last executing test programs: 9.674075438s ago: executing program 4 (id=2315): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x2003, 0xc}, 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 9.232631557s ago: executing program 4 (id=2317): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x18) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000440)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0xa, @in=@empty, 0x0, 0x1}}, 0xe8) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) 7.321172594s ago: executing program 0 (id=2322): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], [0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$UI_DEV_DESTROY(r0, 0x5502) 6.9093373s ago: executing program 0 (id=2325): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x7d) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=r2, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c00028008000200e4cde4"], 0x3c}}, 0x0) 6.616951003s ago: executing program 0 (id=2327): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2204c3b, &(0x7f00000002c0)={[{@gid={'gid', 0x3d, 0xee01}}, {}, {@mode}]}) 4.555669718s ago: executing program 3 (id=2334): bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5, 0x401d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) mlock(&(0x7f0000a74000/0x1000)=nil, 0x1000) madvise(&(0x7f0000535000/0x800000)=nil, 0x802202, 0x19) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) 4.484486932s ago: executing program 1 (id=2335): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000040)='syzkaller\x00', 0x5}, 0x90) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0\x00', 0x0}) r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r2, 0x25, 0x0, @val=@tcx={@prog_fd}}, 0x40) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x5}, 0x90) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r3, r4}, 0x5) 4.482995583s ago: executing program 4 (id=2336): socket$inet_sctp(0x2, 0x1, 0x84) r0 = socket$inet_sctp(0x2, 0x1, 0x84) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pipe2(&(0x7f0000000080), 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r1 = socket$inet6_tcp(0x1c, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000000080), 0x4) dup2(r0, r1) 3.484678417s ago: executing program 1 (id=2337): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000002000000000000000100008400040000000000000300000000000000000000000000000500000000000000000000000902"], 0x0, 0x4a}, 0x20) 3.455841636s ago: executing program 4 (id=2338): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000009000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) 3.155543658s ago: executing program 1 (id=2340): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00'}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x23}, @NFTA_SET_EXPR={0x18, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}], {0x14, 0x10}}, 0x9c}}, 0x4) 3.064424947s ago: executing program 4 (id=2341): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) keyctl$read(0x2, 0x0, 0x0, 0x0) socket$qrtr(0x2a, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x11, 0x0, 0x10000, 0x88000, 0x1406, 0xffffffffffffffff, 0x2}, 0x48) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) r5 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) ioctl$NBD_SET_FLAGS(r5, 0xab0a, 0x1000001000104) ioctl$NBD_SET_SOCK(r5, 0xab00, r4) mq_unlink(&(0x7f0000000240)='^\'#(!$\x00') ioctl$NBD_DO_IT(r3, 0xab03) ioctl$NBD_SET_SOCK(r5, 0xab00, 0xffffffffffffffff) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1, 0xfffffffffffffffe}, 0x42) r6 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r6, 0x0, 0x20000000}, 0x20) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newtaction={0x6c, 0x30, 0x10b, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @remote}, @TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000040)={0x5, "03a3a7c840e8641aa3e287ef80a6fff742164c0ea212495fff57aef8315dfdb1"}) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, 0x0, 0x0) 3.055577901s ago: executing program 2 (id=2342): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) fcntl$notify(r3, 0x402, 0x8000001a) fcntl$notify(r2, 0x402, 0x1) r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) fcntl$notify(r4, 0x402, 0xc) fcntl$notify(r2, 0x402, 0x0) 3.047580727s ago: executing program 3 (id=2343): getsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000280), &(0x7f0000000340)=0x4) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getpeername(r1, &(0x7f0000000200)=@sco={0x1f, @fixed}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r4}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 2.905579448s ago: executing program 1 (id=2344): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009"], 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r0, &(0x7f0000001300)="92", 0x2) ioctl$HIDIOCGRDESC(r0, 0x4008c002, 0x0) 2.692754398s ago: executing program 2 (id=2345): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, 0x0, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a09040000000000000000020000000900010073797a30000000000900020073797a32"], 0x9c}}, 0x0) 2.459329391s ago: executing program 2 (id=2346): r0 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) bind$packet(r1, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14) r3 = socket$packet(0x11, 0x3, 0x300) bind$packet(r3, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) quotactl_fd$Q_QUOTAOFF(r5, 0xffffffff80000301, 0xee01, 0x0) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) splice(r8, 0x0, r7, 0x0, 0x1, 0x0) ioctl$sock_SIOCINQ(r7, 0x5452, &(0x7f0000000000)) close_range(r7, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) 2.428567264s ago: executing program 3 (id=2347): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000040)='syzkaller\x00', 0x5}, 0x90) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0\x00', 0x0}) r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r2, 0x25, 0x0, @val=@tcx={@prog_fd}}, 0x40) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x5}, 0x90) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r3, r4}, 0x5) 2.160942752s ago: executing program 3 (id=2348): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000840)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010000000000000000007e"], 0x14}}, 0x0) 2.002569801s ago: executing program 0 (id=2349): sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, 0x0, 0x24048800) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) splice(r3, 0x0, r2, 0x0, 0x1, 0x0) fcntl$setpipe(r2, 0x407, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 1.982405547s ago: executing program 2 (id=2350): rt_sigprocmask(0x0, &(0x7f0000000080)={[0xffffffff]}, 0x0, 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = getpid() r2 = gettid() rt_tgsigqueueinfo(r1, r2, 0x5, &(0x7f0000000140)={0x0, 0x0, 0x6}) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000300)={[0xffffffffffffffff]}, 0x8, 0x0) read$FUSE(r3, &(0x7f0000001a00)={0x2020}, 0x2020) 1.771649388s ago: executing program 3 (id=2351): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x65c, 0xcc, 0x0, 0x1ac, 0x0, 0x1ac, 0x594, 0x594, 0x594, 0x594, 0x594, 0x6, 0x0, {[{{@uncond, 0x0, 0xa4, 0xcc}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6, 0x0, 0x0, 0x44}, 0x0, 0xa4, 0xe0}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xf4, 0x138, 0x0, {}, [@common=@unspec=@connmark={{0x2c}}, @common=@inet=@socket1={{0x24}}]}, @SNPT={0x44, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00', @ipv4=@private}}}, {{@uncond, 0x0, 0x11c, 0x140, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x24}}, {{@uncond, 0x0, 0x134, 0x170, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x6b8) sched_setaffinity(0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) openat$vmci(0xffffff9c, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd64) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64"], 0x44}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000003040)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_io_uring_setup(0x6bfa, &(0x7f00000012c0)={0x0, 0x0, 0x10100}, &(0x7f00000000c0), &(0x7f0000000140)) r2 = memfd_secret(0x0) ftruncate(r2, 0x5) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x11, r2, 0x0) setuid(0x0) pread64(0xffffffffffffffff, &(0x7f00000002c0)=""/215, 0xd7, 0x3) futex(&(0x7f000000cffc), 0x100, 0x1, 0x0, &(0x7f0000048000)=0xfffffff2, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000040)={0x0, 0x200000000000}, 0x0) syz_io_uring_submit(r3, 0x0, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) setsockopt$sock_int(r4, 0x1, 0x21, &(0x7f0000000040), 0x4) socket$inet_smc(0x2b, 0x1, 0x0) 1.712854595s ago: executing program 2 (id=2352): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, 0x0, 0x0) 1.57965124s ago: executing program 0 (id=2353): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r6, r3, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000040)=ANY=[], 0x0) 1.462986239s ago: executing program 2 (id=2354): sched_setscheduler(0x0, 0x0, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000001440)={&(0x7f0000a88000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x3000}) 1.288775744s ago: executing program 0 (id=2355): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100ff030000000000030000850000007b00000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x82) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) r5 = syz_usb_connect(0x0, 0x45, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100001c2097088680030b28f40102030109023300010000000009040000000e0100000924060001a3e1f74c05240000000d240f01004000000200ffff"], 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r6, @ANYRES16=r5, @ANYRESOCT=0x0], 0x0, 0x6, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1d}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r8 = timerfd_create(0x0, 0x0) timerfd_settime(r8, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) read(r8, &(0x7f0000000140)=""/42, 0x2a) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_usb_control_io$hid(r5, &(0x7f0000000140)={0x24, 0x0, &(0x7f0000000280)=ANY=[@ANYRES16=r1], 0x0, 0x0}, 0x0) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f0000000340), 0x0, 0x2, 0x0) io_submit(0x0, 0x0, 0x0) 1.041135347s ago: executing program 1 (id=2356): r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x81b) read$char_usb(r0, 0x0, 0x4) 747.794775ms ago: executing program 1 (id=2357): socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) capget(&(0x7f0000000140)={0x19980330}, &(0x7f0000000280)={0x6, 0x7, 0x1e, 0x1, 0xdfd, 0x1}) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg(r1, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)='k', 0x1}], 0x1}}], 0x1, 0x0) recvmmsg(r1, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1003, 0x10122, 0x0) sendmsg$sock(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000500)="c4", 0x1}], 0x1}, 0x0) 515.484096ms ago: executing program 3 (id=2358): r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0xc0}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/94, 0x7ffff000}], 0x286, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000140)) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r5 = dup3(r4, r3, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000440)={0x73622a85, 0xa}) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0}) read$snddsp(r2, &(0x7f0000000740)=""/56, 0x38) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r7, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) socket$unix(0x1, 0x5, 0x0) r8 = io_uring_setup(0x428, &(0x7f00000000c0)={0x0, 0x0, 0x40}) io_uring_register$IORING_REGISTER_RING_FDS(r8, 0x14, &(0x7f0000001780)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) io_uring_enter(r5, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffffffffd44) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000001500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="d74d4156a221296a665e18aa4c7a0acfd92aa9fb57dbd7cb2c9a9d1cd00b40d432e82bebeb0c176990de4eceb7f41b16a0543f95240979fdcd68b7db60965ca8232034538be7d93df76fead7bddf574c70e3a9724a6614c371b405d4a8126f90990422f978e5e7eb2eb9448d419377df69a9d9635429f06fabcb6655d5dda77848c25b97f87151d9c21709000257580be9edd4f3041fcf2473042c8f55c0aa71ef035f5b89b0d2e4b322ec9787a3", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x0, 0x0, &(0x7f00009b1ffc)) memfd_secret(0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_trace', 0x10200, 0x80) 0s ago: executing program 4 (id=2359): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000700000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000000), &(0x7f0000000380)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r3, &(0x7f0000000040)=""/104, 0x4d) kernel console output (not intermixed with test programs): the MTU to 1560 would solve the problem. [ 1830.692417][T14689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1830.721158][T14689] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1830.739104][T14689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1830.779321][T14689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1830.852952][T11559] rtl8150 5-1:0.0: eth5: rtl8150 is detected [ 1830.931906][ T5280] usb 5-1: USB disconnect, device number 14 [ 1830.986952][ T5390] bridge_slave_1: left allmulticast mode [ 1831.005568][ T5390] bridge_slave_1: left promiscuous mode [ 1831.011513][ T5390] bridge0: port 2(bridge_slave_1) entered disabled state [ 1831.059980][ T5390] bridge_slave_0: left allmulticast mode [ 1831.081915][ T5390] bridge_slave_0: left promiscuous mode [ 1831.091751][ T5390] bridge0: port 1(bridge_slave_0) entered disabled state [ 1831.226748][ T8] uclogic 0003:256C:006D.0001: interface is invalid, ignoring [ 1831.290996][ T8] usb 1-1: USB disconnect, device number 19 [ 1831.934315][ T29] audit: type=1400 audit(1725206952.141:360): avc: denied { accept } for pid=14915 comm="syz.4.1425" lport=60594 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 1831.982755][ T29] audit: type=1400 audit(1725206952.211:361): avc: denied { setopt } for pid=14915 comm="syz.4.1425" lport=60594 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 1832.134277][ T29] audit: type=1400 audit(1725206952.211:362): avc: denied { read } for pid=14915 comm="syz.4.1425" lport=60594 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 1832.628560][ T5209] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1832.866980][ T5209] usb 2-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1832.897725][ T5209] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1832.935461][ T5209] usb 2-1: config 0 descriptor?? [ 1832.974330][ T5209] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input96 [ 1833.027757][ T29] audit: type=1400 audit(1725206953.261:363): avc: denied { read } for pid=4660 comm="acpid" name="mouse1" dev="devtmpfs" ino=2529 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 1833.068725][ T29] audit: type=1400 audit(1725206953.261:364): avc: denied { open } for pid=4660 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2529 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 1833.311843][ T5390] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1833.326445][ T29] audit: type=1400 audit(1725206953.551:365): avc: denied { watch } for pid=14936 comm="syz.4.1428" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=211 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 1833.392385][ T5390] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1833.407734][T11559] usb 2-1: USB disconnect, device number 11 [ 1833.417606][ T5390] bond0 (unregistering): Released all slaves [ 1833.615106][T14930] netlink: 'syz.0.1427': attribute type 10 has an invalid length. [ 1833.656860][T14930] bridge0: port 2(bridge_slave_1) entered disabled state [ 1833.667128][T14930] bridge0: port 1(bridge_slave_0) entered disabled state [ 1833.727495][T14930] bridge0: port 2(bridge_slave_1) entered blocking state [ 1833.734864][T14930] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1833.744875][T14930] bridge0: port 1(bridge_slave_0) entered blocking state [ 1833.752203][T14930] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1833.794905][T14930] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 1833.955847][T14689] hsr_slave_0: entered promiscuous mode [ 1833.966288][T14689] hsr_slave_1: entered promiscuous mode [ 1833.973394][T14689] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1834.003509][T14689] Cannot create hsr debugfs directory [ 1834.700205][ T5390] hsr_slave_0: left promiscuous mode [ 1834.724308][ T5390] hsr_slave_1: left promiscuous mode [ 1834.746109][ T5390] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1834.766792][ T5390] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1834.787576][ T5390] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1834.814153][ T5390] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1834.902775][ T5390] veth1_macvtap: left promiscuous mode [ 1834.923074][ T5390] veth0_macvtap: left promiscuous mode [ 1834.947694][ T5390] veth1_vlan: left promiscuous mode [ 1834.960047][ T5390] veth0_vlan: left promiscuous mode [ 1835.960501][ T5390] team0 (unregistering): Port device team_slave_1 removed [ 1836.032615][ T5390] team0 (unregistering): Port device team_slave_0 removed [ 1838.125157][T14502] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1838.224801][T11559] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 1838.325792][T14502] 8021q: adding VLAN 0 to HW filter on device team0 [ 1838.365639][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 1838.372956][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1838.414737][T11559] usb 2-1: Using ep0 maxpacket: 8 [ 1838.438170][T11559] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 1838.471366][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 1838.472013][T11559] usb 2-1: config 0 has no interface number 0 [ 1838.478670][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1838.523762][T11559] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1838.541743][T11559] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1838.552878][T11559] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1838.571249][T11559] usb 2-1: config 0 descriptor?? [ 1838.612814][T11559] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1838.879352][ T5304] usb 2-1: USB disconnect, device number 12 [ 1838.911760][ T5304] iowarrior 2-1:0.1: I/O-Warror #0 now disconnected [ 1839.170327][T15002] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1839.177565][T14689] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1839.211435][T14689] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1839.245147][T14689] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1839.266984][ T29] audit: type=1400 audit(1725206959.491:366): avc: denied { map } for pid=15003 comm="syz.4.1449" path="socket:[70629]" dev="sockfs" ino=70629 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 1839.316440][T14689] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1839.345863][ T29] audit: type=1400 audit(1725206959.501:367): avc: denied { read } for pid=15003 comm="syz.4.1449" path="socket:[70629]" dev="sockfs" ino=70629 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 1839.389845][ T29] audit: type=1400 audit(1725206959.501:368): avc: denied { getopt } for pid=15003 comm="syz.4.1449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 1839.474186][ T29] audit: type=1400 audit(1725206959.591:369): avc: denied { create } for pid=15006 comm="syz.0.1450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1839.583005][ T29] audit: type=1400 audit(1725206959.621:370): avc: denied { write } for pid=15006 comm="syz.0.1450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1839.652730][ T29] audit: type=1400 audit(1725206959.621:371): avc: denied { nlmsg_read } for pid=15006 comm="syz.0.1450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1839.697733][T14502] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1839.811984][ T29] audit: type=1400 audit(1725206960.041:372): avc: denied { read } for pid=15011 comm="syz.0.1452" path="socket:[71290]" dev="sockfs" ino=71290 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 1840.682893][T14689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1840.774208][T14502] veth0_vlan: entered promiscuous mode [ 1840.927754][T14689] 8021q: adding VLAN 0 to HW filter on device team0 [ 1840.957702][T14502] veth1_vlan: entered promiscuous mode [ 1841.015317][ T1839] bridge0: port 1(bridge_slave_0) entered blocking state [ 1841.022672][ T1839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1841.082381][ T1839] bridge0: port 2(bridge_slave_1) entered blocking state [ 1841.089730][ T1839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1841.327859][ T29] audit: type=1400 audit(1725206961.551:373): avc: denied { ioctl } for pid=15034 comm="syz.0.1460" path="socket:[71751]" dev="sockfs" ino=71751 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 1841.335928][T14502] veth0_macvtap: entered promiscuous mode [ 1841.429659][T14502] veth1_macvtap: entered promiscuous mode [ 1841.508687][T14502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1841.539632][T14502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1841.560522][T14502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1841.581856][T14502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1841.594324][ T5280] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 1841.617254][T14502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1841.643996][T14502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1841.667171][T14502] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1841.727256][T14502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1841.802516][ T29] audit: type=1400 audit(1725206962.021:374): avc: denied { read write } for pid=15043 comm="syz.0.1463" name="uhid" dev="devtmpfs" ino=1084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 1841.821121][T14502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1841.838595][ T5280] usb 5-1: Using ep0 maxpacket: 8 [ 1841.851718][ T5280] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 1841.870304][ T5280] usb 5-1: config 0 has no interface number 0 [ 1841.878171][T14502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1841.889219][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1841.894076][ T5280] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1841.914019][T14502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1841.914425][ T29] audit: type=1400 audit(1725206962.031:375): avc: denied { open } for pid=15043 comm="syz.0.1463" path="/dev/uhid" dev="devtmpfs" ino=1084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 1841.944069][ T5280] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1841.958366][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1841.966369][T14502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1841.978324][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1841.986188][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1841.988263][ T5280] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1841.998976][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.010170][T14502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1842.010540][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.030166][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.040308][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.048242][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.056264][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.063747][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.077448][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.085837][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.093426][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.112221][T14502] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1842.119625][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.135755][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.163503][T14502] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1842.181046][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.203836][T14502] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1842.213179][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.224065][ T5304] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 1842.247451][T14502] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1842.257160][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.271702][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.282293][T14502] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1842.302404][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.331457][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.364110][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.399112][ T5280] usb 5-1: config 0 descriptor?? [ 1842.407328][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.423566][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1842.425820][ T5280] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1842.945674][ T5280] usb 5-1: USB disconnect, device number 15 [ 1842.961353][T14689] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1843.083595][ T5280] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected [ 1843.265954][ T5304] usb 1-1: config 0 has no interfaces? [ 1843.271557][ T5304] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 1843.294403][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1843.302044][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1843.317553][ T5304] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1843.326154][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1843.327644][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1843.342809][ T5304] usb 1-1: config 0 descriptor?? [ 1843.348603][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1843.351611][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1843.356097][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1843.356140][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1843.356180][T14896] hid-generic 0000:04AD:0000.0002: unknown main item tag 0x0 [ 1843.405316][T14896] hid-generic 0000:04AD:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 1843.541627][T14689] veth0_vlan: entered promiscuous mode [ 1843.576040][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1843.600300][T14689] veth1_vlan: entered promiscuous mode [ 1843.638307][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1843.782769][T14896] usb 1-1: USB disconnect, device number 20 [ 1843.856900][T14689] veth0_macvtap: entered promiscuous mode [ 1843.914646][T14689] veth1_macvtap: entered promiscuous mode [ 1844.018770][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1844.050827][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1844.079638][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1844.114800][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1844.140198][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1844.164153][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1844.432391][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1847.328354][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1847.348848][T15067] slcan: can't register candev [ 1847.355849][T15067] Falling back ldisc for ttyprintk. [ 1847.436233][T14689] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1847.608183][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1847.656997][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1847.685194][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1847.714516][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1847.734005][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1847.758976][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1847.794059][T14689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1847.819191][T14689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1848.094166][T14689] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1848.225670][ T5209] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 1848.840562][T14689] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1848.894294][T14689] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1848.929021][ T5209] usb 2-1: New USB device found, idVendor=046d, idProduct=08b4, bcdDevice= e.32 [ 1848.954331][T14689] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1848.974038][ T5209] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1849.002554][ T5209] usb 2-1: Product: syz [ 1849.007812][T14689] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1849.033869][ T5209] usb 2-1: Manufacturer: syz [ 1849.054479][ T5209] usb 2-1: SerialNumber: syz [ 1849.126360][ T5209] usb 2-1: config 0 descriptor?? [ 1849.157998][ T5209] pwc: Logitech QuickCam Zoom (new model) USB webcam detected. [ 1849.624649][ T5209] pwc: Failed to set LED on/off time (-71) [ 1849.644295][ T5209] pwc: send_video_command error -71 [ 1849.649572][ T5209] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 1849.662395][ T5209] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71 [ 1849.683515][T14671] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1849.685279][ T5209] usb 2-1: USB disconnect, device number 13 [ 1849.703114][T14671] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1849.897458][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1849.914065][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1850.393602][T15097] fuse: Bad value for 'fd' [ 1850.422283][T15099] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1850.691954][T15106] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "©b¸_v-f`‹‚" [ 1853.444255][ T29] audit: type=1326 audit(1725206973.671:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1853.588323][ T29] audit: type=1326 audit(1725206973.671:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1853.774124][ T29] audit: type=1326 audit(1725206973.681:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.257204][ T29] audit: type=1326 audit(1725206973.681:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.481680][ T29] audit: type=1326 audit(1725206973.711:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.652782][ T29] audit: type=1326 audit(1725206973.711:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.729064][ T29] audit: type=1326 audit(1725206973.711:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.758048][ T29] audit: type=1326 audit(1725206973.711:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.781652][ T29] audit: type=1326 audit(1725206973.711:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.808810][ T29] audit: type=1326 audit(1725206973.711:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15137 comm="syz.0.1496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1854.999806][T15158] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "©b¸_v-f`‹‚" [ 1855.634343][T15156] syzkaller0: entered promiscuous mode [ 1855.681939][T15156] syzkaller0: entered allmulticast mode [ 1856.948793][T11559] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 1857.147715][T11559] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1857.179497][T11559] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1857.219641][T11559] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1857.242338][T11559] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1857.262142][T11559] usb 2-1: config 0 descriptor?? [ 1857.814946][T15195] usb usb7: usbfs: process 15195 (syz.3.1519) did not claim interface 0 before use [ 1858.670654][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 1858.670679][ T29] audit: type=1326 audit(1725206978.891:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1858.706386][ T29] audit: type=1326 audit(1725206978.891:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1858.747123][ T29] audit: type=1326 audit(1725206978.941:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1858.780199][ T29] audit: type=1326 audit(1725206978.941:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1858.868762][ T29] audit: type=1326 audit(1725206978.941:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1859.015446][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 1859.022027][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 1859.048749][ T29] audit: type=1326 audit(1725206979.041:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1859.143985][ T29] audit: type=1326 audit(1725206979.041:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1859.214478][ T29] audit: type=1326 audit(1725206979.041:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1859.249695][T11559] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0003/input/input98 [ 1859.291472][ T29] audit: type=1326 audit(1725206979.101:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1859.394936][ T29] audit: type=1326 audit(1725206979.101:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15201 comm="syz.4.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1859.398665][T15182] input: syz1 as /devices/virtual/input/input97 [ 1859.511440][T11559] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0003/input/input99 [ 1860.531205][T11559] uclogic 0003:256C:006D.0003: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0 [ 1860.941651][T11559] usb 2-1: USB disconnect, device number 14 [ 1863.090068][T11559] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 1863.288731][T11559] usb 3-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1863.298090][T11559] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1863.310368][T11559] usb 3-1: config 0 descriptor?? [ 1863.332638][T11559] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input100 [ 1863.580472][T11559] usb 3-1: USB disconnect, device number 8 [ 1865.208104][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 1865.208129][ T29] audit: type=1326 audit(1725206985.441:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1865.479362][ T29] audit: type=1326 audit(1725206985.481:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1865.790529][ T29] audit: type=1326 audit(1725206985.511:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1865.824485][ T29] audit: type=1326 audit(1725206985.511:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1865.956820][ T29] audit: type=1326 audit(1725206985.531:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1866.031305][ T29] audit: type=1326 audit(1725206985.531:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1866.081123][ T29] audit: type=1326 audit(1725206985.551:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1866.133713][ T29] audit: type=1326 audit(1725206985.551:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1866.178320][T15251] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1866.197272][T15251] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 1866.210506][ T29] audit: type=1326 audit(1725206985.551:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1866.265806][ T29] audit: type=1326 audit(1725206985.551:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15240 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1866.421831][T15254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1538'. [ 1868.233790][ T5209] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 1868.587176][ T5209] usb 5-1: Using ep0 maxpacket: 8 [ 1868.603734][ T5209] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice=6e.55 [ 1868.634840][ T5209] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1868.642896][ T5209] usb 5-1: Product: syz [ 1868.674511][ T5209] usb 5-1: Manufacturer: syz [ 1868.695353][ T5209] usb 5-1: SerialNumber: syz [ 1868.782406][ T5209] usb 5-1: config 0 descriptor?? [ 1868.804152][ T5277] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 1868.984314][T11559] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 1869.002509][T15286] netlink: 'syz.0.1550': attribute type 1 has an invalid length. [ 1869.044148][ T5277] usb 4-1: Using ep0 maxpacket: 16 [ 1869.072310][ T5277] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1869.094002][ T5209] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 1869.110491][ T5277] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1869.121046][ T5209] dvb_usb_af9015 5-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 1869.131916][T15286] bond1: entered promiscuous mode [ 1869.143944][ T5277] usb 4-1: Product: syz [ 1869.148168][ T5277] usb 4-1: Manufacturer: syz [ 1869.164773][T15288] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1550'. [ 1869.183654][ T5277] usb 4-1: SerialNumber: syz [ 1869.184043][T11559] usb 2-1: Using ep0 maxpacket: 16 [ 1869.189217][ T5209] usb 5-1: USB disconnect, device number 16 [ 1869.206498][T11559] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1869.242473][T15288] bond1: left promiscuous mode [ 1869.242852][ T5277] r8152-cfgselector 4-1: Unknown version 0x0000 [ 1869.247422][T11559] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1869.247478][T11559] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1869.266215][T11559] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 1869.304621][ T5277] r8152-cfgselector 4-1: config 0 descriptor?? [ 1869.304695][T15288] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1869.317888][T11559] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1869.334007][T11559] usb 2-1: Product: syz [ 1869.338240][T11559] usb 2-1: Manufacturer: syz [ 1869.342896][T11559] usb 2-1: SerialNumber: syz [ 1869.384326][T11559] usb 2-1: config 0 descriptor?? [ 1869.403302][T11559] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input101 [ 1869.725195][ T5280] usb 2-1: USB disconnect, device number 15 [ 1869.824132][ T5209] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 1869.878185][ T5277] r8152-cfgselector 4-1: USB disconnect, device number 22 [ 1870.050934][ T5209] usb 3-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1870.063959][ T5209] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1870.087780][ T5209] usb 3-1: config 0 descriptor?? [ 1870.114839][ T5209] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input102 [ 1870.433386][T14896] usb 3-1: USB disconnect, device number 9 [ 1872.131965][T15318] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1561'. [ 1872.713814][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 1872.713840][ T29] audit: type=1400 audit(1725206992.941:441): avc: denied { write } for pid=15327 comm="syz.3.1566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 1873.034918][ T29] audit: type=1326 audit(1725206993.271:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15337 comm="syz.3.1570" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x0 [ 1874.920665][T15353] netlink: 'syz.4.1574': attribute type 1 has an invalid length. [ 1874.929958][T15353] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1574'. [ 1874.941853][ T5304] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 1875.114452][ T29] audit: type=1400 audit(1725206995.341:443): avc: denied { create } for pid=15355 comm="syz.2.1576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 1875.168997][ T5304] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1875.192143][ T5304] usb 2-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=22.40 [ 1875.218120][ T5304] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1875.333689][ T29] audit: type=1400 audit(1725206995.371:444): avc: denied { shutdown } for pid=15355 comm="syz.2.1576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 1875.502997][ T5304] usb 2-1: Product: syz [ 1875.507532][ T5304] usb 2-1: Manufacturer: syz [ 1875.518743][ T5304] usb 2-1: SerialNumber: syz [ 1875.540474][ T5304] usb 2-1: config 0 descriptor?? [ 1876.721341][ T5304] usb 2-1: can't set config #0, error -71 [ 1876.757647][ T5304] usb 2-1: USB disconnect, device number 16 [ 1877.665019][T15382] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1587'. [ 1877.803504][ T29] audit: type=1400 audit(1725206998.031:445): avc: denied { ioctl } for pid=15379 comm="syz.2.1587" path="socket:[72600]" dev="sockfs" ino=72600 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 1877.805358][T15382] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1587'. [ 1877.983354][T15392] netlink: 'syz.4.1591': attribute type 1 has an invalid length. [ 1878.019071][T15392] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1591'. [ 1878.030245][T15391] syz.3.1590[15391] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1878.030443][T15391] syz.3.1590[15391] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1880.662872][T15410] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 1880.794096][ T9] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 1880.934433][ T5277] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 1881.032301][ T9] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1881.045221][T15414] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1881.069060][ T9] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=22.40 [ 1881.101084][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1881.184025][ T5277] usb 1-1: Using ep0 maxpacket: 16 [ 1881.350040][ T9] usb 5-1: Product: syz [ 1881.354460][ T9] usb 5-1: Manufacturer: syz [ 1881.361252][ T9] usb 5-1: SerialNumber: syz [ 1881.466278][ T5277] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1881.506143][ T5277] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1881.543605][ T5277] usb 1-1: Product: syz [ 1881.554810][ T9] usb 5-1: config 0 descriptor?? [ 1881.565870][ T5277] usb 1-1: Manufacturer: syz [ 1881.577132][ T5277] usb 1-1: SerialNumber: syz [ 1881.651906][ T5277] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1881.660239][ T5277] r8152-cfgselector 1-1: config 0 descriptor?? [ 1881.702180][ T29] audit: type=1400 audit(1725207001.921:446): avc: denied { mount } for pid=15416 comm="syz.2.1601" name="/" dev="ramfs" ino=72678 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 1881.951932][ T5277] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1881.959400][T15424] syz.3.1603[15424] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1881.959578][T15424] syz.3.1603[15424] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1882.238384][ T5277] r8152-cfgselector 1-1: bad CDC descriptors [ 1883.074148][ T5277] r8152-cfgselector 1-1: USB disconnect, device number 21 [ 1883.394832][T11559] usb 5-1: USB disconnect, device number 17 [ 1886.249998][T15457] syz.4.1614[15457] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1886.250257][T15457] syz.4.1614[15457] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1886.535726][T15459] warning: `syz.1.1615' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1886.650117][T15459] bridge0: entered promiscuous mode [ 1886.655641][T15459] bridge0: entered allmulticast mode [ 1887.994153][ T5277] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 1888.684497][ T7046] Bluetooth: hci0: command 0x0405 tx timeout [ 1889.116749][ T5277] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1889.194400][ T5277] usb 2-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=22.40 [ 1889.203525][ T5277] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1889.279869][ T5277] usb 2-1: Product: syz [ 1889.293964][ T5277] usb 2-1: Manufacturer: syz [ 1889.298646][ T5277] usb 2-1: SerialNumber: syz [ 1889.347898][ T5277] usb 2-1: config 0 descriptor?? [ 1889.994104][ T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 1890.217248][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 1890.260403][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 1890.319475][ T9] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 1890.339580][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1890.365583][ T9] usb 4-1: Product: syz [ 1890.429937][ T9] usb 4-1: Manufacturer: syz [ 1890.454121][ T9] usb 4-1: SerialNumber: syz [ 1890.499104][ T9] usb 4-1: config 0 descriptor?? [ 1890.518660][T15488] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1890.548080][T15488] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1890.602829][T15498] syz.2.1629[15498] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1890.603058][T15498] syz.2.1629[15498] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1891.953778][T15488] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1891.976501][T15488] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1892.032761][ T5277] usb 2-1: USB disconnect, device number 17 [ 1892.820044][ T9] dm9601 4-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 1892.843825][ T9] usb 4-1: USB disconnect, device number 23 [ 1893.244894][ T29] audit: type=1400 audit(1725207013.481:447): avc: denied { watch watch_reads } for pid=15522 comm="syz.4.1638" path="/proc/1855/task" dev="proc" ino=73410 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 1893.865312][T15534] syz.0.1642[15534] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1893.865506][T15534] syz.0.1642[15534] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1895.264675][ T5304] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 1895.575238][ T5304] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1895.661874][ T5304] usb 4-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=22.40 [ 1895.685790][ T5304] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1895.716921][ T5304] usb 4-1: Product: syz [ 1895.744047][ T5304] usb 4-1: Manufacturer: syz [ 1895.756969][ T5304] usb 4-1: SerialNumber: syz [ 1895.825806][ T5304] usb 4-1: config 0 descriptor?? [ 1896.536261][T15554] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1651'. [ 1897.246950][ T5209] usb 4-1: USB disconnect, device number 24 [ 1897.754301][ T9] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 1898.237176][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1898.274206][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1898.339528][ T9] usb 1-1: config 0 descriptor?? [ 1898.390539][ T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input103 [ 1898.691170][ T9] usb 1-1: USB disconnect, device number 22 [ 1898.709323][ T29] audit: type=1400 audit(1725207018.941:448): avc: denied { write } for pid=4657 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1898.764175][ T29] audit: type=1400 audit(1725207018.941:449): avc: denied { remove_name } for pid=4657 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1898.843300][ T29] audit: type=1400 audit(1725207018.941:450): avc: denied { add_name } for pid=4657 comm="syslogd" name="messages.0" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1899.384045][ T9] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 1899.666849][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1899.717472][ T9] usb 4-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=22.40 [ 1899.744147][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1899.782705][ T9] usb 4-1: Product: syz [ 1899.793110][ T9] usb 4-1: Manufacturer: syz [ 1899.833507][ T9] usb 4-1: SerialNumber: syz [ 1899.870027][ T9] usb 4-1: config 0 descriptor?? [ 1900.854290][T15606] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1667'. [ 1900.995355][ T29] audit: type=1400 audit(1725207021.181:451): avc: denied { bind } for pid=15610 comm="syz.0.1668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1901.047159][ T29] audit: type=1400 audit(1725207021.191:452): avc: denied { setopt } for pid=15610 comm="syz.0.1668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1901.850844][ T29] audit: type=1400 audit(1725207021.201:453): avc: denied { mounton } for pid=15610 comm="syz.0.1668" path="/proc/349/cgroup" dev="proc" ino=73556 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 1901.989106][T15619] syz.0.1671[15619] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1901.989324][T15619] syz.0.1671[15619] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1903.328080][ T5209] usb 4-1: USB disconnect, device number 25 [ 1903.539180][T15629] fuse: Bad value for 'fd' [ 1905.189942][ T29] audit: type=1400 audit(1725207025.421:454): avc: denied { read } for pid=15647 comm="syz.2.1680" name="fb0" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 1905.295491][ T29] audit: type=1400 audit(1725207025.451:455): avc: denied { open } for pid=15647 comm="syz.2.1680" path="/dev/fb0" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 1906.186012][ T29] audit: type=1400 audit(1725207026.421:456): avc: denied { write } for pid=15647 comm="syz.2.1680" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1906.584026][ T5277] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 1906.645432][T15658] syz.4.1682[15658] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1906.645690][T15658] syz.4.1682[15658] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1908.026450][ T5277] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 1908.110264][ T5277] usb 4-1: can't read configurations, error -71 [ 1909.084075][T13791] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 1909.310796][T15680] fuse: Bad value for 'fd' [ 1909.328701][T13791] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1909.388786][T13791] usb 2-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=22.40 [ 1909.408542][T13791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1909.432914][T13791] usb 2-1: Product: syz [ 1909.458228][T13791] usb 2-1: Manufacturer: syz [ 1909.473990][T13791] usb 2-1: SerialNumber: syz [ 1909.492382][T13791] usb 2-1: config 0 descriptor?? [ 1911.398454][T15696] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1911.408773][T15696] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 1911.848459][T14178] usb 2-1: USB disconnect, device number 18 [ 1912.276440][ T7046] Bluetooth: hci3: command 0x0406 tx timeout [ 1912.814033][T11559] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 1913.023966][T11559] usb 1-1: Using ep0 maxpacket: 16 [ 1913.041828][T11559] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1913.073407][T11559] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1913.113862][T11559] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1913.184090][T11559] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1913.193363][T11559] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1913.244801][T11559] usb 1-1: config 0 descriptor?? [ 1913.739541][T11559] usbhid 1-1:0.0: can't add hid device: -71 [ 1913.770301][T11559] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 1913.966765][T11559] usb 1-1: USB disconnect, device number 23 [ 1914.084812][T15709] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "©b¸_v-f`‹‚" [ 1914.533835][T15722] fuse: Bad value for 'fd' [ 1916.956777][ T29] audit: type=1400 audit(1725207037.181:457): avc: denied { bind } for pid=15751 comm="syz.3.1714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1916.984284][T14178] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 1917.206145][T14178] usb 1-1: Using ep0 maxpacket: 16 [ 1917.219113][T14178] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1917.247782][T14178] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1917.265764][T14178] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1917.306857][T14178] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1917.338504][T14178] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1917.379152][T14178] usb 1-1: config 0 descriptor?? [ 1917.833823][T14178] usbhid 1-1:0.0: can't add hid device: -71 [ 1917.852219][T14178] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 1917.867703][ T29] audit: type=1400 audit(1725207038.091:458): avc: denied { read } for pid=15759 comm="syz.3.1716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 1917.868311][T15760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1917.924667][T14178] usb 1-1: USB disconnect, device number 24 [ 1918.211891][T15763] wlan1: No basic rates, using min rate instead [ 1918.246643][T15763] wlan1: authenticate with 50:50:50:50:50:50 (local address=08:02:11:00:00:01) [ 1918.298752][T15763] wlan1: send auth to 50:50:50:50:50:50 (try 1/3) [ 1918.309031][T15764] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "©b¸_v-f`‹‚" [ 1918.330341][ T5597] wlan1: send auth to 50:50:50:50:50:50 (try 2/3) [ 1918.345126][ T5597] wlan1: send auth to 50:50:50:50:50:50 (try 3/3) [ 1918.374711][ T5597] wlan1: authentication with 50:50:50:50:50:50 timed out [ 1918.455815][T15760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1919.854351][ T5304] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 1919.995354][ T29] audit: type=1400 audit(1725207040.221:459): avc: denied { listen } for pid=15784 comm="syz.4.1726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1920.077677][ T5304] usb 1-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1920.095856][ T5304] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1920.136181][ T5304] usb 1-1: config 0 descriptor?? [ 1920.177826][ T5304] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input104 [ 1920.430023][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 1920.471927][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 1920.539078][ T9] usb 1-1: USB disconnect, device number 25 [ 1922.435762][T15819] fuse: Bad value for 'fd' [ 1925.518043][T14178] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 1925.726770][T14178] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1925.750311][T14178] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1925.786426][T14178] usb 5-1: config 0 descriptor?? [ 1925.820053][T14178] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input105 [ 1926.156115][T14178] usb 5-1: USB disconnect, device number 18 [ 1931.454331][T11559] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 1932.498675][T11559] usb 4-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1932.524307][T11559] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1932.566741][T11559] usb 4-1: config 0 descriptor?? [ 1932.612928][T11559] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input106 [ 1932.754242][ T7046] Bluetooth: hci0: command 0x0405 tx timeout [ 1932.837055][T14178] usb 4-1: USB disconnect, device number 28 [ 1933.430668][T15912] syzkaller0: entered promiscuous mode [ 1933.470974][T15912] syzkaller0: entered allmulticast mode [ 1936.658705][T13791] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 1936.878423][T13791] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1936.894447][T13791] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1936.933659][T13791] usb 5-1: config 0 descriptor?? [ 1936.977515][T13791] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input107 [ 1937.189727][T13791] usb 5-1: USB disconnect, device number 19 [ 1940.480243][T15949] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1941.564426][ T5304] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 1941.778886][ T5304] usb 1-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1941.797745][ T5304] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1941.908567][ T5304] usb 1-1: config 0 descriptor?? [ 1941.963068][ T5304] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input108 [ 1942.265118][ T5280] usb 1-1: USB disconnect, device number 26 [ 1942.746797][T16004] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1943.464760][ T5304] usb 5-1: new full-speed USB device number 20 using dummy_hcd [ 1943.690217][ T5304] usb 5-1: config 1 interface 0 has no altsetting 0 [ 1943.709666][ T5304] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1943.743763][ T5304] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1943.776288][ T5304] usb 5-1: Product: syz [ 1943.791879][ T5304] usb 5-1: Manufacturer: syz [ 1943.805901][ T5304] usb 5-1: SerialNumber: syz [ 1943.954469][ T5209] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1944.124074][ T5209] usb 3-1: device descriptor read/64, error -71 [ 1944.404109][ T5209] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 1944.584268][ T5209] usb 3-1: device descriptor read/64, error -71 [ 1944.712178][T16034] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1944.736341][ T5209] usb usb3-port1: attempt power cycle [ 1944.954048][T11559] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 1944.976414][T16038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1825'. [ 1945.174151][ T5209] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 1945.176546][T11559] usb 2-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1945.204284][T11559] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1945.225241][ T5209] usb 3-1: device descriptor read/8, error -71 [ 1945.227320][T11559] usb 2-1: config 0 descriptor?? [ 1945.295300][T11559] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input109 [ 1945.449837][ T29] audit: type=1400 audit(1725207065.681:460): avc: denied { ioctl } for pid=16045 comm="syz.0.1828" path="/dev/fb0" dev="devtmpfs" ino=631 ioctlcmd=0x4611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 1945.514100][ T5209] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 1945.539671][ T5280] usb 2-1: USB disconnect, device number 19 [ 1945.555449][ T5209] usb 3-1: device descriptor read/8, error -71 [ 1945.692900][ T5209] usb usb3-port1: unable to enumerate USB device [ 1946.067044][ T29] audit: type=1400 audit(1725207066.271:461): avc: denied { write } for pid=16049 comm="syz.0.1830" path="socket:[75199]" dev="sockfs" ino=75199 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 1946.167226][ T5304] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 1946.251209][ T5304] usb 5-1: USB disconnect, device number 20 [ 1946.314598][ T5304] usblp0: removed [ 1947.179997][T16060] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1947.526670][ T29] audit: type=1400 audit(1725207067.761:462): avc: denied { write } for pid=16065 comm="syz.1.1836" path="socket:[75239]" dev="sockfs" ino=75239 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 1949.352506][ T5280] usb 2-1: new full-speed USB device number 20 using dummy_hcd [ 1949.850983][T16094] can0: slcan on ttyprintk. [ 1950.041030][T16098] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1950.607360][T16088] can0 (unregistered): slcan off ttyprintk. [ 1951.087225][ T5280] usb 2-1: config 1 interface 0 has no altsetting 0 [ 1951.107210][ T5280] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1951.124911][ T5280] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1951.132984][ T5280] usb 2-1: Product: syz [ 1951.163931][ T5280] usb 2-1: Manufacturer: syz [ 1951.168612][ T5280] usb 2-1: SerialNumber: syz [ 1951.489999][T16114] input: syz1 as /devices/virtual/input/input110 [ 1951.539219][ T29] audit: type=1326 audit(1725207071.771:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634049][ T29] audit: type=1326 audit(1725207071.771:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634149][ T29] audit: type=1326 audit(1725207071.791:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634238][ T29] audit: type=1326 audit(1725207071.791:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634328][ T29] audit: type=1326 audit(1725207071.791:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634428][ T29] audit: type=1326 audit(1725207071.791:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634526][ T29] audit: type=1326 audit(1725207071.801:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634613][ T29] audit: type=1326 audit(1725207071.801:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634699][ T29] audit: type=1326 audit(1725207071.801:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.634785][ T29] audit: type=1326 audit(1725207071.801:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16122 comm="syz.0.1858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0c179eb9 code=0x7ffc0000 [ 1951.670335][T16125] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1951.870466][T16130] syz.0.1861[16130] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1951.870772][T16130] syz.0.1861[16130] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1953.256792][T16140] can0: slcan on ttyprintk. [ 1953.281012][ T5280] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 1953.331539][ T5280] usb 2-1: USB disconnect, device number 20 [ 1953.437239][T16134] can0 (unregistered): slcan off ttyprintk. [ 1953.511590][ T5280] usblp0: removed [ 1954.261274][T16159] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1956.146682][ T5277] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 1956.409623][ T5277] usb 5-1: Using ep0 maxpacket: 16 [ 1956.464091][ T5277] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1956.516586][ T5277] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1956.559672][ T5277] usb 5-1: Product: syz [ 1956.574349][ T5277] usb 5-1: Manufacturer: syz [ 1956.579105][ T5277] usb 5-1: SerialNumber: syz [ 1956.616223][ T5277] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1956.644845][ T5277] r8152-cfgselector 5-1: config 0 descriptor?? [ 1956.966260][T16197] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "©b¸_v-f`‹‚" [ 1957.098844][ T5304] r8152-cfgselector 5-1: USB disconnect, device number 21 [ 1959.027034][T16218] can0: slcan on ttyprintk. [ 1959.301255][T16208] can0 (unregistered): slcan off ttyprintk. [ 1959.320909][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 1959.320933][ T29] audit: type=1326 audit(1725207079.521:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1959.443260][ T29] audit: type=1326 audit(1725207079.591:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1959.502349][ T29] audit: type=1326 audit(1725207079.601:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1959.662990][ T29] audit: type=1326 audit(1725207079.601:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1959.753451][ T29] audit: type=1326 audit(1725207079.601:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1959.830097][ T29] audit: type=1326 audit(1725207079.601:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1959.914411][ T29] audit: type=1326 audit(1725207079.601:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1960.085749][ T29] audit: type=1326 audit(1725207079.601:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1960.191059][T16231] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "©b¸_v-f`‹‚" [ 1960.199028][ T29] audit: type=1326 audit(1725207079.611:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1960.282157][ T29] audit: type=1326 audit(1725207079.611:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.4.1895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1960.398155][T16236] fuse: Bad value for 'fd' [ 1962.307206][T16263] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1962.467028][T16267] fuse: Bad value for 'fd' [ 1963.934783][T16285] netlink: 'syz.0.1917': attribute type 10 has an invalid length. [ 1965.064990][T16285] bond0: (slave bond_slave_0): Releasing backup interface [ 1965.375806][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 1965.375832][ T29] audit: type=1326 audit(1725207085.611:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.482363][ T29] audit: type=1326 audit(1725207085.611:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.518228][ T29] audit: type=1326 audit(1725207085.641:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.597911][T16307] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1965.606965][ T29] audit: type=1326 audit(1725207085.651:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.692059][ T29] audit: type=1326 audit(1725207085.651:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.730399][ T29] audit: type=1326 audit(1725207085.661:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.811705][T16312] fuse: Bad value for 'fd' [ 1965.815392][ T29] audit: type=1326 audit(1725207085.661:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.870401][ T29] audit: type=1326 audit(1725207085.661:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1965.931577][ T29] audit: type=1326 audit(1725207085.671:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1966.009669][ T29] audit: type=1326 audit(1725207085.671:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16297 comm="syz.1.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe90b79eb9 code=0x7ffc0000 [ 1967.208116][T16331] syz.3.1933[16331] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1967.208362][T16331] syz.3.1933[16331] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1968.139192][T16346] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1968.225214][T16350] fuse: Bad value for 'fd' [ 1968.663228][T16366] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1970.384054][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 1970.384092][ T29] audit: type=1326 audit(1725207090.611:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16377 comm="syz.3.1952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 1970.523979][ T29] audit: type=1326 audit(1725207090.651:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16377 comm="syz.3.1952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 1970.525610][T16387] syz.1.1954[16387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1970.563331][T16387] syz.1.1954[16387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1970.627798][ T29] audit: type=1326 audit(1725207090.651:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16377 comm="syz.3.1952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 1970.700129][T16392] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1970.755196][ T29] audit: type=1326 audit(1725207090.651:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16377 comm="syz.3.1952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 1970.844784][T16394] fuse: Bad value for 'fd' [ 1970.851334][ T29] audit: type=1326 audit(1725207090.651:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16377 comm="syz.3.1952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 1971.290808][ T29] audit: type=1326 audit(1725207091.521:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16413 comm="syz.4.1966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1971.321162][ T5304] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 1971.329764][ T29] audit: type=1326 audit(1725207091.551:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16413 comm="syz.4.1966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1971.360065][ T29] audit: type=1326 audit(1725207091.591:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16413 comm="syz.4.1966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1971.404239][ T29] audit: type=1326 audit(1725207091.591:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16413 comm="syz.4.1966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1971.428762][ T29] audit: type=1326 audit(1725207091.621:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16413 comm="syz.4.1966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a33979eb9 code=0x7ffc0000 [ 1971.564271][ T5304] usb 2-1: Using ep0 maxpacket: 8 [ 1971.577449][ T5304] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 1971.602074][ T5304] usb 2-1: config 0 has no interface number 0 [ 1971.622118][ T5304] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1971.686124][ T5304] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1971.701773][ T5304] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1971.749792][ T5304] usb 2-1: config 0 descriptor?? [ 1971.774480][ T5304] iowarrior 2-1:0.1: no interrupt-in endpoint found [ 1972.374673][ T5280] usb 2-1: USB disconnect, device number 21 [ 1972.597823][T16430] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1972.735318][T16435] fuse: Invalid rootmode [ 1972.985256][T11559] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 1973.178749][T11559] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1973.200443][T11559] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1973.227402][T11559] usb 5-1: config 0 descriptor?? [ 1973.254341][T11559] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input111 [ 1973.942023][ T5280] usb 5-1: USB disconnect, device number 22 [ 1974.181903][T16466] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 1974.556121][T16472] fuse: Invalid rootmode [ 1974.911249][T16480] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1990'. [ 1974.932713][T16482] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1991'. [ 1975.200252][ T5304] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 1975.407420][ T5304] usb 4-1: Using ep0 maxpacket: 8 [ 1975.448225][ T5304] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 1975.485550][ T5304] usb 4-1: config 0 has no interface number 0 [ 1975.507848][ T5304] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1975.549969][ T5304] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1975.563944][ T5304] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1975.595616][ T5304] usb 4-1: config 0 descriptor?? [ 1975.623276][ T5304] iowarrior 4-1:0.1: no interrupt-in endpoint found [ 1975.800556][T16500] fuse: Invalid rootmode [ 1975.863558][T14178] usb 4-1: USB disconnect, device number 29 [ 1976.074111][ T5304] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 1976.309072][ T5304] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 1976.334350][ T5304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1976.359888][ T5304] usb 5-1: config 0 descriptor?? [ 1976.392589][T16514] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2004'. [ 1976.405533][ T5304] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input112 [ 1976.590670][T14178] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 1976.632533][ T5277] usb 5-1: USB disconnect, device number 23 [ 1976.799574][ T29] kauditd_printk_skb: 24 callbacks suppressed [ 1976.799598][ T29] audit: type=1400 audit(1725207097.031:624): avc: denied { transfer } for pid=16521 comm="syz.0.2008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 1976.836634][T14178] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1976.862222][T14178] usb 2-1: config 0 has no interfaces? [ 1976.864195][ T5280] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 1976.888359][T14178] usb 2-1: New USB device found, idVendor=046d, idProduct=08b4, bcdDevice= e.32 [ 1976.910261][T14178] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1976.923565][T14178] usb 2-1: Product: syz [ 1976.932248][T14178] usb 2-1: Manufacturer: syz [ 1976.940197][T14178] usb 2-1: SerialNumber: syz [ 1976.967295][T14178] usb 2-1: config 0 descriptor?? [ 1977.019461][T16528] fuse: Bad value for 'rootmode' [ 1977.075206][ T5280] usb 4-1: Using ep0 maxpacket: 16 [ 1977.091437][ T5280] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1977.120155][ T5280] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1977.134548][ T5280] usb 4-1: Product: syz [ 1977.138780][ T5280] usb 4-1: Manufacturer: syz [ 1977.143423][ T5280] usb 4-1: SerialNumber: syz [ 1977.189411][ T5280] r8152-cfgselector 4-1: Unknown version 0x0000 [ 1977.202744][ T5280] r8152-cfgselector 4-1: config 0 descriptor?? [ 1977.219853][ T5304] usb 2-1: USB disconnect, device number 22 [ 1977.287004][T16537] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2015'. [ 1977.395999][T14178] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 1977.594336][T14178] usb 1-1: Using ep0 maxpacket: 16 [ 1977.602676][T14178] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1977.631820][T14178] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1977.652102][T14178] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1977.683612][T14178] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1977.702978][T14178] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1977.706706][ T5280] r8152-cfgselector 4-1: USB disconnect, device number 30 [ 1977.749678][T14178] usb 1-1: config 0 descriptor?? [ 1978.872137][T16557] can0: slcan on ttyprintk. [ 1979.706310][T16551] can0 (unregistered): slcan off ttyprintk. [ 1979.983743][T14178] microsoft 0003:045E:07DA.0004: ignoring exceeding usage max [ 1980.656743][T14178] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0004/input/input113 [ 1980.744871][T14178] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 1980.814574][T14178] usb 1-1: USB disconnect, device number 27 [ 1980.838312][T16563] fuse: Bad value for 'rootmode' [ 1988.945154][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 1988.951553][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 1990.977498][T16599] fuse: Bad value for 'rootmode' [ 1991.250421][ T7046] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1991.269107][ T7046] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1991.285870][ T7046] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1991.315723][ T7046] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1991.335720][ T7046] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1991.344243][ T7046] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1992.692660][ T6675] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1993.017442][ T6675] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1993.244383][ T5280] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 1993.300213][ T6675] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1993.384490][ T7046] Bluetooth: hci2: command tx timeout [ 1993.456050][ T5280] usb 4-1: Using ep0 maxpacket: 8 [ 1993.474676][ T5280] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 1993.511645][ T5280] usb 4-1: config 179 has no interface number 0 [ 1993.530667][ T5280] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1993.588944][ T5280] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 1993.628095][ T5280] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11 [ 1993.692847][ T6675] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1993.703673][ T5280] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024 [ 1993.751164][ T5280] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1993.818764][ T5280] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1993.844651][ T5280] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1993.868303][T16619] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1993.876067][T16619] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1993.984537][ T5280] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input114 [ 1994.051208][T16602] chnl_net:caif_netlink_parms(): no params data found [ 1994.185122][ T4660] input input114: unable to receive magic message: -110 [ 1994.221406][ T4660] input input114: unable to receive magic message: -32 [ 1994.760337][T16642] fuse: Unknown parameter 'use00000000000000000000' [ 1994.833788][ T6675] bridge_slave_1: left allmulticast mode [ 1994.840242][ T6675] bridge_slave_1: left promiscuous mode [ 1994.893478][ T6675] bridge0: port 2(bridge_slave_1) entered disabled state [ 1995.550313][ T7046] Bluetooth: hci2: command tx timeout [ 1995.676855][ T6675] bridge_slave_0: left allmulticast mode [ 1995.682585][ T6675] bridge_slave_0: left promiscuous mode [ 1995.692548][ T4660] input input114: unable to receive magic message: -32 [ 1995.736233][ T6675] bridge0: port 1(bridge_slave_0) entered disabled state [ 1995.767952][ T4660] input input114: unable to receive magic message: -32 [ 1996.490000][ C1] hrtimer: interrupt took 137826 ns [ 1997.457605][ T6675] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 1997.643988][ T7046] Bluetooth: hci2: command tx timeout [ 1998.621604][T16679] fuse: Unknown parameter 'use00000000000000000000' [ 1998.822621][ T6675] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1998.859565][ T6675] bond0 (unregistering): Released all slaves [ 1999.437780][ T6675] bond1 (unregistering): Released all slaves [ 1999.704787][ T7046] Bluetooth: hci2: command tx timeout [ 1999.755093][T16647] tipc: Started in network mode [ 1999.760120][T16647] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 1999.771253][T16647] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 1999.782314][T16647] tipc: Enabled bearer , priority 10 [ 1999.859909][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1999.894732][ T5209] usb 4-1: USB disconnect, device number 31 [ 2000.016021][ T5209] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 2000.086173][T16602] bridge0: port 1(bridge_slave_0) entered blocking state [ 2000.129710][T16602] bridge0: port 1(bridge_slave_0) entered disabled state [ 2000.163085][T16602] bridge_slave_0: entered allmulticast mode [ 2000.202538][T16602] bridge_slave_0: entered promiscuous mode [ 2000.368354][T16602] bridge0: port 2(bridge_slave_1) entered blocking state [ 2000.409172][T16602] bridge0: port 2(bridge_slave_1) entered disabled state [ 2000.435425][T16602] bridge_slave_1: entered allmulticast mode [ 2000.465263][T16602] bridge_slave_1: entered promiscuous mode [ 2000.977322][T16602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2001.085547][ T5209] tipc: Node number set to 1 [ 2001.128332][T16602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2002.353101][T16708] fuse: Unknown parameter 'use00000000000000000000' [ 2002.438615][ T6675] hsr_slave_0: left promiscuous mode [ 2002.470297][ T6675] hsr_slave_1: left promiscuous mode [ 2002.498858][ T6675] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2002.534372][ T6675] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2002.576021][ T6675] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2002.583497][ T6675] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2002.768496][ T6675] veth1_macvtap: left promiscuous mode [ 2002.795040][ T6675] veth0_macvtap: left promiscuous mode [ 2002.800930][ T6675] veth1_vlan: left promiscuous mode [ 2002.837975][ T6675] veth0_vlan: left promiscuous mode [ 2005.272257][ T6675] team0 (unregistering): Port device team_slave_1 removed [ 2005.357639][ T6675] team0 (unregistering): Port device team_slave_0 removed [ 2006.769091][ T29] audit: type=1400 audit(1725207127.001:625): avc: denied { unlink } for pid=16756 comm="syz.1.2081" name="#1" dev="tmpfs" ino=1067 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 2006.848217][ T29] audit: type=1400 audit(1725207127.071:626): avc: denied { mount } for pid=16756 comm="syz.1.2081" name="/" dev="overlay" ino=1060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 2007.300687][T16602] team0: Port device team_slave_0 added [ 2007.347568][T16602] team0: Port device team_slave_1 added [ 2007.555842][ T29] audit: type=1400 audit(1725207127.781:627): avc: denied { read } for pid=16769 comm="syz.2.2090" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 2007.590954][ T29] audit: type=1400 audit(1725207127.791:628): avc: denied { open } for pid=16769 comm="syz.2.2090" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 2007.869819][T16602] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2007.877189][T16602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2007.903374][T16602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2007.931375][T16770] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 2007.959913][T16770] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 2007.963635][T16602] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2007.978952][T16602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2008.005700][T16774] fuse: Bad value for 'fd' [ 2008.010300][T16602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2008.108920][T16770] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 2008.144224][T16770] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 2008.200640][T16770] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 2008.229167][T16770] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 2008.249211][T16602] hsr_slave_0: entered promiscuous mode [ 2008.260770][T16602] hsr_slave_1: entered promiscuous mode [ 2008.298401][T16602] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2008.307756][T16770] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 2008.317829][T16602] Cannot create hsr debugfs directory [ 2008.325577][T16770] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 2008.353148][T16770] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 2009.343995][T14178] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 2009.994136][ T7046] Bluetooth: hci1: command 0x0406 tx timeout [ 2010.131275][T16798] tipc: Started in network mode [ 2010.136279][T16798] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 2010.147037][T16798] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 2010.157762][T16798] tipc: Enabled bearer , priority 10 [ 2010.184008][ T7046] Bluetooth: hci3: command 0x0406 tx timeout [ 2010.265448][ T7046] Bluetooth: hci0: command 0x0405 tx timeout [ 2010.344038][ T7046] Bluetooth: hci2: command 0x0c1a tx timeout [ 2010.404455][T14178] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 2010.438246][T14178] usb 4-1: New USB device found, idVendor=046d, idProduct=08b4, bcdDevice= e.32 [ 2010.454128][T14178] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2010.490073][T14178] usb 4-1: Product: syz [ 2010.523923][T14178] usb 4-1: Manufacturer: syz [ 2010.531439][T14178] usb 4-1: SerialNumber: syz [ 2010.576125][T14178] usb 4-1: config 0 descriptor?? [ 2010.817717][T14178] usb 4-1: USB disconnect, device number 32 [ 2010.854230][T13791] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 2010.904990][T16602] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2010.939741][T16602] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2010.971262][T16602] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2011.027227][T16602] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2011.074208][T13791] usb 2-1: Using ep0 maxpacket: 8 [ 2011.095725][T13791] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 2011.127227][T13791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2011.151910][T13791] usb 2-1: Product: syz [ 2011.166193][T13791] usb 2-1: Manufacturer: syz [ 2011.176035][T13791] usb 2-1: SerialNumber: syz [ 2011.281352][T14178] tipc: Node number set to 1 [ 2011.490725][T13791] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 2011.552697][T16602] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2011.643133][T16602] 8021q: adding VLAN 0 to HW filter on device team0 [ 2011.686812][ T5597] bridge0: port 1(bridge_slave_0) entered blocking state [ 2011.694116][ T5597] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2011.812535][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 2011.819887][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2011.889219][ T5280] usb 2-1: USB disconnect, device number 23 [ 2011.962090][ T5280] usblp0: removed [ 2012.024160][ T5277] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 2012.032010][ T7046] Bluetooth: hci1: command 0x0406 tx timeout [ 2012.294374][ T7046] Bluetooth: hci3: command 0x0406 tx timeout [ 2012.344883][ T7046] Bluetooth: hci0: command 0x0405 tx timeout [ 2012.424696][ T7046] Bluetooth: hci2: command 0x0c1a tx timeout [ 2012.929888][ T5277] usb 3-1: Using ep0 maxpacket: 8 [ 2013.249483][ T5277] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 2013.288962][ T5277] usb 3-1: config 0 has no interface number 0 [ 2013.329813][ T5277] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2013.377574][ T5277] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 2013.408712][ T5277] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2013.485504][ T5277] usb 3-1: config 0 descriptor?? [ 2013.531474][ T5277] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 2013.591253][T16602] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2013.722629][ T5280] usb 3-1: USB disconnect, device number 14 [ 2013.759187][T16602] veth0_vlan: entered promiscuous mode [ 2013.782230][T16602] veth1_vlan: entered promiscuous mode [ 2013.879215][T16602] veth0_macvtap: entered promiscuous mode [ 2013.902177][T16602] veth1_macvtap: entered promiscuous mode [ 2013.954078][ T5277] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 2013.980760][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2013.995918][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.012473][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2014.031057][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.056760][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2014.078894][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.098652][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2014.111920][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.127359][ T5277] usb 5-1: device descriptor read/64, error -71 [ 2014.141284][T16602] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2014.205098][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2014.221898][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.241838][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2014.258586][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.287972][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2014.306499][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.320800][T16602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2014.355460][T16602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2014.386072][T16602] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2014.404704][ T5277] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 2014.418670][T16602] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2014.443703][T16602] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2014.504126][ T7046] Bluetooth: hci2: command 0x0c1a tx timeout [ 2014.513669][T16602] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2014.570651][T16602] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2014.614469][ T5277] usb 5-1: device descriptor read/64, error -71 [ 2014.735740][ T5277] usb usb5-port1: attempt power cycle [ 2014.984796][ T6675] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2015.030845][ T6675] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2015.202684][ T6675] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2015.214808][ T5277] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 2015.222757][ T6675] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2015.265234][ T5277] usb 5-1: device descriptor read/8, error -71 [ 2015.554083][ T5277] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 2015.629950][ T5277] usb 5-1: device descriptor read/8, error -71 [ 2015.770542][ T5277] usb usb5-port1: unable to enumerate USB device [ 2017.696719][T16868] can0: slcan on ttyprintk. [ 2020.058270][T16871] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16871 comm=syz.2.2120 [ 2020.072339][ T29] audit: type=1400 audit(1725207140.311:629): avc: denied { read } for pid=16869 comm="syz.2.2120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 2020.134334][T16864] can0 (unregistered): slcan off ttyprintk. [ 2020.353765][T16873] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 2020.664298][T14178] usb 3-1: new full-speed USB device number 15 using dummy_hcd [ 2021.659511][T16885] bridge0: port 3(vlan2) entered blocking state [ 2021.666118][T16885] bridge0: port 3(vlan2) entered disabled state [ 2021.672623][T16885] vlan2: entered allmulticast mode [ 2021.680941][T16885] vlan2: entered promiscuous mode [ 2022.440119][T14178] usb 3-1: config 1 interface 0 has no altsetting 0 [ 2022.479497][T14178] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 2022.526784][T14178] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2022.544356][T14178] usb 3-1: Product: syz [ 2022.548617][T14178] usb 3-1: Manufacturer: syz [ 2022.553262][T14178] usb 3-1: SerialNumber: syz [ 2023.769730][T11559] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 2023.896318][T16908] netlink: 'syz.4.2134': attribute type 3 has an invalid length. [ 2023.934293][T11559] usb 4-1: device descriptor read/64, error -71 [ 2024.028942][T16911] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 2024.171254][ T29] audit: type=1400 audit(1725207144.401:630): avc: denied { create } for pid=16914 comm="syz.0.2136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 2024.226330][T11559] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 2024.234312][ T29] audit: type=1400 audit(1725207144.431:631): avc: denied { connect } for pid=16914 comm="syz.0.2136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 2024.328358][ T29] audit: type=1400 audit(1725207144.441:632): avc: denied { getopt } for pid=16914 comm="syz.0.2136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 2024.444054][T11559] usb 4-1: device descriptor read/64, error -71 [ 2024.564873][T11559] usb usb4-port1: attempt power cycle [ 2024.636977][T14178] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 15 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 2024.658375][T14178] usb 3-1: USB disconnect, device number 15 [ 2024.672717][T14178] usblp0: removed [ 2025.023104][T11559] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 2025.073635][T11559] usb 4-1: device descriptor read/8, error -71 [ 2025.274221][T16931] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "©b¸_v-f`‹‚" [ 2025.364004][T11559] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 2025.437961][T11559] usb 4-1: device descriptor read/8, error -71 [ 2025.589992][T11559] usb usb4-port1: unable to enumerate USB device [ 2026.136406][T16939] syz_tun: entered promiscuous mode [ 2026.226332][T16939] batadv_slave_0: entered promiscuous mode [ 2026.346323][T16939] syz_tun: left promiscuous mode [ 2026.394665][T16939] batadv_slave_0: left promiscuous mode [ 2026.712806][T16950] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 2027.023057][T16961] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2152'. [ 2027.913994][T11559] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 2027.946623][ T5280] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 2028.124626][T11559] usb 4-1: Using ep0 maxpacket: 8 [ 2028.135823][T11559] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 2028.162623][T11559] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 2028.162728][ T5280] usb 3-1: config 1 interface 0 has no altsetting 0 [ 2028.214105][T11559] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 2028.235960][T11559] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 2028.237715][ T5280] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 2028.277617][T11559] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 2028.310042][T11559] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2028.320728][ T5280] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2028.349080][ T5280] usb 3-1: Product: syz [ 2028.359074][ T5280] usb 3-1: Manufacturer: syz [ 2028.372955][ T5280] usb 3-1: SerialNumber: syz [ 2028.592623][T11559] usb 4-1: GET_CAPABILITIES returned 0 [ 2028.642225][T11559] usbtmc 4-1:16.0: can't read capabilities [ 2028.815117][T14178] usb 4-1: USB disconnect, device number 37 [ 2029.182308][ T5280] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 2031.193986][T14178] usb 3-1: USB disconnect, device number 16 [ 2031.239400][T14178] usblp0: removed [ 2031.346630][T17001] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2164'. [ 2031.487531][T16996] IPVS: Scheduler module ip_vs_sip not found [ 2032.421743][ T29] audit: type=1400 audit(1725207152.641:633): avc: denied { watch watch_reads } for pid=16993 comm="syz.3.2162" path="/150" dev="tmpfs" ino=786 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 2034.171212][T17031] netlink: 'syz.4.2171': attribute type 3 has an invalid length. [ 2034.261448][ T29] audit: type=1400 audit(1725207154.491:634): avc: denied { setopt } for pid=17027 comm="syz.4.2171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 2034.341740][T17031] netlink: 'syz.4.2171': attribute type 3 has an invalid length. [ 2034.952276][ T9] usb 1-1: new full-speed USB device number 28 using dummy_hcd [ 2035.098989][ T29] audit: type=1400 audit(1725207155.331:635): avc: denied { write } for pid=17044 comm="syz.1.2176" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 2035.171213][ T29] audit: type=1400 audit(1725207155.361:636): avc: denied { read write } for pid=17044 comm="syz.1.2176" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 2035.210646][ T9] usb 1-1: config 1 interface 0 has no altsetting 0 [ 2035.228407][T17047] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 2035.257328][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 2035.301209][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2035.303990][ T29] audit: type=1400 audit(1725207155.361:637): avc: denied { open } for pid=17044 comm="syz.1.2176" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 2035.323556][ T9] usb 1-1: Product: syz [ 2035.390102][ T9] usb 1-1: Manufacturer: syz [ 2035.407007][ T9] usb 1-1: SerialNumber: syz [ 2035.937607][T17052] IPVS: Scheduler module ip_vs_sip not found [ 2036.184543][ T9] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 28 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 2038.009650][T17064] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2180'. [ 2038.069574][ T9] usb 1-1: USB disconnect, device number 28 [ 2038.080102][ T9] usblp0: removed [ 2038.357629][T17071] fuse: Bad value for 'fd' [ 2040.448721][T17089] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2191'. [ 2040.684073][T17087] IPVS: Scheduler module ip_vs_sip not found [ 2040.845737][ T29] audit: type=1326 audit(1725207161.081:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2040.899607][ T29] audit: type=1326 audit(1725207161.081:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2040.932057][T12585] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2040.949153][T12585] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2040.961488][T12585] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2040.962226][T17100] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2194'. [ 2040.970483][ T29] audit: type=1326 audit(1725207161.081:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2041.004816][ T29] audit: type=1326 audit(1725207161.081:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2041.028650][T14178] usb 2-1: new full-speed USB device number 24 using dummy_hcd [ 2041.037012][ T29] audit: type=1326 audit(1725207161.081:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2041.063975][ T5209] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 2041.067315][T12585] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2041.079361][ T29] audit: type=1326 audit(1725207161.081:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2041.108930][T12585] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 2041.117786][T12585] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2041.122516][T17103] fuse: Unknown parameter '0x0000000000000003' [ 2041.165666][ T29] audit: type=1326 audit(1725207161.081:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2041.192622][ T29] audit: type=1326 audit(1725207161.081:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 2041.236793][T14178] usb 2-1: config 1 interface 0 has no altsetting 0 [ 2041.249062][T14178] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 2041.259365][T14178] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2041.268009][T14178] usb 2-1: Product: syz [ 2041.272457][T14178] usb 2-1: Manufacturer: syz [ 2041.287201][ T29] audit: type=1326 audit(1725207161.081:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17095 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2041.302823][T14178] usb 2-1: SerialNumber: syz [ 2041.340787][ T5209] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 2041.350567][ T5209] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2041.382086][ T5209] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 2041.402376][ T5209] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2041.419624][ T5209] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 2041.430044][ T5209] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 2041.441580][ T5209] usb 3-1: Product: syz [ 2041.446008][ T5209] usb 3-1: Manufacturer: syz [ 2041.459019][ T5209] cdc_wdm 3-1:1.0: skipping garbage [ 2041.481565][ T5209] cdc_wdm 3-1:1.0: skipping garbage [ 2041.499374][ T5209] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 2041.516989][ T5209] cdc_wdm 3-1:1.0: Unknown control protocol [ 2042.052144][T14178] usblp 2-1:1.0: usblp1: USB Unidirectional printer dev 24 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 2042.285790][T14178] usb 3-1: USB disconnect, device number 17 [ 2042.375001][T17099] chnl_net:caif_netlink_parms(): no params data found [ 2042.829580][T17128] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2200'. [ 2042.923791][T17128] ipvlan2: entered promiscuous mode [ 2042.949406][T17128] ipvlan2: entered allmulticast mode [ 2042.971235][T17128] syz_tun: entered allmulticast mode [ 2043.004070][T17099] bridge0: port 1(bridge_slave_0) entered blocking state [ 2043.031526][T17099] bridge0: port 1(bridge_slave_0) entered disabled state [ 2043.060114][T17099] bridge_slave_0: entered allmulticast mode [ 2043.114953][T17099] bridge_slave_0: entered promiscuous mode [ 2043.167565][T17099] bridge0: port 2(bridge_slave_1) entered blocking state [ 2043.204355][T17099] bridge0: port 2(bridge_slave_1) entered disabled state [ 2043.223737][T17099] bridge_slave_1: entered allmulticast mode [ 2043.235903][T12585] Bluetooth: hci4: command tx timeout [ 2043.266823][T17099] bridge_slave_1: entered promiscuous mode [ 2043.309963][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 2043.322755][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 2043.568586][T17099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2043.632721][T17099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2043.759848][ T5304] usb 2-1: USB disconnect, device number 24 [ 2043.823338][ T5304] usblp1: removed [ 2043.963394][T17138] IPVS: Scheduler module ip_vs_sip not found [ 2043.971506][T17099] team0: Port device team_slave_0 added [ 2044.019388][T17099] team0: Port device team_slave_1 added [ 2044.208713][T17099] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2044.242781][T17099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2044.309059][T17099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2044.366496][T17099] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2044.405346][T17099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2044.503207][T17099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2044.836975][ T29] audit: type=1400 audit(1725207165.071:647): avc: denied { setopt } for pid=17153 comm="syz.2.2208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 2044.845910][T17099] hsr_slave_0: entered promiscuous mode [ 2044.946093][T17099] hsr_slave_1: entered promiscuous mode [ 2044.996086][T17099] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2045.003727][T17099] Cannot create hsr debugfs directory [ 2045.304235][T12585] Bluetooth: hci4: command tx timeout [ 2045.862808][T17099] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 2045.908776][T17099] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2045.909018][T17175] IPVS: Scheduler module ip_vs_sip not found [ 2046.341701][T17099] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 2046.394509][T17099] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2046.599847][T17180] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2216'. [ 2046.738725][T17099] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 2046.774415][T17099] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2047.028313][T17099] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 2047.095427][T17099] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2047.390179][T12585] Bluetooth: hci4: command tx timeout [ 2047.828730][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 2047.828754][ T29] audit: type=1400 audit(1725207168.061:650): avc: denied { ioctl } for pid=17198 comm="syz.2.2222" path="socket:[79483]" dev="sockfs" ino=79483 ioctlcmd=0x89fd scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 2047.946638][T17099] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2048.075070][T17099] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2048.197894][T17201] netlink: 'syz.2.2222': attribute type 12 has an invalid length. [ 2048.328213][T17099] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2048.387387][T17099] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2048.898493][T17213] IPVS: Scheduler module ip_vs_sip not found [ 2048.959712][T17099] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2049.072128][T17099] 8021q: adding VLAN 0 to HW filter on device team0 [ 2049.176578][ T5597] bridge0: port 1(bridge_slave_0) entered blocking state [ 2049.183898][ T5597] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2049.323185][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 2049.330448][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2049.464210][T12585] Bluetooth: hci4: command tx timeout [ 2050.071930][T17245] fuse: Unknown parameter 'r€' [ 2050.521109][T17099] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2051.681135][T17099] veth0_vlan: entered promiscuous mode [ 2051.865729][T17099] veth1_vlan: entered promiscuous mode [ 2052.046942][T17099] veth0_macvtap: entered promiscuous mode [ 2052.132294][T17099] veth1_macvtap: entered promiscuous mode [ 2052.261302][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2052.305740][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.318616][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2052.334673][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.381280][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2052.402463][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.440070][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2052.461252][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.494658][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2052.521862][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.563210][T17099] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2052.619968][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2052.654510][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.698032][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2052.746003][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.779391][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2052.812971][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.856711][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2052.916606][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2052.955268][T17099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2052.997720][T17099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2053.089353][T17099] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2053.121094][ T29] audit: type=1400 audit(1725207173.331:651): avc: denied { create } for pid=17280 comm="syz.0.2246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 2053.235326][ T29] audit: type=1400 audit(1725207173.341:652): avc: denied { write } for pid=17280 comm="syz.0.2246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 2054.028127][T17282] netlink: 'syz.2.2243': attribute type 12 has an invalid length. [ 2054.133936][T17099] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2054.142722][T17099] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2054.229993][T17099] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2054.264744][T17099] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2055.405257][T17293] sit0: entered allmulticast mode [ 2055.865436][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2055.874301][T17295] Bluetooth: MGMT ver 1.23 [ 2055.902896][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2056.097253][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2056.114045][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2058.185958][ T29] audit: type=1800 audit(1725207178.371:653): pid=17324 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.2257" name="/" dev="fuse" ino=1 res=0 errno=0 [ 2058.827308][T17328] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2063.903604][T17354] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2265'. [ 2064.747065][ T29] audit: type=1400 audit(1725207184.971:654): avc: denied { create } for pid=17367 comm="syz.1.2272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 2064.909802][T17371] can0: slcan on pts0. [ 2065.033064][T17378] input: syz0 as /devices/virtual/input/input115 [ 2065.174640][T17375] can0 (unregistered): slcan off pts0. [ 2065.657780][ T29] audit: type=1400 audit(1725207185.891:655): avc: denied { mount } for pid=17383 comm="syz.3.2277" name="/" dev="hugetlbfs" ino=80766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 2065.723975][T17388] ======================================================= [ 2065.723975][T17388] WARNING: The mand mount option has been deprecated and [ 2065.723975][T17388] and is ignored by this kernel. Remove the mand [ 2065.723975][T17388] option from the mount to silence this warning. [ 2065.723975][T17388] ======================================================= [ 2065.776646][T17388] hugetlbfs: Bad value 'A' for mount option 'nr_inodes' [ 2065.776646][T17388] [ 2065.803081][ T29] audit: type=1400 audit(1725207185.951:656): avc: denied { remount } for pid=17383 comm="syz.3.2277" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 2066.105201][T17387] netlink: 792 bytes leftover after parsing attributes in process `syz.3.2277'. [ 2067.962771][T17408] netlink: 792 bytes leftover after parsing attributes in process `syz.2.2285'. [ 2067.977641][T17413] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2286'. [ 2068.677495][ T29] audit: type=1400 audit(1725207188.911:657): avc: denied { unmount } for pid=14689 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 2068.824203][ T29] audit: type=1400 audit(1725207188.911:658): avc: denied { write } for pid=17409 comm="syz.0.2286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 2069.023883][ T29] audit: type=1326 audit(1725207189.251:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.3.2289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2069.104080][ T29] audit: type=1326 audit(1725207189.281:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.3.2289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2069.205605][ T29] audit: type=1326 audit(1725207189.281:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.3.2289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2069.289151][ T29] audit: type=1326 audit(1725207189.291:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.3.2289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2069.412542][ T29] audit: type=1326 audit(1725207189.321:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.3.2289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7df179eb9 code=0x7ffc0000 [ 2071.090475][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 2071.090500][ T29] audit: type=1400 audit(1725207191.321:670): avc: denied { connect } for pid=17447 comm="syz.2.2301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 2071.106298][ T5280] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 2071.493049][ T5280] usb 1-1: Using ep0 maxpacket: 32 [ 2071.533862][ T5280] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 2071.583955][ T5280] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0 [ 2071.655002][ T5280] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 2071.693274][ T5280] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 2071.717857][ T5280] usb 1-1: Product: syz [ 2071.756495][ T5280] usb 1-1: Manufacturer: syz [ 2071.775190][ T29] audit: type=1400 audit(1725207192.001:671): avc: denied { mount } for pid=17451 comm="syz.4.2302" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 2071.785539][ T5280] usb 1-1: SerialNumber: syz [ 2071.852841][ T5280] usb 1-1: config 0 descriptor?? [ 2072.275327][ T29] audit: type=1400 audit(1725207192.511:672): avc: denied { unmount } for pid=17099 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 2072.334344][ T5280] usb 1-1: USB disconnect, device number 29 [ 2073.023896][T14178] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 2073.233365][T14178] usb 3-1: Using ep0 maxpacket: 16 [ 2073.262298][T14178] usb 3-1: too many configurations: 226, using maximum allowed: 8 [ 2073.296555][T14178] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 2073.332238][T14178] usb 3-1: can't read configurations, error -61 [ 2073.524407][T14178] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 2073.748501][ T29] audit: type=1400 audit(1725207193.981:673): avc: denied { listen } for pid=17477 comm="syz.4.2311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 2073.794393][T14178] usb 3-1: Using ep0 maxpacket: 16 [ 2073.826604][T14178] usb 3-1: too many configurations: 226, using maximum allowed: 8 [ 2073.896112][T14178] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 2073.943027][T14178] usb 3-1: can't read configurations, error -61 [ 2073.965984][T14178] usb usb3-port1: attempt power cycle [ 2074.424768][T14178] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 2074.858248][T14178] usb 3-1: Using ep0 maxpacket: 16 [ 2074.885339][T14178] usb 3-1: too many configurations: 226, using maximum allowed: 8 [ 2075.120511][T14178] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 2075.138717][T14178] usb 3-1: can't read configurations, error -71 [ 2075.955182][T17500] syz.4.2317[17500] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2075.955438][T17500] syz.4.2317[17500] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2077.733031][T17519] input: syz1 as /devices/virtual/input/input116 [ 2079.865113][ T29] audit: type=1400 audit(1725207200.081:674): avc: denied { mount } for pid=17529 comm="syz.0.2327" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 2079.967237][ T29] audit: type=1400 audit(1725207200.141:675): avc: denied { remount } for pid=17529 comm="syz.0.2327" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 2080.056149][ T29] audit: type=1400 audit(1725207200.161:676): avc: denied { ioctl } for pid=17535 comm="syz.1.2328" path="socket:[81122]" dev="sockfs" ino=81122 ioctlcmd=0x89e5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 2080.607958][T17557] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0 [ 2080.939507][T17554] IPVS: stopping backup sync thread 17557 ... [ 2081.399046][ T29] audit: type=1400 audit(1725207201.621:677): avc: denied { write } for pid=17548 comm="syz.2.2333" name="mice" dev="devtmpfs" ino=833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 2081.736228][ T29] audit: type=1400 audit(1725207201.971:678): avc: denied { bind } for pid=17567 comm="syz.2.2339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 2081.925554][T17572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2343'. [ 2082.247669][T17572] hsr_slave_1 (unregistering): left promiscuous mode [ 2082.353745][T17582] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2345'. [ 2082.534339][ T5280] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 2082.734402][ T5280] usb 2-1: Using ep0 maxpacket: 8 [ 2082.752915][ T5280] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 2082.780682][ T5280] usb 2-1: config 0 has no interface number 0 [ 2082.791778][ T5280] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2082.833426][ T5280] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 2082.853487][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2082.918058][ T5280] usb 2-1: config 0 descriptor?? [ 2082.950849][ T29] audit: type=1400 audit(1725207203.181:679): avc: denied { unmount } for pid=16602 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 2082.979492][ T5280] iowarrior 2-1:0.1: no interrupt-in endpoint found [ 2083.167205][ T5280] usb 2-1: USB disconnect, device number 25 [ 2083.665011][T12585] block nbd4: Receive control failed (result -32) [ 2083.677106][ T7046] block nbd4: Receive control failed (result -32) [ 2083.751386][T17578] block nbd4: shutting down sockets [ 2084.133927][ T5280] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 2084.374039][ T5280] usb 1-1: Using ep0 maxpacket: 8 [ 2084.444160][ T5280] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2084.505429][ T5280] usb 1-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28 [ 2084.544319][ T5280] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2084.563433][ T5280] usb 1-1: Product: syz [ 2084.574147][ T5280] usb 1-1: Manufacturer: syz [ 2084.643714][ T5280] usb 1-1: SerialNumber: syz [ 2084.676162][ T5280] usb 1-1: config 0 descriptor?? [ 2189.933786][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 2189.940878][ C1] rcu: 0-...!: (1 ticks this GP) idle=ba6c/1/0x4000000000000000 softirq=121468/121468 fqs=1 [ 2189.952897][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P17621/2:b..l P17608/3:b..l [ 2189.962201][ C1] rcu: (detected by 1, t=10502 jiffies, g=181553, q=23 ncpus=2) [ 2189.969973][ C1] Sending NMI from CPU 1 to CPUs 0: [ 2189.975222][ C0] NMI backtrace for cpu 0 [ 2189.975251][ C0] CPU: 0 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.11.0-rc6-syzkaller #0 [ 2189.975281][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2189.975299][ C0] Workqueue: events_unbound cfg80211_wiphy_work [ 2189.975333][ C0] RIP: 0010:lock_is_held_type+0xec/0x150 [ 2189.975387][ C0] Code: f6 43 22 03 0f 95 c0 45 31 ed 44 39 f0 41 0f 94 c5 48 c7 c7 20 da 4c 8b e8 91 16 00 00 b8 ff ff ff ff 65 0f c1 05 0c bd eb 74 <83> f8 01 75 2d 9c 58 f6 c4 02 75 43 48 f7 04 24 00 02 00 00 74 01 [ 2189.975413][ C0] RSP: 0018:ffffc90000007d40 EFLAGS: 00000057 [ 2189.975432][ C0] RAX: 0000000000000001 RBX: ffff88801da9c780 RCX: 0000000000000001 [ 2189.975450][ C0] RDX: 0000000000000000 RSI: ffffffff8b4cda20 RDI: ffffffff8bb0f940 [ 2189.975478][ C0] RBP: ffff888024192300 R08: 0000000000000005 R09: 0000000000000000 [ 2189.975493][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88801da9bc00 [ 2189.975509][ C0] R13: 0000000000000001 R14: 00000000ffffffff R15: 0000000000000004 [ 2189.975525][ C0] FS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 2189.975549][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2189.975566][ C0] CR2: 00000000200ae000 CR3: 00000000798ce000 CR4: 00000000003506f0 [ 2189.975582][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2189.975597][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2189.975613][ C0] Call Trace: [ 2189.975622][ C0] [ 2189.975633][ C0] ? show_regs+0x8c/0xa0 [ 2189.975675][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 2189.975712][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 2189.975747][ C0] ? nmi_handle+0x1a9/0x5c0 [ 2189.975771][ C0] ? lock_is_held_type+0xec/0x150 [ 2189.975805][ C0] ? default_do_nmi+0x6a/0x160 [ 2189.975831][ C0] ? exc_nmi+0x170/0x1e0 [ 2189.975856][ C0] ? end_repeat_nmi+0xf/0x53 [ 2189.975890][ C0] ? lock_is_held_type+0xec/0x150 [ 2189.975926][ C0] ? lock_is_held_type+0xec/0x150 [ 2189.975961][ C0] ? lock_is_held_type+0xec/0x150 [ 2189.975995][ C0] [ 2189.976003][ C0] [ 2189.976017][ C0] ? __pfx_advance_sched+0x10/0x10 [ 2189.976053][ C0] advance_sched+0x819/0xc60 [ 2189.976092][ C0] ? timerqueue_del+0x83/0x150 [ 2189.976125][ C0] ? do_raw_spin_unlock+0x172/0x230 [ 2189.976153][ C0] ? __pfx_advance_sched+0x10/0x10 [ 2189.976187][ C0] __hrtimer_run_queues+0x20c/0xcc0 [ 2189.976222][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 2189.976251][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 2189.976295][ C0] hrtimer_interrupt+0x31b/0x800 [ 2189.976331][ C0] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 2189.976358][ C0] sysvec_apic_timer_interrupt+0x90/0xb0 [ 2189.976391][ C0] [ 2189.976398][ C0] [ 2189.976407][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 2189.976434][ C0] RIP: 0010:unwind_next_frame+0x6f3/0x23a0 [ 2189.976460][ C0] Code: 0f 84 8d 10 00 00 0f 87 f6 02 00 00 41 80 fd 04 0f 84 f2 0f 00 00 41 80 fd 05 0f 85 12 01 00 00 e8 02 da 4e 00 48 8b 54 24 10 <48> b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 f1 18 [ 2189.976483][ C0] RSP: 0018:ffffc90000ab6da0 EFLAGS: 00000293 [ 2189.976501][ C0] RAX: 0000000000000000 RBX: ffffc90000ab6e20 RCX: ffffffff813ce5c1 [ 2189.976518][ C0] RDX: ffffc90000ab6e58 RSI: ffffffff813ce5ee RDI: 0000000000000001 [ 2189.976534][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000009 [ 2189.976549][ C0] R10: 0000000000000005 R11: 0000000000000000 R12: ffffffff914aa8f0 [ 2189.976565][ C0] R13: 0000000000000005 R14: ffffffff914aa8f4 R15: ffffc90000ab6e55 [ 2189.976586][ C0] ? unwind_next_frame+0x6c1/0x23a0 [ 2189.976610][ C0] ? unwind_next_frame+0x6ee/0x23a0 [ 2189.976639][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 2189.976669][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 2189.976701][ C0] arch_stack_walk+0x100/0x170 [ 2189.976732][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 2189.976760][ C0] ? ieee80211_inform_bss+0x76e/0x1100 [ 2189.976792][ C0] stack_trace_save+0x95/0xd0 [ 2189.976822][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 2189.976851][ C0] ? ieee80211_mle_parse_link+0x849/0x1000 [ 2189.976884][ C0] ? __pfx_mark_lock+0x10/0x10 [ 2189.976920][ C0] kasan_save_stack+0x33/0x60 [ 2189.976957][ C0] ? kasan_save_stack+0x33/0x60 [ 2189.976991][ C0] ? kasan_save_track+0x14/0x30 [ 2189.977029][ C0] ? kasan_save_free_info+0x3b/0x60 [ 2189.977058][ C0] ? poison_slab_object+0xf7/0x160 [ 2189.977092][ C0] ? __kasan_slab_free+0x32/0x50 [ 2189.977128][ C0] ? kfree+0x12a/0x3b0 [ 2189.977176][ C0] ? ieee80211_inform_bss+0x76e/0x1100 [ 2189.977207][ C0] ? cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 2189.977236][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 2189.977294][ C0] kasan_save_track+0x14/0x30 [ 2189.977332][ C0] kasan_save_free_info+0x3b/0x60 [ 2189.977364][ C0] poison_slab_object+0xf7/0x160 [ 2189.977404][ C0] __kasan_slab_free+0x32/0x50 [ 2189.977443][ C0] kfree+0x12a/0x3b0 [ 2189.977476][ C0] ? ieee80211_inform_bss+0x76e/0x1100 [ 2189.977512][ C0] ieee80211_inform_bss+0x76e/0x1100 [ 2189.977549][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 2189.977585][ C0] ? trace_kmalloc+0x2d/0xe0 [ 2189.977615][ C0] ? __kmalloc_noprof+0x207/0x400 [ 2189.977657][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 2189.977689][ C0] cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 2189.977721][ C0] ? ret_from_fork_asm+0x19/0x30 [ 2189.977764][ C0] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 2189.977806][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 2189.977840][ C0] ? stack_trace_save+0x95/0xd0 [ 2189.977871][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 2189.977903][ C0] ? stack_depot_save_flags+0x28/0x8f0 [ 2189.977941][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 2189.977970][ C0] cfg80211_inform_bss_data+0x205/0x39c0 [ 2189.977999][ C0] ? __kmalloc_noprof+0x1e8/0x400 [ 2189.978042][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 2189.978076][ C0] ? ieee80211_ibss_rx_queued_mgmt+0xc4f/0x2f40 [ 2189.978109][ C0] ? ieee80211_iface_work+0xc0b/0xf00 [ 2189.978143][ C0] ? ret_from_fork+0x45/0x80 [ 2189.978180][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 2189.978221][ C0] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 2189.978252][ C0] ? hlock_class+0x4e/0x130 [ 2189.978281][ C0] ? mark_lock+0xb5/0xc60 [ 2189.978316][ C0] ? hlock_class+0x4e/0x130 [ 2189.978346][ C0] ? hlock_class+0x4e/0x130 [ 2189.978374][ C0] ? __lock_acquire+0xbdd/0x3cb0 [ 2189.978424][ C0] ? hlock_class+0x4e/0x130 [ 2189.978457][ C0] ? find_held_lock+0x2d/0x110 [ 2189.978489][ C0] ? ieee80211_bss_info_update+0x2cb/0xab0 [ 2189.978524][ C0] cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 2189.978562][ C0] ieee80211_bss_info_update+0x311/0xab0 [ 2189.978597][ C0] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 2189.978632][ C0] ? ieee80211_ibss_rx_queued_mgmt+0x185e/0x2f40 [ 2189.978670][ C0] ? ieee80211_mandatory_rates+0x1ab/0x220 [ 2189.978715][ C0] ieee80211_ibss_rx_queued_mgmt+0x1898/0x2f40 [ 2189.978750][ C0] ? hlock_class+0x4e/0x130 [ 2189.978785][ C0] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 2189.978818][ C0] ? lock_acquire+0x1b1/0x560 [ 2189.978855][ C0] ? find_held_lock+0x2d/0x110 [ 2189.978883][ C0] ? find_held_lock+0x2d/0x110 [ 2189.978915][ C0] ? kcov_remote_start+0x370/0x6e0 [ 2189.978944][ C0] ? mark_held_locks+0x9f/0xe0 [ 2189.978992][ C0] ? kcov_remote_start+0x3cf/0x6e0 [ 2189.979025][ C0] ieee80211_iface_work+0xc0b/0xf00 [ 2189.979059][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 2189.979112][ C0] cfg80211_wiphy_work+0x445/0x760 [ 2189.979148][ C0] process_one_work+0x9c5/0x1b40 [ 2189.979196][ C0] ? __pfx_cfg80211_wiphy_work+0x10/0x10 [ 2189.979229][ C0] ? __pfx_process_one_work+0x10/0x10 [ 2189.979276][ C0] ? assign_work+0x1a0/0x250 [ 2189.979314][ C0] worker_thread+0x6c8/0xed0 [ 2189.979364][ C0] ? __pfx_worker_thread+0x10/0x10 [ 2189.979404][ C0] kthread+0x2c1/0x3a0 [ 2189.979433][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 2189.979476][ C0] ? __pfx_kthread+0x10/0x10 [ 2189.979504][ C0] ret_from_fork+0x45/0x80 [ 2189.979539][ C0] ? __pfx_kthread+0x10/0x10 [ 2189.979567][ C0] ret_from_fork_asm+0x1a/0x30 [ 2189.979611][ C0] [ 2189.980217][ C1] task:syz.2.2354 state:R running task stack:25888 pid:17608 tgid:17606 ppid:14502 flags:0x00004002 [ 2190.784404][ C1] Call Trace: [ 2190.787745][ C1] [ 2190.790713][ C1] __schedule+0xe37/0x5490 [ 2190.795188][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 2190.800463][ C1] ? __pfx___schedule+0x10/0x10 [ 2190.805566][ C1] ? preempt_schedule_thunk+0x1a/0x30 [ 2190.810989][ C1] preempt_schedule_common+0x44/0xc0 [ 2190.816420][ C1] preempt_schedule_thunk+0x1a/0x30 [ 2190.821690][ C1] _raw_spin_unlock+0x3e/0x50 [ 2190.826441][ C1] filemap_map_pages+0xddc/0x1440 [ 2190.831553][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 2190.837057][ C1] ? __handle_mm_fault+0xed5/0x5660 [ 2190.842313][ C1] ? find_held_lock+0x2d/0x110 [ 2190.847154][ C1] __handle_mm_fault+0x3cb6/0x5660 [ 2190.852350][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 2190.857859][ C1] ? follow_page_pte+0x3dc/0x1cf0 [ 2190.862963][ C1] handle_mm_fault+0x498/0xa60 [ 2190.867782][ C1] __get_user_pages+0x475/0x15c0 [ 2190.872774][ C1] ? __pfx___get_user_pages+0x10/0x10 [ 2190.878208][ C1] populate_vma_page_range+0x27f/0x3a0 [ 2190.883722][ C1] ? __pfx_populate_vma_page_range+0x10/0x10 [ 2190.889755][ C1] ? __pfx_find_vma_intersection+0x10/0x10 [ 2190.895626][ C1] ? vm_mmap_pgoff+0x25b/0x360 [ 2190.900462][ C1] __mm_populate+0x1d6/0x380 [ 2190.905124][ C1] ? __pfx___mm_populate+0x10/0x10 [ 2190.910390][ C1] ? up_write+0x1b2/0x520 [ 2190.914788][ C1] vm_mmap_pgoff+0x293/0x360 [ 2190.919442][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 2190.924612][ C1] ? __x64_sys_futex+0x1e1/0x4c0 [ 2190.929604][ C1] ? __x64_sys_futex+0x1ea/0x4c0 [ 2190.934603][ C1] ksys_mmap_pgoff+0x7d/0x5d0 [ 2190.939339][ C1] __x64_sys_mmap+0x125/0x190 [ 2190.944066][ C1] do_syscall_64+0xcd/0x250 [ 2190.948632][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2190.954572][ C1] RIP: 0033:0x7f3facf79eb9 [ 2190.959033][ C1] RSP: 002b:00007f3fadc92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2190.967492][ C1] RAX: ffffffffffffffda RBX: 00007f3fad115f80 RCX: 00007f3facf79eb9 [ 2190.975498][ C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 2190.983513][ C1] RBP: 00007f3facfe793e R08: ffffffffffffffff R09: 0000000000000000 [ 2190.991516][ C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 2190.999524][ C1] R13: 0000000000000000 R14: 00007f3fad115f80 R15: 00007ffcf69cb4e8 [ 2191.007560][ C1] [ 2191.010610][ C1] task:syz.3.2358 state:R running task stack:25504 pid:17621 tgid:17620 ppid:14689 flags:0x00004002 [ 2191.022397][ C1] Call Trace: [ 2191.025709][ C1] [ 2191.028674][ C1] __schedule+0xe37/0x5490 [ 2191.033143][ C1] ? rcu_is_watching+0x12/0xc0 [ 2191.037988][ C1] ? __pfx___schedule+0x10/0x10 [ 2191.042888][ C1] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 2191.048672][ C1] ? mark_held_locks+0x9f/0xe0 [ 2191.053498][ C1] preempt_schedule_irq+0x51/0x90 [ 2191.058582][ C1] irqentry_exit+0x36/0x90 [ 2191.063088][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 2191.069114][ C1] RIP: 0010:lock_acquire+0x1f2/0x560 [ 2191.074457][ C1] Code: c1 05 7a ca 98 7e 83 f8 01 0f 85 ea 02 00 00 9c 58 f6 c4 02 0f 85 d5 02 00 00 48 85 ed 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24 [ 2191.094125][ C1] RSP: 0018:ffffc900035df388 EFLAGS: 00000206 [ 2191.100325][ C1] RAX: dffffc0000000000 RBX: 1ffff920006bbe73 RCX: 0000000000000001 [ 2191.108339][ C1] RDX: 0000000000000001 RSI: ffffffff8b4cda20 RDI: ffffffff8bb0f940 [ 2191.116347][ C1] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2d244e0 [ 2191.124355][ C1] R10: ffffffff96922707 R11: 0000000000000000 R12: 0000000000000000 [ 2191.132369][ C1] R13: 0000000000000000 R14: ffffffff8ddb9fe0 R15: 0000000000000000 [ 2191.140417][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 2191.145507][ C1] ? hlock_class+0x4e/0x130 [ 2191.150060][ C1] ? find_held_lock+0x2d/0x110 [ 2191.154889][ C1] ? get_mem_cgroup_from_mm+0x7f/0x5f0 [ 2191.160403][ C1] get_mem_cgroup_from_mm+0x27e/0x5f0 [ 2191.165825][ C1] ? get_mem_cgroup_from_mm+0x7f/0x5f0 [ 2191.171361][ C1] __mem_cgroup_charge+0x1a/0x270 [ 2191.176452][ C1] do_wp_page+0x1012/0x3430 [ 2191.181041][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 2191.186124][ C1] ? __pfx_do_wp_page+0x10/0x10 [ 2191.191043][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2191.196470][ C1] __handle_mm_fault+0x2480/0x5660 [ 2191.201637][ C1] ? __pfx_mt_find+0x10/0x10 [ 2191.206293][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 2191.211822][ C1] ? find_vma+0xc0/0x140 [ 2191.216300][ C1] ? __pfx_find_vma+0x10/0x10 [ 2191.221038][ C1] handle_mm_fault+0x498/0xa60 [ 2191.225940][ C1] ? spurious_kernel_fault+0x341/0x3c0 [ 2191.231484][ C1] do_user_addr_fault+0x7a3/0x13f0 [ 2191.236673][ C1] exc_page_fault+0x5c/0xc0 [ 2191.241234][ C1] asm_exc_page_fault+0x26/0x30 [ 2191.246131][ C1] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 2191.252008][ C1] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 2191.271750][ C1] RSP: 0018:ffffc900035df958 EFLAGS: 00050206 [ 2191.277860][ C1] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000e80 [ 2191.285873][ C1] RDX: 0000000000000000 RSI: ffff888013263180 RDI: 00000000200ae000 [ 2191.293907][ C1] RBP: 0000000000001000 R08: 0000000000000000 R09: ffffed100264c7ff [ 2191.301930][ C1] R10: ffff888013263fff R11: 0000000000000000 R12: 00000000000adb80 [ 2191.309938][ C1] R13: ffffc900035dfd50 R14: ffff888013263000 R15: 00000000200ade80 [ 2191.317977][ C1] _copy_to_iter+0x4d2/0x1150 [ 2191.322722][ C1] ? __pfx__copy_to_iter+0x10/0x10 [ 2191.327896][ C1] ? copy_page_to_iter+0x40/0x180 [ 2191.332978][ C1] copy_page_to_iter+0xf1/0x180 [ 2191.337900][ C1] process_vm_rw_core.constprop.0+0x5c9/0x9f0 [ 2191.344041][ C1] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 2191.350682][ C1] ? copy_iovec_from_user+0x77/0x170 [ 2191.356044][ C1] process_vm_rw+0x301/0x360 [ 2191.360777][ C1] ? __pfx_process_vm_rw+0x10/0x10 [ 2191.365934][ C1] ? __pfx_futex_wake+0x10/0x10 [ 2191.370855][ C1] ? preempt_schedule_thunk+0x1a/0x30 [ 2191.376329][ C1] ? xfd_validate_state+0x5d/0x180 [ 2191.381513][ C1] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 2191.387303][ C1] ? do_syscall_64+0x91/0x250 [ 2191.392038][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 2191.397300][ C1] do_syscall_64+0xcd/0x250 [ 2191.401877][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2191.407832][ C1] RIP: 0033:0x7fd7df179eb9 [ 2191.412293][ C1] RSP: 002b:00007fd7dfeb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 2191.420759][ C1] RAX: ffffffffffffffda RBX: 00007fd7df315f80 RCX: 00007fd7df179eb9 [ 2191.428774][ C1] RDX: 0000000000000002 RSI: 0000000020008400 RDI: 0000000000000218 [ 2191.436792][ C1] RBP: 00007fd7df1e793e R08: 0000000000000286 R09: 0000000000000000 [ 2191.444810][ C1] R10: 0000000020008640 R11: 0000000000000246 R12: 0000000000000000 [ 2191.452826][ C1] R13: 0000000000000000 R14: 00007fd7df315f80 R15: 00007ffeec99d008 [ 2191.460948][ C1] [ 2191.464009][ C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g181553 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 2191.475464][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 2191.485469][ C1] rcu: RCU grace-period kthread stack dump: [ 2191.491387][ C1] task:rcu_preempt state:R running task stack:27184 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 2191.503186][ C1] Call Trace: [ 2191.506496][ C1] [ 2191.509468][ C1] __schedule+0xe37/0x5490 [ 2191.513952][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 2191.519234][ C1] ? __pfx___schedule+0x10/0x10 [ 2191.524150][ C1] ? schedule+0x298/0x350 [ 2191.528534][ C1] ? __pfx_lock_release+0x10/0x10 [ 2191.533615][ C1] ? __pfx___mod_timer+0x10/0x10 [ 2191.538615][ C1] ? lock_acquire+0x1b1/0x560 [ 2191.543350][ C1] ? lockdep_init_map_type+0x16d/0x7d0 [ 2191.548893][ C1] schedule+0xe7/0x350 [ 2191.553024][ C1] schedule_timeout+0x136/0x2a0 [ 2191.557929][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 2191.563354][ C1] ? __pfx_process_timeout+0x10/0x10 [ 2191.568697][ C1] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 2191.574563][ C1] ? prepare_to_swait_event+0xf0/0x470 [ 2191.580091][ C1] rcu_gp_fqs_loop+0x1eb/0xb00 [ 2191.584919][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 2191.590254][ C1] ? rcu_gp_init+0xc82/0x1630 [ 2191.594986][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 2191.600267][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2191.606131][ C1] rcu_gp_kthread+0x271/0x380 [ 2191.610874][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 2191.616129][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 2191.621415][ C1] ? __kthread_parkme+0x148/0x220 [ 2191.626497][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 2191.631750][ C1] kthread+0x2c1/0x3a0 [ 2191.635864][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 2191.641118][ C1] ? __pfx_kthread+0x10/0x10 [ 2191.645758][ C1] ret_from_fork+0x45/0x80 [ 2191.650229][ C1] ? __pfx_kthread+0x10/0x10 [ 2191.654868][ C1] ret_from_fork_asm+0x1a/0x30 [ 2191.659710][ C1] [ 2191.662759][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 2191.669107][ C1] CPU: 1 UID: 0 PID: 17610 Comm: syz.0.2355 Not tainted 6.11.0-rc6-syzkaller #0 [ 2191.678181][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 2191.688277][ C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x425/0xc90 [ 2191.695200][ C1] Code: 00 01 00 00 66 89 8c 24 80 00 00 00 41 0f b6 07 44 38 e0 7f 08 84 c0 0f 85 0b 07 00 00 0f b6 03 84 c0 0f 84 b0 00 00 00 f3 90 <41> 83 ed 01 75 cf 48 b8 00 00 00 00 00 fc ff df 48 8b 74 24 20 48 [ 2191.714962][ C1] RSP: 0018:ffffc90000a183b0 EFLAGS: 00000206 [ 2191.721075][ C1] RAX: 0000000000000003 RBX: ffff888061938150 RCX: 0000000000000100 [ 2191.729107][ C1] RDX: 0000000000000001 RSI: ffffffff8b19a83d RDI: ffffffff8bb0f940 [ 2191.737114][ C1] RBP: dffffc0000000000 R08: 0000000000000001 R09: fffffbfff2d244f8 [ 2191.745131][ C1] R10: ffffffff969227c7 R11: 0000000000000000 R12: 0000000000000000 [ 2191.753159][ C1] R13: 0000000000003d4c R14: ffff8880b893fc80 R15: ffffed100c32702a [ 2191.761167][ C1] FS: 00007f19d2fb86c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 2191.770139][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2191.776775][ C1] CR2: 000000110c2ac2e8 CR3: 00000000798ce000 CR4: 00000000003506f0 [ 2191.784779][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2191.792786][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2191.800788][ C1] Call Trace: [ 2191.804098][ C1] [ 2191.806988][ C1] ? show_regs+0x8c/0xa0 [ 2191.811293][ C1] ? rcu_check_gp_kthread_starvation+0x31b/0x450 [ 2191.817679][ C1] ? do_raw_spin_unlock+0x172/0x230 [ 2191.822927][ C1] ? rcu_sched_clock_irq+0x24f4/0x33e0 [ 2191.828467][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 2191.834196][ C1] ? __asan_memcpy+0x3c/0x60 [ 2191.838838][ C1] ? __asan_memcpy+0x3c/0x60 [ 2191.843493][ C1] ? cgroup_rstat_updated+0x2a/0xb20 [ 2191.848881][ C1] ? update_process_times+0x175/0x220 [ 2191.854358][ C1] ? __pfx_update_process_times+0x10/0x10 [ 2191.860160][ C1] ? update_wall_time+0x1c/0x40 [ 2191.865077][ C1] ? tick_nohz_handler+0x376/0x530 [ 2191.870248][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 2191.875771][ C1] ? __hrtimer_run_queues+0x657/0xcc0 [ 2191.881221][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 2191.887006][ C1] ? ktime_get_update_offsets_now+0x201/0x310 [ 2191.893155][ C1] ? hrtimer_interrupt+0x31b/0x800 [ 2191.898358][ C1] ? __sysvec_apic_timer_interrupt+0x10f/0x450 [ 2191.904575][ C1] ? sysvec_apic_timer_interrupt+0x43/0xb0 [ 2191.910439][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 2191.916660][ C1] ? __pv_queued_spin_lock_slowpath+0x4cd/0xc90 [ 2191.922962][ C1] ? __pv_queued_spin_lock_slowpath+0x425/0xc90 [ 2191.929276][ C1] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 2191.935925][ C1] ? lock_acquire+0xc0/0x560 [ 2191.940593][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 2191.945947][ C1] do_raw_spin_lock+0x210/0x2c0 [ 2191.950934][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2191.956351][ C1] ? trace_kmalloc+0x2d/0xe0 [ 2191.960997][ C1] ? __kmalloc_noprof+0x207/0x400 [ 2191.966089][ C1] cfg80211_inform_single_bss_data+0x77d/0x1dc0 [ 2191.972382][ C1] ? try_to_wake_up+0x13f/0x13e0 [ 2191.977394][ C1] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 2191.984147][ C1] ? __pfx_lock_release+0x10/0x10 [ 2191.989229][ C1] ? find_held_lock+0x2d/0x110 [ 2191.994043][ C1] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 2191.999903][ C1] cfg80211_inform_bss_data+0x205/0x39c0 [ 2192.005593][ C1] ? __local_bh_enable_ip+0xa4/0x120 [ 2192.010928][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 2192.016186][ C1] ? ieee80211_rx_handlers+0xf10/0x9a50 [ 2192.021795][ C1] ? __local_bh_enable_ip+0xa4/0x120 [ 2192.027131][ C1] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 2192.033255][ C1] ? hlock_class+0x4e/0x130 [ 2192.037812][ C1] ? hlock_class+0x4e/0x130 [ 2192.042366][ C1] ? __lock_acquire+0xbdd/0x3cb0 [ 2192.047394][ C1] ? lock_acquire+0x1b1/0x560 [ 2192.052124][ C1] ? find_held_lock+0x2d/0x110 [ 2192.056941][ C1] ? ieee80211_bss_info_update+0x2cb/0xab0 [ 2192.062808][ C1] cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 2192.068936][ C1] ieee80211_bss_info_update+0x311/0xab0 [ 2192.074628][ C1] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 2192.080861][ C1] ? ieee80211_get_channel_khz+0x14d/0x1e0 [ 2192.086732][ C1] ieee80211_scan_rx+0x474/0xac0 [ 2192.091730][ C1] ieee80211_rx_list+0x1be3/0x2e90 [ 2192.096951][ C1] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 2192.102542][ C1] ? lock_acquire+0x1b1/0x560 [ 2192.107323][ C1] ? skb_dequeue+0x126/0x180 [ 2192.111999][ C1] ieee80211_rx_napi+0xdd/0x400 [ 2192.116950][ C1] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 2192.122470][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 2192.127734][ C1] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 2192.133607][ C1] ieee80211_handle_queued_frames+0xd5/0x130 [ 2192.139651][ C1] tasklet_action_common.constprop.0+0x24c/0x3e0 [ 2192.146051][ C1] handle_softirqs+0x216/0x8f0 [ 2192.150899][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 2192.156264][ C1] irq_exit_rcu+0xbb/0x120 [ 2192.160731][ C1] sysvec_apic_timer_interrupt+0x95/0xb0 [ 2192.166418][ C1] [ 2192.169374][ C1] [ 2192.172338][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 2192.178366][ C1] RIP: 0010:smp_call_function_many_cond+0x4ec/0x1420 [ 2192.185089][ C1] Code: 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 cb 34 0c 00 f3 90 41 0f b6 04 24 <40> 38 c5 7c 08 84 c0 0f 85 f7 0c 00 00 8b 43 08 31 ff 83 e0 01 41 [ 2192.204737][ C1] RSP: 0018:ffffc900033f7940 EFLAGS: 00000246 [ 2192.210845][ C1] RAX: 0000000000000000 RBX: ffff8880b8846940 RCX: ffffc9000d7df000 [ 2192.218875][ C1] RDX: 0000000000040000 RSI: ffffffff817f8b25 RDI: 0000000000000005 [ 2192.226884][ C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000 [ 2192.234892][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffffed1017108d29 [ 2192.242899][ C1] R13: 0000000000000001 R14: ffff8880b8846948 R15: ffff8880b893ffc0 [ 2192.250923][ C1] ? smp_call_function_many_cond+0x4e5/0x1420 [ 2192.257067][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 2192.263445][ C1] ? mark_held_locks+0x9f/0xe0 [ 2192.268269][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2192.274140][ C1] clock_was_set+0x646/0x850 [ 2192.278789][ C1] ? __pfx_clock_was_set+0x10/0x10 [ 2192.283953][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2192.289818][ C1] timekeeping_inject_offset+0x4d1/0x640 [ 2192.295514][ C1] ? __pfx_timekeeping_inject_offset+0x10/0x10 [ 2192.301721][ C1] ? security_capable+0x98/0xd0 [ 2192.306638][ C1] do_adjtimex+0x373/0xaa0 [ 2192.311111][ C1] ? __pfx_do_adjtimex+0x10/0x10 [ 2192.316144][ C1] ? __pfx_posix_clock_realtime_adj+0x10/0x10 [ 2192.322266][ C1] __do_sys_clock_adjtime+0x173/0x290 [ 2192.327693][ C1] ? __pfx___do_sys_clock_adjtime+0x10/0x10 [ 2192.333639][ C1] ? __pfx_do_futex+0x10/0x10 [ 2192.338406][ C1] do_syscall_64+0xcd/0x250 [ 2192.342969][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2192.348910][ C1] RIP: 0033:0x7f19d2179eb9 [ 2192.353369][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2192.373021][ C1] RSP: 002b:00007f19d2fb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131 [ 2192.381483][ C1] RAX: ffffffffffffffda RBX: 00007f19d2315f80 RCX: 00007f19d2179eb9 [ 2192.389490][ C1] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000 [ 2192.397496][ C1] RBP: 00007f19d21e793e R08: 0000000000000000 R09: 0000000000000000 [ 2192.405515][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2192.413518][ C1] R13: 0000000000000000 R14: 00007f19d2315f80 R15: 00007ffc1b50bda8 [ 2192.421546][ C1]