last executing test programs: 26.091728148s ago: executing program 3 (id=1183): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001000000090090"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000000c0)=""/159) 25.65294051s ago: executing program 1 (id=1190): mkdir(&(0x7f0000000000)='./file1\x00', 0x10d) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000140)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000280)='./file1\x00') mkdir(&(0x7f0000000440)='./file1\x00', 0x0) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') 25.5746135s ago: executing program 1 (id=1191): r0 = io_uring_setup(0x5a47, &(0x7f00000003c0)={0x0, 0x2000000, 0x1, 0x1}) r1 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0}) io_uring_enter(r1, 0x6b4d, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r1, 0x0, 0x3, 0x7, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 24.07048814s ago: executing program 3 (id=1202): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0xc00, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000040)={0x14, &(0x7f0000000180)={0x0, 0x0, 0xffffffd6, {0x2}}, 0x0}, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b02, 0x0) 20.925742097s ago: executing program 3 (id=1217): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="034886dd010000000000000000006000000001002f00fe88a43de1a400000000000000007d01ff020000000000000000000000000001000022eb"], 0xfdef) 20.593186192s ago: executing program 3 (id=1219): r0 = epoll_create1(0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/stat\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x60000005}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)) 20.316783414s ago: executing program 3 (id=1221): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400091a000000000000000602000000", @ANYRES32=r2, @ANYBLOB="08000a000000000008000200ff"], 0x48}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0) 19.07271733s ago: executing program 3 (id=1224): mkdirat(0xffffffffffffff9c, 0x0, 0x187) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='rpc_buf_alloc\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x24, 0x9, 0x0, 0x0, {0x6}}, 0x14}}, 0x0) 2.539472983s ago: executing program 0 (id=1299): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xffff, 0x0, "4ae23ae17df2e98c69ba36c4095c911abad88f"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000002840)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x3a) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x9) 2.29305648s ago: executing program 0 (id=1300): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x2040400) r1 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r1, &(0x7f0000003540)=[{{&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000080)="93", 0x1}, {&(0x7f0000002400)="9917b1ad3d06a27855d01141e914353e8c663ed1065e32301b8acd1815ed897020c9092fe19ef95bd3c69397d675e3c19835f4c930a9bcbd49c4d872b7679a32e22015d7df39001b2d750fe2484101ef67cb628910e4cde2d8285b9017f55e84b67b72840813a8d080b71200f197d5b65f243ac4ac17d0cba3d08c98ceedf43365fc78aa0f52585ef7d8d525c049e1ae193a110f2dcfce4e6114b15de04b2720d6bd946506004cf479e742dcf73534e370150d97a55b559b5a1bedbc9290cbcac428f960e016fb88cfc21d86da2974ec3f2632992a27a4e5864623e05722eb07d27139b45171ec0cefa44e98f05dd4ff957056265edbacd81a611e4dfacb2b4879517e00c52e84728b1de1193bc88e509860ff143fc216c5100c41667a3ba5b157db616145a6d5ddb592e6b9589cdc93e3e8ef63da3cb4033d9f676cec3dcbb003ae54940e30203e1dc7b939c9c32029ad645b46ee269892e7a786bd36c2f7d962aad3b8d6e9d946adfa984a52cf7d35c5b2f492ab267c1ca948a5c0323d628364a612004c1c7feb2671a984f4dc05330a968e4b8cbe9200f111597c8ecc7ea7681ec281e168edbadc83d98de2b0dda7b187f509e487d63300932f3c76a1b66b4e01dffb07b4c80b5f5273a84b3cb0732b691738bba87517d53cf2b88b481cb325b8b912f54cee9d2546f2fdb96931bda2821eb66554abd4a21a8281c3c461df633a97f5cb3cf924fb324782399df0dc72d18d22b320e605dddf1123417dffc6452835a63fca230fbb002fd9c204b0819c56c4ce398423518b59dc8220bbf0c8b66f54c8009f1170f4c5582bfc703938bdf4d88ffe3eb87f4d2a62d442bb08ba405e11984c919fed63f9e86fd16c00843fa07cd9170919f4d07a12ad38db3f9effcfe1d631a48150e33ce07b3516fefab9587043a908dac8b0ffe361ec8e0fe7531f6d6d858cdabf7600f3a2bd90bce672cba7d366ae4ac6e33813f18340349422230cfe1d8c5757eb139321d44b57159089c68c13d7806cdbebeb42953f6f1670a313278a13076defab61b2016cf636ed37c7e7e1c49a4fb1d6a3d249e189087b37e724b6b24824bce4f77ab6f8a8d2f571d23c5120d75440e8eeda120467b5046b316e39aea9b6c7fa65eb4db56a3fed78c25fcde3afa956dee186fcad0b83f3d50a153f269113f5d9f1ccdff5ba86390c95b3a4ac782cd1121253f728b9b28a3cf59ebd82b0439d2f439e9cd00ca11a3f73515b6256b0faa56063ab761d5860a002c27fede7ce87b6336a4a146f2286ee32bb12e5a8bef04ba8cdb901c602a80eec7e74c947f88f6939ad240db8bc4baf655b941d1fc166fcbd2a64b5691e9145847ebc3ff5f8c07b8265c00176fa4617b6b7249aa801a090d4c65e36cfbbbca28913a892c3a7dd856fdf1f9a7279acfeee9fe51d14f87e4928f07f80145f54afb9a94fce7e76d38b64858327883b8f7141ccac8de649b7eb216d1b6c63f6d4d56dd9f11a2b36a6b3913917c378931e1ba3ec16aec67ef2bab2f1336a6990f7a78ab8acbc81d4ef49dc9bf02e6bae05118c706aeafa332e785ab59140d41ec0d00261ef9dd1735e19954cf1e8042b84185fa8bea4878e22ae53841b9c9752c950e5b21c7e7212b0297f22675cf8baae246e3c46a33e7228633954253add2592dbb7335b24569c834977a53ef23a84f7819deabd2c499422f23e7b682dc7f81b5d47b2ed330b83bb4f6c8f976539a8bf0d1f9b88d534c672d329ba41009f75c928ede7", 0x4e4}], 0x2}}, {{&(0x7f0000000740)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001a40)=[{&(0x7f0000000780)="e4", 0x1}], 0x1}}], 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000000), 0x4) ppoll(&(0x7f00000008c0)=[{r0}, {r1}], 0x2, 0x0, 0x0, 0x0) 1.999509901s ago: executing program 0 (id=1301): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000096000040"]) 1.618245276s ago: executing program 4 (id=1305): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000004c0)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00'}, 0x10) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 1.444250399s ago: executing program 2 (id=1306): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x200, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r1 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 1.390419715s ago: executing program 4 (id=1308): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) r1 = io_uring_setup(0x2ad5, &(0x7f00000001c0)) ioctl$TCXONC(r0, 0x540a, 0x3) close(r1) ioctl$TCSETSW2(r0, 0x5425, 0x0) 1.326675537s ago: executing program 0 (id=1310): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4008001) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180)={0x0, 0x991d, 0x1, [0x0]}, 0xa) 1.291423635s ago: executing program 2 (id=1311): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) 1.014065256s ago: executing program 1 (id=1238): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a004e200000040100000000000000000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d4000980"], 0x21c}}, 0x0) 878.41126ms ago: executing program 0 (id=1312): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00', {}, 0x4f}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 777.439307ms ago: executing program 1 (id=1313): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'wlan1\x00', {0x2, 0x1, @local}}) mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) 777.314705ms ago: executing program 4 (id=1314): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000027c0)=';', 0x1}], 0x1}}], 0x1, 0x0) shutdown(r0, 0x2) 672.964145ms ago: executing program 2 (id=1315): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x92, &(0x7f0000000040)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x5c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x17, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}, @mss={0x2, 0x4}, @sack_perm={0x4, 0x2}, @generic={0x0, 0x12, "0c55a34c6969db3a57ea2fa18a81ed56"}, @timestamp={0x8, 0xa}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "7232407c80067615774fdbb46eb86cc8"}, @generic={0x0, 0x9, "111fad2ea74348"}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) 552.380949ms ago: executing program 4 (id=1316): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000480), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000180)={&(0x7f00000004c0)={0x5, 0x0, 0x0, {0x77359400}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "5893df66bf3ce816"}}, 0x48}}, 0x0) sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040) sendmsg$can_bcm(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1d, r1}, 0x10, &(0x7f0000000280)={&(0x7f0000000100)={0x5, 0x0, 0x0, {0x0, 0xea60}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "1d0b6382972f4b8f"}}, 0x48}}, 0x0) 445.32248ms ago: executing program 1 (id=1317): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) 438.8767ms ago: executing program 2 (id=1318): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RVERSION(r1, 0x0, 0x65) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) 374.520893ms ago: executing program 4 (id=1319): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000100)=0x1) write$dsp(r0, &(0x7f0000000000)="81", 0x1) mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r0, 0x0) close(r0) 256.3977ms ago: executing program 2 (id=1320): r0 = syz_io_uring_setup(0x7b, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103}) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) io_uring_enter(r0, 0x46f3, 0x0, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000200)='~', 0x1) 255.607664ms ago: executing program 0 (id=1329): syz_io_uring_submit(0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getegid() 26.737916ms ago: executing program 1 (id=1321): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00') fchdir(r0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r1) close(r1) mount(0x0, &(0x7f0000000000)='mnt/encrypted_dir/file\x00', 0x0, 0x2, 0x0) 26.576215ms ago: executing program 4 (id=1322): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) dup2(r0, r1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x100000e, 0x12, r1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f00000022c0)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x3) 0s ago: executing program 2 (id=1323): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) kernel console output (not intermixed with test programs): ding state [ 153.676148][ T6411] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 153.740662][ T6411] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 153.763837][ T6411] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 153.776108][ T6686] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 153.808381][ T6411] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 153.836059][ T6685] netlink: 48 bytes leftover after parsing attributes in process `syz.4.532'. [ 153.863299][ T6688] syz.3.533: attempt to access beyond end of device [ 153.863299][ T6688] nbd3: rw=0, sector=6, nr_sectors = 2 limit=0 [ 153.907246][ T6688] ADFS-fs (nbd3): error: unable to read block 3, try 0 [ 154.224701][ T6411] 8021q: adding VLAN 0 to HW filter on device bond0 [ 154.342904][ T6411] 8021q: adding VLAN 0 to HW filter on device team0 [ 154.418187][ T1839] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.425403][ T1839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.460633][ T1839] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.467878][ T1839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 154.686686][ T6390] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 154.717270][ T47] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 154.850114][ T1075] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0xfd [ 154.903233][ T6730] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 154.909658][ T6390] veth0_vlan: entered promiscuous mode [ 154.946491][ T47] usb 5-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 154.954147][ T6390] veth1_vlan: entered promiscuous mode [ 154.975536][ T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.017596][ T47] usb 5-1: Product: syz [ 155.022445][ T47] usb 5-1: Manufacturer: syz [ 155.039249][ T47] usb 5-1: SerialNumber: syz [ 155.049072][ T47] usb 5-1: config 0 descriptor?? [ 155.178928][ T6390] veth0_macvtap: entered promiscuous mode [ 155.222284][ T6390] veth1_macvtap: entered promiscuous mode [ 155.259750][ T6411] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 155.314661][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.326760][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.337991][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.351787][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.362279][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.373470][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.383924][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 155.406140][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.427026][ T6390] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 155.461346][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.480638][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.492449][ T47] mos7840 5-1:0.0: required endpoints missing [ 155.497259][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.511668][ T47] usb 5-1: USB disconnect, device number 2 [ 155.517624][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.517644][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.517664][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.517676][ T6390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.517692][ T6390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.519615][ T6390] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 155.621622][ T6390] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.645080][ T6390] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.667376][ T6390] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.701497][ T6390] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.959838][ T6411] veth0_vlan: entered promiscuous mode [ 156.057055][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.109820][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 156.152500][ T6411] veth1_vlan: entered promiscuous mode [ 156.362146][ T3035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 156.380105][ T3035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 156.480525][ T6411] veth0_macvtap: entered promiscuous mode [ 156.529336][ T6411] veth1_macvtap: entered promiscuous mode [ 156.624541][ T6776] batman_adv: batadv0: Adding interface: macvtap1 [ 156.624789][ T6779] Bluetooth: MGMT ver 1.23 [ 156.646934][ T6776] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.730312][ T6776] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 156.822103][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.853495][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.881709][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.925417][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.955838][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.995236][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.026325][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.064810][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.081130][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.094124][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.106784][ T6411] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 157.176215][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.230409][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.258249][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.282072][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.308062][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.334120][ T6807] input: syz1 as /devices/virtual/input/input10 [ 157.341231][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.369132][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.388487][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.407793][ T6411] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.418745][ T6411] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.450945][ T6411] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 157.548472][ T6411] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.568717][ T6411] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.587404][ T6411] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.635199][ T6411] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.980620][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.004666][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.051574][ T6832] netlink: 108 bytes leftover after parsing attributes in process `syz.4.572'. [ 158.091458][ T1125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.118192][ T1125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.451374][ T5318] IPVS: starting estimator thread 0... [ 158.483368][ T6853] tipc: Started in network mode [ 158.504047][ T6853] tipc: Node identity ac1414aa, cluster identity 4711 [ 158.535330][ T6853] tipc: Enabled bearer , priority 10 [ 158.585188][ T6856] IPVS: using max 17 ests per chain, 40800 per kthread [ 159.527265][ T5318] tipc: Node number set to 2886997162 [ 164.787888][ T59] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 164.987320][ T59] usb 1-1: Using ep0 maxpacket: 8 [ 165.009323][ T59] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 165.024947][ T59] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 165.049378][ T59] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 165.068012][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.596'. [ 165.079814][ T59] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 165.097345][ T59] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 165.121157][ T59] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 165.141457][ T59] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.399938][ T59] usb 1-1: GET_CAPABILITIES returned 0 [ 165.405612][ T59] usbtmc 1-1:16.0: can't read capabilities [ 165.829953][ T5242] Bluetooth: hci6: sending frame failed (-49) [ 165.838749][ T5249] Bluetooth: hci6: Entering manufacturer mode failed (-49) [ 165.913486][ T6921] netlink: 'syz.1.605': attribute type 29 has an invalid length. [ 165.927430][ T6921] netlink: 'syz.1.605': attribute type 29 has an invalid length. [ 166.127296][ T25] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 166.342303][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.360606][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.379399][ T25] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 166.389169][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.401399][ T25] usb 4-1: config 0 descriptor?? [ 166.547046][ T6941] netlink: 236 bytes leftover after parsing attributes in process `syz.2.615'. [ 166.807705][ T5242] Bluetooth: hci6: sending frame failed (-49) [ 166.816313][ T5249] Bluetooth: hci6: Entering manufacturer mode failed (-49) [ 167.033578][ T25] usb 4-1: string descriptor 0 read error: -22 [ 167.096002][ T6959] input: syz1 as /devices/virtual/input/input11 [ 167.143037][ T6960] 9pnet: p9_errstr2errno: server reported unknown error swRkڷM6'@1![g8 [ 167.248587][ T25] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0006/input/input12 [ 167.368920][ T25] uclogic 0003:256C:006D.0006: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.3-1/input0 [ 167.449732][ T5316] usb 4-1: USB disconnect, device number 7 [ 167.603447][ T59] usb 1-1: USB disconnect, device number 12 [ 167.605277][ T6979] input: syz0 as /devices/virtual/input/input13 [ 168.490681][ T7014] input: syz1 as /devices/virtual/input/input14 [ 169.311248][ T7047] vivid-003: disconnect [ 169.417614][ T59] vivid-003: reconnect [ 169.548696][ T7060] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 169.555797][ T7060] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 169.608968][ T7060] vhci_hcd vhci_hcd.0: Device attached [ 169.622657][ T7064] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(6) [ 169.629237][ T7064] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 169.700255][ T7064] vhci_hcd vhci_hcd.0: Device attached [ 169.746097][ T7060] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(5) [ 169.752687][ T7060] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 169.782574][ T7060] vhci_hcd vhci_hcd.0: Device attached [ 169.782724][ T7064] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(8) [ 169.794898][ T7064] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 169.802432][ C0] vkms_vblank_simulate: vblank timer overrun [ 169.826822][ T7064] vhci_hcd vhci_hcd.0: Device attached [ 169.840210][ T7060] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10) [ 169.846910][ T7060] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 169.857412][ T59] vhci_hcd: vhci_device speed not set [ 169.895460][ T7064] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 169.907869][ T7060] vhci_hcd vhci_hcd.0: Device attached [ 169.947524][ T59] usb 17-1: new full-speed USB device number 2 using vhci_hcd [ 169.997360][ T7078] vhci_hcd: connection closed [ 169.999138][ T7065] vhci_hcd: connection closed [ 169.999162][ T7075] vhci_hcd: connection closed [ 170.007981][ T7061] vhci_hcd: connection reset by peer [ 170.019274][ T53] vhci_hcd: stop threads [ 170.049424][ T53] vhci_hcd: release socket [ 170.063028][ T7084] vhci_hcd: connection closed [ 170.068093][ T53] vhci_hcd: disconnect device [ 170.088334][ T53] vhci_hcd: stop threads [ 170.097871][ T53] vhci_hcd: release socket [ 170.110047][ T53] vhci_hcd: disconnect device [ 170.132901][ T53] vhci_hcd: stop threads [ 170.146701][ T53] vhci_hcd: release socket [ 170.155185][ T7092] input: syz1 as /devices/virtual/input/input15 [ 170.165596][ T53] vhci_hcd: disconnect device [ 170.184007][ T53] vhci_hcd: stop threads [ 170.206106][ T53] vhci_hcd: release socket [ 170.222742][ T53] vhci_hcd: disconnect device [ 170.235764][ T53] vhci_hcd: stop threads [ 170.248252][ T53] vhci_hcd: release socket [ 170.269098][ T53] vhci_hcd: disconnect device [ 170.652846][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 170.652866][ T29] audit: type=1326 audit(1726258212.489:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7101 comm="syz.3.681" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfb8b7def9 code=0x0 [ 173.460911][ T7146] netlink: 20 bytes leftover after parsing attributes in process `syz.1.695'. [ 174.347565][ T25] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 174.556837][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 174.588702][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 174.619039][ T25] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 174.646494][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.671215][ T7190] netlink: 24 bytes leftover after parsing attributes in process `syz.4.717'. [ 174.697697][ T25] usb 3-1: config 0 descriptor?? [ 175.077281][ T59] vhci_hcd: vhci_device speed not set [ 175.134253][ T7204] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 175.179470][ T7204] overlayfs: failed to set xattr on upper [ 175.185515][ T7204] overlayfs: ...falling back to uuid=null. [ 175.197057][ T7204] overlayfs: conflicting lowerdir path [ 175.340026][ T25] usb 3-1: string descriptor 0 read error: -22 [ 175.560796][ T25] uclogic 0003:256C:006D.0007: interface is invalid, ignoring [ 175.597958][ T25] usb 3-1: USB disconnect, device number 7 [ 176.156532][ T7239] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 176.454440][ T7247] netlink: 96 bytes leftover after parsing attributes in process `syz.4.739'. [ 176.466627][ T7249] syz.3.740: attempt to access beyond end of device [ 176.466627][ T7249] loop3: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 176.497299][ T5316] usb usb18-port1: attempt power cycle [ 176.606323][ T7251] syzkaller1: entered promiscuous mode [ 176.628335][ T7251] syzkaller1: entered allmulticast mode [ 177.238633][ T5316] usb usb18-port1: unable to enumerate USB device [ 183.168121][ T40] block nbd2: Possible stuck request ffff8880261c0000: control (read@0,4096B). Runtime 60 seconds [ 184.411482][ T7262] geneve2: entered promiscuous mode [ 184.416778][ T7262] geneve2: entered allmulticast mode [ 184.786736][ T3035] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.939210][ T3035] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.189876][ T3035] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.199851][ T7278] input: syz1 as /devices/virtual/input/input16 [ 185.247322][ T7280] netlink: 60 bytes leftover after parsing attributes in process `syz.2.753'. [ 185.361567][ T3035] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.748388][ T3035] bridge_slave_1: left allmulticast mode [ 185.754205][ T3035] bridge_slave_1: left promiscuous mode [ 185.788414][ T3035] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.830433][ T3035] bridge_slave_0: left allmulticast mode [ 185.844307][ T3035] bridge_slave_0: left promiscuous mode [ 185.879335][ T3035] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.922334][ T5242] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 185.933680][ T5242] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 185.943843][ T5242] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 185.954010][ T5242] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 185.962279][ T5242] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 185.974979][ T5242] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 186.336222][ T5242] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 186.357589][ T5242] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 186.367623][ T5242] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 186.385670][ T5242] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 186.415351][ T5242] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 186.425042][ T5242] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 186.895914][ T3035] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 187.238218][ T25] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 187.245116][ T7318] netlink: 36 bytes leftover after parsing attributes in process `syz.2.770'. [ 187.276861][ T3035] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 187.306830][ T3035] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 187.330555][ T3035] bond0 (unregistering): Released all slaves [ 187.443788][ T25] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 187.462903][ T25] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 187.505764][ T25] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 187.537626][ T25] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 187.587255][ T25] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 187.640805][ T25] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 187.657204][ T25] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 187.675511][ T25] usb 4-1: Product: syz [ 187.680420][ T25] usb 4-1: Manufacturer: syz [ 187.714297][ T25] cdc_wdm 4-1:1.0: skipping garbage [ 187.733873][ T25] cdc_wdm 4-1:1.0: skipping garbage [ 187.757527][ T25] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 187.763498][ T25] cdc_wdm 4-1:1.0: Unknown control protocol [ 187.939084][ T5316] usb 4-1: USB disconnect, device number 8 [ 188.027550][ T5249] Bluetooth: hci2: command tx timeout [ 188.325050][ T3035] hsr_slave_0: left promiscuous mode [ 188.354257][ T3035] hsr_slave_1: left promiscuous mode [ 188.403248][ T3035] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 188.428413][ T3035] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 188.444787][ T3035] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 188.475853][ T3035] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 188.507322][ T5249] Bluetooth: hci6: command tx timeout [ 188.535036][ T3035] vlan0: left allmulticast mode [ 188.541499][ T3035] veth0_vlan: left allmulticast mode [ 188.554581][ T3035] vlan0: left promiscuous mode [ 188.560418][ T3035] veth1_macvtap: left promiscuous mode [ 188.565993][ T3035] veth0_macvtap: left promiscuous mode [ 188.580355][ T3035] veth1_vlan: left promiscuous mode [ 188.585979][ T3035] veth0_vlan: left promiscuous mode [ 188.637437][ T59] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 188.727284][ T47] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 188.757206][ T25] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 188.865144][ T59] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 188.892251][ T3035] team0 (unregistering): Port device vlan2 removed [ 188.899579][ T59] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 188.927239][ T47] usb 2-1: Using ep0 maxpacket: 8 [ 188.935255][ T59] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 188.940302][ T47] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 188.954379][ T59] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 188.954418][ T59] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 188.956716][ T59] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 188.973466][ T47] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 188.996938][ T47] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 189.002269][ T59] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 189.008892][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 189.025476][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 189.047734][ T59] usb 4-1: Product: syz [ 189.050345][ T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.051930][ T59] usb 4-1: Manufacturer: syz [ 189.064436][ T25] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 189.085112][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.096919][ T47] usb 2-1: config 0 descriptor?? [ 189.106241][ T59] cdc_wdm 4-1:1.0: skipping garbage [ 189.115388][ T25] usb 3-1: config 0 descriptor?? [ 189.124856][ T59] cdc_wdm 4-1:1.0: skipping garbage [ 189.158983][ T59] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 189.165050][ T59] cdc_wdm 4-1:1.0: Unknown control protocol [ 189.338572][ T5316] usb 4-1: USB disconnect, device number 9 [ 189.382257][ T5284] usb 2-1: USB disconnect, device number 6 [ 189.551081][ T7349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.572871][ T7349] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.613717][ T25] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 189.622299][ T25] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 189.636123][ T25] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0008/input/input17 [ 189.686877][ T25] cm6533_jd 0003:0D8C:0022.0008: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 189.859052][ T25] usb 3-1: USB disconnect, device number 8 [ 190.038470][ T3035] team0 (unregistering): Port device team_slave_1 removed [ 190.110320][ T5249] Bluetooth: hci2: command tx timeout [ 190.141988][ T3035] team0 (unregistering): Port device team_slave_0 removed [ 190.511634][ T7362] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 190.587297][ T5249] Bluetooth: hci6: command tx timeout [ 191.742746][ T7294] chnl_net:caif_netlink_parms(): no params data found [ 191.867291][ T5284] usb 2-1: new low-speed USB device number 7 using dummy_hcd [ 191.888753][ T5316] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 191.946221][ T7301] chnl_net:caif_netlink_parms(): no params data found [ 192.092746][ T5316] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 192.097334][ T5284] usb 2-1: config index 0 descriptor too short (expected 1307, got 27) [ 192.111609][ T5316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.134825][ T5284] usb 2-1: config 0 has an invalid interface number: 0 but max is -1 [ 192.142461][ T7294] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.157281][ T5316] usb 3-1: Product: syz [ 192.161508][ T5316] usb 3-1: Manufacturer: syz [ 192.166129][ T5316] usb 3-1: SerialNumber: syz [ 192.167274][ T5284] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 192.179818][ T7294] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.180074][ T7294] bridge_slave_0: entered allmulticast mode [ 192.187757][ T5249] Bluetooth: hci2: command tx timeout [ 192.207233][ T5284] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 192.220581][ T7294] bridge_slave_0: entered promiscuous mode [ 192.232517][ T5316] usb 3-1: config 0 descriptor?? [ 192.237280][ T5284] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 192.263859][ T5284] usb 2-1: string descriptor 0 read error: -22 [ 192.271607][ T5284] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 192.281281][ T5284] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.292750][ T5284] usb 2-1: config 0 descriptor?? [ 192.301215][ T5284] hub 2-1:0.0: bad descriptor, ignoring hub [ 192.335608][ T7294] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.338775][ T5284] hub 2-1:0.0: probe with driver hub failed with error -5 [ 192.355211][ T5284] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input18 [ 192.370970][ T7294] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.378409][ T7294] bridge_slave_1: entered allmulticast mode [ 192.386852][ T7294] bridge_slave_1: entered promiscuous mode [ 192.394429][ T5284] input: failed to attach handler mousedev to device input18, error: -5 [ 192.508255][ T7294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.606961][ T47] usb 2-1: USB disconnect, device number 7 [ 192.667395][ T5249] Bluetooth: hci6: command tx timeout [ 192.698039][ T7294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.718936][ T7390] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 192.793945][ T7301] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.817614][ T7301] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.825031][ T7301] bridge_slave_0: entered allmulticast mode [ 192.849238][ T7301] bridge_slave_0: entered promiscuous mode [ 192.918442][ T7294] team0: Port device team_slave_0 added [ 192.937380][ T7301] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.944714][ T7301] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.975671][ T7301] bridge_slave_1: entered allmulticast mode [ 192.988710][ T7301] bridge_slave_1: entered promiscuous mode [ 193.039887][ T7294] team0: Port device team_slave_1 added [ 193.106010][ T7301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.169734][ T5316] usb 3-1: f81604_read: reg: 100e failed: -EPROTO [ 194.196873][ T7301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.277181][ T5249] Bluetooth: hci2: command tx timeout [ 194.378300][ T5316] usb 3-1: f81604_read: reg: 200f failed: -EPROTO [ 194.399049][ T5316] usb 3-1: USB disconnect, device number 9 [ 194.475382][ T7301] team0: Port device team_slave_0 added [ 194.518360][ T7294] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.549483][ T7294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.615411][ T7294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.641610][ T5316] usb 3-1: f81604_read: reg: 100f failed: -ENODEV [ 194.660700][ T7301] team0: Port device team_slave_1 added [ 194.681824][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.689635][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.722316][ T7294] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.747305][ T5249] Bluetooth: hci6: command tx timeout [ 194.752924][ T7294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.800932][ T7294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.830611][ T5316] usb 3-1: f81604_read: reg: 200f failed: -ENODEV [ 194.888639][ T7301] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.896411][ T7301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.925121][ T7301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.988075][ T7301] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.995792][ T7301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.026215][ T7301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 195.046016][ T7294] hsr_slave_0: entered promiscuous mode [ 195.055547][ T7294] hsr_slave_1: entered promiscuous mode [ 195.181098][ T7301] hsr_slave_0: entered promiscuous mode [ 195.197734][ T7301] hsr_slave_1: entered promiscuous mode [ 195.221714][ T7301] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 195.242237][ T7301] Cannot create hsr debugfs directory [ 195.898470][ T47] usb 3-1: new low-speed USB device number 10 using dummy_hcd [ 196.100000][ T47] usb 3-1: config index 0 descriptor too short (expected 1307, got 27) [ 196.132932][ T47] usb 3-1: config 0 has an invalid interface number: 0 but max is -1 [ 196.167358][ T47] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 196.192986][ T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 196.218678][ T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 196.247533][ T47] usb 3-1: string descriptor 0 read error: -22 [ 196.261822][ T47] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 196.271258][ T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.289784][ T47] usb 3-1: config 0 descriptor?? [ 196.307236][ T47] hub 3-1:0.0: bad descriptor, ignoring hub [ 196.336240][ T47] hub 3-1:0.0: probe with driver hub failed with error -5 [ 196.399025][ T47] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input19 [ 196.444565][ T47] input: failed to attach handler mousedev to device input19, error: -5 [ 196.456970][ T7294] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 196.563488][ T7301] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.674403][ T59] usb 3-1: USB disconnect, device number 10 [ 196.675316][ T7446] serio: Serial port ptm0 [ 196.736079][ T7294] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 196.760805][ T7294] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 196.903292][ T7301] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.950204][ T7294] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 197.013123][ T29] audit: type=1326 audit(1726258238.849:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7449 comm="syz.3.817" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfb8b7def9 code=0x0 [ 197.108896][ T7301] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.249727][ T7301] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.510750][ T7294] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.583261][ T7455] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0 [ 197.615859][ T7294] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.627461][ T7301] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 197.658146][ T7301] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 197.681271][ T1125] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.688647][ T1125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.767842][ T7301] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 197.817491][ T1125] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.824724][ T1125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.906861][ T7301] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 198.235141][ T7301] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.291850][ T7301] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.325025][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.332319][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.382205][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.389492][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.625059][ T7294] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.066874][ T7301] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.147627][ T5242] Bluetooth: hci7: command 0x1003 tx timeout [ 199.151200][ T5249] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 199.232922][ T7301] veth0_vlan: entered promiscuous mode [ 199.257573][ T7301] veth1_vlan: entered promiscuous mode [ 199.411996][ T7301] veth0_macvtap: entered promiscuous mode [ 199.434491][ T7301] veth1_macvtap: entered promiscuous mode [ 199.516376][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.535579][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.562494][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.609882][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.634298][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.651462][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.665199][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.695626][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.721131][ T7491] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 199.737772][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.774015][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.852470][ T7301] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.004962][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.048369][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.080050][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.120548][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.131919][ T7495] input: syz1 as /devices/virtual/input/input20 [ 200.158433][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.197571][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.226694][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.255873][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.277181][ T7301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.307164][ T7301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.329261][ T7301] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.354110][ T7301] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.378579][ T7301] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.397170][ T7301] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.428516][ T7301] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.760363][ T962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.786966][ T962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.893458][ T7294] veth0_vlan: entered promiscuous mode [ 200.933905][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.953672][ T7294] veth1_vlan: entered promiscuous mode [ 200.958779][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 201.078643][ T7294] veth0_macvtap: entered promiscuous mode [ 201.111778][ T7294] veth1_macvtap: entered promiscuous mode [ 201.145919][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.159749][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.169798][ T47] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 201.200304][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.212579][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.223001][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.236560][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.246961][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.267398][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.287264][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.304746][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.321386][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.354028][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.367569][ T47] usb 4-1: Using ep0 maxpacket: 8 [ 201.381290][ T47] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 201.386712][ T7294] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.393087][ T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.426100][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.427351][ T47] usb 4-1: Product: syz [ 201.457296][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.467334][ T47] usb 4-1: Manufacturer: syz [ 201.467363][ T47] usb 4-1: SerialNumber: syz [ 201.502650][ T47] usb 4-1: config 0 descriptor?? [ 201.507143][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.519723][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.537198][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.567572][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.578781][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.589828][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.600826][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.612893][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.624089][ T7294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.638568][ T7294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.667266][ T7294] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.743434][ T47] usb 4-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 201.749017][ T7294] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.767782][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 201.776823][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 201.804873][ T7294] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.834377][ T7294] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.866799][ T7294] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.868025][ T5250] Bluetooth: hci3: command 0x0406 tx timeout [ 201.881161][ T4614] Bluetooth: hci0: command 0x0406 tx timeout [ 201.883738][ T5250] Bluetooth: hci1: command 0x0406 tx timeout [ 202.392704][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.423706][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.571715][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.584821][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.978900][ T47] usb write operation failed. (-71) [ 203.020274][ T47] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 203.039144][ T47] dvbdev: DVB: registering new adapter (Terratec H7) [ 203.057529][ T47] usb 4-1: media controller created [ 203.064026][ T47] usb read operation failed. (-71) [ 203.106345][ T47] usb write operation failed. (-71) [ 203.131383][ T47] dvb_usb_az6007 4-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 203.162075][ T47] usb 4-1: USB disconnect, device number 10 [ 203.168819][ T7553] loop0: detected capacity change from 0 to 16384 [ 203.271360][ T44] I/O error, dev loop0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 [ 203.847210][ T59] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 204.042800][ T59] usb 5-1: Using ep0 maxpacket: 16 [ 204.051959][ T59] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 204.083443][ T59] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 204.118457][ T59] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 204.159250][ T59] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 204.177150][ T59] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.192412][ T59] usb 5-1: Product: syz [ 204.208982][ T59] usb 5-1: Manufacturer: syz [ 204.217466][ T59] usb 5-1: SerialNumber: syz [ 204.684937][ T59] usb 5-1: 2:1 : format type 0 is detected, processed as PCM [ 205.492564][ T59] usb 5-1: 2:1: cannot set freq 9338507 to ep 0x82 [ 205.574297][ T59] usb 5-1: USB disconnect, device number 3 [ 205.957267][ T8] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 206.194401][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 206.210555][ T8] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 206.227575][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.267436][ T8] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 206.328250][ T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 206.357205][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.395559][ T8] usb 3-1: Product: syz [ 206.401121][ T8] usb 3-1: Manufacturer: syz [ 206.415987][ T8] usb 3-1: SerialNumber: syz [ 206.697333][ T5284] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 206.899538][ T5284] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 206.933422][ T5284] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 206.954486][ T5284] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 206.977377][ T5284] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 207.013840][ T5284] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 207.040076][ T5284] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.081659][ T5284] usb 4-1: config 0 descriptor?? [ 207.094430][ T7630] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 207.456792][ T8] cdc_ncm 3-1:1.0: bind() failure [ 207.497328][ T8] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71 [ 207.524125][ T8] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71 [ 207.547015][ T5284] plantronics 0003:047F:FFFF.0009: unknown main item tag 0xd [ 207.547400][ T8] usbtest 3-1:1.1: probe with driver usbtest failed with error -71 [ 207.583636][ T5284] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving [ 207.613107][ T8] usb 3-1: USB disconnect, device number 11 [ 207.650670][ T5284] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 207.709876][ T7654] syz.4.891[7654] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 207.710041][ T7654] syz.4.891[7654] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 207.890312][ T8] usb 4-1: USB disconnect, device number 11 [ 208.145252][ T7663] tipc: Started in network mode [ 208.155886][ T7663] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 208.194520][ T7663] tipc: New replicast peer: 0000:0000:0000:0000:0000:ffff:e000:0002 [ 208.208756][ T7663] tipc: Enabled bearer , priority 10 [ 208.285117][ T7666] netlink: 12 bytes leftover after parsing attributes in process `syz.4.897'. [ 208.717230][ T5284] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 208.948055][ T5284] usb 5-1: Using ep0 maxpacket: 16 [ 208.975398][ T5284] usb 5-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66 [ 209.012408][ T5284] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.055353][ T5284] usb 5-1: config 0 descriptor?? [ 209.087036][ T5284] usb 5-1: invalid MIDI EP [ 209.117340][ T5284] usb 5-1: snd-bcd2000: error during probing [ 209.126388][ T5284] snd-bcd2000 5-1:0.0: probe with driver snd-bcd2000 failed with error -22 [ 209.189265][ T7686] netlink: 'syz.3.906': attribute type 9 has an invalid length. [ 209.217786][ T7686] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.906'. [ 209.219754][ T59] tipc: Node number set to 1 [ 209.462742][ T1125] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.697538][ T7687] netlink: 'syz.3.906': attribute type 9 has an invalid length. [ 209.705286][ T7687] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.906'. [ 209.803433][ T1125] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.858483][ T8] usb 5-1: USB disconnect, device number 4 [ 210.109811][ T1125] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.459943][ T1125] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.600938][ T5242] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 210.617697][ T5242] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 210.629916][ T5242] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 210.649463][ T5242] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 210.670068][ T5242] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 210.683917][ T5242] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 211.161588][ T1125] bridge_slave_1: left allmulticast mode [ 211.178235][ T1125] bridge_slave_1: left promiscuous mode [ 211.197504][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.316913][ T1125] bridge_slave_0: left allmulticast mode [ 211.327371][ T1125] bridge_slave_0: left promiscuous mode [ 211.335567][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.441439][ T29] audit: type=1326 audit(1726258253.279:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7721 comm="syz.0.926" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f774d57def9 code=0x0 [ 211.627497][ T5316] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 211.776990][ T5242] block nbd4: Receive control failed (result -32) [ 211.778008][ T7718] block nbd4: shutting down sockets [ 211.834005][ T5316] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 211.890187][ T5316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 211.912785][ T5316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 211.925517][ T5316] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 211.960335][ T5316] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 212.007183][ T5316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.057737][ T5316] usb 2-1: config 0 descriptor?? [ 212.081182][ T7720] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 212.534416][ T5316] plantronics 0003:047F:FFFF.000A: unknown main item tag 0xd [ 212.559744][ T5316] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 212.596904][ T5316] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 212.670648][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.700334][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.719261][ T1125] bond0 (unregistering): Released all slaves [ 212.747543][ T5242] Bluetooth: hci5: command tx timeout [ 212.772021][ T7722] veth0_vlan: left promiscuous mode [ 212.946712][ T1125] tipc: Disabling bearer [ 212.955930][ T5316] usb 2-1: USB disconnect, device number 8 [ 212.964792][ T1125] tipc: Left network mode [ 213.241141][ T40] block nbd2: Possible stuck request ffff8880261c0000: control (read@0,4096B). Runtime 90 seconds [ 213.398342][ T7700] chnl_net:caif_netlink_parms(): no params data found [ 213.856235][ T1125] hsr_slave_0: left promiscuous mode [ 213.874552][ T1125] hsr_slave_1: left promiscuous mode [ 213.890874][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 213.907831][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 213.938243][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 213.976025][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 214.040131][ T1125] veth1_macvtap: left promiscuous mode [ 214.052837][ T1125] veth0_macvtap: left promiscuous mode [ 214.067660][ T1125] veth1_vlan: left promiscuous mode [ 214.075350][ T1125] veth0_vlan: left promiscuous mode [ 214.084216][ T5249] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 214.095332][ T5249] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 214.106004][ T5249] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 214.116592][ T5249] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 214.125435][ T5249] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 214.136537][ T5249] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 214.145903][ T25] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 214.242375][ T35] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0xfd [ 214.333426][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11 [ 214.350871][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.376125][ T25] usb 5-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 214.388537][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.411609][ T25] usb 5-1: config 0 descriptor?? [ 214.827396][ T5242] Bluetooth: hci5: command tx timeout [ 214.861559][ T25] hid-steam 0003:28DE:1102.000B: unknown main item tag 0x0 [ 214.870425][ T25] hid-steam 0003:28DE:1102.000B: : USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.4-1/input0 [ 214.955290][ T25] hid-steam 0003:28DE:1102.000B: Steam Controller 'XXXXXXXXXX' connected [ 215.019210][ T25] input: Steam Controller as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28DE:1102.000B/input/input23 [ 215.063759][ T25] hid-steam 0003:28DE:1102.000C: unknown main item tag 0x0 [ 215.079312][ T25] hid-steam 0003:28DE:1102.000C: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.4-1/input0 [ 215.096754][ T25] usb 5-1: USB disconnect, device number 5 [ 215.213473][ T25] hid-steam 0003:28DE:1102.000B: Steam Controller 'XXXXXXXXXX' disconnected [ 215.694468][ T1125] team0 (unregistering): Port device team_slave_1 removed [ 215.873846][ T1125] team0 (unregistering): Port device team_slave_0 removed [ 216.057222][ T25] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 216.187646][ T5242] Bluetooth: hci1: command tx timeout [ 216.237657][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 216.248747][ T25] usb 2-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.ae [ 216.258606][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.266637][ T25] usb 2-1: Product: syz [ 216.278950][ T25] usb 2-1: Manufacturer: syz [ 216.287516][ T25] usb 2-1: SerialNumber: syz [ 216.297940][ T25] usb 2-1: config 0 descriptor?? [ 216.305396][ T25] ums_eneub6250 2-1:0.0: USB Mass Storage device detected [ 216.662748][ T5288] usb 2-1: USB disconnect, device number 9 [ 216.908062][ T5242] Bluetooth: hci5: command tx timeout [ 217.617369][ T5286] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 217.628091][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 217.828788][ T7700] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.836005][ T7700] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.858880][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.879613][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 217.900053][ T7700] bridge_slave_0: entered allmulticast mode [ 217.909508][ T5286] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 217.921279][ T7700] bridge_slave_0: entered promiscuous mode [ 217.925882][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.938926][ T5286] usb 2-1: config 0 descriptor?? [ 217.992776][ T7700] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.010937][ T7700] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.027546][ T7700] bridge_slave_1: entered allmulticast mode [ 218.037335][ T7700] bridge_slave_1: entered promiscuous mode [ 218.064315][ T5288] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 218.228072][ T7700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 218.267788][ T5242] Bluetooth: hci1: command tx timeout [ 218.274773][ T5288] usb 5-1: Using ep0 maxpacket: 8 [ 218.283862][ T5288] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 218.292861][ T5288] usb 5-1: config 179 has no interface number 0 [ 218.300176][ T5288] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 218.303832][ T7700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.312187][ T5288] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 218.337347][ T5288] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 218.350882][ T5288] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 218.368037][ T5286] hid-thrustmaster 0003:044F:B65D.000D: unknown main item tag 0x0 [ 218.379030][ T5286] hid-thrustmaster 0003:044F:B65D.000D: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.1-1/input0 [ 218.396102][ T5288] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 218.446341][ T5286] hid-thrustmaster 0003:044F:B65D.000D: Wrong number of endpoints? [ 218.463329][ T5288] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 218.499385][ T5288] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.545273][ T7779] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 218.626587][ T7700] team0: Port device team_slave_0 added [ 218.665436][ T7700] team0: Port device team_slave_1 added [ 218.714737][ C1] hid-thrustmaster 0003:044F:B65D.000D: URB to get model id failed with error -71 [ 218.715378][ T59] usb 2-1: USB disconnect, device number 10 [ 218.850862][ T7700] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.877200][ T7700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.916629][ T5286] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input24 [ 218.958210][ T7700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.988789][ T5249] Bluetooth: hci5: command tx timeout [ 219.036432][ T7700] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.046034][ T7700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.072518][ T7700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.113727][ T5288] usb 5-1: USB disconnect, device number 6 [ 219.113784][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 219.127946][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 219.178628][ T7744] chnl_net:caif_netlink_parms(): no params data found [ 219.214474][ T5288] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 219.427733][ T7700] hsr_slave_0: entered promiscuous mode [ 219.438084][ T7700] hsr_slave_1: entered promiscuous mode [ 219.446822][ T5242] block nbd0: Receive control failed (result -32) [ 219.447877][ T7784] block nbd0: shutting down sockets [ 219.466916][ T7700] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.476860][ T7700] Cannot create hsr debugfs directory [ 219.629174][ T1125] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.831932][ T1125] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.896537][ T7744] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.921140][ T7744] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.947621][ T7744] bridge_slave_0: entered allmulticast mode [ 219.959850][ T7744] bridge_slave_0: entered promiscuous mode [ 220.054763][ T1125] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.093115][ T7744] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.107486][ T7744] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.115204][ T7744] bridge_slave_1: entered allmulticast mode [ 220.129220][ T7744] bridge_slave_1: entered promiscuous mode [ 220.223285][ T1125] batman_adv: batadv0: Removing interface: macvtap1 [ 220.265488][ T1125] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.347500][ T5242] Bluetooth: hci1: command tx timeout [ 220.492350][ T7744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.533269][ T7744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 220.817465][ T7744] team0: Port device team_slave_0 added [ 220.841810][ T7744] team0: Port device team_slave_1 added [ 220.957349][ T59] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 221.056748][ T7744] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 221.068985][ T7744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.138673][ T7744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.167475][ T59] usb 1-1: Using ep0 maxpacket: 16 [ 221.216981][ T59] usb 1-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 221.287966][ T7744] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.296791][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 221.333781][ T59] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.368587][ T7744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.395261][ T59] usb 1-1: Product: syz [ 221.409177][ T59] usb 1-1: Manufacturer: syz [ 221.419501][ T59] usb 1-1: SerialNumber: syz [ 221.455630][ T59] usb 1-1: config 0 descriptor?? [ 221.488350][ T7744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 221.513115][ T59] appledisplay 1-1:0.0: Could not find int-in endpoint [ 221.522379][ T59] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 221.568913][ T1125] bridge_slave_1: left allmulticast mode [ 221.600936][ T1125] bridge_slave_1: left promiscuous mode [ 221.630980][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.676383][ T1125] bridge_slave_0: left allmulticast mode [ 221.697465][ T1125] bridge_slave_0: left promiscuous mode [ 221.703318][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.945007][ T25] usb 1-1: USB disconnect, device number 13 [ 222.427569][ T5242] Bluetooth: hci1: command tx timeout [ 222.806291][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.849850][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.875001][ T7835] vivid-003: disconnect [ 222.885593][ T1125] bond0 (unregistering): Released all slaves [ 222.904528][ T7832] vivid-003: reconnect [ 223.054535][ T7829] netlink: 12 bytes leftover after parsing attributes in process `syz.4.953'. [ 224.069680][ T7744] hsr_slave_0: entered promiscuous mode [ 224.112031][ T7744] hsr_slave_1: entered promiscuous mode [ 224.167391][ T7744] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 224.175014][ T7744] Cannot create hsr debugfs directory [ 224.460729][ T1125] hsr_slave_0: left promiscuous mode [ 224.497490][ T1125] hsr_slave_1: left promiscuous mode [ 224.517465][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.524941][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.570341][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.587501][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 224.641592][ T1125] veth1_macvtap: left promiscuous mode [ 224.659405][ T1125] veth0_macvtap: left promiscuous mode [ 224.665148][ T1125] veth1_vlan: left promiscuous mode [ 224.676068][ T1125] veth0_vlan: left promiscuous mode [ 226.020359][ T1125] team0 (unregistering): Port device team_slave_1 removed [ 226.129525][ T1125] team0 (unregistering): Port device team_slave_0 removed [ 228.053218][ T7700] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 228.098896][ T7700] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 228.189154][ T7700] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 228.390551][ T7700] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 228.776826][ T7881] 9pnet: p9_errstr2errno: server reported unknown error @hQIte [ 228.885376][ T7700] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.957354][ T59] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 228.962356][ T7700] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.030150][ T3035] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.037386][ T3035] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.125187][ T3035] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.133234][ T3035] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.177189][ T59] usb 2-1: Using ep0 maxpacket: 8 [ 229.194925][ T59] usb 2-1: config index 0 descriptor too short (expected 5924, got 36) [ 229.228049][ T59] usb 2-1: config 250 has an invalid interface number: 228 but max is -1 [ 229.236549][ T59] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 229.257403][ T5317] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 229.259741][ T7744] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 229.274225][ T59] usb 2-1: config 250 has no interface number 0 [ 229.283114][ T59] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 229.295437][ T59] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 229.306489][ T59] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 105 [ 229.317904][ T59] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 229.335043][ T7744] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 229.342845][ T59] usb 2-1: config 250 interface 228 has no altsetting 0 [ 229.353366][ T59] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 229.363690][ T59] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 229.372488][ T59] usb 2-1: Product: syz [ 229.376829][ T59] usb 2-1: SerialNumber: syz [ 229.395903][ T59] hub 2-1:250.228: bad descriptor, ignoring hub [ 229.398799][ T7744] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 229.403013][ T59] hub 2-1:250.228: probe with driver hub failed with error -5 [ 229.428764][ T7744] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 229.449855][ T5317] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 229.461981][ T5317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 229.476304][ T5317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 229.502750][ T5317] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 229.526636][ T5317] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 229.538204][ T5317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.569126][ T5317] usb 5-1: config 0 descriptor?? [ 229.617573][ T59] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 11 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 229.745488][ T7744] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.835648][ T7744] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.891484][ T1075] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.898716][ T1075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.930433][ T1075] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.937722][ T1075] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.026957][ T5317] plantronics 0003:047F:FFFF.000E: ignoring exceeding usage max [ 230.075529][ T5317] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving [ 230.108529][ T5317] plantronics 0003:047F:FFFF.000E: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 230.122291][ T7700] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.177820][ T8] usb 2-1: USB disconnect, device number 11 [ 230.195987][ T8] usblp0: removed [ 230.298138][ T7700] veth0_vlan: entered promiscuous mode [ 230.320106][ T7700] veth1_vlan: entered promiscuous mode [ 230.379279][ T7700] veth0_macvtap: entered promiscuous mode [ 230.409798][ T7700] veth1_macvtap: entered promiscuous mode [ 230.492675][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.521452][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.537271][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.547976][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.558245][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.568976][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.591900][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.621695][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.632154][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.642899][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.655246][ T7700] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 230.712251][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.747662][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.766801][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.785800][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.796172][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.815338][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.838713][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.852285][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.862296][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.874626][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.888039][ T7700] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 230.928782][ T7700] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.950086][ T7700] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.967437][ T7700] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.986491][ T7700] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.035763][ T7744] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.327090][ T7744] veth0_vlan: entered promiscuous mode [ 231.351404][ T962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.371190][ T962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.455444][ T7744] veth1_vlan: entered promiscuous mode [ 231.502540][ T962] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.521282][ T962] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.589822][ T7744] veth0_macvtap: entered promiscuous mode [ 231.620353][ T7744] veth1_macvtap: entered promiscuous mode [ 231.693199][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.723588][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.736733][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.762801][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.776361][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.798852][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.815156][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.827671][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.844269][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.855766][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.876497][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 231.888747][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.902108][ T7744] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 231.971164][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.009962][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.035766][ T25] usb 5-1: USB disconnect, device number 7 [ 232.048597][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.081708][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.104825][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.121574][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.137522][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.152781][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.163381][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.174841][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.185346][ T7744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 232.204804][ T7744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.220174][ T7744] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.292214][ T7744] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.326345][ T7744] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.339993][ T7744] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.347873][ T47] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 232.367263][ T7744] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.571290][ T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.603282][ T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 232.643294][ T47] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 232.653222][ T3035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.667436][ T3035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.674941][ T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.698737][ T47] usb 3-1: config 0 descriptor?? [ 232.747625][ T1795] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 232.772389][ T3035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.792242][ T3035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.007404][ T1795] usb 2-1: Using ep0 maxpacket: 32 [ 233.074925][ T1795] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 233.117173][ T1795] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 233.132085][ T47] magicmouse 0003:05AC:0265.000F: unknown main item tag 0x0 [ 233.158204][ T1795] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 233.179589][ T47] magicmouse 0003:05AC:0265.000F: unknown main item tag 0x0 [ 233.203945][ T1795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 233.214132][ T47] magicmouse 0003:05AC:0265.000F: unknown main item tag 0x0 [ 233.230828][ T1795] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 233.241182][ T47] magicmouse 0003:05AC:0265.000F: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.2-1/input0 [ 233.253132][ T1795] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 233.260066][ T7947] netlink: 'syz.3.922': attribute type 10 has an invalid length. [ 233.271487][ T47] magicmouse 0003:05AC:0265.000F: magicmouse input not registered [ 233.287520][ T1795] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 233.305756][ T7947] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.306399][ T47] magicmouse 0003:05AC:0265.000F: probe with driver magicmouse failed with error -12 [ 233.314678][ T7947] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.330282][ T1795] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.350488][ T1795] usb 2-1: config 0 descriptor?? [ 233.375641][ T47] usb 3-1: USB disconnect, device number 12 [ 233.382597][ T7947] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.382736][ T7947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.383152][ T7947] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.404435][ T7947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.447909][ T7947] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 233.588881][ T7939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 233.617607][ T7939] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.643913][ T1795] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 233.708952][ T1795] usb 2-1: USB disconnect, device number 12 [ 233.741378][ T1795] usblp0: removed [ 233.987194][ T5317] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 235.629697][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 235.670756][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 235.899214][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 235.995858][ T7989] (syz.3.1019,7989,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory. [ 236.217656][ T7999] block nbd3: NBD_DISCONNECT [ 236.231204][ T7998] block nbd3: Disconnected due to user request. [ 236.256583][ T7998] block nbd3: shutting down sockets [ 236.410664][ T8005] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 236.937292][ T5288] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 237.137182][ T5288] usb 2-1: Using ep0 maxpacket: 32 [ 237.144468][ T5288] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 237.157160][ T5288] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 237.187708][ T5288] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 237.203732][ T5288] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 237.219962][ T5288] usb 2-1: config 0 interface 0 has no altsetting 0 [ 237.240575][ T5288] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 237.252194][ T5288] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 237.267146][ T5288] usb 2-1: Product: syz [ 237.280920][ T5288] usb 2-1: Manufacturer: syz [ 237.288130][ T5288] usb 2-1: SerialNumber: syz [ 237.303162][ T5288] usb 2-1: config 0 descriptor?? [ 237.320729][ T5288] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 237.334984][ T5288] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 237.347206][ T5284] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 237.549674][ T5284] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 237.569443][ T5284] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 237.582954][ T5288] usb 2-1: USB disconnect, device number 13 [ 237.606306][ T5284] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 237.618358][ T5288] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 237.647896][ T5284] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 237.677163][ T5284] usb 5-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 237.687544][ T5284] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.698453][ T5284] usb 5-1: config 0 descriptor?? [ 237.800984][ T962] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 238.136247][ T5284] nintendo 0003:057E:2009.0010: unknown main item tag 0x0 [ 238.159795][ T5284] nintendo 0003:057E:2009.0010: unknown main item tag 0x0 [ 238.193313][ T5284] nintendo 0003:057E:2009.0010: item fetching failed at offset 2/5 [ 238.220412][ T5284] nintendo 0003:057E:2009.0010: HID parse failed [ 238.245373][ T5284] nintendo 0003:057E:2009.0010: probe - fail = -22 [ 238.255825][ T5284] nintendo 0003:057E:2009.0010: probe with driver nintendo failed with error -22 [ 238.350366][ T5284] usb 5-1: USB disconnect, device number 8 [ 239.134889][ T8079] 9pnet: p9_errstr2errno: server reported unknown error ^P [ 239.212606][ T8082] loop8: detected capacity change from 0 to 7 [ 239.229721][ T8082] Dev loop8: unable to read RDB block 7 [ 239.243314][ T8082] loop8: unable to read partition table [ 239.252268][ T8082] loop8: partition table beyond EOD, truncated [ 239.264056][ T8082] loop_reread_partitions: partition scan of loop8 (被xڬdƤݡ [ 239.264056][ T8082] ) failed (rc=-5) [ 239.297495][ T5317] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 239.540899][ T5317] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 239.557162][ T5317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 239.583118][ T8098] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1062'. [ 239.592993][ T5317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 239.605024][ T5317] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 239.642171][ T5317] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 239.664871][ T5317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.676384][ T5317] usb 5-1: config 0 descriptor?? [ 239.682813][ T8073] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 240.132641][ T5317] plantronics 0003:047F:FFFF.0011: unknown main item tag 0xd [ 240.161131][ T5317] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 240.216938][ T5317] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 240.328247][ T5288] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 240.400129][ T5317] usb 5-1: USB disconnect, device number 9 [ 240.519857][ T5288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 240.555135][ T5288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.578155][ T5288] usb 2-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00 [ 240.597538][ T5288] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.609480][ T5288] usb 2-1: config 0 descriptor?? [ 241.003901][ T8132] hsr_slave_1 (unregistering): left promiscuous mode [ 241.045932][ T5288] a4tech 0003:09DA:022B.0012: unknown main item tag 0x0 [ 241.053297][ T8138] tipc: Started in network mode [ 241.055339][ T5288] a4tech 0003:09DA:022B.0012: unknown main item tag 0x0 [ 241.081837][ T5288] a4tech 0003:09DA:022B.0012: unknown main item tag 0x0 [ 241.089019][ T8138] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 241.089441][ T8138] tipc: Enabled bearer , priority 0 [ 241.108993][ T5288] a4tech 0003:09DA:022B.0012: unknown main item tag 0x0 [ 241.137562][ T8142] capability: warning: `syz.4.1081' uses deprecated v2 capabilities in a way that may be insecure [ 241.144457][ T5288] a4tech 0003:09DA:022B.0012: unknown main item tag 0x0 [ 241.166559][ T5288] a4tech 0003:09DA:022B.0012: unknown main item tag 0x0 [ 241.196046][ T5288] a4tech 0003:09DA:022B.0012: unknown main item tag 0x0 [ 241.197631][ T8142] program syz.4.1081 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 241.240420][ T5288] a4tech 0003:09DA:022B.0012: hidraw0: USB HID v0.00 Device [HID 09da:022b] on usb-dummy_hcd.1-1/input0 [ 241.298698][ T5288] usb 2-1: USB disconnect, device number 14 [ 241.351693][ T8148] netlink: 'syz.3.1085': attribute type 16 has an invalid length. [ 241.939629][ T8167] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 242.181217][ T8177] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1097'. [ 242.217452][ T8177] netlink: 'syz.1.1097': attribute type 7 has an invalid length. [ 242.218457][ T5316] tipc: Node number set to 11578026 [ 242.239644][ T8177] netlink: 'syz.1.1097': attribute type 8 has an invalid length. [ 242.258157][ T8177] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1097'. [ 242.370243][ T8177] erspan0: entered promiscuous mode [ 242.413918][ T8177] batadv_slave_1: entered promiscuous mode [ 242.450130][ T8177] gretap0: entered promiscuous mode [ 243.313032][ T40] block nbd2: Possible stuck request ffff8880261c0000: control (read@0,4096B). Runtime 120 seconds [ 243.614545][ T8201] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 243.987240][ T5286] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 244.137171][ T5316] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 244.207190][ T5286] usb 2-1: Using ep0 maxpacket: 16 [ 244.215837][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.241359][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.279772][ T5286] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 244.292849][ T5284] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 244.317205][ T5286] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 244.326315][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.338815][ T5316] usb 1-1: Using ep0 maxpacket: 16 [ 244.359667][ T5286] usb 2-1: config 0 descriptor?? [ 244.372590][ T5316] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 244.390751][ T5316] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.405986][ T5316] usb 1-1: Product: syz [ 244.422133][ T5316] usb 1-1: Manufacturer: syz [ 244.449444][ T5316] usb 1-1: SerialNumber: syz [ 244.487658][ T5284] usb 5-1: Using ep0 maxpacket: 16 [ 244.495354][ T5316] r8152-cfgselector 1-1: Unknown version 0x0000 [ 244.496355][ T5284] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 244.504380][ T5316] r8152-cfgselector 1-1: config 0 descriptor?? [ 244.534130][ T5284] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 244.561003][ T5284] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 244.614386][ T5284] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 244.625968][ T5284] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.636897][ T5284] usb 5-1: Product: syz [ 244.645963][ T5284] usb 5-1: Manufacturer: syz [ 244.651303][ T5284] usb 5-1: SerialNumber: syz [ 244.815226][ T5286] HID 045e:07da: Invalid code 65791 type 1 [ 244.840401][ T5286] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0013/input/input26 [ 244.874361][ T5286] microsoft 0003:045E:07DA.0013: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 244.998984][ T5316] r8152-cfgselector 1-1: USB disconnect, device number 14 [ 245.055964][ T5286] usb 2-1: USB disconnect, device number 15 [ 245.090517][ T5284] usb 5-1: 2:1 : format type 0 is detected, processed as PCM [ 245.792219][ T8239] TCP: TCP_TX_DELAY enabled [ 245.892009][ T5284] usb 5-1: 2:1: cannot get freq at ep 0x82 [ 245.951137][ T5284] usb 5-1: USB disconnect, device number 10 [ 246.262333][ T8248] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 246.493345][ T8254] batadv_slave_1: entered promiscuous mode [ 246.523897][ T8253] batadv_slave_1: left promiscuous mode [ 246.609451][ T8256] 9pnet: p9_errstr2errno: server reported unknown error ΜN/Y80娪m=| [ 247.597187][ T29] audit: type=1326 audit(1726258289.429:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8280 comm="syz.1.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ca17def9 code=0x7ffc0000 [ 247.680636][ T29] audit: type=1326 audit(1726258289.429:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8280 comm="syz.1.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f28ca17def9 code=0x7ffc0000 [ 247.701961][ C0] vkms_vblank_simulate: vblank timer overrun [ 247.777270][ T29] audit: type=1326 audit(1726258289.429:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8280 comm="syz.1.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ca17def9 code=0x7ffc0000 [ 248.177947][ T8293] syzkaller1: entered promiscuous mode [ 248.200831][ T8293] syzkaller1: entered allmulticast mode [ 248.643949][ T8306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1160'. [ 248.829895][ T29] audit: type=1326 audit(1726258290.669:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8312 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c857def9 code=0x7ffc0000 [ 248.879548][ T29] audit: type=1326 audit(1726258290.669:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8312 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c857def9 code=0x7ffc0000 [ 248.947439][ T29] audit: type=1326 audit(1726258290.699:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8312 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f31c857def9 code=0x7ffc0000 [ 249.032063][ T29] audit: type=1326 audit(1726258290.699:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8312 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c857def9 code=0x7ffc0000 [ 249.096282][ T29] audit: type=1326 audit(1726258290.699:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8312 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c857def9 code=0x7ffc0000 [ 249.157259][ T962] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x2e [ 249.407516][ T1795] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 249.487753][ T8325] dccp_invalid_packet: P.type (SYNC) not Data || [Data]Ack, while P.X == 0 [ 249.627319][ T1795] usb 2-1: Using ep0 maxpacket: 16 [ 249.634688][ T1795] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 249.649932][ T1795] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 249.675702][ T1795] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 249.695021][ T1795] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 249.709156][ T1795] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.726014][ T1795] usb 2-1: Product: syz [ 249.739249][ T1795] usb 2-1: Manufacturer: syz [ 249.749505][ T1795] usb 2-1: SerialNumber: syz [ 250.058272][ T8331] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in; [ 250.058272][ T8331] program syz.3.1161 not setting count and/or reply_len properly [ 250.188293][ T1795] usb 2-1: 0:2 : does not exist [ 250.213273][ T1795] usb 2-1: USB disconnect, device number 16 [ 250.407498][ T5316] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 250.587474][ T5316] usb 5-1: Using ep0 maxpacket: 8 [ 250.596612][ T5316] usb 5-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice= 1.ef [ 250.606651][ T5316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 250.627201][ T5316] usb 5-1: SerialNumber: syz [ 250.634632][ T5316] usb 5-1: config 0 descriptor?? [ 250.869197][ T5316] usb 5-1: USB disconnect, device number 11 [ 251.197358][ T29] audit: type=1326 audit(1726258293.029:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8343 comm="syz.0.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774d57def9 code=0x7ffc0000 [ 251.249152][ T29] audit: type=1326 audit(1726258293.029:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8343 comm="syz.0.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774d57def9 code=0x7ffc0000 [ 252.587388][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 253.028394][ T5317] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 253.239155][ T5317] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 253.278103][ T5317] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 253.297909][ T5317] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 253.310967][ T5317] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.331121][ T5317] usb 4-1: config 0 descriptor?? [ 253.772824][ T5317] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0 [ 253.797289][ T5317] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0 [ 253.812294][ T5317] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.0014/input/input27 [ 253.846614][ T5317] cm6533_jd 0003:0D8C:0022.0014: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 254.040489][ T5317] usb 4-1: USB disconnect, device number 13 [ 254.449235][ T8418] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 254.678414][ T5249] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 254.692686][ T5249] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 254.702432][ T5249] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 254.712316][ T5249] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 254.721474][ T5249] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 254.729663][ T5249] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 255.027363][ T1795] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 255.155007][ T8421] chnl_net:caif_netlink_parms(): no params data found [ 255.217404][ T1795] usb 4-1: Using ep0 maxpacket: 8 [ 255.240979][ T1795] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 255.267269][ T1795] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 255.297223][ T1795] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 255.325466][ T1795] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 255.350514][ T1795] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 255.373348][ T1795] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 255.397219][ T1795] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.616154][ T8421] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.618067][ T1795] usb 4-1: usb_control_msg returned -32 [ 255.632345][ T8421] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.650810][ T1795] usbtmc 4-1:16.0: can't read capabilities [ 255.657601][ T8421] bridge_slave_0: entered allmulticast mode [ 255.674702][ T8421] bridge_slave_0: entered promiscuous mode [ 255.709437][ T8421] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.726677][ T8421] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.757646][ T8421] bridge_slave_1: entered allmulticast mode [ 255.766098][ T8421] bridge_slave_1: entered promiscuous mode [ 255.893041][ T8421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 255.929151][ T8421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 256.104337][ T8421] team0: Port device team_slave_0 added [ 256.119193][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.125706][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.160660][ T8421] team0: Port device team_slave_1 added [ 256.254205][ T8455] input: syz1 as /devices/virtual/input/input28 [ 256.274476][ T8421] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 256.294069][ T8421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.388319][ T8421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 256.410481][ T8421] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 256.444663][ T8421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.498521][ T8421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 256.619321][ T8421] hsr_slave_0: entered promiscuous mode [ 256.647935][ T8421] hsr_slave_1: entered promiscuous mode [ 256.667426][ T8421] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 256.685297][ T8421] Cannot create hsr debugfs directory [ 256.717259][ T1795] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 256.839198][ T5242] Bluetooth: hci7: command tx timeout [ 256.947211][ T1795] usb 5-1: Using ep0 maxpacket: 32 [ 256.964497][ T1795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 256.996643][ T1795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 257.037429][ T1795] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 257.046551][ T1795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.075323][ T1795] usb 5-1: config 0 descriptor?? [ 257.088438][ T1795] hub 5-1:0.0: USB hub found [ 257.254265][ T8421] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.298476][ T1795] hub 5-1:0.0: 1 port detected [ 257.431970][ T8421] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.662119][ T8421] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.796318][ T1795] usb 4-1: USB disconnect, device number 14 [ 257.862945][ T8421] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.919834][ T5284] hub 5-1:0.0: activate --> -90 [ 258.132468][ T8469] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 258.323726][ T5316] usb 5-1: USB disconnect, device number 12 [ 258.370218][ T8421] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 258.428883][ T8421] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 258.461199][ T8421] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 258.559375][ T8474] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1221'. [ 258.917601][ T5242] Bluetooth: hci7: command tx timeout [ 259.431105][ T8421] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 259.530599][ T8474] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1221'. [ 259.874588][ T8421] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.041862][ T8421] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.071206][ T8488] tipc: Started in network mode [ 260.094485][ T8488] tipc: Node identity 1, cluster identity 4711 [ 260.140483][ T8488] tipc: Node number set to 1 [ 260.202597][ T1075] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.209854][ T1075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.278315][ T962] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.285519][ T962] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.748129][ T8496] overlayfs: failed to resolve './file0': -2 [ 260.961792][ T8421] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 260.990763][ T5249] Bluetooth: hci7: command tx timeout [ 261.012399][ T8500] Bluetooth: hci8: Frame reassembly failed (-84) [ 261.069240][ T3035] Bluetooth: hci8: Frame reassembly failed (-84) [ 261.200036][ T8421] veth0_vlan: entered promiscuous mode [ 261.253914][ T8421] veth1_vlan: entered promiscuous mode [ 261.369445][ T8421] veth0_macvtap: entered promiscuous mode [ 261.399877][ T8421] veth1_macvtap: entered promiscuous mode [ 261.448231][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.468151][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.497309][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.517650][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.557396][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.587388][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.607453][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.627443][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.658240][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.679798][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.703291][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.727268][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.768788][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.779749][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.802470][ T8421] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 261.858213][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.897424][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.917086][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.932688][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.957093][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.977498][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.997107][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.017086][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.043981][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.077084][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.098541][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.117321][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 262.117343][ T29] audit: type=1326 audit(1726258303.949:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8514 comm="syz.4.1235" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8899d7def9 code=0x0 [ 262.119777][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.217296][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.239396][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.264923][ T8421] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.310869][ T8421] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.332661][ T8421] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.351754][ T8421] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.377139][ T8421] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.600061][ T1075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.628380][ T1075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 262.727913][ T1839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.745162][ T1839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.067873][ T5242] Bluetooth: hci8: Entering manufacturer mode failed (-110) [ 263.068176][ T5249] Bluetooth: hci7: command tx timeout [ 263.079164][ T55] Bluetooth: hci8: command 0xfc11 tx timeout [ 263.877270][ T47] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 264.093607][ T47] usb 5-1: Using ep0 maxpacket: 16 [ 264.111948][ T47] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 264.185432][ T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 264.242494][ T47] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 264.257259][ T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.265322][ T47] usb 5-1: Product: syz [ 264.290149][ T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 264.305526][ T47] usb 5-1: Manufacturer: syz [ 264.305622][ T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 264.331577][ T55] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 264.351983][ T47] usb 5-1: SerialNumber: syz [ 264.352091][ T55] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 264.367470][ T55] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 264.375988][ T55] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 264.380449][ T47] usb 5-1: config 0 descriptor?? [ 264.429016][ T47] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 264.471969][ T47] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 265.041128][ T47] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 265.062865][ T47] em28xx 5-1:0.0: Config register raw data: 0x56 [ 265.281665][ T8531] chnl_net:caif_netlink_parms(): no params data found [ 265.504420][ T47] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 265.525051][ T47] em28xx 5-1:0.0: No AC97 audio processor [ 265.557675][ T47] usb 5-1: USB disconnect, device number 13 [ 265.564748][ T47] em28xx 5-1:0.0: Disconnecting em28xx [ 265.616481][ T8531] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.629471][ T47] em28xx 5-1:0.0: Freeing device [ 265.645573][ T8531] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.667950][ T8531] bridge_slave_0: entered allmulticast mode [ 265.686448][ T8531] bridge_slave_0: entered promiscuous mode [ 265.726662][ T8531] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.737643][ T8531] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.744975][ T8531] bridge_slave_1: entered allmulticast mode [ 265.769614][ T8531] bridge_slave_1: entered promiscuous mode [ 266.017805][ T8531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.064349][ T8531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.280730][ T8531] team0: Port device team_slave_0 added [ 266.326215][ T8531] team0: Port device team_slave_1 added [ 266.507603][ T55] Bluetooth: hci4: command tx timeout [ 266.527855][ T5288] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 266.608379][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1256'. [ 266.654014][ T8531] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.689063][ T8531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.767429][ T5288] usb 5-1: Using ep0 maxpacket: 16 [ 266.774859][ T5288] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 266.786951][ T8531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.798257][ T5288] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 266.812377][ T8531] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.819774][ T8531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.866596][ T5288] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 266.879304][ T8531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.896512][ T5288] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.916823][ T5288] usb 5-1: Product: syz [ 266.921207][ T5288] usb 5-1: Manufacturer: syz [ 266.927239][ T5288] usb 5-1: SerialNumber: syz [ 266.951307][ T5288] usb 5-1: config 0 descriptor?? [ 266.971311][ T5288] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 266.999018][ T5288] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 267.334438][ T8531] hsr_slave_0: entered promiscuous mode [ 267.382427][ T8531] hsr_slave_1: entered promiscuous mode [ 267.413975][ T8531] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 267.427160][ T8531] Cannot create hsr debugfs directory [ 267.590597][ T5288] em28xx 5-1:0.0: chip ID is em2882/3 [ 267.791512][ T5288] em28xx 5-1:0.0: Config register raw data: 0x24 [ 267.807103][ T5288] em28xx 5-1:0.0: I2S Audio (3 sample rate(s)) [ 267.819729][ T5288] em28xx 5-1:0.0: No AC97 audio processor [ 268.073858][ T8531] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.153372][ T8587] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1262'. [ 268.201179][ T5288] usb 5-1: USB disconnect, device number 14 [ 268.677504][ T55] Bluetooth: hci4: command tx timeout [ 268.994531][ C0] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 269.091120][ T8531] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.211285][ T8597] sp0: Synchronizing with TNC [ 269.234164][ T8596] [U] [ 269.455186][ T8531] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.657444][ T5284] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 269.680315][ T8531] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.751186][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888027dd8400: rx timeout, send abort [ 269.849267][ T5284] usb 5-1: Using ep0 maxpacket: 16 [ 269.888806][ T5284] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 269.927206][ T5284] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 269.959519][ T5284] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 269.997198][ T5284] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.030692][ T5284] usb 5-1: config 0 descriptor?? [ 270.094158][ T8531] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 270.136492][ T8531] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 270.169052][ T8531] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 270.186979][ T8531] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 270.259588][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888027dd8400: abort rx timeout. Force session deactivation [ 270.530562][ T5284] hid-multitouch 0003:1FD2:6007.0015: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0 [ 270.616170][ T8531] 8021q: adding VLAN 0 to HW filter on device bond0 [ 270.702863][ T5284] usb 5-1: USB disconnect, device number 15 [ 270.707654][ T8531] 8021q: adding VLAN 0 to HW filter on device team0 [ 270.729758][ T8617] input: syz1 as /devices/virtual/input/input29 [ 270.747373][ T55] Bluetooth: hci4: command tx timeout [ 270.811849][ T1075] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.819175][ T1075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 270.847521][ T1075] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.854762][ T1075] bridge0: port 2(bridge_slave_1) entered forwarding state [ 271.009660][ T5242] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 271.022735][ T5242] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 271.032014][ T5242] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 271.040756][ T5242] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 271.057470][ T5242] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 271.082416][ T5242] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 271.929962][ T8531] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 272.050013][ T8622] chnl_net:caif_netlink_parms(): no params data found [ 272.467896][ T8531] veth0_vlan: entered promiscuous mode [ 272.739640][ T8622] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.797400][ T8622] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.817361][ T8622] bridge_slave_0: entered allmulticast mode [ 272.827524][ T5242] Bluetooth: hci4: command tx timeout [ 272.840791][ T8622] bridge_slave_0: entered promiscuous mode [ 272.883371][ T8622] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.906413][ T8622] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.947576][ T8622] bridge_slave_1: entered allmulticast mode [ 272.959742][ T8622] bridge_slave_1: entered promiscuous mode [ 273.004646][ T8531] veth1_vlan: entered promiscuous mode [ 273.122922][ T8622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 273.148189][ T5242] Bluetooth: hci8: command tx timeout [ 273.174388][ T8622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 273.371721][ T8622] team0: Port device team_slave_0 added [ 273.390464][ T40] block nbd2: Possible stuck request ffff8880261c0000: control (read@0,4096B). Runtime 150 seconds [ 273.468440][ T8622] team0: Port device team_slave_1 added [ 273.648211][ T8664] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1286'. [ 273.709308][ T8622] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 273.731264][ T8622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.773652][ T8622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.788877][ T8665] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1285'. [ 273.843909][ T8622] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.855413][ T8622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.917211][ T8622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 273.948375][ T8531] veth0_macvtap: entered promiscuous mode [ 274.040825][ T8531] veth1_macvtap: entered promiscuous mode [ 274.163470][ T8622] hsr_slave_0: entered promiscuous mode [ 274.185657][ T8622] hsr_slave_1: entered promiscuous mode [ 274.224352][ T8622] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 274.247263][ T8622] Cannot create hsr debugfs directory [ 274.527626][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.567217][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.597640][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.628159][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.657457][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.680465][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.699737][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.729466][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.748080][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.787149][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.816194][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.839241][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.864222][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.888791][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.909135][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.937121][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.969246][ T8531] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 274.992655][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.025736][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.067172][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.087195][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.108273][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.130677][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.160369][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.187118][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.201829][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.227877][ T5242] Bluetooth: hci8: command tx timeout [ 275.233444][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.247605][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.289288][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.318231][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.347198][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.378517][ T8531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.407447][ T8531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.436007][ T8531] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 275.589400][ T8690] netlink: 'syz.0.1296': attribute type 29 has an invalid length. [ 275.638043][ T8691] netlink: 'syz.0.1296': attribute type 29 has an invalid length. [ 275.685970][ T8531] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.727294][ T8531] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.736241][ T8531] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.777150][ T8531] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.421134][ T8622] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.903003][ T8622] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.971268][ T3035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 277.001623][ T3035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 277.269568][ T8622] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.317098][ T5242] Bluetooth: hci8: command tx timeout [ 277.428297][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 277.436267][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 277.720930][ T8622] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.147973][ T8731] input: syz1 as /devices/virtual/input/input30 [ 278.154421][ T8622] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 278.186678][ T8737] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 278.242435][ T8622] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 278.301075][ T8622] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 278.381625][ T8622] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 278.715479][ T8622] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.803354][ T8622] 8021q: adding VLAN 0 to HW filter on device team0 [ 278.856611][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 278.863872][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 278.966623][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.973909][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.148784][ T30] INFO: task udevd:5363 blocked for more than 143 seconds. [ 279.177439][ T30] Not tainted 6.11.0-rc7-syzkaller-00133-ge936e7d4a83b #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 279.193589][ T8622] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 279.214304][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 279.240204][ T30] task:udevd state:D stack:24432 pid:5363 tgid:5363 ppid:1 flags:0x00000002 [ 279.307569][ T30] Call Trace: [ 279.338855][ T30] [ 279.341878][ T30] __schedule+0x17ae/0x4a10 [ 279.407776][ T5242] Bluetooth: hci8: command tx timeout [ 279.427143][ T30] ? __pfx___schedule+0x10/0x10 [ 279.432096][ T30] ? __pfx_lock_release+0x10/0x10 [ 279.497133][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 279.502793][ T30] ? schedule+0x90/0x320 [ 279.537134][ T30] schedule+0x14b/0x320 [ 279.541404][ T30] schedule_preempt_disabled+0x13/0x30 [ 279.547011][ T30] __mutex_lock+0x6a4/0xd70 [ 279.571797][ T30] ? __mutex_lock+0x527/0xd70 [ 279.576530][ T30] ? bdev_open+0xf0/0xc60 [ 279.607254][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 279.612509][ T30] ? kobject_get_unless_zero+0x22d/0x330 [ 279.657153][ T30] ? disk_block_events+0xa9/0x120 [ 279.666021][ T30] ? bdev_open+0xb1/0xc60 [ 279.677500][ T30] bdev_open+0xf0/0xc60 [ 279.681745][ T30] ? iput+0x3ad/0x930 [ 279.685866][ T30] blkdev_open+0x3e8/0x570 [ 279.717258][ T30] ? __pfx_blkdev_open+0x10/0x10 [ 279.722289][ T30] do_dentry_open+0x970/0x1440 [ 279.748045][ T30] vfs_open+0x3e/0x330 [ 279.752208][ T30] path_openat+0x2b3e/0x3470 [ 279.756938][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 279.792813][ T30] ? __lock_acquire+0x137a/0x2040 [ 279.807299][ T30] ? __pfx_path_openat+0x10/0x10 [ 279.812462][ T30] do_filp_open+0x235/0x490 [ 279.817016][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 279.832285][ T30] ? _raw_spin_unlock+0x28/0x50 [ 279.850207][ T30] ? alloc_fd+0x5a1/0x640 [ 279.854652][ T30] do_sys_openat2+0x13e/0x1d0 [ 279.876349][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 279.887094][ T30] __x64_sys_openat+0x247/0x2a0 [ 279.892020][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 279.907606][ T30] ? do_syscall_64+0x100/0x230 [ 279.912445][ T30] ? do_syscall_64+0xb6/0x230 [ 279.927623][ T30] do_syscall_64+0xf3/0x230 [ 279.932195][ T30] ? clear_bhb_loop+0x35/0x90 [ 279.936911][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.967290][ T30] RIP: 0033:0x7f6d6fd169a4 [ 279.978332][ T30] RSP: 002b:00007ffea9cdd460 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 279.986871][ T30] RAX: ffffffffffffffda RBX: 000055d81c054e10 RCX: 00007f6d6fd169a4 [ 280.007111][ T30] RDX: 00000000000a0800 RSI: 000055d81c034560 RDI: 00000000ffffff9c [ 280.015157][ T30] RBP: 000055d81c034560 R08: 0000000000000001 R09: 7fffffffffffffff [ 280.037108][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800 [ 280.045589][ T30] R13: 000055d81c0456f0 R14: 0000000000000001 R15: 000055d81c033910 [ 280.077571][ T30] [ 280.114712][ T30] INFO: task syz.2.334:6135 blocked for more than 144 seconds. [ 280.147122][ T30] Not tainted 6.11.0-rc7-syzkaller-00133-ge936e7d4a83b #0 [ 280.155279][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 280.209875][ T30] task:syz.2.334 state:D stack:26816 pid:6135 tgid:6134 ppid:5229 flags:0x00004004 [ 280.247193][ T30] Call Trace: [ 280.250547][ T30] [ 280.253534][ T30] __schedule+0x17ae/0x4a10 [ 280.279336][ T30] ? __pfx___schedule+0x10/0x10 [ 280.284317][ T30] ? __pfx_lock_release+0x10/0x10 [ 280.317260][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 280.322911][ T30] ? schedule+0x90/0x320 [ 280.347863][ T30] schedule+0x14b/0x320 [ 280.352131][ T30] schedule_preempt_disabled+0x13/0x30 [ 280.377233][ T30] __mutex_lock+0x6a4/0xd70 [ 280.385226][ T30] ? __mutex_lock+0x527/0xd70 [ 280.417105][ T30] ? bdev_release+0x184/0x700 [ 280.421877][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 280.426953][ T30] ? __fsnotify_parent+0x20c/0x5e0 [ 280.477121][ T30] bdev_release+0x184/0x700 [ 280.485124][ T30] blkdev_release+0x15/0x20 [ 280.507862][ T30] ? __pfx_blkdev_release+0x10/0x10 [ 280.513160][ T30] __fput+0x24a/0x8a0 [ 280.522412][ T30] task_work_run+0x24f/0x310 [ 280.547217][ T30] ? __pfx_task_work_run+0x10/0x10 [ 280.552431][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 280.570405][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 280.576124][ T30] do_syscall_64+0x100/0x230 [ 280.607304][ T30] ? clear_bhb_loop+0x35/0x90 [ 280.612196][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.637225][ T30] RIP: 0033:0x7f1390b7def9 [ 280.641715][ T30] RSP: 002b:00007f1391a26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 280.677091][ T30] RAX: 0000000000000000 RBX: 00007f1390d35f80 RCX: 00007f1390b7def9 [ 280.685143][ T30] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 280.717187][ T30] RBP: 00007f1390bf0b76 R08: 0000000000000000 R09: 0000000000000000 [ 280.725439][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.747980][ T30] R13: 0000000000000000 R14: 00007f1390d35f80 R15: 00007fff401dc3f8 [ 280.767607][ T30] [ 280.770734][ T30] INFO: task syz.2.334:6143 blocked for more than 144 seconds. [ 280.807163][ T30] Not tainted 6.11.0-rc7-syzkaller-00133-ge936e7d4a83b #0 [ 280.814856][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 280.867266][ T30] task:syz.2.334 state:D stack:20464 pid:6143 tgid:6134 ppid:5229 flags:0x00004004 [ 280.897213][ T30] Call Trace: [ 280.900568][ T30] [ 280.903544][ T30] __schedule+0x17ae/0x4a10 [ 280.937159][ T30] ? __pfx___schedule+0x10/0x10 [ 280.942134][ T30] ? __pfx_lock_release+0x10/0x10 [ 280.977135][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 280.983240][ T30] ? schedule+0x90/0x320 [ 281.023220][ T30] schedule+0x14b/0x320 [ 281.047193][ T30] io_schedule+0x8d/0x110 [ 281.051617][ T30] folio_wait_bit_common+0x882/0x12b0 [ 281.077139][ T30] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 281.083049][ T30] ? __pfx_wake_page_function+0x10/0x10 [ 281.098879][ T30] ? __filemap_get_folio+0x769/0xc10 [ 281.104407][ T30] do_read_cache_folio+0xb9/0x820 [ 281.137094][ T30] ? __pfx_blkdev_read_folio+0x10/0x10 [ 281.142648][ T30] read_part_sector+0xb3/0x330 [ 281.167186][ T30] adfspart_check_POWERTEC+0xc8/0x8f0 [ 281.172689][ T30] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 281.187154][ T30] ? snprintf+0xda/0x120 [ 281.191481][ T30] ? __pfx_adfspart_check_POWERTEC+0x10/0x10 [ 281.220400][ T30] ? alloc_pages_mpol_noprof+0x417/0x680 [ 281.226124][ T30] ? vsnprintf+0x1cc3/0x1da0 [ 281.237470][ T30] ? vsnprintf+0x184/0x1da0 [ 281.242075][ T30] ? __pfx_snprintf+0x10/0x10 [ 281.246805][ T30] ? __kasan_kmalloc+0x98/0xb0 [ 281.271987][ T30] bdev_disk_changed+0x72c/0x13d0 [ 281.287259][ T30] ? __pfx_bdev_disk_changed+0x10/0x10 [ 281.292849][ T30] blkdev_get_whole+0x2d2/0x450 [ 281.308188][ T30] bdev_open+0x2d4/0xc60 [ 281.312848][ T30] blkdev_open+0x3e8/0x570 [ 281.330523][ T30] ? __pfx_blkdev_open+0x10/0x10 [ 281.335546][ T30] do_dentry_open+0x970/0x1440 [ 281.347149][ T30] vfs_open+0x3e/0x330 [ 281.351390][ T30] path_openat+0x2b3e/0x3470 [ 281.356079][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 281.362390][ T30] ? __lock_acquire+0x137a/0x2040 [ 281.368006][ T30] ? __pfx_path_openat+0x10/0x10 [ 281.373046][ T30] do_filp_open+0x235/0x490 [ 281.378200][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 281.383313][ T30] ? _raw_spin_unlock+0x28/0x50 [ 281.389113][ T30] ? alloc_fd+0x5a1/0x640 [ 281.393693][ T30] do_sys_openat2+0x13e/0x1d0 [ 281.414584][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 281.427327][ T30] __x64_sys_openat+0x247/0x2a0 [ 281.432367][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 281.450388][ T30] ? exc_page_fault+0x590/0x8c0 [ 281.455321][ T30] ? do_syscall_64+0xb6/0x230 [ 281.477238][ T30] do_syscall_64+0xf3/0x230 [ 281.481832][ T30] ? clear_bhb_loop+0x35/0x90 [ 281.486564][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.508655][ T30] RIP: 0033:0x7f1390b7c890 [ 281.513274][ T30] RSP: 002b:00007f1391a04b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 281.538327][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1390b7c890 [ 281.546395][ T30] RDX: 0000000000000000 RSI: 00007f1391a04c10 RDI: 00000000ffffff9c [ 281.577103][ T30] RBP: 00007f1391a04c10 R08: 0000000000000000 R09: 002364626e2f7665 [ 281.585156][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 281.617111][ T30] R13: 0000000000000001 R14: 00007f1390d36058 R15: 00007fff401dc3f8 [ 281.625194][ T30] [ 281.657152][ T30] [ 281.657152][ T30] Showing all locks held in the system: [ 281.677129][ T30] 3 locks held by kworker/0:0/8: [ 281.682142][ T30] #0: ffff88801a880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 281.731179][ T30] #1: ffffc900000d7d00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 281.757188][ T30] #2: ffff88802a9bd240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2d1/0x4130 [ 281.780460][ T30] 1 lock held by khungtaskd/30: [ 281.785377][ T30] #0: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 281.827088][ T30] 2 locks held by kworker/u8:5/962: [ 281.832408][ T30] 2 locks held by getty/4987: [ 281.847143][ T30] #0: ffff88802fdc70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 281.867210][ T30] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 281.890759][ T30] 1 lock held by udevd/5363: [ 281.895411][ T30] #0: ffff8880261804c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60 [ 281.918592][ T30] 1 lock held by syz.2.334/6135: [ 281.923606][ T30] #0: ffff8880261804c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x184/0x700 [ 281.947609][ T30] 1 lock held by syz.2.334/6143: [ 281.952629][ T30] #0: ffff8880261804c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60 [ 281.977198][ T30] 2 locks held by syz.0.728/7213: [ 281.982379][ T30] 3 locks held by syz-executor/7294: [ 282.001922][ T30] #0: ffff88806105cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 282.027117][ T30] #1: ffff88806105c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 282.037011][ T30] #2: ffffffff8fbe5a28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 282.067511][ T30] 2 locks held by syz.3.1224/8484: [ 282.072696][ T30] #0: ffffffff8fadf570 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 282.097241][ T30] #1: ffffffff8ea09da8 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0x12d/0x1a90 [ 282.127136][ T30] 4 locks held by syz-executor/8622: [ 282.133395][ T30] #0: ffff888079170d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 282.157585][ T30] #1: ffff888079170078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 282.177840][ T30] #2: ffffffff8fbe5a28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 282.207317][ T30] #3: ffffffff8e73d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 282.237135][ T30] 3 locks held by syz.0.1329/8749: [ 282.242352][ T30] #0: ffff888031614d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 282.267771][ T30] #1: ffff888031614078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 282.287135][ T30] #2: ffffffff8fbe5a28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 282.307118][ T30] 3 locks held by syz.2.1323/8753: [ 282.312293][ T30] #0: ffff8880328c0d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 282.347597][ T30] #1: ffff8880328c0078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 282.367160][ T30] #2: ffffffff8fbe5a28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 282.387099][ T30] 3 locks held by syz.1.1321/8755: [ 282.392275][ T30] #0: ffff88807fea0d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 282.417115][ T30] #1: ffff88807fea0078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 [ 282.447163][ T30] #2: ffffffff8fbe5a28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 282.467511][ T30] [ 282.490019][ T30] ============================================= [ 282.490019][ T30] [ 282.507428][ T30] NMI backtrace for cpu 0 [ 282.512232][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00133-ge936e7d4a83b #0 [ 282.522792][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 282.532897][ T30] Call Trace: [ 282.536209][ T30] [ 282.539184][ T30] dump_stack_lvl+0x241/0x360 [ 282.544010][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 282.549260][ T30] ? __pfx__printk+0x10/0x10 [ 282.553893][ T30] ? vprintk_emit+0x667/0x7c0 [ 282.558596][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 282.563644][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 282.568606][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 282.574252][ T30] ? _printk+0xd5/0x120 [ 282.578470][ T30] ? __pfx__printk+0x10/0x10 [ 282.583073][ T30] ? __wake_up_klogd+0xcc/0x110 [ 282.588166][ T30] ? __pfx__printk+0x10/0x10 [ 282.592769][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 282.597806][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 282.603811][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 282.609845][ T30] watchdog+0xff4/0x1040 [ 282.614142][ T30] ? watchdog+0x1ea/0x1040 [ 282.618754][ T30] ? __pfx_watchdog+0x10/0x10 [ 282.623451][ T30] kthread+0x2f0/0x390 [ 282.627558][ T30] ? __pfx_watchdog+0x10/0x10 [ 282.632272][ T30] ? __pfx_kthread+0x10/0x10 [ 282.636985][ T30] ret_from_fork+0x4b/0x80 [ 282.641430][ T30] ? __pfx_kthread+0x10/0x10 [ 282.646135][ T30] ret_from_fork_asm+0x1a/0x30 [ 282.650935][ T30] [ 282.656467][ T30] Sending NMI from CPU 0 to CPUs 1: [ 282.663461][ C1] NMI backtrace for cpu 1 [ 282.663476][ C1] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.11.0-rc7-syzkaller-00133-ge936e7d4a83b #0 [ 282.663498][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 282.663510][ C1] Workqueue: bat_events batadv_nc_worker [ 282.663544][ C1] RIP: 0010:kasan_check_range+0x86/0x290 [ 282.663571][ C1] Code: 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd 41 80 3b 00 <0f> 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 00 45 89 dc [ 282.663593][ C1] RSP: 0018:ffffc90000ab7820 EFLAGS: 00000046 [ 282.663608][ C1] RAX: 0000000000000001 RBX: 1ffffffff27f4d23 RCX: ffffffff816fd764 [ 282.663621][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff93fa6918 [ 282.663633][ C1] RBP: ffffffffffffffff R08: ffffffff93fa691f R09: 1ffffffff27f4d23 [ 282.663647][ C1] R10: dffffc0000000000 R11: fffffbfff27f4d23 R12: ffff88801da9bc00 [ 282.663660][ C1] R13: 00000000000006d0 R14: dffffc0000000001 R15: fffffbfff27f4d24 [ 282.663673][ C1] FS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 282.663689][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 282.663701][ C1] CR2: 000000002000f000 CR3: 000000000e534000 CR4: 00000000003506f0 [ 282.663716][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 282.663727][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 282.663739][ C1] Call Trace: [ 282.663745][ C1] [ 282.663754][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 282.663779][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 282.663805][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 282.663839][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 282.663861][ C1] ? nmi_handle+0x14f/0x5a0 [ 282.663879][ C1] ? nmi_handle+0x2a/0x5a0 [ 282.663896][ C1] ? kasan_check_range+0x86/0x290 [ 282.663918][ C1] ? default_do_nmi+0x63/0x160 [ 282.663942][ C1] ? exc_nmi+0x123/0x1f0 [ 282.663965][ C1] ? end_repeat_nmi+0xf/0x53 [ 282.663992][ C1] ? __lock_acquire+0x4d4/0x2040 [ 282.664017][ C1] ? kasan_check_range+0x86/0x290 [ 282.664039][ C1] ? kasan_check_range+0x86/0x290 [ 282.664063][ C1] ? kasan_check_range+0x86/0x290 [ 282.664085][ C1] [ 282.664091][ C1] [ 282.664099][ C1] __lock_acquire+0x4d4/0x2040 [ 282.664132][ C1] lock_acquire+0x1ed/0x550 [ 282.664156][ C1] ? batadv_nc_purge_paths+0xe8/0x3b0 [ 282.664188][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 282.664212][ C1] ? __local_bh_disable_ip+0x187/0x220 [ 282.664235][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 282.664253][ C1] ? batadv_nc_purge_paths+0xe8/0x3b0 [ 282.664287][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 282.664309][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 282.664331][ C1] ? batadv_nc_purge_paths+0x312/0x3b0 [ 282.664358][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 282.664383][ C1] ? batadv_nc_purge_paths+0xe8/0x3b0 [ 282.664411][ C1] _raw_spin_lock_bh+0x35/0x50 [ 282.664437][ C1] ? batadv_nc_purge_paths+0xe8/0x3b0 [ 282.664463][ C1] ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10 [ 282.664482][ C1] batadv_nc_purge_paths+0xe8/0x3b0 [ 282.664517][ C1] batadv_nc_worker+0x328/0x610 [ 282.664543][ C1] ? batadv_nc_worker+0xcb/0x610 [ 282.664571][ C1] ? process_scheduled_works+0x945/0x1830 [ 282.664594][ C1] process_scheduled_works+0xa2c/0x1830 [ 282.664633][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 282.664661][ C1] ? assign_work+0x364/0x3d0 [ 282.664686][ C1] worker_thread+0x870/0xd30 [ 282.664714][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 282.664743][ C1] ? __kthread_parkme+0x169/0x1d0 [ 282.664770][ C1] ? __pfx_worker_thread+0x10/0x10 [ 282.664793][ C1] kthread+0x2f0/0x390 [ 282.664820][ C1] ? __pfx_worker_thread+0x10/0x10 [ 282.664843][ C1] ? __pfx_kthread+0x10/0x10 [ 282.664870][ C1] ret_from_fork+0x4b/0x80 [ 282.664893][ C1] ? __pfx_kthread+0x10/0x10 [ 282.664919][ C1] ret_from_fork_asm+0x1a/0x30 [ 282.664953][ C1] [ 282.786407][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 282.786433][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00133-ge936e7d4a83b #0 [ 282.786463][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 282.786478][ T30] Call Trace: [ 282.786497][ T30] [ 282.786510][ T30] dump_stack_lvl+0x241/0x360 [ 282.786548][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 282.786577][ T30] ? __pfx__printk+0x10/0x10 [ 282.786600][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 282.786643][ T30] ? vscnprintf+0x5d/0x90 [ 282.786676][ T30] panic+0x349/0x860 [ 282.786704][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 282.786738][ T30] ? __pfx_panic+0x10/0x10 [ 282.786760][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 282.786789][ T30] ? __irq_work_queue_local+0x137/0x410 [ 282.786824][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 282.786851][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 282.786883][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 282.786919][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 282.786956][ T30] watchdog+0x1033/0x1040 [ 282.786992][ T30] ? watchdog+0x1ea/0x1040 [ 282.787037][ T30] ? __pfx_watchdog+0x10/0x10 [ 282.787071][ T30] kthread+0x2f0/0x390 [ 282.787108][ T30] ? __pfx_watchdog+0x10/0x10 [ 282.787141][ T30] ? __pfx_kthread+0x10/0x10 [ 282.787178][ T30] ret_from_fork+0x4b/0x80 [ 282.787227][ T30] ? __pfx_kthread+0x10/0x10 [ 282.787263][ T30] ret_from_fork_asm+0x1a/0x30 [ 282.787314][ T30] [ 282.793777][ T30] Kernel Offset: disabled [ 283.213866][ T30] Rebooting in 86400 seconds..