076007171s ago: executing program 6 (id=450): sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x80000, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$MON_IOCX_MFETCH(r0, 0xc00c9207, &(0x7f0000000040)={0x0, 0x0, 0x1}) 30.109845287s ago: executing program 6 (id=462): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10) sendmsg$xdp(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001300)="fe", 0x1}], 0x1}, 0x0) recvmmsg(r0, &(0x7f00000033c0)=[{{0x0, 0x0, 0x0}}], 0x1f8, 0x122, 0x0) 29.909320893s ago: executing program 6 (id=466): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) 29.844750549s ago: executing program 6 (id=467): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x38) read$snapshot(r1, 0x0, 0xffffffbf) read$snapshot(r1, 0x0, 0x0) 29.414530938s ago: executing program 6 (id=474): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x87) connect$inet6(r0, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000440), 0x1000a) sendfile(r0, r1, &(0x7f0000000000)=0x5, 0x20001) 29.154789635s ago: executing program 36 (id=474): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x87) connect$inet6(r0, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000440), 0x1000a) sendfile(r0, r1, &(0x7f0000000000)=0x5, 0x20001) 27.036824696s ago: executing program 4 (id=490): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$AUDIT_DEL_RULE(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001140)=ANY=[], 0x420}}, 0x2008004) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 26.776030547s ago: executing program 4 (id=491): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00'}, 0x10) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000280)={r2, @in={{0x2, 0x4e23, @empty}}, 0x6185, 0x401}, 0x90) 26.628412117s ago: executing program 4 (id=492): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000003c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000006c0)={0x0, 0x0, r2, r3, 0x5, 0x1, 0x80000001, 0x4, {0x4, 0x3, 0xfffb, 0xc39f, 0xa239, 0xab, 0x73b6, 0xea, 0x30, 0x4, 0x4, 0x8, 0x80000000, 0x0, "edf3b73de676294e90578c2051c49f221ac766fc00"}}) 26.471036523s ago: executing program 4 (id=493): r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) dup3(r0, r1, 0x0) setxattr$security_capability(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980), 0x0, 0x0, 0x0) 26.260760599s ago: executing program 4 (id=495): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0xfffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') pread64(r0, &(0x7f00000017c0)=""/4109, 0x100d, 0x0) 25.795917548s ago: executing program 4 (id=497): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x2200, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0x88000}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 25.469483954s ago: executing program 37 (id=497): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x2200, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0x88000}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 13.75943312s ago: executing program 7 (id=578): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x3}) syz_io_uring_setup(0x0, &(0x7f0000000280), &(0x7f0000c57000), 0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa08, &(0x7f0000000380)={{&(0x7f00007db000/0x2000)=nil, 0x2000}}) 12.749469222s ago: executing program 7 (id=584): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x809}, {0xa, 0x0, 0x0, @empty}, 0x2, {[0x0, 0x1, 0xfffffffe]}}, 0x5c) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000440)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x0, 0x0, @mcast1, 0x329}, 0x0, {[0x5a]}}, 0x5c) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c) 12.599611631s ago: executing program 7 (id=586): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r1 = dup(r0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r3 = dup(r2) sendfile(r3, r1, 0x0, 0x89ffc) 12.390455687s ago: executing program 7 (id=588): ioctl$SCSI_IOCTL_START_UNIT(0xffffffffffffffff, 0x5) r0 = socket$igmp(0x2, 0x3, 0x2) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000280)={'pimreg\x00', 0x5dcf70ef8daa5d0e}) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @local}, 0x10) 12.214474339s ago: executing program 7 (id=591): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2) mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa6d214, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000040)='./file0\x00', 0x0) 11.955501307s ago: executing program 7 (id=594): openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x2000000b}) 5.009176488s ago: executing program 9 (id=647): openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000340)='.\x00', 0xa50003d1) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r1, 0xffffffffffffffff, 0x0) 4.99315431s ago: executing program 8 (id=648): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) 3.916230306s ago: executing program 0 (id=654): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x1c, 0x13, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}]}, 0x1c}}, 0x0) 3.425084866s ago: executing program 0 (id=657): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000005240)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x14, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x39d}, {0x8, 0x0, 0xf4a5}]}]}, 0x30}}, 0x0) 3.088505792s ago: executing program 9 (id=659): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c) 3.034248291s ago: executing program 0 (id=660): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) syz_emit_ethernet(0x42, &(0x7f0000000300)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0xb0b002281c954d8c, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x0, 0xe1f2}]}}}}}}}, 0x0) 2.907918826s ago: executing program 8 (id=661): r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', 0x0}) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) 2.660445406s ago: executing program 8 (id=662): r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xfad6}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x202, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r3, 0x51, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2.316005082s ago: executing program 8 (id=664): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001000000090090"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000000)={0x9f, 0xf, 0x0, 0x9, "4ff16929eeefd5ad06861377209e6b8b41abc722cc4380ea68155bfc59e4ead2"}) 2.153150781s ago: executing program 1 (id=665): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) poll(&(0x7f0000000000)=[{r0}], 0x1, 0xef) close(r0) 1.861270837s ago: executing program 9 (id=666): sched_setscheduler(0x0, 0x5, &(0x7f0000000080)) ioprio_set$pid(0x1, 0x0, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 1.697128295s ago: executing program 1 (id=667): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x4}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x83, &(0x7f00000003c0)={r1, 0x100, 0x80, 0xfa1d, 0x5, 0xfffffffc}, &(0x7f0000000400)=0x14) 1.622730649s ago: executing program 8 (id=668): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x4}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008602"]) 1.560998346s ago: executing program 9 (id=669): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r1, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0x14, 0x7, 0x9}, 0x9c) writev(r0, &(0x7f0000004cc0)=[{&(0x7f0000004c80)="d993", 0x2}], 0x1) 1.322286506s ago: executing program 8 (id=670): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001000070100dd21200100005b91325b38", @ANYRES32=0x0, @ANYBLOB="000000000080000008001b00000000000500100005"], 0x30}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xfffffffffffffde1, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x905, 0x0, 0x0, {0x0, 0x0, 0x4c, 0x0, 0x20081, 0x300}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x6}]}, 0x30}, 0x1, 0xffffa888}, 0x0) 1.321445149s ago: executing program 0 (id=671): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f00000001c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x0, 0x0) syz_emit_ethernet(0x56, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa88a800008100"], 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) 984.85744ms ago: executing program 1 (id=672): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendto$packet(r0, &(0x7f00000001c0)="0b040700e0ff030002004788aa96a13bb10e000000004305400f088d73f696ee60c5cb5ce943a7e2f3fdb4ead4bd41ff1936957be4a012ae2270e41ca9a9", 0xfccb, 0x10, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x11, 0x6, @broadcast}, 0x14) 984.410769ms ago: executing program 9 (id=673): ioprio_set$uid(0x3, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) io_setup(0x8, &(0x7f0000000240)=0x0) r1 = eventfd2(0x1, 0x1) io_submit(r0, 0x1, &(0x7f0000000440)=[&(0x7f0000000140)={0x0, 0x0, 0x2000, 0x7, 0x4, r1, 0x0, 0x0, 0x3, 0x0, 0x5, r1}]) 908.021474ms ago: executing program 0 (id=674): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000040)={0x13, 0x0, 0xc}) 690.090342ms ago: executing program 1 (id=675): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x4}, 0x8) sendto$inet6(r0, &(0x7f0000001080)='\x00', 0x1, 0xc090, &(0x7f0000000100)={0xa, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="85", 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0x2, 0x1a1}, 0x87674a396ee1bb89) 644.207862ms ago: executing program 9 (id=676): unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000) socket$inet_sctp(0x2, 0x5, 0x84) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000480)={'nat\x00', 0x0, [0x4, 0x9, 0x6, 0x8, 0x8]}, &(0x7f0000000580)=0x54) 625.615836ms ago: executing program 0 (id=677): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) sendfile(r1, r0, &(0x7f00000000c0)=0x58, 0x5) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000000c0)={"6957608d766cfff5c3a665bd121a2d89", 0x0, 0x0, {0x4, 0x40000a}, {0x7, 0xc00000}, 0x5, [0x3, 0x3, 0x9, 0x6, 0x0, 0x400, 0xffffffffffff0001, 0x2, 0x8, 0x7, 0x80000000, 0x81, 0x10, 0x80000000, 0xfffffffffffffffb, 0x400000000000001]}) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 338.785048ms ago: executing program 1 (id=678): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config', 0x0, 0xa) getdents(r0, &(0x7f0000000300)=""/167, 0xa7) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x20) 0s ago: executing program 1 (id=679): write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0x700, 0x12) r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x200}, 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8) kernel console output (not intermixed with test programs): tory 'hsr0' with parent 'hsr' already present! [ 63.987421][ T5842] Cannot create hsr debugfs directory [ 64.014602][ T5845] team0: Port device team_slave_0 added [ 64.030618][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.040921][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.070013][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.081723][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.089186][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.115191][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.127764][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.134746][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.160937][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.171713][ T5835] Bluetooth: hci0: command tx timeout [ 64.184968][ T5845] team0: Port device team_slave_1 added [ 64.194712][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.201799][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.228765][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.228814][ T5835] Bluetooth: hci1: command tx timeout [ 64.307465][ T5835] Bluetooth: hci2: command tx timeout [ 64.316377][ T5835] Bluetooth: hci4: command tx timeout [ 64.322230][ T5835] Bluetooth: hci3: command tx timeout [ 64.331740][ T5843] hsr_slave_0: entered promiscuous mode [ 64.339112][ T5843] hsr_slave_1: entered promiscuous mode [ 64.345054][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.352783][ T5843] Cannot create hsr debugfs directory [ 64.360381][ T5844] hsr_slave_0: entered promiscuous mode [ 64.367359][ T5844] hsr_slave_1: entered promiscuous mode [ 64.373580][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.381341][ T5844] Cannot create hsr debugfs directory [ 64.400831][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.407865][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.434672][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.463907][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.471602][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.497969][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.632402][ T5845] hsr_slave_0: entered promiscuous mode [ 64.642183][ T5845] hsr_slave_1: entered promiscuous mode [ 64.648811][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.656740][ T5845] Cannot create hsr debugfs directory [ 64.822659][ T5841] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 64.847180][ T5841] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 64.872089][ T5841] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 64.882696][ T5841] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 64.930248][ T5842] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.955340][ T5842] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.978731][ T5842] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.994009][ T5842] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.012913][ T5844] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 65.022811][ T5844] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 65.032511][ T5844] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 65.043829][ T5844] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 65.099647][ T5843] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 65.119263][ T5843] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 65.149649][ T5843] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 65.163066][ T5843] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 65.225543][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 65.243207][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 65.261302][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 65.272244][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 65.334509][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.354203][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.389911][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.411738][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.442558][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.450403][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.471480][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.481366][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.488474][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.521121][ T2205] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.528287][ T2205] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.548175][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.555289][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.631237][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.669219][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.685591][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.692723][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.702200][ T68] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.709330][ T68] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.726388][ T5842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.772986][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.784043][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.807348][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.814427][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.841988][ T2910] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.849167][ T2910] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.870543][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.884985][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.905671][ T2910] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.912793][ T2910] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.930752][ T2910] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.937887][ T2910] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.959348][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.015436][ T5843] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.082360][ T5842] veth0_vlan: entered promiscuous mode [ 66.102728][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.124621][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.132947][ T5841] veth0_vlan: entered promiscuous mode [ 66.157142][ T5842] veth1_vlan: entered promiscuous mode [ 66.195676][ T5841] veth1_vlan: entered promiscuous mode [ 66.224008][ T5844] veth0_vlan: entered promiscuous mode [ 66.231193][ T5835] Bluetooth: hci0: command tx timeout [ 66.250382][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.290179][ T5842] veth0_macvtap: entered promiscuous mode [ 66.300493][ T5844] veth1_vlan: entered promiscuous mode [ 66.307392][ T5835] Bluetooth: hci1: command tx timeout [ 66.342940][ T5842] veth1_macvtap: entered promiscuous mode [ 66.350505][ T5843] veth0_vlan: entered promiscuous mode [ 66.360211][ T5841] veth0_macvtap: entered promiscuous mode [ 66.370505][ T5841] veth1_macvtap: entered promiscuous mode [ 66.388336][ T5835] Bluetooth: hci4: command tx timeout [ 66.393798][ T5835] Bluetooth: hci3: command tx timeout [ 66.399819][ T5830] Bluetooth: hci2: command tx timeout [ 66.406558][ T5843] veth1_vlan: entered promiscuous mode [ 66.428813][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.442792][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.454615][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.467259][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.493246][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.507328][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.518146][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.530350][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.541052][ T5842] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.550326][ T5842] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.559310][ T5842] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.568344][ T5842] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.578889][ T5844] veth0_macvtap: entered promiscuous mode [ 66.609029][ T5841] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.619207][ T5841] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.628866][ T5841] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.637786][ T5841] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.653491][ T5845] veth0_vlan: entered promiscuous mode [ 66.673288][ T5844] veth1_macvtap: entered promiscuous mode [ 66.695282][ T5845] veth1_vlan: entered promiscuous mode [ 66.738123][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.749511][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.759988][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.772964][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.784349][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.799325][ T5843] veth0_macvtap: entered promiscuous mode [ 66.841088][ T5845] veth0_macvtap: entered promiscuous mode [ 66.848362][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.859129][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.871820][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.882527][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.893382][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.908205][ T5843] veth1_macvtap: entered promiscuous mode [ 66.939013][ T2205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.949035][ T5845] veth1_macvtap: entered promiscuous mode [ 66.958552][ T2205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.971551][ T5844] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.980683][ T5844] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.989570][ T5844] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.998505][ T5844] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.029551][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.040317][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.050661][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.061209][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.071164][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.081816][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.093126][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.113371][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.124037][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.138553][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.149375][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.160205][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.170667][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.180874][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.193163][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.204571][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.213030][ T2999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.225780][ T2999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.227582][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.245686][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.255930][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.268527][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.278473][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.289024][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.300045][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.313681][ T2205] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.320257][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.326093][ T2205] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.340013][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.350685][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.361559][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.371515][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.382332][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.392253][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.404455][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.415134][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.434649][ T5845] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.443585][ T5845] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.452489][ T5845] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.465202][ T5845] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.493956][ T5843] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.503558][ T5843] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.513630][ T5843] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.522383][ T5843] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.545163][ T2205] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.551703][ T5842] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 67.554281][ T2205] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.703265][ T2205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.712134][ T2205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.815004][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.842058][ T5887] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 67.848430][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.011293][ T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.019970][ T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.128980][ T2999] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.137215][ T2999] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.199023][ T2999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.221411][ T2999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.285527][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.318590][ T5835] Bluetooth: hci0: command tx timeout [ 68.350625][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.386841][ T5835] Bluetooth: hci1: command tx timeout [ 68.468031][ T5835] Bluetooth: hci3: command tx timeout [ 68.469120][ T5839] Bluetooth: hci2: command tx timeout [ 68.473510][ T5835] Bluetooth: hci4: command tx timeout [ 68.587046][ T5905] tipc: Started in network mode [ 68.608314][ T5905] tipc: Node identity -aaaaaaa, cluster identity 4711 [ 68.855532][ T5918] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 69.616956][ T5951] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 70.386525][ T5835] Bluetooth: hci0: command tx timeout [ 70.466589][ T5835] Bluetooth: hci1: command tx timeout [ 70.546209][ T5835] Bluetooth: hci2: command tx timeout [ 70.546881][ T5839] Bluetooth: hci3: command tx timeout [ 70.556730][ T5835] Bluetooth: hci4: command tx timeout [ 70.714727][ T29] audit: type=1326 audit(1734362086.525:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.0.45" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 70.766528][ T29] audit: type=1326 audit(1734362086.525:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.0.45" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 70.788136][ C1] vkms_vblank_simulate: vblank timer overrun [ 70.835845][ T29] audit: type=1326 audit(1734362086.545:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.4.46" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34579 code=0x7ffc0000 [ 70.857477][ C1] vkms_vblank_simulate: vblank timer overrun [ 70.869574][ T5996] netlink: 4 bytes leftover after parsing attributes in process `syz.3.47'. [ 70.887491][ T47] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 70.911146][ T29] audit: type=1326 audit(1734362086.545:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.4.46" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34579 code=0x7ffc0000 [ 70.954473][ T29] audit: type=1326 audit(1734362086.545:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.4.46" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34579 code=0x7ffc0000 [ 70.977612][ C1] vkms_vblank_simulate: vblank timer overrun [ 71.006115][ T29] audit: type=1326 audit(1734362086.555:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.4.46" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f34579 code=0x7ffc0000 [ 71.027887][ T29] audit: type=1326 audit(1734362086.555:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.4.46" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f345a7 code=0x7ffc0000 [ 71.050007][ T29] audit: type=1326 audit(1734362086.555:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.4.46" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34579 code=0x7ffc0000 [ 71.071641][ C1] vkms_vblank_simulate: vblank timer overrun [ 71.078209][ T29] audit: type=1326 audit(1734362086.565:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.0.45" exe="/root/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 71.100491][ T29] audit: type=1326 audit(1734362086.565:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5989 comm="syz.0.45" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 71.122119][ C1] vkms_vblank_simulate: vblank timer overrun [ 71.158862][ T47] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 71.169004][ T47] usb 3-1: config 1 has no interface number 0 [ 71.177075][ T47] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.189200][ T47] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 71.202085][ T47] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 38188, setting to 1024 [ 71.214154][ T47] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024 [ 71.249403][ T47] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a6, bcdDevice= 0.40 [ 71.259259][ T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.268154][ T47] usb 3-1: Product: syz [ 71.273007][ T47] usb 3-1: Manufacturer: syz [ 71.282197][ T47] usb 3-1: SerialNumber: syz [ 71.296084][ T5878] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 71.446181][ T5878] usb 1-1: Using ep0 maxpacket: 32 [ 71.517789][ T5878] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 71.527101][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.527408][ T5988] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 71.535129][ T5878] usb 1-1: Product: syz [ 71.546841][ T5878] usb 1-1: Manufacturer: syz [ 71.551489][ T5878] usb 1-1: SerialNumber: syz [ 71.567328][ T5878] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 71.671461][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.678489][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.795337][ T5878] gspca_stk1135: reg_w 0x2 err -71 [ 71.803781][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 71.812240][ T5878] gspca_stk1135: Sensor write failed [ 71.836232][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 71.862974][ T5878] gspca_stk1135: Sensor write failed [ 71.882685][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 71.895417][ T5878] gspca_stk1135: Sensor read failed [ 71.915657][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 71.932939][ T5878] gspca_stk1135: Sensor read failed [ 71.938746][ T5878] gspca_stk1135: Detected sensor type unknown (0x0) [ 71.958682][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 71.982830][ T5878] gspca_stk1135: Sensor read failed [ 71.992495][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 72.021592][ T5878] gspca_stk1135: Sensor read failed [ 72.031264][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 72.039041][ T5878] gspca_stk1135: Sensor write failed [ 72.044424][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 72.051450][ T5878] gspca_stk1135: Sensor write failed [ 72.057359][ T5878] stk1135 1-1:64.0: probe with driver stk1135 failed with error -71 [ 72.073023][ T5878] usb 1-1: USB disconnect, device number 2 [ 72.299066][ T5988] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 72.318660][ T47] cdc_ncm 3-1:1.1: bind() failure [ 72.590780][ T47] usb 3-1: USB disconnect, device number 2 [ 72.690163][ T6030] syz.0.61 uses obsolete (PF_INET,SOCK_PACKET) [ 73.496051][ T5882] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 73.658137][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.686039][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.695827][ T5882] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 73.713787][ T5882] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 73.746555][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.768985][ T5882] usb 2-1: config 0 descriptor?? [ 73.806169][ T47] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 73.986367][ T47] usb 4-1: Using ep0 maxpacket: 16 [ 74.002476][ T47] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 74.019891][ T47] usb 4-1: config 0 has no interface number 0 [ 74.026211][ T47] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11 [ 74.039004][ T47] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024 [ 74.055560][ T47] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 74.065570][ T47] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 74.074304][ T47] usb 4-1: Product: syz [ 74.078662][ T47] usb 4-1: SerialNumber: syz [ 74.089671][ T47] usb 4-1: config 0 descriptor?? [ 74.095494][ T6076] netlink: 8 bytes leftover after parsing attributes in process `syz.4.75'. [ 74.105223][ T25] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 74.119242][ T47] cm109 4-1:0.8: invalid payload size 1024, expected 4 [ 74.139491][ T47] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input5 [ 74.225847][ T5882] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x2 [ 74.253002][ T5882] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 74.266519][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 74.272454][ T5882] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 74.278399][ T25] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 74.293483][ T5882] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 74.310121][ T25] usb 1-1: config 179 has no interface number 0 [ 74.313761][ T5882] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 74.344574][ T25] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 74.355116][ T5882] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 74.375112][ T25] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 74.398043][ T5882] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 74.419321][ T25] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 74.433175][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 74.435261][ T8] usb 4-1: USB disconnect, device number 2 [ 74.440363][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 74.467596][ T25] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 74.480926][ T25] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 74.485028][ T5882] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 74.495074][ T25] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 74.518519][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.551250][ T8] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 74.557034][ T6071] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 74.587938][ T5882] usb 2-1: USB disconnect, device number 2 [ 74.930312][ T5878] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input6 [ 74.969596][ T6090] netlink: 4 bytes leftover after parsing attributes in process `syz.4.80'. [ 75.020363][ T6090] netlink: 4 bytes leftover after parsing attributes in process `syz.4.80'. [ 75.143559][ T6071] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 75.196531][ T6071] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.333254][ T6097] loop2: detected capacity change from 0 to 7 [ 75.349961][ T6097] Dev loop2: unable to read RDB block 7 [ 75.356132][ T6097] loop2: unable to read partition table [ 75.362108][ T6097] loop2: partition table beyond EOD, truncated [ 75.382014][ T6097] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 75.500119][ T5878] usb 1-1: USB disconnect, device number 3 [ 75.508926][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 75.508976][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 75.538715][ T5878] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 76.326261][ T6132] input: syz0 as /devices/virtual/input/input7 [ 76.793886][ T5878] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 76.956111][ T5878] usb 4-1: Using ep0 maxpacket: 32 [ 76.985346][ T5878] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 77.036119][ T5878] usb 4-1: New USB device strings: Mfr=23, Product=2, SerialNumber=3 [ 77.044260][ T5878] usb 4-1: Product: syz [ 77.060465][ T5878] usb 4-1: Manufacturer: syz [ 77.065120][ T5878] usb 4-1: SerialNumber: syz [ 77.133574][ T5878] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 77.687261][ T5878] gspca_stk1135: reg_w 0x2 err -110 [ 77.704231][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 77.786497][ T5878] gspca_stk1135: Sensor write failed [ 77.791857][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 77.798494][ T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 77.829518][ T5878] gspca_stk1135: Sensor write failed [ 77.830981][ T6167] mmap: syz.2.110 (6167) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 77.843738][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 77.854295][ T5878] gspca_stk1135: Sensor read failed [ 77.914479][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 77.953452][ T5878] gspca_stk1135: Sensor read failed [ 77.970928][ T5878] gspca_stk1135: Detected sensor type unknown (0x0) [ 77.977899][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 77.993496][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 78.017626][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 78.032483][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 78.076547][ T5878] gspca_stk1135: Sensor read failed [ 78.081850][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 78.092000][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 78.098458][ T5878] gspca_stk1135: Sensor read failed [ 78.103688][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 78.110337][ T25] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 78.123641][ T5878] gspca_stk1135: Sensor write failed [ 78.129046][ T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 78.138190][ T5878] gspca_stk1135: serial bus timeout: status=0x00 [ 78.144544][ T5878] gspca_stk1135: Sensor write failed [ 78.150171][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.158549][ T5878] stk1135 4-1:64.0: probe with driver stk1135 failed with error -110 [ 78.216222][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 78.308913][ T6172] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 48 [ 78.403111][ T25] usb 2-1: GET_CAPABILITIES returned 0 [ 78.409468][ T25] usbtmc 2-1:16.0: can't read capabilities [ 78.496297][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.646878][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.777972][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.798274][ T25] usb 2-1: USB disconnect, device number 3 [ 78.885284][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.888407][ T2999] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.905894][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.913125][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 78.944528][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.983252][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.993637][ T5839] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 79.004866][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.068064][ T2999] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.108323][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 79.118148][ T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 79.131904][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 79.167307][ T2999] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.183689][ T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 79.221984][ T2999] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.259307][ T8] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 79.286116][ T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 79.314012][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.367269][ T8] usb 5-1: config 0 descriptor?? [ 79.379074][ T6181] chnl_net:caif_netlink_parms(): no params data found [ 79.459019][ T25] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 79.490994][ T25] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 79.505896][ T25] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 79.523104][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 79.531997][ T25] usb 3-1: SerialNumber: syz [ 79.604887][ T5923] usb 4-1: USB disconnect, device number 3 [ 79.618961][ T8] hdpvr 5-1:0.0: firmware version 0x8 dated ¥)†íËŸâè=ÛJå¦+nÍoKÜo5Éüf¦oŠÉ °ÐôçO¬übL [ 79.836193][ T25] usb 3-1: 0:2 : does not exist [ 79.988637][ T6181] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.995875][ T6181] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.013958][ T6181] bridge_slave_0: entered allmulticast mode [ 80.022119][ T6181] bridge_slave_0: entered promiscuous mode [ 80.030514][ T6181] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.049388][ T6181] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.071446][ T6181] bridge_slave_1: entered allmulticast mode [ 80.092245][ T6181] bridge_slave_1: entered promiscuous mode [ 80.111518][ T8] hdpvr 5-1:0.0: Could not setup controls [ 80.155844][ T2999] bridge_slave_1: left allmulticast mode [ 80.176528][ T8] hdpvr 5-1:0.0: registering videodev failed [ 80.187634][ T2999] bridge_slave_1: left promiscuous mode [ 80.215156][ T2999] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.241873][ T8] hdpvr 5-1:0.0: probe with driver hdpvr failed with error -71 [ 80.276401][ T8] usb 5-1: USB disconnect, device number 2 [ 80.319710][ T5879] usb 3-1: USB disconnect, device number 3 [ 80.344959][ T2999] bridge_slave_0: left allmulticast mode [ 80.360003][ T2999] bridge_slave_0: left promiscuous mode [ 80.390764][ T2999] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.485186][ T6216] netlink: 8 bytes leftover after parsing attributes in process `syz.3.125'. [ 81.106283][ T5839] Bluetooth: hci1: command tx timeout [ 81.257321][ T2999] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 81.319386][ T2999] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 81.343294][ T2999] bond0 (unregistering): Released all slaves [ 81.514129][ T6181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.540020][ T6181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.574333][ T2999] tipc: Left network mode [ 81.882102][ T6181] team0: Port device team_slave_0 added [ 81.925999][ T6181] team0: Port device team_slave_1 added [ 81.928974][ T874] cfg80211: failed to load regulatory.db [ 81.961867][ T6242] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.117759][ T6181] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.145305][ T6181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.276077][ T6181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.443241][ T6262] GUP no longer grows the stack in syz.3.142 (6262): 20003000-20006000 (20001000) [ 82.482581][ T6262] CPU: 0 UID: 0 PID: 6262 Comm: syz.3.142 Not tainted 6.13.0-rc3-syzkaller #0 [ 82.491476][ T6181] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.498402][ T6262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 82.498482][ T6262] Call Trace: [ 82.498491][ T6262] [ 82.498502][ T6262] dump_stack_lvl+0x241/0x360 [ 82.519498][ T6262] ? __pfx_dump_stack_lvl+0x10/0x10 [ 82.522724][ T6181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.524715][ T6262] ? __pfx__printk+0x10/0x10 [ 82.555201][ T6262] ? find_vma+0xf9/0x170 [ 82.559485][ T6262] ? vma_is_secretmem+0xd/0x50 [ 82.564283][ T6262] ? check_vma_flags+0x52b/0x5a0 [ 82.569256][ T6262] __get_user_pages+0x4385/0x49e0 [ 82.574327][ T6262] ? mark_lock+0x9a/0x360 [ 82.574729][ T6181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.578699][ T6262] ? __pfx___get_user_pages+0x10/0x10 [ 82.578752][ T6262] __gup_longterm_locked+0x49a/0x17f0 [ 82.578775][ T6262] ? __pfx___might_resched+0x10/0x10 [ 82.578805][ T6262] ? __pfx___gup_longterm_locked+0x10/0x10 [ 82.578824][ T6262] ? down_read+0x82b/0xa40 [ 82.615587][ T6262] ? is_valid_gup_args+0x124/0x200 [ 82.620728][ T6262] pin_user_pages+0x137/0x1f0 [ 82.625436][ T6262] ? __pfx_pin_user_pages+0x10/0x10 [ 82.630669][ T6262] ? trace_kmalloc+0x1f/0xd0 [ 82.635314][ T6262] xdp_umem_create+0x978/0xf30 [ 82.640131][ T6262] xsk_setsockopt+0x732/0x950 [ 82.644849][ T6262] ? __pfx_xsk_setsockopt+0x10/0x10 [ 82.650095][ T6262] ? __pfx_lock_acquire+0x10/0x10 [ 82.655150][ T6262] ? aa_sock_opt_perm+0x79/0x120 [ 82.660118][ T6262] ? __pfx_xsk_setsockopt+0x10/0x10 [ 82.665343][ T6262] do_sock_setsockopt+0x3af/0x720 [ 82.670414][ T6262] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 82.675992][ T6262] ? __fget_files+0x2a/0x410 [ 82.680623][ T6262] ? __fget_files+0x395/0x410 [ 82.685346][ T6262] ? __fget_files+0x2a/0x410 [ 82.689987][ T6262] __ia32_sys_setsockopt+0x1f2/0x280 [ 82.695317][ T6262] __do_fast_syscall_32+0xb4/0x110 [ 82.700467][ T6262] ? exc_page_fault+0x590/0x8b0 [ 82.705359][ T6262] do_fast_syscall_32+0x34/0x80 [ 82.710252][ T6262] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 82.716628][ T6262] RIP: 0023:0xf70fd579 [ 82.720732][ T6262] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 82.740370][ T6262] RSP: 002b:00000000f50ef55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e [ 82.748830][ T6262] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 82.756846][ T6262] RDX: 0000000000000004 RSI: 00000000200000c0 RDI: 000000000000001c [ 82.764865][ T6262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.772891][ T6262] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 82.780905][ T6262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.788932][ T6262] [ 82.923827][ T2999] hsr_slave_0: left promiscuous mode [ 82.944516][ T2999] hsr_slave_1: left promiscuous mode [ 82.951341][ T2999] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.959336][ T2999] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.979959][ T2999] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.008226][ T2999] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.038860][ T2999] veth1_macvtap: left promiscuous mode [ 83.044858][ T2999] veth0_macvtap: left promiscuous mode [ 83.066262][ T2999] veth1_vlan: left promiscuous mode [ 83.081309][ T2999] veth0_vlan: left promiscuous mode [ 83.181775][ T25] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 83.190138][ T5839] Bluetooth: hci1: command tx timeout [ 83.346247][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 83.353559][ T25] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 83.371649][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 83.392019][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 83.402774][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 83.429452][ T25] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 83.458708][ T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 83.494725][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.656198][ T47] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 83.803802][ T25] usb 2-1: usb_control_msg returned -32 [ 83.813790][ T25] usbtmc 2-1:16.0: can't read capabilities [ 83.820270][ T47] usb 5-1: Using ep0 maxpacket: 32 [ 83.836118][ T47] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 83.851774][ T47] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 83.862080][ T47] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 83.870587][ T47] usb 5-1: Product: syz [ 83.875013][ T47] usb 5-1: Manufacturer: syz [ 83.879905][ T47] usb 5-1: SerialNumber: syz [ 83.890108][ T47] usb 5-1: config 0 descriptor?? [ 83.897862][ T6289] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 84.009308][ T2999] team0 (unregistering): Port device team_slave_1 removed [ 84.049540][ T2999] team0 (unregistering): Port device team_slave_0 removed [ 84.164827][ T6289] usbtmc 2-1:16.0: send_request_dev_dep_msg_in returned -90 [ 84.192944][ T6289] usbtmc 2-1:16.0: send_request_dev_dep_msg_in returned -90 [ 84.210536][ T47] usb 5-1: USB disconnect, device number 3 [ 84.253762][ T6308] usbtmc 2-1:16.0: usb_control_msg returned -32 [ 84.262811][ T5923] usb 2-1: USB disconnect, device number 4 [ 84.582185][ T6181] hsr_slave_0: entered promiscuous mode [ 84.598912][ T6181] hsr_slave_1: entered promiscuous mode [ 84.605627][ T6181] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 84.624243][ T6181] Cannot create hsr debugfs directory [ 85.014647][ T6181] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 85.103657][ T6181] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 85.136213][ T6181] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 85.178585][ T6181] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 85.266159][ T5839] Bluetooth: hci1: command tx timeout [ 85.335694][ T6335] netlink: 16 bytes leftover after parsing attributes in process `syz.2.166'. [ 85.456846][ T6181] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.489220][ T6181] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.525131][ T6181] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 85.538508][ T6181] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 85.566689][ T6181] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.651066][ T2910] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.658270][ T2910] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.678899][ T2910] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.686087][ T2910] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.726159][ T25] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 85.757787][ T6181] veth0_vlan: entered promiscuous mode [ 85.800359][ T6181] veth1_vlan: entered promiscuous mode [ 85.922994][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 85.948504][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 85.989896][ T6181] veth0_macvtap: entered promiscuous mode [ 85.996070][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 86.019022][ T6181] veth1_macvtap: entered promiscuous mode [ 86.049175][ T25] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 86.088122][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.099247][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.119150][ T25] usb 4-1: config 0 descriptor?? [ 86.133299][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.162015][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.186323][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.206174][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.236047][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.256003][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.286236][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.308037][ T6181] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.344494][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.386493][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.416342][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.433926][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.443987][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.455161][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.465479][ T6181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.490042][ T6181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.509980][ T6181] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.530027][ T6181] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.544619][ T25] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 86.553251][ T6181] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.564011][ T25] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 86.572619][ T6181] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.583736][ T6181] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.596614][ T25] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 86.832603][ T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.843934][ T974] usb 4-1: USB disconnect, device number 4 [ 86.850229][ T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.900423][ T2910] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.913028][ T2910] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.218481][ T6384] ALSA: mixer_oss: invalid OSS volume '' [ 87.314393][ T6387] netlink: 44 bytes leftover after parsing attributes in process `syz.4.179'. [ 87.330031][ T6387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.179'. [ 87.339022][ T6387] netlink: 24 bytes leftover after parsing attributes in process `syz.4.179'. [ 87.348969][ T5839] Bluetooth: hci1: command tx timeout [ 88.533108][ T6434] netlink: 16 bytes leftover after parsing attributes in process `syz.5.194'. [ 89.512893][ T6473] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.206'. [ 89.536446][ T5882] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 89.619898][ T6475] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 89.649510][ T6475] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 89.704822][ T6475] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 89.717744][ T5882] usb 6-1: Using ep0 maxpacket: 32 [ 89.724884][ T5882] usb 6-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 89.738242][ T6475] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 89.744937][ T5882] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.763693][ T5882] usb 6-1: config 0 descriptor?? [ 89.780158][ T6475] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 89.782241][ T5882] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 89.836771][ T6475] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 90.004603][ T6475] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 90.011688][ T6475] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 90.129375][ T6475] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 90.156591][ T6475] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 90.285636][ T6499] netlink: 243 bytes leftover after parsing attributes in process `syz.3.212'. [ 90.304553][ T6475] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 90.460842][ T6499] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 90.692225][ T6475] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 90.727495][ T6475] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 90.784205][ T6475] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 90.811746][ T6501] Zero length message leads to an empty skb [ 90.827788][ T5882] gspca_nw80x: reg_r err -71 [ 90.835538][ T5882] nw80x 6-1:0.0: probe with driver nw80x failed with error -71 [ 90.869044][ T6475] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 90.921324][ T5882] usb 6-1: USB disconnect, device number 2 [ 91.666353][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout [ 91.755580][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 91.997741][ T6521] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.076578][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 92.238772][ T5839] Bluetooth: hci4: command 0x0c1a tx timeout [ 92.717362][ T6541] @: renamed from vlan0 (while UP) [ 92.787856][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 92.796570][ T6544] netlink: 4 bytes leftover after parsing attributes in process `syz.5.226'. [ 92.883649][ T6544] netlink: 173 bytes leftover after parsing attributes in process `syz.5.226'. [ 93.746150][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout [ 93.831035][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 94.037965][ T5882] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 94.146354][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 94.236050][ T5882] usb 2-1: Using ep0 maxpacket: 8 [ 94.274335][ T5882] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 94.304623][ T5882] usb 2-1: config 179 has no interface number 0 [ 94.313290][ T5839] Bluetooth: hci4: command 0x0c1a tx timeout [ 94.356090][ T874] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 94.365837][ T5882] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 94.431489][ T5882] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 94.530691][ T5882] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 94.566082][ T874] usb 4-1: Using ep0 maxpacket: 16 [ 94.592297][ T874] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 94.613262][ T5882] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 94.630066][ T874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.680514][ T874] usb 4-1: Product: syz [ 94.684754][ T874] usb 4-1: Manufacturer: syz [ 94.695887][ T6583] process 'syz.5.240' launched '/dev/fd/3' with NULL argv: empty string added [ 94.707865][ T5882] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 94.747043][ T874] usb 4-1: SerialNumber: syz [ 94.779581][ T874] usb 4-1: config 0 descriptor?? [ 94.798275][ T5882] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 94.837804][ T874] ums-onetouch 4-1:0.0: USB Mass Storage device detected [ 94.877340][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 94.886838][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.967096][ T6565] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 95.161503][ T874] usb 4-1: USB disconnect, device number 5 [ 95.616240][ T874] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input8 [ 95.818043][ T6597] netlink: 116 bytes leftover after parsing attributes in process `syz.4.243'. [ 95.829969][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout [ 95.890665][ T5923] usb 2-1: USB disconnect, device number 5 [ 95.896625][ C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 95.896678][ C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 95.924458][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 95.960860][ T6597] netlink: 116 bytes leftover after parsing attributes in process `syz.4.243'. [ 96.102614][ T5923] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 96.226263][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 96.386256][ T5839] Bluetooth: hci4: command 0x0c1a tx timeout [ 96.558494][ T6607] netlink: 12 bytes leftover after parsing attributes in process `syz.3.247'. [ 96.946460][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 97.446488][ T6619] IPv6: Can't replace route, no match found [ 97.835352][ T29] kauditd_printk_skb: 182 callbacks suppressed [ 97.835370][ T29] audit: type=1326 audit(1734362113.645:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 98.007057][ T2205] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.022060][ T29] audit: type=1326 audit(1734362113.645:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 98.043887][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.236398][ T29] audit: type=1326 audit(1734362113.705:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 98.258232][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.389173][ T29] audit: type=1326 audit(1734362113.705:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 98.411068][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.489225][ T2205] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.579270][ T29] audit: type=1326 audit(1734362113.715:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 98.731492][ T29] audit: type=1326 audit(1734362113.715:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 98.807691][ T2205] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.903027][ T29] audit: type=1326 audit(1734362113.715:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 99.061585][ T29] audit: type=1326 audit(1734362113.715:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 99.109973][ T2205] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.141276][ T5923] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 99.220353][ T29] audit: type=1326 audit(1734362113.875:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 99.363887][ T5923] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 99.372455][ T5923] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 99.407781][ T29] audit: type=1326 audit(1734362113.875:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 99.470867][ T5923] usb 5-1: config 0 has no interface number 0 [ 99.518301][ T5923] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 99.599246][ T5923] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 10 [ 99.672032][ T2205] bridge_slave_1: left promiscuous mode [ 99.726818][ T5923] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 99.737413][ T2205] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.784416][ T2205] bridge_slave_0: left allmulticast mode [ 99.809522][ T5923] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 99.859899][ T2205] bridge_slave_0: left promiscuous mode [ 99.890170][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.929458][ T2205] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.007257][ T5923] usb 5-1: config 0 descriptor?? [ 100.034267][ T5923] ldusb 5-1:0.55: Interrupt in endpoint not found [ 100.426547][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 100.442639][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 100.456322][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 100.464371][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 100.475015][ T5835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 100.483460][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 100.566348][ T5923] usb 5-1: USB disconnect, device number 4 [ 101.586170][ T5923] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 101.836699][ T5923] usb 6-1: Using ep0 maxpacket: 16 [ 101.845460][ T5923] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 101.867085][ T5923] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 101.898755][ T5923] usb 6-1: Product: syz [ 101.902985][ T5923] usb 6-1: Manufacturer: syz [ 101.923340][ T5923] usb 6-1: SerialNumber: syz [ 101.946649][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 101.956426][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 101.964804][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 101.972752][ T5923] usb 6-1: config 0 descriptor?? [ 101.988454][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 102.025598][ T5835] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 102.040461][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 102.247014][ T5879] usb 6-1: USB disconnect, device number 3 [ 102.268481][ T2205] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.302159][ T2205] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 102.316925][ T2205] bond0 (unregistering): Released all slaves [ 102.556188][ T5835] Bluetooth: hci3: command tx timeout [ 102.887444][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 102.887461][ T29] audit: type=1326 audit(1734362118.695:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 102.941316][ T29] audit: type=1326 audit(1734362118.695:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 102.964494][ T29] audit: type=1326 audit(1734362118.755:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 102.987115][ T29] audit: type=1326 audit(1734362118.755:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 103.009155][ T29] audit: type=1326 audit(1734362118.755:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 103.034420][ T2205] hsr_slave_0: left promiscuous mode [ 103.035794][ T29] audit: type=1326 audit(1734362118.755:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 103.064442][ T29] audit: type=1326 audit(1734362118.755:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 103.102646][ T2205] hsr_slave_1: left promiscuous mode [ 103.146094][ T29] audit: type=1326 audit(1734362118.755:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 103.168184][ T2205] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.175630][ T2205] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.184916][ T29] audit: type=1326 audit(1734362118.765:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 103.185571][ T2205] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.215746][ T29] audit: type=1326 audit(1734362118.765:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.5.278" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000 [ 103.237871][ T2205] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.262630][ T2205] veth1_macvtap: left promiscuous mode [ 103.286276][ T2205] veth0_macvtap: left promiscuous mode [ 103.291931][ T2205] veth1_vlan: left promiscuous mode [ 103.320853][ T2205] veth0_vlan: left promiscuous mode [ 103.968922][ T6733] netlink: 12 bytes leftover after parsing attributes in process `syz.4.284'. [ 104.076057][ T5835] Bluetooth: hci4: command tx timeout [ 104.316819][ T2205] team0 (unregistering): Port device team_slave_1 removed [ 104.372724][ T2205] team0 (unregistering): Port device team_slave_0 removed [ 104.631690][ T5835] Bluetooth: hci3: command tx timeout [ 104.781485][ T5874] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 104.846143][ T5879] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 104.894237][ T6692] chnl_net:caif_netlink_parms(): no params data found [ 104.949353][ T5874] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 104.963198][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.982820][ T5874] usb 6-1: Product: syz [ 104.993010][ T5874] usb 6-1: Manufacturer: syz [ 105.003183][ T5874] usb 6-1: SerialNumber: syz [ 105.006170][ T5879] usb 2-1: Using ep0 maxpacket: 32 [ 105.012748][ T5874] usb 6-1: config 0 descriptor?? [ 105.044001][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.064282][ T6656] chnl_net:caif_netlink_parms(): no params data found [ 105.088729][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.147546][ T5879] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 105.166324][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.236868][ T5879] usb 2-1: config 0 descriptor?? [ 105.264363][ T5879] hub 2-1:0.0: USB hub found [ 105.286851][ T47] usb 6-1: USB disconnect, device number 4 [ 105.402104][ T6692] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.417546][ T6692] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.429433][ T6692] bridge_slave_0: entered allmulticast mode [ 105.457702][ T6692] bridge_slave_0: entered promiscuous mode [ 105.477507][ T5879] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 105.509124][ T6692] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.546285][ T6692] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.575077][ T6692] bridge_slave_1: entered allmulticast mode [ 105.590103][ T6692] bridge_slave_1: entered promiscuous mode [ 105.690065][ T5879] usbhid 2-1:0.0: can't add hid device: -71 [ 105.701878][ T5879] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 105.713990][ T6656] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.723868][ T6656] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.736248][ T6656] bridge_slave_0: entered allmulticast mode [ 105.744581][ T5879] usb 2-1: USB disconnect, device number 6 [ 105.760648][ T6656] bridge_slave_0: entered promiscuous mode [ 105.796557][ T6656] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.806832][ T6656] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.824393][ T6656] bridge_slave_1: entered allmulticast mode [ 105.841886][ T6656] bridge_slave_1: entered promiscuous mode [ 105.867659][ T6692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.924167][ T6656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.938817][ T6692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.959656][ T6656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.020852][ T6692] team0: Port device team_slave_0 added [ 106.064324][ T6656] team0: Port device team_slave_0 added [ 106.082804][ T6692] team0: Port device team_slave_1 added [ 106.113327][ T6656] team0: Port device team_slave_1 added [ 106.146216][ T5835] Bluetooth: hci4: command tx timeout [ 106.161092][ T6692] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.168937][ T6692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.232233][ T6692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.298729][ T2205] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.356817][ T6692] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.364402][ T6692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.391034][ T6692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.408659][ T6656] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.419703][ T6656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.450909][ T6656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.707776][ T5835] Bluetooth: hci3: command tx timeout [ 106.719153][ T2205] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.818657][ T6656] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.825655][ T6656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.885039][ T6656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.910299][ T6692] hsr_slave_0: entered promiscuous mode [ 106.923584][ T6692] hsr_slave_1: entered promiscuous mode [ 106.932722][ T6692] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.947424][ T6692] Cannot create hsr debugfs directory [ 107.024875][ T2205] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.283381][ T6656] hsr_slave_0: entered promiscuous mode [ 107.296849][ T6656] hsr_slave_1: entered promiscuous mode [ 107.313393][ T6656] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 107.313473][ T6656] Cannot create hsr debugfs directory [ 107.354499][ T2205] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.895874][ T2205] bridge_slave_1: left allmulticast mode [ 107.896462][ T2205] bridge_slave_1: left promiscuous mode [ 107.896602][ T2205] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.918489][ T2205] bridge_slave_0: left allmulticast mode [ 107.918517][ T2205] bridge_slave_0: left promiscuous mode [ 107.918676][ T2205] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.226234][ T5835] Bluetooth: hci4: command tx timeout [ 108.260711][ T974] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 108.429278][ T974] usb 6-1: Using ep0 maxpacket: 8 [ 108.430943][ T974] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 108.430984][ T974] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 108.431007][ T974] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 108.431030][ T974] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 108.431054][ T974] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 108.431089][ T974] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 108.431112][ T974] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.655904][ T974] usb 6-1: usb_control_msg returned -32 [ 108.672421][ T2205] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 108.674761][ T974] usbtmc 6-1:16.0: can't read capabilities [ 108.704375][ T2205] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 108.726681][ T2205] bond0 (unregistering): Released all slaves [ 108.786872][ T5835] Bluetooth: hci3: command tx timeout [ 109.093860][ T6849] usbtmc 6-1:16.0: usb_control_msg returned -32 [ 109.102755][ T5879] usb 6-1: USB disconnect, device number 5 [ 109.159387][ T6656] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 109.189477][ T2205] hsr_slave_0: left promiscuous mode [ 109.200250][ T2205] hsr_slave_1: left promiscuous mode [ 109.209848][ T2205] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 109.230675][ T2205] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.253004][ T2205] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.276087][ T2205] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 109.334570][ T2205] veth1_macvtap: left promiscuous mode [ 109.344274][ T2205] veth0_macvtap: left promiscuous mode [ 109.364586][ T2205] veth1_vlan: left promiscuous mode [ 109.374679][ T2205] veth0_vlan: left promiscuous mode [ 109.548687][ T6864] loop8: detected capacity change from 0 to 7 [ 109.608474][ T6864] Dev loop8: unable to read RDB block 7 [ 109.625243][ T6864] loop8: unable to read partition table [ 109.638005][ T6864] loop8: partition table beyond EOD, truncated [ 109.647521][ T6864] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 109.647521][ T6864] ) failed (rc=-5) [ 109.850757][ T6876] netlink: 'syz.4.316': attribute type 2 has an invalid length. [ 109.859103][ T6876] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.316'. [ 110.308108][ T5835] Bluetooth: hci4: command tx timeout [ 110.423456][ T2205] team0 (unregistering): Port device team_slave_1 removed [ 110.510900][ T2205] team0 (unregistering): Port device team_slave_0 removed [ 111.125576][ T6656] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 111.152357][ T6656] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 111.238525][ T6656] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 111.466916][ T6692] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 111.555583][ T6692] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 111.744549][ T6692] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 111.823238][ T6692] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 111.859118][ T6656] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.875655][ T6656] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.907486][ T6656] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 111.918224][ T6656] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 111.948205][ T6656] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 112.038212][ T2910] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.045324][ T2910] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.110477][ T2910] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.117653][ T2910] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.145464][ T6656] veth0_vlan: entered promiscuous mode [ 112.160329][ T6656] veth1_vlan: entered promiscuous mode [ 112.183288][ T6656] veth0_macvtap: entered promiscuous mode [ 112.278832][ T6656] veth1_macvtap: entered promiscuous mode [ 112.377717][ T6656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.403264][ T6656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.440445][ T6656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.474680][ T6656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.534444][ T6656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.554137][ T6656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.574504][ T6656] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.709749][ T6656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.720412][ T6656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.748671][ T6656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.759545][ T6656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.776075][ T6656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.798972][ T6656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.814825][ T6656] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.865351][ T6656] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.868098][ T6965] loop9: detected capacity change from 0 to 7 [ 112.885036][ T6656] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.887059][ T6965] Dev loop9: unable to read RDB block 7 [ 112.915503][ T6656] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.921950][ T6965] loop9: AHDI p1 p3 [ 112.933563][ T6965] loop9: partition table partially beyond EOD, truncated [ 112.936024][ T6656] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.943996][ T6965] loop9: p1 start 2048 is beyond EOD, truncated [ 113.148282][ T6692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.239054][ T6692] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.287630][ T2205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.325194][ T2205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.365664][ T2205] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.372849][ T2205] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.428986][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 113.429004][ T29] audit: type=1326 audit(1734362129.235:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.443192][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.466882][ T2205] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.474006][ T2205] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.553320][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.556025][ T29] audit: type=1326 audit(1734362129.235:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.582773][ T29] audit: type=1326 audit(1734362129.295:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.605292][ T29] audit: type=1326 audit(1734362129.295:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.627913][ T29] audit: type=1326 audit(1734362129.295:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.650657][ T29] audit: type=1326 audit(1734362129.295:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.672703][ T29] audit: type=1326 audit(1734362129.295:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.695121][ T29] audit: type=1326 audit(1734362129.295:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.717390][ T29] audit: type=1326 audit(1734362129.295:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.739358][ T29] audit: type=1326 audit(1734362129.295:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf713d579 code=0x7ffc0000 [ 113.807907][ T6692] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.930710][ T6692] veth0_vlan: entered promiscuous mode [ 113.989316][ T6692] veth1_vlan: entered promiscuous mode [ 114.070616][ T6692] veth0_macvtap: entered promiscuous mode [ 114.084747][ T6692] veth1_macvtap: entered promiscuous mode [ 114.103092][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.113985][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.124112][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.135087][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.145226][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.156121][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.166312][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.176995][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.189875][ T6692] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.228712][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.243502][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.273894][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.284953][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.346158][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.346182][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.346202][ T6692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.346215][ T6692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.347215][ T6692] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.355261][ T6692] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.355296][ T6692] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.355323][ T6692] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.355349][ T6692] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.472341][ T7011] sctp: [Deprecated]: syz.4.351 (pid 7011) Use of struct sctp_assoc_value in delayed_ack socket option. [ 114.472341][ T7011] Use struct sctp_sack_info instead [ 114.620863][ T2205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.620887][ T2205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.682293][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.682318][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.141934][ T7031] sctp: [Deprecated]: syz.4.357 (pid 7031) Use of struct sctp_assoc_value in delayed_ack socket option. [ 115.141934][ T7031] Use struct sctp_sack_info instead [ 118.093955][ T7158] loop6: detected capacity change from 0 to 524287999 [ 118.115294][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 118.124777][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 118.187037][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 118.196365][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 118.214715][ T7160] loop6: detected capacity change from 524287999 to 524287952 [ 118.296388][ T7165] Invalid logical block size (3) [ 118.468097][ T7158] loop6: unable to read partition table [ 118.478123][ T7158] loop_reread_partitions: partition scan of loop6 (Í¢†¨ÙÇ´8ÝCP'OÈQž=}m”=@4r„(Uk+Z—Ö 4—Ö>˜ìF¼1ã“›ÍÀù‚àÔ™Û1Œ°) failed (rc=-5) [ 118.562739][ T7178] syzkaller1: entered promiscuous mode [ 118.568530][ T7178] syzkaller1: entered allmulticast mode [ 119.476331][ T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 119.638342][ T8] usb 7-1: Using ep0 maxpacket: 16 [ 119.661222][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.753329][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.829334][ T8] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 119.856802][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.893629][ T8] usb 7-1: config 0 descriptor?? [ 120.097242][ T7245] KVM: debugfs: duplicate directory 7245-4 [ 120.264463][ T7254] tipc: Started in network mode [ 120.271346][ T7254] tipc: Node identity ffff, cluster identity 4711 [ 120.275020][ T7253] loop9: detected capacity change from 0 to 7 [ 120.283298][ T7254] tipc: Node number set to 65535 [ 120.311479][ T7253] Dev loop9: unable to read RDB block 7 [ 120.322747][ T7253] loop9: unable to read partition table [ 120.331524][ T7253] loop9: partition table beyond EOD, truncated [ 120.352353][ T8] appleir 0003:05AC:8241.0003: unknown main item tag 0x0 [ 120.354393][ T7253] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 120.383557][ T8] appleir 0003:05AC:8241.0003: unknown main item tag 0x0 [ 120.409310][ T8] appleir 0003:05AC:8241.0003: unknown main item tag 0x0 [ 120.421963][ T8] appleir 0003:05AC:8241.0003: unknown main item tag 0x0 [ 120.431976][ T8] appleir 0003:05AC:8241.0003: unknown main item tag 0x0 [ 120.455722][ T8] appleir 0003:05AC:8241.0003: No inputs registered, leaving [ 120.507869][ T8] appleir 0003:05AC:8241.0003: hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.6-1/input0 [ 120.694819][ T5879] usb 7-1: USB disconnect, device number 2 [ 121.323212][ T1145] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.458055][ T1145] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.606532][ T7292] netlink: 148 bytes leftover after parsing attributes in process `syz.6.438'. [ 121.618721][ T7293] netlink: 4 bytes leftover after parsing attributes in process `syz.1.436'. [ 121.671352][ T7296] netlink: 72 bytes leftover after parsing attributes in process `syz.4.439'. [ 121.810410][ T1145] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.062180][ T1145] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.301031][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 122.318186][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 122.328171][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 122.348941][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 122.366248][ T5839] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 122.376667][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 122.492977][ T1145] bridge_slave_1: left allmulticast mode [ 122.523124][ T1145] bridge_slave_1: left promiscuous mode [ 122.549023][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.569534][ T1145] bridge_slave_0: left allmulticast mode [ 122.583654][ T1145] bridge_slave_0: left promiscuous mode [ 122.590117][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.608789][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 123.626651][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 123.641147][ T1145] bond0 (unregistering): Released all slaves [ 123.797532][ T1145] tipc: Left network mode [ 124.496371][ T5839] Bluetooth: hci1: command tx timeout [ 124.695638][ T1145] hsr_slave_0: left promiscuous mode [ 124.719607][ T1145] hsr_slave_1: left promiscuous mode [ 124.727012][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.734466][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.757823][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.785670][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 124.849328][ T1145] veth1_macvtap: left promiscuous mode [ 124.856094][ T1145] veth0_macvtap: left promiscuous mode [ 124.861719][ T1145] veth1_vlan: left promiscuous mode [ 124.877306][ T1145] veth0_vlan: left promiscuous mode [ 125.270502][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 125.280590][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 125.311475][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 125.323161][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 125.332022][ T5835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 125.341465][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 125.852627][ T1145] team0 (unregistering): Port device team_slave_1 removed [ 125.899773][ T1145] team0 (unregistering): Port device team_slave_0 removed [ 126.288179][ T7323] chnl_net:caif_netlink_parms(): no params data found [ 126.549159][ T5835] Bluetooth: hci1: command tx timeout [ 126.645777][ T7323] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.674066][ T7323] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.691311][ T7323] bridge_slave_0: entered allmulticast mode [ 126.700894][ T7323] bridge_slave_0: entered promiscuous mode [ 126.710461][ T5879] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 126.788476][ T7323] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.796795][ T7323] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.804060][ T7323] bridge_slave_1: entered allmulticast mode [ 126.818223][ T7323] bridge_slave_1: entered promiscuous mode [ 126.866764][ T5879] usb 2-1: Using ep0 maxpacket: 8 [ 126.867638][ T7323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.883315][ T7323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 126.906093][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.938844][ T5879] usb 2-1: config 0 has no interfaces? [ 126.944389][ T5879] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 126.962813][ T7419] chnl_net:caif_netlink_parms(): no params data found [ 126.988466][ T7323] team0: Port device team_slave_0 added [ 127.001655][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.013171][ T7323] team0: Port device team_slave_1 added [ 127.050407][ T5879] usb 2-1: config 0 descriptor?? [ 127.134754][ T1145] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.240776][ T7323] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 127.256025][ T7323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.282180][ T7323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 127.377563][ T1145] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.426750][ T5835] Bluetooth: hci3: command tx timeout [ 127.491116][ T7471] netlink: 'syz.7.494': attribute type 10 has an invalid length. [ 127.494772][ T7323] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 127.516084][ T7471] netlink: 55 bytes leftover after parsing attributes in process `syz.7.494'. [ 127.519912][ T7323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.551501][ T7323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.621394][ T1145] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.806377][ T1145] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.823803][ T7323] hsr_slave_0: entered promiscuous mode [ 127.830495][ T7323] hsr_slave_1: entered promiscuous mode [ 127.837537][ T7323] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.845112][ T7323] Cannot create hsr debugfs directory [ 127.851610][ T7419] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.866174][ T7419] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.873440][ T7419] bridge_slave_0: entered allmulticast mode [ 127.880630][ T5879] usb 2-1: USB disconnect, device number 7 [ 127.914495][ T7419] bridge_slave_0: entered promiscuous mode [ 127.928129][ T5844] syz-executor (5844) used greatest stack depth: 19200 bytes left [ 127.978257][ T7419] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.985396][ T7419] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.031050][ T7419] bridge_slave_1: entered allmulticast mode [ 128.060682][ T7419] bridge_slave_1: entered promiscuous mode [ 128.379257][ T7419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 128.414892][ T7419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 128.563061][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 128.571879][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 128.579850][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 128.590661][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 128.598368][ T5839] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 128.607242][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 128.632673][ T5835] Bluetooth: hci1: command tx timeout [ 128.704595][ T7419] team0: Port device team_slave_0 added [ 128.718420][ T7419] team0: Port device team_slave_1 added [ 128.761639][ T1145] bridge_slave_1: left allmulticast mode [ 128.776624][ T1145] bridge_slave_1: left promiscuous mode [ 128.796706][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.815122][ T1145] bridge_slave_0: left allmulticast mode [ 128.821136][ T1145] bridge_slave_0: left promiscuous mode [ 128.841424][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.261961][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 129.281741][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 129.322005][ T1145] bond0 (unregistering): Released all slaves [ 129.458363][ T7419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.474562][ T7512] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 129.483927][ T7419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.510351][ T5835] Bluetooth: hci3: command tx timeout [ 129.541463][ T7419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.563516][ T7419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.583174][ T7419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.609091][ C1] vkms_vblank_simulate: vblank timer overrun [ 129.664360][ T7419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.752413][ T7519] loop9: detected capacity change from 0 to 7 [ 129.767059][ T7519] loop9: [POWERTEC] p1 p2 [ 129.786342][ T7519] loop9: p1 start 1932423285 is beyond EOD, truncated [ 129.806111][ T7519] loop9: p2 size 9897216 extends beyond EOD, truncated [ 129.838881][ T7419] hsr_slave_0: entered promiscuous mode [ 129.845892][ T7419] hsr_slave_1: entered promiscuous mode [ 129.856380][ T7419] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 129.863960][ T7419] Cannot create hsr debugfs directory [ 130.046751][ T5829] udevd[5829]: inotify_add_watch(7, /dev/loop9p2, 10) failed: No such file or directory [ 130.069389][ T1145] hsr_slave_0: left promiscuous mode [ 130.092328][ T1145] hsr_slave_1: left promiscuous mode [ 130.114242][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 130.131913][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 130.157183][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 130.164662][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 130.195656][ T1145] veth1_macvtap: left promiscuous mode [ 130.211279][ T1145] veth0_macvtap: left promiscuous mode [ 130.221551][ T1145] veth1_vlan: left promiscuous mode [ 130.231222][ T1145] veth0_vlan: left promiscuous mode [ 130.715329][ T5835] Bluetooth: hci1: command tx timeout [ 130.721122][ T5830] Bluetooth: hci2: command tx timeout [ 131.212018][ T1145] team0 (unregistering): Port device team_slave_1 removed [ 131.342687][ T1145] team0 (unregistering): Port device team_slave_0 removed [ 131.580880][ T7571] netlink: 24 bytes leftover after parsing attributes in process `syz.1.524'. [ 131.590445][ T5835] Bluetooth: hci3: command tx timeout [ 131.908346][ T7323] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 131.952354][ T7323] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 132.014419][ T7323] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 132.067099][ T7323] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 132.111159][ T7496] chnl_net:caif_netlink_parms(): no params data found [ 132.254011][ T7419] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 132.296253][ T5878] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 132.309373][ T7419] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 132.333610][ T7496] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.341139][ T7496] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.349447][ T7496] bridge_slave_0: entered allmulticast mode [ 132.356768][ T7496] bridge_slave_0: entered promiscuous mode [ 132.367286][ T7419] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 132.379808][ T7496] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.390598][ T7496] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.399295][ T7496] bridge_slave_1: entered allmulticast mode [ 132.413539][ T7496] bridge_slave_1: entered promiscuous mode [ 132.434610][ T7419] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 132.453936][ T5878] usb 2-1: config 0 has an invalid interface number: 255 but max is 0 [ 132.473438][ T5878] usb 2-1: config 0 has no interface number 0 [ 132.484166][ T5878] usb 2-1: config 0 interface 255 has no altsetting 0 [ 132.492083][ T5878] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 132.501779][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.525251][ T5878] usb 2-1: config 0 descriptor?? [ 132.525347][ T7496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 132.551555][ T5878] cp210x 2-1:0.255: cp210x converter detected [ 132.573198][ T7323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.589610][ T7496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 132.678205][ T7323] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.698361][ T7496] team0: Port device team_slave_0 added [ 132.714620][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.721851][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.743382][ T7496] team0: Port device team_slave_1 added [ 132.760099][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.767291][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.786825][ T5835] Bluetooth: hci2: command tx timeout [ 132.877769][ T7496] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 132.884776][ T7496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.911181][ T7496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 132.930361][ T7496] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.938084][ T7496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.967081][ T5878] cp210x 2-1:0.255: failed to get vendor val 0x000e size 3: -32 [ 132.976316][ T7496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 132.997883][ T7419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.057141][ T7496] hsr_slave_0: entered promiscuous mode [ 133.063488][ T7496] hsr_slave_1: entered promiscuous mode [ 133.070387][ T7496] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 133.078471][ T7496] Cannot create hsr debugfs directory [ 133.111665][ T7419] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.121012][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.136329][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.162378][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.169579][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.178958][ T5878] cp210x 2-1:0.255: GPIO initialisation failed: -19 [ 133.201927][ T5878] usb 2-1: cp210x converter now attached to ttyUSB0 [ 133.220248][ T2205] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.227414][ T2205] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.313078][ T7323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.345066][ T7419] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 133.364860][ T7419] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 133.427165][ T5878] usb 2-1: USB disconnect, device number 8 [ 133.451262][ T5878] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 133.462610][ T5878] cp210x 2-1:0.255: device disconnected [ 133.510483][ T7419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.666245][ T5835] Bluetooth: hci3: command tx timeout [ 133.762425][ T7323] veth0_vlan: entered promiscuous mode [ 133.799635][ T7323] veth1_vlan: entered promiscuous mode [ 133.894422][ T7419] veth0_vlan: entered promiscuous mode [ 133.980713][ T7419] veth1_vlan: entered promiscuous mode [ 134.003186][ T7323] veth0_macvtap: entered promiscuous mode [ 134.038927][ T7323] veth1_macvtap: entered promiscuous mode [ 134.116813][ T7323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.127665][ T7323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.138517][ T7323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.153145][ T7323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.165339][ T7323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.176675][ T7323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.188149][ T7323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.198699][ T7323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.209751][ T7323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.243073][ T7323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.259395][ T7323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.271677][ T7323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.282402][ T7323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.296966][ T7323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.351547][ T7323] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.363319][ T7323] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.374058][ T7323] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.384842][ T7323] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.411938][ T7419] veth0_macvtap: entered promiscuous mode [ 134.448845][ T7419] veth1_macvtap: entered promiscuous mode [ 134.510930][ T7496] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 134.578176][ T7496] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 134.634702][ T7496] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 134.657620][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.678680][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.723798][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.771765][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.796308][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.817351][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.831919][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.843672][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.854880][ T7419] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.866326][ T5835] Bluetooth: hci2: command tx timeout [ 134.878610][ T7496] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 134.965676][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.995548][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.005766][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.016851][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.038196][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.065428][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.076050][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.087727][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.123677][ T7419] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.157584][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.165466][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.243152][ T7419] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.257452][ T7419] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.266770][ T7419] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.285749][ T7419] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.329744][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.361464][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.622537][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.631005][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.727630][ T7496] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.749465][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.761799][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.809171][ T7496] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.860934][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.868111][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.911404][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.918603][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 135.971116][ T7496] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 136.074793][ T7496] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.185262][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 136.185280][ T29] audit: type=1326 audit(1734362151.995:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.212163][ T7496] veth0_vlan: entered promiscuous mode [ 136.265334][ T7496] veth1_vlan: entered promiscuous mode [ 136.284846][ T29] audit: type=1326 audit(1734362151.995:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.396205][ T29] audit: type=1326 audit(1734362152.055:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=332 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.401142][ T7496] veth0_macvtap: entered promiscuous mode [ 136.470742][ T29] audit: type=1326 audit(1734362152.055:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.499003][ T29] audit: type=1326 audit(1734362152.055:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.537010][ T7496] veth1_macvtap: entered promiscuous mode [ 136.580219][ T29] audit: type=1326 audit(1734362152.055:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=292 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.610042][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.625305][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.642564][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.662220][ T29] audit: type=1326 audit(1734362152.055:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.693862][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.720428][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.746204][ T29] audit: type=1326 audit(1734362152.055:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.774380][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.785605][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.799783][ T29] audit: type=1326 audit(1734362152.055:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.822445][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.833443][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.844124][ T29] audit: type=1326 audit(1734362152.055:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.9.475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=293 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 136.880117][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.891716][ T7496] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 136.927758][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.939501][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.952154][ T5835] Bluetooth: hci2: command tx timeout [ 136.988333][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.024846][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.061165][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.097521][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.119469][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.143373][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.157139][ T7496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.169880][ T7496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.197003][ T7496] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.223538][ T7496] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.257820][ T7496] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.276114][ T7496] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.314700][ T7496] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.646289][ T2999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.672805][ T2999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.758509][ T2999] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.789776][ T2999] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.257864][ T5878] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 139.418149][ T5878] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 139.436089][ T5878] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 139.524419][ T5878] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 139.534249][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.542583][ T5878] usb 2-1: Product: syz [ 139.547009][ T5878] usb 2-1: Manufacturer: syz [ 139.551615][ T5878] usb 2-1: SerialNumber: syz [ 139.557378][ T5879] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 139.577192][ T5878] usb 2-1: config 0 descriptor?? [ 139.590703][ T7729] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 139.598472][ T7729] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 139.756094][ T5879] usb 1-1: Using ep0 maxpacket: 8 [ 139.777094][ T5879] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 139.785403][ T5879] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 139.832690][ T5879] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 139.833293][ T7729] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 139.858557][ T25] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 139.873846][ T5879] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 139.884293][ T7729] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 139.910697][ T5879] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 139.959457][ T5879] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 140.006906][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.016251][ T25] usb 9-1: Using ep0 maxpacket: 8 [ 140.047793][ T25] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 140.077155][ T25] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 140.122003][ T25] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 140.154572][ T25] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 140.174377][ T25] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 140.206091][ T25] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 140.241174][ T25] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.272919][ T5879] usb 1-1: usb_control_msg returned -32 [ 140.283296][ T5879] usbtmc 1-1:16.0: can't read capabilities [ 140.495238][ T25] usb 9-1: usb_control_msg returned -32 [ 140.517756][ T25] usbtmc 9-1:16.0: can't read capabilities [ 140.804551][ T5878] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71 [ 140.856285][ T7791] usbtmc 1-1:16.0: usb_control_msg returned -32 [ 140.857204][ T5878] dm9601 2-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet, 5a:00:00:00:00:00 [ 140.867181][ T874] usb 1-1: USB disconnect, device number 4 [ 140.931380][ T5878] usb 2-1: USB disconnect, device number 9 [ 140.951461][ T5878] dm9601 2-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet [ 141.765611][ T7822] input: syz1 as /devices/virtual/input/input9 [ 142.256831][ T5880] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 142.417736][ T5880] usb 1-1: config index 0 descriptor too short (expected 19, got 18) [ 142.427253][ T5880] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 142.446727][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.465749][ T5880] usb 1-1: config 0 descriptor?? [ 142.596270][ T5874] usb 9-1: USB disconnect, device number 2 [ 142.776646][ T874] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 143.001551][ T7840] netlink: 'syz.9.598': attribute type 4 has an invalid length. [ 143.005206][ T874] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 143.018434][ T874] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 143.032457][ T874] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 143.041619][ T874] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 143.053056][ T874] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 143.102162][ T874] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 143.146969][ T874] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 143.206106][ T874] usb 2-1: Product: syz [ 143.221035][ T874] usb 2-1: Manufacturer: syz [ 143.258034][ T874] cdc_wdm 2-1:1.0: skipping garbage [ 143.296229][ T874] cdc_wdm 2-1:1.0: skipping garbage [ 143.356430][ T874] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 143.362416][ T874] cdc_wdm 2-1:1.0: Unknown control protocol [ 143.382573][ T7840] syz.9.598 (7840) used greatest stack depth: 19152 bytes left [ 143.493755][ T874] usb 2-1: USB disconnect, device number 10 [ 143.578438][ T5880] pegasus 1-1:0.0: probe with driver pegasus failed with error -71 [ 143.625442][ T5880] usb 1-1: USB disconnect, device number 5 [ 145.823485][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 145.823531][ T29] audit: type=1326 audit(1734362161.635:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7938 comm="syz.8.622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 146.126263][ T29] audit: type=1326 audit(1734362161.635:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7938 comm="syz.8.622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 146.207034][ T29] audit: type=1326 audit(1734362161.715:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7940 comm="syz.0.623" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf714d579 code=0x0 [ 146.298340][ T29] audit: type=1326 audit(1734362161.855:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7938 comm="syz.8.622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 146.359602][ T29] audit: type=1326 audit(1734362161.855:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7938 comm="syz.8.622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 146.431559][ T29] audit: type=1326 audit(1734362161.855:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7938 comm="syz.8.622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 147.414349][ T7980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.634'. [ 149.513218][ T8030] sctp: [Deprecated]: syz.1.651 (pid 8030) Use of int in max_burst socket option. [ 149.513218][ T8030] Use struct sctp_assoc_value instead [ 150.035471][ T8041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.654'. [ 150.496350][ T5880] IPVS: starting estimator thread 0... [ 150.586242][ T8051] IPVS: using max 27 ests per chain, 64800 per kthread [ 152.730573][ T8106] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.988112][ T8106] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.572610][ T8109] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.579824][ T8109] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.836776][ T8109] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.844014][ T8109] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.868823][ T8125] ================================================================== [ 153.876958][ T8125] BUG: KASAN: slab-use-after-free in isolate_migratepages_block+0x1fdf/0x5270 [ 153.885844][ T8125] Read of size 8 at addr ffff8880248f6d48 by task syz.0.677/8125 [ 153.893584][ T8125] [ 153.895936][ T8125] CPU: 1 UID: 0 PID: 8125 Comm: syz.0.677 Not tainted 6.13.0-rc3-syzkaller #0 [ 153.904803][ T8125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 153.914877][ T8125] Call Trace: [ 153.918171][ T8125] [ 153.921112][ T8125] dump_stack_lvl+0x241/0x360 [ 153.925819][ T8125] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.931042][ T8125] ? __pfx__printk+0x10/0x10 [ 153.935656][ T8125] ? _printk+0xd5/0x120 [ 153.939838][ T8125] ? __virt_addr_valid+0x183/0x530 [ 153.944972][ T8125] ? __virt_addr_valid+0x183/0x530 [ 153.950109][ T8125] print_report+0x169/0x550 [ 153.954640][ T8125] ? __virt_addr_valid+0x183/0x530 [ 153.959776][ T8125] ? __virt_addr_valid+0x183/0x530 [ 153.964916][ T8125] ? __virt_addr_valid+0x45f/0x530 [ 153.970049][ T8125] ? __phys_addr+0xba/0x170 [ 153.974575][ T8125] ? isolate_migratepages_block+0x1fdf/0x5270 [ 153.980663][ T8125] kasan_report+0x143/0x180 [ 153.985189][ T8125] ? isolate_migratepages_block+0x1fdf/0x5270 [ 153.991280][ T8125] kasan_check_range+0x282/0x290 [ 153.996239][ T8125] isolate_migratepages_block+0x1fdf/0x5270 [ 154.002159][ T8125] ? isolate_migratepages_block+0x20d1/0x5270 [ 154.008256][ T8125] ? __pfx_isolate_migratepages_block+0x10/0x10 [ 154.014516][ T8125] ? __pageblock_pfn_to_page+0xd3/0x3c0 [ 154.020087][ T8125] ? __pageblock_pfn_to_page+0xd3/0x3c0 [ 154.025662][ T8125] compact_zone+0x32e6/0x4ac0 [ 154.030375][ T8125] ? __pfx_compact_zone+0x10/0x10 [ 154.035418][ T8125] ? __lock_acquire+0x1397/0x2100 [ 154.040466][ T8125] sysctl_compaction_handler+0x496/0x990 [ 154.046121][ T8125] ? __pfx_sysctl_compaction_handler+0x10/0x10 [ 154.052304][ T8125] ? __virt_addr_valid+0x183/0x530 [ 154.057435][ T8125] ? __virt_addr_valid+0x183/0x530 [ 154.062563][ T8125] ? __virt_addr_valid+0x45f/0x530 [ 154.067691][ T8125] ? __phys_addr_symbol+0x2f/0x70 [ 154.072823][ T8125] ? __check_object_size+0x47a/0x730 [ 154.078126][ T8125] ? __pfx_sysctl_compaction_handler+0x10/0x10 [ 154.084300][ T8125] proc_sys_call_handler+0x5ec/0x920 [ 154.089615][ T8125] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 154.095452][ T8125] iter_file_splice_write+0xbfa/0x1510 [ 154.100938][ T8125] ? __pfx_iter_file_splice_write+0x10/0x10 [ 154.106853][ T8125] ? rcu_read_lock_any_held+0xb7/0x160 [ 154.112341][ T8125] ? __pfx_iter_file_splice_write+0x10/0x10 [ 154.118257][ T8125] direct_splice_actor+0x11b/0x220 [ 154.123385][ T8125] splice_direct_to_actor+0x586/0xc80 [ 154.128795][ T8125] ? __pfx_direct_splice_actor+0x10/0x10 [ 154.134454][ T8125] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 154.140372][ T8125] ? __fget_files+0x2a/0x410 [ 154.144985][ T8125] ? __pfx_lock_release+0x10/0x10 [ 154.150033][ T8125] do_splice_direct+0x289/0x3e0 [ 154.154909][ T8125] ? __pfx_do_splice_direct+0x10/0x10 [ 154.160308][ T8125] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 154.166224][ T8125] ? rw_verify_area+0x1c3/0x6f0 [ 154.171092][ T8125] do_sendfile+0x564/0x8a0 [ 154.175533][ T8125] ? __pfx_do_sendfile+0x10/0x10 [ 154.180498][ T8125] ? __might_fault+0xaa/0x120 [ 154.185192][ T8125] ? __might_fault+0xc6/0x120 [ 154.189885][ T8125] __se_compat_sys_sendfile+0x121/0x1f0 [ 154.195452][ T8125] ? __pfx___se_compat_sys_sendfile+0x10/0x10 [ 154.201552][ T8125] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 154.208165][ T8125] ? lockdep_hardirqs_on+0x99/0x150 [ 154.213390][ T8125] __do_fast_syscall_32+0xb4/0x110 [ 154.218529][ T8125] ? ret_from_fork_asm+0x1a/0x30 [ 154.223491][ T8125] ? lockdep_hardirqs_on+0x99/0x150 [ 154.228713][ T8125] do_fast_syscall_32+0x34/0x80 [ 154.233591][ T8125] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.239945][ T8125] RIP: 0023:0xf714d579 [ 154.244039][ T8125] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 154.263680][ T8125] RSP: 002b:00000000f513f55c EFLAGS: 00000206 ORIG_RAX: 00000000000000bb [ 154.272122][ T8125] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000003 [ 154.280118][ T8125] RDX: 00000000200000c0 RSI: 0000000000000005 RDI: 0000000000000000 [ 154.288111][ T8125] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 154.296107][ T8125] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 154.304097][ T8125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 154.312089][ T8125] [ 154.315123][ T8125] [ 154.317452][ T8125] Allocated by task 6692: [ 154.321798][ T8125] kasan_save_track+0x3f/0x80 [ 154.326493][ T8125] __kasan_kmalloc+0x98/0xb0 [ 154.331110][ T8125] __kmalloc_noprof+0x285/0x4c0 [ 154.335984][ T8125] tomoyo_realpath_from_path+0xcf/0x5e0 [ 154.341554][ T8125] tomoyo_path_number_perm+0x236/0x860 [ 154.347044][ T8125] security_file_ioctl_compat+0xc6/0x2a0 [ 154.352702][ T8125] __se_compat_sys_ioctl+0xd6/0xc10 [ 154.357920][ T8125] __do_fast_syscall_32+0xb4/0x110 [ 154.363056][ T8125] do_fast_syscall_32+0x34/0x80 [ 154.367931][ T8125] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.374274][ T8125] [ 154.376610][ T8125] Freed by task 6692: [ 154.380596][ T8125] kasan_save_track+0x3f/0x80 [ 154.385290][ T8125] kasan_save_free_info+0x40/0x50 [ 154.390333][ T8125] __kasan_slab_free+0x59/0x70 [ 154.395113][ T8125] kfree+0x196/0x430 [ 154.399030][ T8125] tomoyo_realpath_from_path+0x5a9/0x5e0 [ 154.404677][ T8125] tomoyo_path_number_perm+0x236/0x860 [ 154.410159][ T8125] security_file_ioctl_compat+0xc6/0x2a0 [ 154.415820][ T8125] __se_compat_sys_ioctl+0xd6/0xc10 [ 154.421034][ T8125] __do_fast_syscall_32+0xb4/0x110 [ 154.426172][ T8125] do_fast_syscall_32+0x34/0x80 [ 154.431306][ T8125] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.437655][ T8125] [ 154.439992][ T8125] The buggy address belongs to the object at ffff8880248f6000 [ 154.439992][ T8125] which belongs to the cache kmalloc-4k of size 4096 [ 154.454061][ T8125] The buggy address is located 3400 bytes inside of [ 154.454061][ T8125] freed 4096-byte region [ffff8880248f6000, ffff8880248f7000) [ 154.468144][ T8125] [ 154.470480][ T8125] The buggy address belongs to the physical page: [ 154.476910][ T8125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x248f0 [ 154.485697][ T8125] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 154.494212][ T8125] memcg:ffff888028c5d081 [ 154.498463][ T8125] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 154.506034][ T8125] page_type: f5(slab) [ 154.510037][ T8125] raw: 00fff00000000040 ffff88801ac4f3c0 dead000000000122 0000000000000000 [ 154.518641][ T8125] raw: 0000000000000000 0000000000080008 00000001f5000000 ffff888028c5d081 [ 154.527246][ T8125] head: 00fff00000000040 ffff88801ac4f3c0 dead000000000122 0000000000000000 [ 154.535937][ T8125] head: 0000000000000000 0000000000080008 00000001f5000000 ffff888028c5d081 [ 154.544626][ T8125] head: 00fff00000000003 ffffea0000923c01 ffffffffffffffff 0000000000000000 [ 154.553317][ T8125] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 154.562000][ T8125] page dumped because: kasan: bad access detected [ 154.568439][ T8125] page_owner tracks the page as allocated [ 154.574172][ T8125] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6692, tgid 6692 (syz-executor), ts 154325324056, free_ts 154297940357 [ 154.595743][ T8125] post_alloc_hook+0x1f3/0x230 [ 154.600536][ T8125] get_page_from_freelist+0x365c/0x37a0 [ 154.606107][ T8125] __alloc_pages_noprof+0x292/0x710 [ 154.611324][ T8125] alloc_pages_mpol_noprof+0x3e8/0x680 [ 154.616804][ T8125] alloc_slab_page+0x6a/0x110 [ 154.621501][ T8125] allocate_slab+0x5a/0x2b0 [ 154.626018][ T8125] ___slab_alloc+0xc27/0x14a0 [ 154.630713][ T8125] __slab_alloc+0x58/0xa0 [ 154.635063][ T8125] __kmalloc_cache_noprof+0x27b/0x390 [ 154.640455][ T8125] alloc_tty_struct+0xa9/0x7d0 [ 154.645247][ T8125] pty_common_install+0x160/0x760 [ 154.650294][ T8125] tty_init_dev+0xc1/0x4c0 [ 154.654731][ T8125] ptmx_open+0xda/0x2c0 [ 154.658913][ T8125] chrdev_open+0x521/0x600 [ 154.663347][ T8125] do_dentry_open+0xbe1/0x1b70 [ 154.668131][ T8125] vfs_open+0x3e/0x330 [ 154.672221][ T8125] page last free pid 6692 tgid 6692 stack trace: [ 154.678555][ T8125] free_unref_page+0xd3f/0x1010 [ 154.683429][ T8125] __put_partials+0x160/0x1c0 [ 154.688135][ T8125] put_cpu_partial+0x17c/0x250 [ 154.692916][ T8125] __slab_free+0x290/0x380 [ 154.697349][ T8125] qlist_free_all+0x9a/0x140 [ 154.701958][ T8125] kasan_quarantine_reduce+0x14f/0x170 [ 154.707435][ T8125] __kasan_slab_alloc+0x23/0x80 [ 154.712309][ T8125] kmem_cache_alloc_noprof+0x1d9/0x380 [ 154.717790][ T8125] getname_flags+0xb7/0x540 [ 154.722317][ T8125] do_sys_openat2+0xd2/0x1d0 [ 154.726932][ T8125] __ia32_compat_sys_openat+0x23f/0x290 [ 154.732503][ T8125] __do_fast_syscall_32+0xb4/0x110 [ 154.737656][ T8125] do_fast_syscall_32+0x34/0x80 [ 154.742533][ T8125] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.748881][ T8125] [ 154.751217][ T8125] Memory state around the buggy address: [ 154.756854][ T8125] ffff8880248f6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 154.765019][ T8125] ffff8880248f6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 154.773101][ T8125] >ffff8880248f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 154.781176][ T8125] ^ [ 154.787606][ T8125] ffff8880248f6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 154.795688][ T8125] ffff8880248f6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 154.803762][ T8125] ================================================================== [ 155.056799][ T8125] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 155.064050][ T8125] CPU: 1 UID: 0 PID: 8125 Comm: syz.0.677 Not tainted 6.13.0-rc3-syzkaller #0 [ 155.072923][ T8125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 155.082998][ T8125] Call Trace: [ 155.086296][ T8125] [ 155.089241][ T8125] dump_stack_lvl+0x241/0x360 [ 155.093949][ T8125] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.099173][ T8125] ? __pfx__printk+0x10/0x10 [ 155.103786][ T8125] ? preempt_schedule+0xe1/0xf0 [ 155.108666][ T8125] ? vscnprintf+0x5d/0x90 [ 155.113021][ T8125] panic+0x349/0x880 [ 155.116939][ T8125] ? check_panic_on_warn+0x21/0xb0 [ 155.122073][ T8125] ? __pfx_panic+0x10/0x10 [ 155.126517][ T8125] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 155.132520][ T8125] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 155.138876][ T8125] ? print_report+0x502/0x550 [ 155.143581][ T8125] check_panic_on_warn+0x86/0xb0 [ 155.148592][ T8125] ? isolate_migratepages_block+0x1fdf/0x5270 [ 155.154692][ T8125] end_report+0x77/0x160 [ 155.158973][ T8125] kasan_report+0x154/0x180 [ 155.163683][ T8125] ? isolate_migratepages_block+0x1fdf/0x5270 [ 155.169871][ T8125] kasan_check_range+0x282/0x290 [ 155.174835][ T8125] isolate_migratepages_block+0x1fdf/0x5270 [ 155.180759][ T8125] ? isolate_migratepages_block+0x20d1/0x5270 [ 155.186854][ T8125] ? __pfx_isolate_migratepages_block+0x10/0x10 [ 155.193124][ T8125] ? __pageblock_pfn_to_page+0xd3/0x3c0 [ 155.198704][ T8125] ? __pageblock_pfn_to_page+0xd3/0x3c0 [ 155.204284][ T8125] compact_zone+0x32e6/0x4ac0 [ 155.209002][ T8125] ? __pfx_compact_zone+0x10/0x10 [ 155.214049][ T8125] ? __lock_acquire+0x1397/0x2100 [ 155.219103][ T8125] sysctl_compaction_handler+0x496/0x990 [ 155.224765][ T8125] ? __pfx_sysctl_compaction_handler+0x10/0x10 [ 155.230954][ T8125] ? __virt_addr_valid+0x183/0x530 [ 155.236092][ T8125] ? __virt_addr_valid+0x183/0x530 [ 155.241231][ T8125] ? __virt_addr_valid+0x45f/0x530 [ 155.246368][ T8125] ? __phys_addr_symbol+0x2f/0x70 [ 155.251423][ T8125] ? __check_object_size+0x47a/0x730 [ 155.256735][ T8125] ? __pfx_sysctl_compaction_handler+0x10/0x10 [ 155.262920][ T8125] proc_sys_call_handler+0x5ec/0x920 [ 155.268242][ T8125] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 155.274083][ T8125] iter_file_splice_write+0xbfa/0x1510 [ 155.279578][ T8125] ? __pfx_iter_file_splice_write+0x10/0x10 [ 155.285504][ T8125] ? rcu_read_lock_any_held+0xb7/0x160 [ 155.290997][ T8125] ? __pfx_iter_file_splice_write+0x10/0x10 [ 155.296923][ T8125] direct_splice_actor+0x11b/0x220 [ 155.302069][ T8125] splice_direct_to_actor+0x586/0xc80 [ 155.307483][ T8125] ? __pfx_direct_splice_actor+0x10/0x10 [ 155.313139][ T8125] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 155.319055][ T8125] ? __fget_files+0x2a/0x410 [ 155.323674][ T8125] ? __pfx_lock_release+0x10/0x10 [ 155.328736][ T8125] do_splice_direct+0x289/0x3e0 [ 155.333616][ T8125] ? __pfx_do_splice_direct+0x10/0x10 [ 155.339016][ T8125] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 155.344937][ T8125] ? rw_verify_area+0x1c3/0x6f0 [ 155.349815][ T8125] do_sendfile+0x564/0x8a0 [ 155.354266][ T8125] ? __pfx_do_sendfile+0x10/0x10 [ 155.359240][ T8125] ? __might_fault+0xaa/0x120 [ 155.363938][ T8125] ? __might_fault+0xc6/0x120 [ 155.368638][ T8125] __se_compat_sys_sendfile+0x121/0x1f0 [ 155.374209][ T8125] ? __pfx___se_compat_sys_sendfile+0x10/0x10 [ 155.380304][ T8125] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 155.386920][ T8125] ? lockdep_hardirqs_on+0x99/0x150 [ 155.392149][ T8125] __do_fast_syscall_32+0xb4/0x110 [ 155.397290][ T8125] ? ret_from_fork_asm+0x1a/0x30 [ 155.402246][ T8125] ? lockdep_hardirqs_on+0x99/0x150 [ 155.407477][ T8125] do_fast_syscall_32+0x34/0x80 [ 155.412359][ T8125] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 155.418721][ T8125] RIP: 0023:0xf714d579 [ 155.422806][ T8125] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 155.442437][ T8125] RSP: 002b:00000000f513f55c EFLAGS: 00000206 ORIG_RAX: 00000000000000bb [ 155.450881][ T8125] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000003 [ 155.458876][ T8125] RDX: 00000000200000c0 RSI: 0000000000000005 RDI: 0000000000000000 [ 155.466873][ T8125] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 155.474868][ T8125] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 155.482865][ T8125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 155.490867][ T8125] [ 155.494163][ T8125] Kernel Offset: disabled [ 155.498486][ T8125] Rebooting in 86400 seconds..