last executing test programs: 9.082121015s ago: executing program 4 (id=2101): r0 = syz_io_uring_setup(0x39, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0, 0x80002101}) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x0, 0x0, 0x0, {}, {0x0, 0xea60}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "00000000000088f9"}}, 0x48}}, 0x0) io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000200)='~', 0xc5) 8.954084307s ago: executing program 4 (id=2104): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x9, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8.546778374s ago: executing program 4 (id=2110): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac36f8859c7d5444c12bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d4768540c540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a535f8ac496793001c1a4b26216d1cd382c1e6a15697ef0a9b26474e1dbfa422e952b0f742ef52388584673f6333299042099aa073c152e1b61851a4519fe67e47f1446bb7b80b804b1b4503df784c8604bf26578b1fa7dce5313ecdf297cc63bf2b472f8f56bebeec16dc5fa22ee9c3c304d6629db7215eebfbd480c4ac"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000d00)={r1}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xffe4, 0xa284fb9bd5e6bb6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcc6, 0x0, 0x8, 0x0, 0x0}}, 0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r3}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r4, &(0x7f0000000000), 0x0}, 0x20) 8.513634414s ago: executing program 4 (id=2111): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000001100)='./file0/../file0/../file0\x00', &(0x7f00000010c0)='./file0/file0\x00', 0x0, 0x1a1904e, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') chroot(&(0x7f0000000040)='./file0/../file0/../file0\x00') pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00') 8.453397709s ago: executing program 4 (id=2112): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18eb7608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74250c14c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a54728921621dd17d6b5a98bf7fb50a5ed93d26ad1e8e5cf8b861ffb2937ca88f129ad24e9a6ef29507e534a9cb594c9274084dcc5b3fcbc267504dcf1b7878d7dc2fe1d23903b622ed2359480c29dd3301e0e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r1}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xffe4, 0xfffffffffffffda0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3}, 0x90) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000780)={@cgroup, r4, 0x2e, 0x0, 0xffffffffffffffff, @link_id=0xffffffffffffffff}, 0x20) 8.106893232s ago: executing program 4 (id=2117): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f00000003c0)) 6.646805004s ago: executing program 0 (id=2138): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0) syz_usb_ep_write(r1, 0x81, 0x0, 0x0) syz_usb_ep_write(r1, 0x81, 0x0, 0x0) ioctl$EVIOCRMFF(r0, 0x4004550f, 0x0) 4.311296456s ago: executing program 1 (id=2155): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @random="000000000400", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xfffc}}}}}}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008004f0fffeffe809005300fff5dd000000100001000a0c10000000100000000000", 0x58}], 0x1) 4.142451173s ago: executing program 1 (id=2157): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000600)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x0, 0x0, 0x0, "8cda8079", "87cb6669"}}, 0x0}, 0x0) 4.014688235s ago: executing program 2 (id=2159): getpid() openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$peeksig(0x4209, r0, &(0x7f0000000000)={0xfffffffffffff2ac, 0x0, 0x38}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 3.874829853s ago: executing program 2 (id=2160): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42802, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) r2 = syz_io_uring_setup(0x1188, &(0x7f0000000080)={0x0, 0x57f1, 0x10100, 0x4}, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0) 3.837252527s ago: executing program 2 (id=2161): signalfd(0xffffffffffffffff, &(0x7f0000000c80)={[0xfffffffffffffffe]}, 0x8) r0 = syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000480), &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000280), &(0x7f0000000340)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x48e9, 0x0, 0x0, 0x0, 0x0) rseq(&(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x7ffffffff000}}, 0x20, 0x0, 0x0) 3.593505056s ago: executing program 0 (id=2162): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={r3, 0x8, 0x4}, 0x8) 3.37079037s ago: executing program 0 (id=2163): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000200), 0x12) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000080), 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, 0x0, &(0x7f00000000c0)) 3.271596152s ago: executing program 0 (id=2164): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @loopback}, 0x4}}, 0x2e) syz_emit_ethernet(0x4c, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e70"}}}}}}}, 0x0) recvmmsg(r1, &(0x7f0000004940)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/169, 0x6}], 0x1}}], 0x1, 0x0, 0x0) 3.125187003s ago: executing program 3 (id=2165): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) r2 = dup(r0) bind$bt_l2cap(r2, &(0x7f0000000300)={0x1f, 0x0, @none}, 0xe) listen(r2, 0x0) mount$9p_fd(0x0, &(0x7f0000000540)='.\x00', &(0x7f0000000180), 0x58, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) 3.033075162s ago: executing program 0 (id=2166): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='signal_generate\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10) 2.886926014s ago: executing program 3 (id=2167): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x640}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r1, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0) 2.849758047s ago: executing program 0 (id=2168): r0 = socket(0xa, 0x2, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x7d, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}}, &(0x7f0000003c00)=0x90) syz_usb_connect$uac1(0x0, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000300)=@lang_id={0x4}}]}) 2.411805828s ago: executing program 1 (id=2169): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xe}, {}, {0xfff3}}}, 0x24}}, 0x0) recvmsg$can_raw(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/16, 0x10}, {&(0x7f00000010c0)=""/4096, 0x1000}], 0x2}, 0x0) 1.988423907s ago: executing program 3 (id=2170): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0x1, 0x4) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r2 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) 1.888554081s ago: executing program 3 (id=2171): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) write$dsp(r0, &(0x7f00000001c0)='\\', 0x1) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f00000003c0)) 1.710945456s ago: executing program 2 (id=2172): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x7) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000600)={'#! ', './file0', [], 0xa, "e017b408de22ac8b125731dfc1fff01ab45efd18b5537387544c590aafb60afae1684f4aa4b09a07bb38de87308cf2a8111c6db8e9ef"}, 0x41) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xf) 1.4589908s ago: executing program 1 (id=2173): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast}) 1.243824154s ago: executing program 3 (id=2174): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r1, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x10000) sendfile(r1, r0, 0x0, 0xffefffff) 1.203282476s ago: executing program 1 (id=2175): unshare(0x22020600) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0) read$FUSE(r0, &(0x7f0000000b80)={0x2020}, 0x2020) 975.861517ms ago: executing program 1 (id=2176): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) setgroups(0x41b7, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0]) 334.829898ms ago: executing program 2 (id=2177): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x7c8}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) madvise(&(0x7f00003cd000/0x1000)=nil, 0x1000, 0x8) mlock2(&(0x7f000000a000/0x800000)=nil, 0x800000, 0x0) readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/64, 0x40}], 0x1) 71.207071ms ago: executing program 2 (id=2178): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, &(0x7f0000000240)) 0s ago: executing program 3 (id=2179): bpf$OBJ_GET_PROG(0x7, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) creat(0x0, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2}, 0x10) kernel console output (not intermixed with test programs): duct=ffff, bcdDevice= 0.00 [ 103.123315][ T3141] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.139879][ T3141] usb 3-1: config 0 descriptor?? [ 103.216996][ T5274] usb 2-1: Using ep0 maxpacket: 8 [ 103.234406][ T5274] usb 2-1: New USB device found, idVendor=046d, idProduct=0990, bcdDevice=7f.01 [ 103.244183][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.267206][ T5274] usb 2-1: config 0 descriptor?? [ 103.304845][ T5274] usb 2-1: unknown interface protocol 0x3f, assuming v1 [ 103.319221][ T5274] usb 2-1: cannot find UAC_HEADER [ 103.392564][ T5241] udevd[5241]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 103.409881][ T5274] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 103.573026][ T3141] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 103.590769][ T5303] usb 2-1: USB disconnect, device number 9 [ 103.600840][ T3141] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 103.614678][ T3141] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 103.667456][ T3141] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 103.843387][ T6572] overlayfs: upper fs does not support tmpfile. [ 103.888414][ T1169] usb 3-1: USB disconnect, device number 5 [ 104.031296][ T6582] loop8: detected capacity change from 0 to 7 [ 104.041389][ T6582] Dev loop8: unable to read RDB block 7 [ 104.048651][ T6582] loop8: unable to read partition table [ 104.054609][ T6582] loop8: partition table beyond EOD, truncated [ 104.064547][ T6582] loop_reread_partitions: partition scan of loop8 (被xڬdƤݡ [ 104.064547][ T6582] ) failed (rc=-5) [ 104.302029][ T6593] Bluetooth: MGMT ver 1.23 [ 104.932113][ T6615] bridge0: entered allmulticast mode [ 105.373616][ T6631] netlink: 20 bytes leftover after parsing attributes in process `syz.2.491'. [ 105.421836][ T6631] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 105.965787][ T5275] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 106.171831][ T5275] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 106.225872][ T5275] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.265222][ T5275] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.328028][ T5275] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 106.362960][ T5275] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 106.368517][ T6663] [U]  [ 106.390832][ T5275] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 106.431210][ T5275] usb 2-1: Manufacturer: syz [ 106.482037][ T5275] usb 2-1: config 0 descriptor?? [ 106.933813][ T5275] appleir 0003:05AC:8243.0005: unknown main item tag 0x0 [ 106.974941][ T5275] appleir 0003:05AC:8243.0005: No inputs registered, leaving [ 107.005631][ T5275] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 107.151712][ T5275] usb 2-1: USB disconnect, device number 10 [ 107.932549][ T6726] netlink: 'syz.2.532': attribute type 27 has an invalid length. [ 108.152880][ T6726] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.161104][ T6726] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.463420][ T6726] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 108.491148][ T6726] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 108.686693][ T6726] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.705127][ T6726] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.714836][ T6726] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.740986][ T6726] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.995931][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.283670][ T6766] input: syz1 as /devices/virtual/input/input13 [ 109.759519][ T6785] tipc: Started in network mode [ 109.765278][ T6785] tipc: Node identity 5f6c656e3a20380a, cluster identity 4711 [ 109.801487][ T6785] tipc: Enabling of bearer rejected, failed to enable media [ 110.007294][ T6739] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 110.236971][ T6739] usb 4-1: Using ep0 maxpacket: 16 [ 110.252169][ T6739] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 110.279541][ T6739] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 110.304006][ T6739] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 110.327409][ T6739] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 110.338013][ T6739] usb 4-1: config 0 has no interface number 0 [ 110.344294][ T6739] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 110.356743][ T6739] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 110.375761][ T6739] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 110.406896][ T6739] usb 4-1: config 0 interface 125 has no altsetting 0 [ 110.438524][ T6739] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 110.462411][ T6739] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.503185][ T6739] usb 4-1: Product: syz [ 110.513322][ T6739] usb 4-1: Manufacturer: syz [ 110.536900][ T6739] usb 4-1: SerialNumber: syz [ 110.549327][ T6739] usb 4-1: config 0 descriptor?? [ 110.838917][ T5302] usb 4-1: USB disconnect, device number 6 [ 111.103935][ T6828] tun0: tun_chr_ioctl cmd 1074025673 [ 111.642496][ T6854] Bluetooth: MGMT ver 1.23 [ 111.652723][ T6854] Bluetooth: hci3: unsupported parameter 64512 [ 111.656083][ T5302] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 111.663081][ T6854] Bluetooth: hci3: invalid length 0, exp 2 for type 1 [ 111.718537][ T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 111.766418][ T5273] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 111.891753][ T5302] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 111.901665][ T5302] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.916152][ T5302] usb 2-1: Product: syz [ 111.920402][ T5302] usb 2-1: Manufacturer: syz [ 111.925544][ T5302] usb 2-1: SerialNumber: syz [ 111.935261][ T8] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 111.944896][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.956739][ T5273] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 111.965914][ T8] usb 4-1: Product: syz [ 111.970105][ T8] usb 4-1: Manufacturer: syz [ 111.974713][ T8] usb 4-1: SerialNumber: syz [ 111.981025][ T5302] usb 2-1: config 0 descriptor?? [ 111.986084][ T5273] usb 1-1: config 1 has no interface number 0 [ 111.992631][ T5273] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.013987][ T5273] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 112.024810][ T8] usb 4-1: config 0 descriptor?? [ 112.065595][ T5273] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0 [ 112.094095][ T5273] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 23 [ 112.121075][ T5273] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 112.130933][ T5273] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.139688][ T5273] usb 1-1: Product: syz [ 112.144124][ T5273] usb 1-1: Manufacturer: syz [ 112.149957][ T5273] usb 1-1: SerialNumber: syz [ 112.246107][ T5302] usb 2-1: USB disconnect, device number 11 [ 112.366998][ T6848] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 112.473518][ T8] usb 4-1: Firmware version (0.0) predates our first public release. [ 112.481890][ T8] usb 4-1: Please update to version 0.2 or newer [ 112.490818][ T8] usb 4-1: Firmware: build [ 112.721189][ T8] usb 4-1: USB disconnect, device number 7 [ 112.984105][ T6848] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 113.003639][ T5273] cdc_ncm 1-1:1.1: bind() failure [ 113.252735][ T5274] usb 1-1: USB disconnect, device number 5 [ 113.352217][ T6889] netlink: 'syz.2.595': attribute type 2 has an invalid length. [ 113.643479][ T6899] ======================================================= [ 113.643479][ T6899] WARNING: The mand mount option has been deprecated and [ 113.643479][ T6899] and is ignored by this kernel. Remove the mand [ 113.643479][ T6899] option from the mount to silence this warning. [ 113.643479][ T6899] ======================================================= [ 113.678407][ C1] vkms_vblank_simulate: vblank timer overrun [ 113.956058][ T8] usb 4-1: new low-speed USB device number 8 using dummy_hcd [ 114.148645][ T8] usb 4-1: config 0 has no interfaces? [ 114.165853][ T8] usb 4-1: New USB device found, idVendor=0548, idProduct=0069, bcdDevice= a.8d [ 114.192843][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.222462][ T8] usb 4-1: config 0 descriptor?? [ 114.690111][ T6907] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.702450][ T6907] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.734762][ T6739] usb 4-1: USB disconnect, device number 8 [ 114.816187][ T5275] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 115.014324][ T5275] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 115.038882][ T5275] usb 3-1: config 1 has no interface number 0 [ 115.058573][ T5275] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 115.095750][ T5275] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 115.122126][ T5275] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 115.161506][ T5275] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 115.187935][ T5275] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.201160][ T5275] usb 3-1: Product: syz [ 115.220955][ T5275] usb 3-1: Manufacturer: syz [ 115.232944][ T5275] usb 3-1: SerialNumber: syz [ 115.843713][ T6975] netlink: 191416 bytes leftover after parsing attributes in process `syz.4.634'. [ 116.091683][ T5275] cdc_ncm 3-1:1.1: bind() failure [ 116.397533][ T5275] usb 3-1: USB disconnect, device number 6 [ 116.865838][ T5275] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 117.025495][ T7005] capability: warning: `syz.4.646' uses 32-bit capabilities (legacy support in use) [ 117.059744][ T5275] usb 4-1: Using ep0 maxpacket: 16 [ 117.083456][ T5275] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.119926][ T5275] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.157164][ T5275] usb 4-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00 [ 117.182750][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.214118][ T5275] usb 4-1: config 0 descriptor?? [ 117.405970][ T29] audit: type=1326 audit(1724962216.434:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7022 comm="syz.1.653" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa1e7179ef9 code=0x0 [ 117.474374][ T7028] netlink: 24 bytes leftover after parsing attributes in process `syz.2.654'. [ 117.685551][ T5275] input: HID 28bd:0934 Mouse as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28BD:0934.0006/input/input14 [ 117.735444][ T5275] uclogic 0003:28BD:0934.0006: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0934] on usb-dummy_hcd.3-1/input0 [ 117.757025][ T7039] netlink: 12 bytes leftover after parsing attributes in process `syz.4.658'. [ 117.928829][ T7043] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 117.989029][ T5275] usb 4-1: USB disconnect, device number 9 [ 118.296545][ T7058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.668'. [ 118.711362][ T7078] Bluetooth: hci3: unsupported parameter 65535 [ 118.726020][ T7078] Bluetooth: hci3: invalid length 1, exp 2 for type 16 [ 118.817135][ T29] audit: type=1326 audit(1724962217.844:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7066 comm="syz.4.671" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x0 [ 119.407989][ T7110] mmap: syz.1.687 (7110): VmData 37425152 exceed data ulimit 3626. Update limits or use boot option ignore_rlimit_data. [ 119.483121][ T5225] Bluetooth: hci1: unexpected subevent 0x0e length: 30 > 15 [ 119.720769][ T7124] netlink: 8 bytes leftover after parsing attributes in process `syz.3.694'. [ 120.114909][ T5275] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 120.316251][ T5275] usb 2-1: Using ep0 maxpacket: 8 [ 120.327577][ T5275] usb 2-1: config 0 has an invalid interface number: 137 but max is 0 [ 120.346089][ T5275] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.409630][ T5275] usb 2-1: config 0 has no interface number 0 [ 120.425643][ T5275] usb 2-1: config 0 interface 137 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64 [ 120.468666][ T5275] usb 2-1: config 0 interface 137 altsetting 0 endpoint 0x3 has invalid maxpacket 959, setting to 64 [ 120.506298][ T5275] usb 2-1: config 0 interface 137 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 120.542526][ T5275] usb 2-1: config 0 interface 137 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 12 [ 120.588652][ T5275] usb 2-1: New USB device found, idVendor=06f8, idProduct=3009, bcdDevice=3c.93 [ 120.618530][ T5275] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.645603][ T5275] usb 2-1: Product: syz [ 120.656080][ T5275] usb 2-1: Manufacturer: syz [ 120.663467][ T5275] usb 2-1: SerialNumber: syz [ 120.678382][ T5275] usb 2-1: config 0 descriptor?? [ 120.705153][ T5275] gspca_main: gspca_pac7302-2.14.0 probing 06f8:3009 [ 120.843415][ T7176] sctp: [Deprecated]: syz.2.718 (pid 7176) Use of struct sctp_assoc_value in delayed_ack socket option. [ 120.843415][ T7176] Use struct sctp_sack_info instead [ 120.979901][ T5354] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 121.198478][ T5354] usb 4-1: Using ep0 maxpacket: 32 [ 121.212954][ T5354] usb 4-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 121.254632][ T5354] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.283915][ T5354] usb 4-1: config 0 descriptor?? [ 121.297876][ T5354] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 121.545544][ T5275] input: gspca_pac7302 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input15 [ 121.807437][ T5274] usb 2-1: USB disconnect, device number 12 [ 121.925821][ T5273] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 122.101977][ T5354] gspca_sunplus: reg_w_riv err -71 [ 122.107540][ T5354] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 122.124543][ T5354] usb 4-1: USB disconnect, device number 10 [ 122.125877][ T5273] usb 1-1: Using ep0 maxpacket: 8 [ 122.155386][ T5273] usb 1-1: New USB device found, idVendor=10c4, idProduct=81c8, bcdDevice=fa.86 [ 122.167670][ T5273] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.185987][ T5273] usb 1-1: Product: syz [ 122.190202][ T5273] usb 1-1: Manufacturer: syz [ 122.196175][ T5273] usb 1-1: SerialNumber: syz [ 122.203384][ T5273] usb 1-1: config 0 descriptor?? [ 122.237915][ T5273] cp210x 1-1:0.0: cp210x converter detected [ 122.464069][ T5273] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 122.479918][ T5273] cp210x 1-1:0.0: querying part number failed [ 122.500063][ T5273] usb 1-1: cp210x converter now attached to ttyUSB0 [ 122.529466][ T5273] usb 1-1: USB disconnect, device number 6 [ 122.542951][ T5273] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 122.554626][ T5273] cp210x 1-1:0.0: device disconnected [ 122.995896][ T5275] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 123.176885][ T5275] usb 2-1: Using ep0 maxpacket: 8 [ 123.207372][ T5275] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 123.251565][ T5275] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.271392][ T5275] usb 2-1: Product: syz [ 123.280476][ T5275] usb 2-1: Manufacturer: syz [ 123.295121][ T5275] usb 2-1: SerialNumber: syz [ 123.317549][ T5275] usb 2-1: config 0 descriptor?? [ 123.337568][ T5275] gspca_main: sq905-2.14.0 probing 2770:9120 [ 124.325044][ T7297] loop7: detected capacity change from 0 to 1 [ 124.372563][ T5275] gspca_sq905: sq905_read_data: usb_control_msg failed (-71) [ 124.378830][ T7297] Dev loop7: unable to read RDB block 1 [ 124.388614][ T5275] sq905 2-1:0.0: probe with driver sq905 failed with error -71 [ 124.407551][ T7297] loop7: unable to read partition table [ 124.410045][ T5275] usb 2-1: USB disconnect, device number 13 [ 124.430918][ T7301] syz.0.773[7301] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.431258][ T7301] syz.0.773[7301] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.432196][ T7297] loop7: partition table beyond EOD, truncated [ 124.517193][ T7297] loop_reread_partitions: partition scan of loop7 (SaEǷ>#|J_diV3Q~d!=U5hcs-3hгJHv>l,) failed (rc=-5) [ 124.603167][ T4676] Dev loop7: unable to read RDB block 1 [ 124.623129][ T4676] loop7: unable to read partition table [ 124.645944][ T4676] loop7: partition table beyond EOD, truncated [ 125.006172][ T5273] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 125.207541][ T5273] usb 3-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.237344][ T5273] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 125.255079][ T7317] loop2: detected capacity change from 0 to 7 [ 125.277993][ T7317] Dev loop2: unable to read RDB block 7 [ 125.278021][ T5273] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 125.293857][ T7317] loop2: unable to read partition table [ 125.314215][ T5273] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 125.316177][ T7317] loop2: partition table beyond EOD, [ 125.335419][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.341119][ T7317] truncated [ 125.382126][ T7317] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 125.384352][ T7309] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 125.858022][ T5225] Bluetooth: hci4: link tx timeout [ 125.864069][ T5225] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 126.256491][ T5273] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 126.278905][ T5273] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input16 [ 126.324875][ T7360] netlink: 'syz.1.796': attribute type 3 has an invalid length. [ 126.336184][ T5273] usb 3-1: USB disconnect, device number 7 [ 126.342051][ C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 126.375804][ T7360] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.796'. [ 126.887626][ T7362] netlink: 96 bytes leftover after parsing attributes in process `syz.3.798'. [ 126.927160][ T6733] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 127.118000][ T6733] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.144745][ T6733] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.175146][ T6733] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 127.203419][ T6733] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.253145][ T6733] usb 5-1: config 0 descriptor?? [ 127.572225][ T7399] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 127.682835][ T6733] pyra 0003:1E7D:2CF6.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0 [ 127.936086][ T5231] Bluetooth: hci4: command 0x0405 tx timeout [ 128.176099][ T5225] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 128.288611][ T6733] pyra 0003:1E7D:2CF6.0007: couldn't init struct pyra_device [ 128.296319][ T6733] pyra 0003:1E7D:2CF6.0007: couldn't install mouse [ 128.312787][ T6733] pyra 0003:1E7D:2CF6.0007: probe with driver pyra failed with error -71 [ 128.325569][ T6733] usb 5-1: USB disconnect, device number 8 [ 128.635828][ T5302] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 128.779396][ T7449] input: syz0 as /devices/virtual/input/input17 [ 128.831273][ T5302] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 128.853849][ T5302] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 128.884764][ T5302] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 128.906042][ T5302] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.924330][ T5302] usb 4-1: Product: syz [ 128.932569][ T5302] usb 4-1: Manufacturer: syz [ 128.950069][ T5302] usb 4-1: SerialNumber: syz [ 128.974770][ T7427] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 129.153725][ T7463] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 129.197514][ T7463] macsec0: entered promiscuous mode [ 129.417270][ T5302] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71 [ 129.464574][ T5302] usb 4-1: USB disconnect, device number 11 [ 129.633229][ T29] audit: type=1326 audit(1724962228.664:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7476 comm="syz.0.850" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x0 [ 129.633936][ T7477] syz.4.851[7477] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.662080][ T7477] syz.4.851[7477] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 129.951914][ T7484] netlink: 'syz.4.854': attribute type 3 has an invalid length. [ 129.971994][ T7484] netlink: 'syz.4.854': attribute type 4 has an invalid length. [ 129.980919][ T7484] netlink: 'syz.4.854': attribute type 7 has an invalid length. [ 129.989073][ T7484] netlink: 'syz.4.854': attribute type 8 has an invalid length. [ 129.997043][ T7484] netlink: 'syz.4.854': attribute type 7 has an invalid length. [ 130.005127][ T7484] netlink: 198180 bytes leftover after parsing attributes in process `syz.4.854'. [ 130.114660][ T7488] netlink: 24 bytes leftover after parsing attributes in process `syz.4.856'. [ 130.495954][ T5275] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 130.709345][ T5275] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 130.725932][ T5275] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 130.758094][ T5275] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 130.795858][ T5275] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 130.820931][ T5275] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 130.835344][ T5275] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 130.844983][ T5275] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.855486][ T5275] usb 5-1: config 0 descriptor?? [ 130.871182][ T7495] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 131.320421][ T5275] plantronics 0003:047F:FFFF.0008: unknown main item tag 0xd [ 131.356971][ T5275] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving [ 131.382925][ T5275] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 131.563916][ T5354] usb 5-1: USB disconnect, device number 9 [ 131.715239][ T7563] netlink: 4272 bytes leftover after parsing attributes in process `syz.1.890'. [ 131.855984][ T5275] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 132.060078][ T5275] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 132.069456][ T5275] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.077883][ T5275] usb 4-1: Product: syz [ 132.082232][ T5275] usb 4-1: Manufacturer: syz [ 132.087213][ T5275] usb 4-1: SerialNumber: syz [ 132.093264][ T5275] usb 4-1: config 0 descriptor?? [ 132.420643][ T5275] hso 4-1:0.0: Failed to find INT IN ep [ 132.442019][ T5275] usb-storage 4-1:0.0: USB Mass Storage device detected [ 132.656109][ T7595] netlink: 277 bytes leftover after parsing attributes in process `syz.1.903'. [ 132.770049][ T5275] usb 4-1: USB disconnect, device number 12 [ 132.817555][ T7601] loop2: detected capacity change from 0 to 7 [ 132.865102][ T7601] Dev loop2: unable to read RDB block 7 [ 132.877434][ T7601] loop2: AHDI p1 p3 p4 [ 132.881657][ T7601] loop2: partition table partially beyond EOD, truncated [ 132.891145][ T7601] loop2: p1 start 2048 is beyond EOD, truncated [ 132.900841][ T7601] loop2: p3 size 16779293 extends beyond EOD, truncated [ 132.960337][ T5241] udevd[5241]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 133.139280][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.146394][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.048161][ T7652] sp0: Synchronizing with TNC [ 134.645880][ T5275] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 134.790454][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.839666][ T5275] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 134.873603][ T5275] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 134.888525][ T5275] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.898415][ T5275] usb 1-1: Product: syz [ 134.902610][ T5275] usb 1-1: Manufacturer: syz [ 134.909379][ T5275] usb 1-1: SerialNumber: syz [ 134.923691][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.016071][ T5273] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 135.020920][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.103493][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.222065][ T5273] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 135.245827][ T5273] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.277860][ T4615] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 135.289097][ T4615] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 135.299106][ T4615] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 135.308685][ T4615] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 135.312561][ T5273] usb 4-1: config 0 descriptor?? [ 135.325129][ T4615] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 135.342192][ T4615] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 135.378094][ T5273] cp210x 4-1:0.0: cp210x converter detected [ 135.391335][ T11] bridge_slave_1: left allmulticast mode [ 135.399992][ T11] bridge_slave_1: left promiscuous mode [ 135.414805][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.428216][ T11] bridge_slave_0: left allmulticast mode [ 135.439280][ T11] bridge_slave_0: left promiscuous mode [ 135.448714][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.798796][ T5273] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 135.865217][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 135.879708][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 135.891553][ T11] bond0 (unregistering): Released all slaves [ 135.971837][ T5275] cdc_ncm 1-1:1.0: failed to get mac address [ 136.001620][ T5275] cdc_ncm 1-1:1.0: bind() failure [ 136.019297][ T5273] usb 4-1: cp210x converter now attached to ttyUSB0 [ 136.057168][ T5275] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71 [ 136.083714][ T5275] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71 [ 136.103000][ T5275] usbtest 1-1:1.1: probe with driver usbtest failed with error -71 [ 136.156880][ T5275] usb 1-1: USB disconnect, device number 7 [ 136.238284][ T5273] usb 4-1: USB disconnect, device number 13 [ 136.285056][ T5273] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 136.384990][ T5273] cp210x 4-1:0.0: device disconnected [ 136.668769][ T11] hsr_slave_0: left promiscuous mode [ 136.679916][ T11] hsr_slave_1: left promiscuous mode [ 136.702222][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 136.710382][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 136.724555][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 136.734058][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 136.807675][ T11] veth1_macvtap: left promiscuous mode [ 136.813301][ T11] veth0_macvtap: left promiscuous mode [ 136.820452][ T11] veth1_vlan: left promiscuous mode [ 136.827438][ T11] veth0_vlan: left promiscuous mode [ 137.086709][ T6733] usb 1-1: new low-speed USB device number 8 using dummy_hcd [ 137.288959][ T6733] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 137.304415][ T6733] usb 1-1: config 0 has no interface number 0 [ 137.328682][ T6733] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 137.361103][ T6733] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 137.373854][ T6733] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.401292][ T6733] usb 1-1: config 0 descriptor?? [ 137.431384][ T6733] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 137.467811][ T5225] Bluetooth: hci3: command tx timeout [ 137.655474][ T5354] usb 1-1: USB disconnect, device number 8 [ 137.674490][ T5354] iowarrior 1-1:0.1: I/O-Warror #0 now disconnected [ 137.687487][ T4615] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 137.702982][ T4615] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 137.711560][ T4615] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 137.729956][ T4615] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 137.738872][ T4615] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 137.753523][ T4615] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 137.813570][ T11] team0 (unregistering): Port device team_slave_1 removed [ 137.863655][ T11] team0 (unregistering): Port device team_slave_0 removed [ 138.382022][ T7691] chnl_net:caif_netlink_parms(): no params data found [ 138.422861][ T7723] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 138.468451][ T7723] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.477934][ T7723] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.486744][ T7723] bridge0: entered allmulticast mode [ 138.879497][ T7691] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.905501][ T7691] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.921580][ T7691] bridge_slave_0: entered allmulticast mode [ 138.943591][ T7691] bridge_slave_0: entered promiscuous mode [ 138.981250][ T7691] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.000942][ T7691] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.019169][ T7691] bridge_slave_1: entered allmulticast mode [ 139.032894][ T7691] bridge_slave_1: entered promiscuous mode [ 139.254560][ T7691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 139.288450][ T7691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 139.467368][ T7691] team0: Port device team_slave_0 added [ 139.531557][ T7691] team0: Port device team_slave_1 added [ 139.537743][ T4615] Bluetooth: hci3: command tx timeout [ 139.691689][ T7691] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 139.704497][ T7691] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.768194][ T7691] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 139.832537][ T7691] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 139.849271][ T7691] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.884444][ T4615] Bluetooth: hci5: command tx timeout [ 139.936375][ T7691] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.157496][ T5273] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 140.180591][ T7691] hsr_slave_0: entered promiscuous mode [ 140.192630][ T7691] hsr_slave_1: entered promiscuous mode [ 140.209907][ T7691] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.218856][ T7691] Cannot create hsr debugfs directory [ 140.364581][ T7730] chnl_net:caif_netlink_parms(): no params data found [ 140.371642][ T5273] usb 4-1: Using ep0 maxpacket: 32 [ 140.397067][ T5273] usb 4-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice=20.43 [ 140.416637][ T5273] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.434894][ T5273] usb 4-1: Product: syz [ 140.455274][ T5273] usb 4-1: Manufacturer: syz [ 140.470415][ T5273] usb 4-1: SerialNumber: syz [ 140.497311][ T5273] usb 4-1: config 0 descriptor?? [ 140.519716][ T5273] ftdi_sio 4-1:0.0: Ignoring interface reserved for JTAG [ 140.920953][ T7730] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.931659][ T6739] usb 4-1: USB disconnect, device number 14 [ 140.948601][ T7730] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.964080][ T7730] bridge_slave_0: entered allmulticast mode [ 140.972743][ T7730] bridge_slave_0: entered promiscuous mode [ 141.007177][ T7730] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.014336][ T7730] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.055941][ T7730] bridge_slave_1: entered allmulticast mode [ 141.063190][ T7730] bridge_slave_1: entered promiscuous mode [ 141.237776][ T7730] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.335082][ T7730] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.383688][ T7730] team0: Port device team_slave_0 added [ 141.395888][ T7730] team0: Port device team_slave_1 added [ 141.442803][ T7730] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 141.456882][ T7730] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.483761][ T7730] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 141.509271][ T7730] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 141.518046][ T7730] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.548462][ T7730] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 141.628522][ T4615] Bluetooth: hci3: command tx timeout [ 141.636974][ T8] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 141.753665][ T7691] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 141.780235][ T7730] hsr_slave_0: entered promiscuous mode [ 141.816280][ T7730] hsr_slave_1: entered promiscuous mode [ 141.855532][ T7730] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 141.884821][ T7730] Cannot create hsr debugfs directory [ 141.884967][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.916275][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.928812][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 141.945837][ T7691] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 141.946001][ T4615] Bluetooth: hci5: command tx timeout [ 141.953401][ T8] usb 5-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 142.009899][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.092215][ T8] usb 5-1: config 0 descriptor?? [ 142.132163][ T7856] input: syz0 as /devices/virtual/input/input19 [ 142.152456][ T7691] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 142.187909][ T7691] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 142.299905][ T29] audit: type=1326 audit(1724962241.334:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.0.998" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x0 [ 142.890166][ T7691] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.009874][ T7691] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.049883][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.058196][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.143553][ T8] usbhid 5-1:0.0: can't add hid device: -71 [ 143.158317][ T3003] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.165515][ T3003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.177061][ T8] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 143.240917][ T8] usb 5-1: USB disconnect, device number 10 [ 143.364716][ T7691] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 143.378195][ T7691] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 143.513246][ T7730] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 143.560115][ T7730] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 143.598421][ T7730] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 143.643038][ T7730] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 143.700746][ T4615] Bluetooth: hci3: command tx timeout [ 144.017680][ T4615] Bluetooth: hci5: command tx timeout [ 144.063303][ T7691] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.173379][ T7730] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.263020][ T7730] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.391266][ T7691] veth0_vlan: entered promiscuous mode [ 144.417855][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.425040][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.463498][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.471621][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.672320][ T7691] veth1_vlan: entered promiscuous mode [ 144.851008][ T7691] veth0_macvtap: entered promiscuous mode [ 144.890814][ T7691] veth1_macvtap: entered promiscuous mode [ 144.968050][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.018988][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.049671][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.085882][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.132239][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.158803][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.173930][ T7691] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 145.207331][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.240990][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.282286][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.315941][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.351959][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.376732][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.399399][ T7691] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.446360][ T7691] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.464816][ T7691] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.490972][ T7691] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.516945][ T7691] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.651798][ T7730] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.089905][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.101531][ T4615] Bluetooth: hci5: command tx timeout [ 146.142013][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.421292][ T7730] veth0_vlan: entered promiscuous mode [ 146.429601][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.463447][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.512595][ T7730] veth1_vlan: entered promiscuous mode [ 146.612773][ T7730] veth0_macvtap: entered promiscuous mode [ 146.657937][ T7730] veth1_macvtap: entered promiscuous mode [ 146.669286][ T7982] 9pnet_fd: p9_fd_create_unix (7982): problem connecting socket: ./file0: -111 [ 146.721457][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.763037][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.775950][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.798884][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.817772][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.828652][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.844077][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.855027][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.873689][ T7730] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.917449][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.936204][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.955729][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.980664][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.010897][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.047910][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.079512][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.110612][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.142133][ T7730] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 147.162379][ T7996] netlink: 'syz.4.1025': attribute type 10 has an invalid length. [ 147.171295][ T7996] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1025'. [ 147.205273][ T7996] team0: Port device geneve0 added [ 147.228721][ T7730] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.255741][ T7730] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.272184][ T7730] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.285728][ T7730] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.405846][ T5394] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 147.452723][ T3041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.471103][ T3041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.522807][ T3041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.543615][ T3041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.617351][ T5394] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.639193][ T5394] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.682099][ T5394] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 147.713070][ T5394] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.751456][ T5394] usb 1-1: config 0 descriptor?? [ 148.206461][ T5394] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0 [ 148.206574][ T5394] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0 [ 148.210310][ T5394] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0009/input/input20 [ 148.248490][ T5394] cm6533_jd 0003:0D8C:0022.0009: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 148.537498][ T5394] usb 1-1: USB disconnect, device number 9 [ 149.378771][ T8072] vlan3: entered promiscuous mode [ 149.886256][ T5394] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 150.074384][ T8091] dvmrp1: entered allmulticast mode [ 150.077339][ T5394] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 150.096132][ T5394] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 150.116361][ T8091] dvmrp1: left allmulticast mode [ 150.119255][ T5394] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 150.134750][ T5394] usb 3-1: config 1 has no interface number 1 [ 150.144606][ T5394] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 150.198319][ T5394] usb 3-1: config 1 interface 2 altsetting 1 has an endpoint descriptor with address 0x4A, changing to 0xA [ 150.218364][ T5394] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0xA has an invalid bInterval 0, changing to 4 [ 150.234029][ T5394] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 150.253426][ T5394] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.272638][ T5394] usb 3-1: Product: syz [ 150.282227][ T5394] usb 3-1: Manufacturer: syz [ 150.298403][ T5394] usb 3-1: SerialNumber: syz [ 150.484730][ T29] audit: type=1326 audit(1724962505.518:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8103 comm="syz.4.1071" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x0 [ 150.551562][ T5394] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor [ 150.656720][ T5394] usb 3-1: USB disconnect, device number 8 [ 150.722642][ T5220] udevd[5220]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 151.305775][ T6739] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 151.528383][ T6739] usb 2-1: Using ep0 maxpacket: 16 [ 151.551722][ T6739] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7 [ 151.575872][ T5394] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 151.577472][ T6739] usb 2-1: New USB device found, idVendor=0d46, idProduct=0081, bcdDevice=19.82 [ 151.601562][ T29] audit: type=1326 audit(1724962506.638:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8148 comm="syz.0.1090" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x0 [ 151.623631][ T5302] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 151.625439][ T6739] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.640031][ T6739] usb 2-1: Product: syz [ 151.644221][ T6739] usb 2-1: Manufacturer: syz [ 151.649418][ T6739] usb 2-1: SerialNumber: syz [ 151.658234][ T6739] usb 2-1: config 0 descriptor?? [ 151.666514][ T6739] kobil_sct 2-1:0.0: KOBIL USB smart card terminal converter detected [ 151.677065][ T6739] usb 2-1: KOBIL USB smart card terminal converter now attached to ttyUSB0 [ 151.770134][ T5394] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 151.793556][ T5394] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.810922][ T5394] usb 3-1: Product: syz [ 151.819881][ T5302] usb 5-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.04 [ 151.833505][ T5394] usb 3-1: Manufacturer: syz [ 151.838270][ T5302] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.848054][ T5394] usb 3-1: SerialNumber: syz [ 151.861135][ T5394] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 151.881662][ T5302] usb 5-1: config 0 descriptor?? [ 151.940445][ T5302] go7007 5-1:0.0: probe with driver go7007 failed with error -12 [ 152.006239][ T5273] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 152.239789][ T6733] usb 5-1: USB disconnect, device number 11 [ 152.247930][ T5302] usb 2-1: USB disconnect, device number 14 [ 152.282843][ T5302] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0 [ 152.300094][ T6739] usb 3-1: USB disconnect, device number 9 [ 152.314493][ T5302] kobil_sct 2-1:0.0: device disconnected [ 152.526663][ T5394] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 152.725038][ T5394] usb 4-1: Using ep0 maxpacket: 32 [ 152.735219][ T5394] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 152.750530][ T5394] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 152.765735][ T5394] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.793337][ T5394] usb 4-1: Product: syz [ 152.807892][ T5394] usb 4-1: Manufacturer: syz [ 152.812534][ T5394] usb 4-1: SerialNumber: syz [ 152.848578][ T5394] usb 4-1: config 0 descriptor?? [ 152.854696][ T8156] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22 [ 152.904473][ T5394] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 152.953669][ T8175] netlink: 'syz.2.1101': attribute type 3 has an invalid length. [ 153.142452][ T5273] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 153.184867][ T5273] ath9k_htc: Failed to initialize the device [ 153.240479][ T6739] usb 3-1: ath9k_htc: USB layer deinitialized [ 153.325466][ T5394] usb 4-1: USB disconnect, device number 15 [ 154.842923][ T5273] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 154.956162][ T8262] Bluetooth: MGMT ver 1.23 [ 154.966177][ T8262] Bluetooth: hci3: unsupported parameter 64512 [ 154.972545][ T8262] Bluetooth: hci3: invalid length 0, exp 2 for type 7 [ 155.083384][ T5273] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 155.096561][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.120295][ T5273] usb 3-1: config 0 descriptor?? [ 155.138832][ T5273] cp210x 3-1:0.0: cp210x converter detected [ 155.216747][ T8] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 155.405801][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 155.426896][ T8] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 155.445868][ T8] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 155.464360][ T8] usb 5-1: Product: syz [ 155.470287][ T8] usb 5-1: Manufacturer: syz [ 155.475908][ T8] usb 5-1: SerialNumber: syz [ 155.498740][ T8] usb 5-1: config 0 descriptor?? [ 155.569187][ T5273] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 155.774474][ T6739] usb 5-1: USB disconnect, device number 12 [ 155.826072][ T5273] usb 3-1: cp210x converter now attached to ttyUSB0 [ 156.056051][ T8282] netlink: 'syz.1.1148': attribute type 1 has an invalid length. [ 156.066269][ T5273] usb 3-1: USB disconnect, device number 10 [ 156.095019][ T8282] netlink: 9320 bytes leftover after parsing attributes in process `syz.1.1148'. [ 156.112117][ T5273] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 156.122706][ T8282] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1148'. [ 156.151377][ T5273] cp210x 3-1:0.0: device disconnected [ 156.164353][ T8282] netlink: 'syz.1.1148': attribute type 1 has an invalid length. [ 156.182342][ T8282] netlink: 'syz.1.1148': attribute type 2 has an invalid length. [ 156.466330][ T5273] kernel write not supported for file /sysvipc/msg (pid: 5273 comm: kworker/0:4) [ 158.153479][ T8353] vlan2: entered promiscuous mode [ 158.159878][ T8353] gretap0: entered promiscuous mode [ 158.165547][ T8353] vlan2: entered allmulticast mode [ 158.171166][ T8353] gretap0: entered allmulticast mode [ 158.616107][ T5394] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 158.661637][ T8364] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1184'. [ 158.683587][ T8364] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1184'. [ 158.834312][ T5394] usb 5-1: config 0 has an invalid interface descriptor of length 2, skipping [ 158.856084][ T5394] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 158.882612][ T5394] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 158.921386][ T5394] usb 5-1: New USB device found, idVendor=0403, idProduct=ff00, bcdDevice=5c.04 [ 158.953743][ T5394] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.976907][ T5394] usb 5-1: config 0 descriptor?? [ 159.000673][ T5394] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 159.030532][ T5394] ftdi_sio ttyUSB0: unknown device type: 0x5c04 [ 159.064314][ T8382] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1191'. [ 159.250683][ T5273] usb 5-1: USB disconnect, device number 13 [ 159.269587][ T5273] ftdi_sio 5-1:0.0: device disconnected [ 159.961575][ T8417] vivid-002: disconnect [ 159.998577][ T8415] vivid-002: reconnect [ 160.144750][ T29] audit: type=1326 audit(1724962515.178:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.216241][ T29] audit: type=1326 audit(1724962515.218:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.303444][ T29] audit: type=1326 audit(1724962515.218:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.386089][ T29] audit: type=1326 audit(1724962515.218:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.485763][ T29] audit: type=1326 audit(1724962515.218:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.585213][ T29] audit: type=1326 audit(1724962515.218:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.665741][ T29] audit: type=1326 audit(1724962515.218:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.740528][ T29] audit: type=1326 audit(1724962515.218:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.817123][ T29] audit: type=1326 audit(1724962515.218:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 160.875761][ T29] audit: type=1326 audit(1724962515.218:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8429 comm="syz.4.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 161.398670][ T8461] team_slave_0: entered allmulticast mode [ 162.204446][ T8495] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 162.406154][ T6733] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 162.626567][ T6733] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.669148][ T6733] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.687100][ T6733] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 162.697283][ T8515] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1248'. [ 162.748064][ T6733] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 162.775726][ T6733] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.783851][ T6733] usb 4-1: Product: syz [ 162.812702][ T6733] usb 4-1: Manufacturer: syz [ 162.825727][ T6733] usb 4-1: SerialNumber: syz [ 163.064283][ T8492] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 163.637324][ T8544] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1262'. [ 163.702360][ T8492] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 163.940466][ T6733] cdc_ncm 4-1:1.0: bind() failure [ 163.978473][ T6733] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -71 [ 163.998936][ T6733] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -71 [ 164.031830][ T6733] usbtest 4-1:1.1: probe with driver usbtest failed with error -71 [ 164.081032][ T6733] usb 4-1: USB disconnect, device number 16 [ 164.375002][ T8563] bridge0: port 3(gretap0) entered blocking state [ 164.384021][ T8561] netlink: 'syz.2.1268': attribute type 2 has an invalid length. [ 164.386238][ T8563] bridge0: port 3(gretap0) entered disabled state [ 164.394842][ T8561] netlink: 'syz.2.1268': attribute type 1 has an invalid length. [ 164.415133][ T8561] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1268'. [ 164.436254][ T8563] gretap0: entered allmulticast mode [ 164.444694][ T8563] gretap0: entered promiscuous mode [ 164.458323][ T8563] bridge0: port 3(gretap0) entered blocking state [ 164.465735][ T8563] bridge0: port 3(gretap0) entered forwarding state [ 164.487773][ T8565] gretap0: left allmulticast mode [ 164.492840][ T8565] gretap0: left promiscuous mode [ 164.508550][ T8565] bridge0: port 3(gretap0) entered disabled state [ 164.661758][ T8575] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 164.786918][ T8580] input: syz0 as /devices/virtual/input/input21 [ 165.032812][ T8590] syz_tun: entered promiscuous mode [ 165.066923][ T8590] syz_tun: left promiscuous mode [ 165.333169][ T8609] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 165.344285][ T8609] macvlan2: entered allmulticast mode [ 165.359099][ T8609] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 165.373629][ T8609] mac80211_hwsim hwsim6 wlan0: left allmulticast mode [ 165.400401][ T8609] mac80211_hwsim hwsim6 wlan0: left promiscuous mode [ 165.636203][ T8619] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 166.178302][ T8644] netlink: 'syz.3.1302': attribute type 1 has an invalid length. [ 166.210381][ T8644] netlink: 9320 bytes leftover after parsing attributes in process `syz.3.1302'. [ 166.235402][ T8644] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1302'. [ 166.258135][ T8644] netlink: 'syz.3.1302': attribute type 1 has an invalid length. [ 166.415887][ T5274] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 166.445767][ T5394] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 166.628305][ T5394] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 166.632762][ T5274] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 166.637657][ T5394] usb 3-1: config 1 has no interface number 0 [ 166.650100][ T5274] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 166.675435][ T5394] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.681329][ T5274] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 166.704026][ T5394] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 166.706937][ T5274] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 166.727431][ T5274] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 166.738901][ T5274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.742053][ T5394] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 52, changing to 7 [ 166.751362][ T5274] usb 1-1: config 0 descriptor?? [ 166.802338][ T5394] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 9272, setting to 1024 [ 166.831970][ T5394] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 166.854171][ T5394] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.865167][ T5394] usb 3-1: Product: syz [ 166.875233][ T5394] usb 3-1: Manufacturer: syz [ 166.881166][ T5394] usb 3-1: SerialNumber: syz [ 167.136092][ T6733] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 167.208534][ T5274] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 167.224571][ T5274] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 167.237653][ T5274] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 167.262970][ T5274] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 167.337362][ T6733] usb 5-1: Using ep0 maxpacket: 32 [ 167.347750][ T6733] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.363032][ T6733] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.372911][ T6733] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 167.383699][ T6733] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.394319][ T6733] usb 5-1: config 0 descriptor?? [ 167.418326][ T5274] usb 1-1: USB disconnect, device number 10 [ 167.525989][ T5273] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 167.705760][ T5273] usb 4-1: Using ep0 maxpacket: 16 [ 167.712897][ T5273] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.725013][ T5273] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.737150][ T5273] usb 4-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 167.746431][ T5273] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.756557][ T5394] cdc_ncm 3-1:1.1: bind() failure [ 167.769241][ T5273] usb 4-1: config 0 descriptor?? [ 167.813869][ T6733] ft260 0003:0403:6030.000B: unknown main item tag 0x0 [ 167.968574][ T5274] usb 3-1: USB disconnect, device number 11 [ 168.007928][ T6733] ft260 0003:0403:6030.000B: chip code: 5e81 abf2 [ 168.221650][ T8675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 168.250588][ T8675] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 168.269504][ T5273] hid (null): unknown global tag 0xd [ 168.284160][ T5273] hid (null): unknown global tag 0xd [ 168.302705][ T5273] hid (null): report_id 40203 is invalid [ 168.312124][ T5273] hid (null): invalid report_size -1862471209 [ 168.320446][ T5273] hid (null): invalid report_size -1217885453 [ 168.334554][ T5273] hid (null): unknown global tag 0x36 [ 168.415414][ T6733] usb 5-1: USB disconnect, device number 14 [ 168.471121][ T5273] usb 4-1: string descriptor 0 read error: -71 [ 168.515895][ T5273] usb 4-1: Max retries (5) exceeded reading string descriptor 200 [ 168.540814][ T5273] letsketch 0003:6161:4D15.000C: probe with driver letsketch failed with error -32 [ 168.562964][ T5273] usb 4-1: USB disconnect, device number 17 [ 168.650488][ T8696] bridge0: port 3(vlan2) entered blocking state [ 168.670822][ T8696] bridge0: port 3(vlan2) entered disabled state [ 168.677693][ T8696] vlan2: entered allmulticast mode [ 168.685212][ T8696] xfrm0: entered allmulticast mode [ 168.699286][ T8696] vlan2: entered promiscuous mode [ 168.704509][ T8696] xfrm0: entered promiscuous mode [ 168.719043][ T8696] bridge0: port 3(vlan2) entered blocking state [ 168.725475][ T8696] bridge0: port 3(vlan2) entered forwarding state [ 168.797020][ T8703] loop0: detected capacity change from 0 to 7 [ 168.841887][ T8703] Dev loop0: unable to read RDB block 7 [ 168.849214][ T8703] loop0: unable to read partition table [ 168.864536][ T8703] loop0: partition table beyond EOD, truncated [ 168.874683][ T8703] loop_reread_partitions: partition scan of loop0 (被xd) failed (rc=-5) [ 169.078705][ T8712] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1337'. [ 169.269366][ T8722] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 169.726812][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 169.726829][ T29] audit: type=1326 audit(1724962524.768:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8743 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 169.831348][ T29] audit: type=1326 audit(1724962524.768:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8743 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 169.915848][ T29] audit: type=1326 audit(1724962524.768:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8743 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 169.953232][ T29] audit: type=1326 audit(1724962524.768:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8743 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 171.005566][ T8790] netlink: 412 bytes leftover after parsing attributes in process `syz.2.1371'. [ 171.242032][ T8804] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1377'. [ 171.273122][ T8804] netlink: 'syz.1.1377': attribute type 1 has an invalid length. [ 171.281580][ T8804] netlink: 'syz.1.1377': attribute type 2 has an invalid length. [ 171.289374][ T8804] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1377'. [ 171.391775][ T8809] bridge0: port 3(gretap0) entered blocking state [ 171.403606][ T8809] bridge0: port 3(gretap0) entered disabled state [ 171.410764][ T8809] gretap0: entered allmulticast mode [ 171.418275][ T8809] gretap0: entered promiscuous mode [ 171.426561][ T8809] bridge0: port 3(gretap0) entered blocking state [ 171.433153][ T8809] bridge0: port 3(gretap0) entered forwarding state [ 171.478974][ T8812] gretap0: left allmulticast mode [ 171.484062][ T8812] gretap0: left promiscuous mode [ 171.502380][ T8812] bridge0: port 3(gretap0) entered disabled state [ 171.917344][ T8834] ebt_limit: overflow, try lower: 570423552/2483027968 [ 172.276319][ T8844] syzkaller1: entered promiscuous mode [ 172.299159][ T8844] syzkaller1: entered allmulticast mode [ 172.616960][ T8865] loop0: detected capacity change from 0 to 128 [ 172.839281][ T8871] netlink: 'syz.3.1407': attribute type 3 has an invalid length. [ 172.859221][ T8871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1407'. [ 173.300402][ T8885] mac80211_hwsim hwsim10 wlan1: entered promiscuous mode [ 173.319138][ T8885] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode [ 173.396031][ T8896] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1415'. [ 173.447300][ T5273] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 173.648956][ T5273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.684079][ T5273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.711613][ T5273] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 173.721994][ T8912] syzkaller1: entered promiscuous mode [ 173.730489][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.731202][ T8912] syzkaller1: entered allmulticast mode [ 173.748689][ T5273] usb 3-1: config 0 descriptor?? [ 174.183056][ T5273] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0 [ 174.205181][ T5273] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0 [ 174.227467][ T5273] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.000D/input/input22 [ 174.310521][ T5273] cm6533_jd 0003:0D8C:0022.000D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 174.397607][ T29] audit: type=1326 audit(1724962529.438:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.468527][ T29] audit: type=1326 audit(1724962529.458:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.486625][ T5273] usb 3-1: USB disconnect, device number 12 [ 174.558510][ T29] audit: type=1326 audit(1724962529.478:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.605394][ T29] audit: type=1326 audit(1724962529.478:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.646323][ T29] audit: type=1326 audit(1724962529.478:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.713018][ T29] audit: type=1326 audit(1724962529.478:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.801820][ T29] audit: type=1326 audit(1724962529.478:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.815300][ T8953] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1442'. [ 174.875725][ T29] audit: type=1326 audit(1724962529.478:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.953334][ T29] audit: type=1326 audit(1724962529.478:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 174.974731][ C1] vkms_vblank_simulate: vblank timer overrun [ 175.014872][ T29] audit: type=1326 audit(1724962529.478:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 175.039978][ T8955] Bluetooth: hci3: unsupported parameter 64512 [ 175.046926][ T8955] Bluetooth: hci3: invalid length 0, exp 2 for type 13 [ 175.053250][ T8959] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1446'. [ 175.094125][ T29] audit: type=1326 audit(1724962529.478:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 175.186429][ T29] audit: type=1326 audit(1724962529.478:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8933 comm="syz.4.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb980779ef9 code=0x7ffc0000 [ 175.207821][ C1] vkms_vblank_simulate: vblank timer overrun [ 175.328357][ T8969] input: syz1 as /devices/virtual/input/input23 [ 175.839493][ T5274] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 176.059999][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.085887][ T5274] usb 2-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00 [ 176.121354][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.150990][ T5274] usb 2-1: config 0 descriptor?? [ 176.495238][ T9021] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1474'. [ 176.640225][ T5274] hid-steam 0003:28DE:1205.000E: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.1-1/input0 [ 176.746278][ T5274] hid-steam 0003:28DE:1205.000E: Steam Controller 'XXXXXXXXXX' connected [ 176.779208][ T5274] input: Steam Deck as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28DE:1205.000E/input/input24 [ 176.824358][ T8976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.851633][ T5274] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28DE:1205.000E/input/input25 [ 176.886724][ T9033] syzkaller1: entered promiscuous mode [ 176.896095][ T8976] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.914316][ T9033] syzkaller1: entered allmulticast mode [ 176.987827][ T5274] hid-steam 0003:28DE:1205.000F: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.1-1/input0 [ 177.001399][ T6739] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 177.049198][ T5274] usb 2-1: USB disconnect, device number 15 [ 177.197496][ T5274] hid-steam 0003:28DE:1205.000E: Steam Controller 'XXXXXXXXXX' disconnected [ 177.217808][ T6739] usb 1-1: Using ep0 maxpacket: 8 [ 177.236596][ T6739] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 177.261048][ T6739] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 177.285735][ T6739] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 177.307956][ T6739] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 177.383378][ T6739] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 177.423413][ T6739] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.559067][ T9053] Bluetooth: hci3: unsupported parameter 64512 [ 177.585557][ T9053] Bluetooth: hci3: invalid length 0, exp 2 for type 10 [ 177.669996][ T6739] usb 1-1: GET_CAPABILITIES returned 0 [ 177.675593][ T6739] usbtmc 1-1:16.0: can't read capabilities [ 177.872126][ T5394] usb 1-1: USB disconnect, device number 11 [ 178.195276][ T9078] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1501'. [ 178.225902][ T9078] netlink: 'syz.3.1501': attribute type 7 has an invalid length. [ 178.242850][ T9078] netlink: 'syz.3.1501': attribute type 8 has an invalid length. [ 178.265216][ T9078] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1501'. [ 178.296413][ T9078] gretap0: entered promiscuous mode [ 178.316085][ T9078] batadv_slave_1: entered promiscuous mode [ 178.328669][ T9078] gretap0: left promiscuous mode [ 178.348974][ T9078] batadv_slave_1: left promiscuous mode [ 178.425893][ T6739] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 178.637898][ T6739] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 178.669506][ T6739] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 178.706259][ T6739] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 178.725826][ T6739] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 178.733869][ T6739] usb 2-1: Product: syz [ 178.765059][ T6739] usb 2-1: Manufacturer: syz [ 178.793580][ T6739] usb 2-1: SerialNumber: syz [ 178.812514][ T6739] usb 2-1: config 0 descriptor?? [ 178.829657][ T9076] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 178.847709][ T9076] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 179.130201][ T9076] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 179.165523][ T9076] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 179.937131][ T9139] vlan3: entered promiscuous mode [ 179.942238][ T9139] vlan3: entered allmulticast mode [ 179.997496][ T6739] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 180.023015][ T6739] usb 2-1: USB disconnect, device number 16 [ 180.062616][ T5274] kernel write not supported for file /sequencer (pid: 5274 comm: kworker/1:5) [ 180.419251][ T9157] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1535'. [ 180.525787][ T6733] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 180.752272][ T6733] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 180.772368][ T6733] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 180.802022][ T6733] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 180.822797][ T6733] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 180.853252][ T6733] usb 5-1: SerialNumber: syz [ 180.914527][ T9171] Bluetooth: hci3: unsupported parameter 64512 [ 180.924110][ T9171] Bluetooth: hci3: invalid length 0, exp 2 for type 24 [ 181.010334][ T9176] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 181.018508][ T9176] IPv6: NLM_F_CREATE should be set when creating new route [ 181.025807][ T9176] IPv6: NLM_F_CREATE should be set when creating new route [ 181.057986][ T9176] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 181.085506][ T6733] usb 5-1: 0:2 : does not exist [ 181.112779][ T6733] usb 5-1: USB disconnect, device number 15 [ 181.187024][ T5241] udevd[5241]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 181.300694][ T5231] Bluetooth: hci1: command 0x0406 tx timeout [ 181.307040][ T5227] Bluetooth: hci2: command 0x0406 tx timeout [ 182.333725][ T3041] nci: nci_rsp_packet: unsupported rsp opcode 0xf06 [ 182.759597][ T9252] Bluetooth: hci0: Opcode 0x0c1a failed: -22 [ 182.781235][ T9252] Bluetooth: hci0: Opcode 0x080f failed: -22 [ 183.190665][ T9274] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1588'. [ 183.466925][ T9283] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 184.032956][ T9308] loop0: detected capacity change from 0 to 7 [ 184.061946][ T5219] loop0: [CUMANA/ADFS] p1 [ADFS] p1 [ 184.069610][ T5219] loop0: partition table partially beyond EOD, truncated [ 184.084166][ T5219] loop0: p1 size 1748753132 extends beyond EOD, truncated [ 184.109792][ T9308] loop0: [CUMANA/ADFS] p1 [ADFS] p1 [ 184.131341][ T9308] loop0: partition table partially beyond EOD, truncated [ 184.140306][ T9308] loop0: p1 size 1748753132 extends beyond EOD, truncated [ 184.228148][ T5241] udevd[5241]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 184.334617][ T5241] udevd[5241]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 184.816572][ T4615] Bluetooth: hci0: command tx timeout [ 185.524742][ T9347] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 185.636012][ T9351] program syz.1.1619 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.018157][ T9363] IPVS: length: 24 != 6168 [ 186.202271][ T9366] syzkaller1: entered promiscuous mode [ 186.221537][ T9366] syzkaller1: entered allmulticast mode [ 186.716279][ T5302] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 186.917642][ T5302] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 186.931804][ T5302] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.957104][ T5302] usb 4-1: config 0 descriptor?? [ 186.981842][ T5302] cp210x 4-1:0.0: cp210x converter detected [ 187.381906][ T5302] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 187.406859][ T5302] usb 4-1: cp210x converter now attached to ttyUSB0 [ 187.639718][ T5273] usb 4-1: USB disconnect, device number 18 [ 187.662600][ T5273] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 187.700379][ T5273] cp210x 4-1:0.0: device disconnected [ 188.745794][ T29] audit: type=1326 audit(1724962799.778:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 188.848329][ T29] audit: type=1326 audit(1724962799.778:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 188.945810][ T29] audit: type=1326 audit(1724962799.878:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 188.967285][ C0] vkms_vblank_simulate: vblank timer overrun [ 189.025784][ T29] audit: type=1326 audit(1724962799.878:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 189.047173][ C0] vkms_vblank_simulate: vblank timer overrun [ 189.070668][ T29] audit: type=1326 audit(1724962799.878:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9460 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6ef9babfe5 code=0x7ffc0000 [ 189.152773][ T29] audit: type=1326 audit(1724962800.048:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9460 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f6ef9b79ef9 code=0x7ffc0000 [ 189.578406][ T9479] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 189.633153][ T5394] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 189.828274][ T5394] usb 3-1: Using ep0 maxpacket: 8 [ 189.839100][ T5394] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 189.852931][ T5394] usb 3-1: config 0 has no interface number 0 [ 189.863266][ T5394] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 189.876888][ T5394] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 189.886234][ T5394] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.900038][ T5394] usb 3-1: config 0 descriptor?? [ 189.918625][ T5394] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 190.168429][ T5394] usb 3-1: USB disconnect, device number 13 [ 190.186961][ T5394] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected [ 191.007778][ T9523] ALSA: mixer_oss: invalid OSS volume '2' [ 191.021433][ T9523] ALSA: mixer_oss: invalid OSS volume '010000E0' [ 191.035567][ T9523] ALSA: mixer_oss: invalid OSS volume '3' [ 191.051156][ T9523] ALSA: mixer_oss: invalid OSS volume '010000E0' [ 191.734409][ T9550] input: syz1 as /devices/virtual/input/input26 [ 192.271521][ T9562] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1698'. [ 192.630156][ T5225] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 192.639302][ T5225] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 192.644020][ T29] audit: type=1326 audit(1724962803.678:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.3.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f742dd79ef9 code=0x7ffc0000 [ 192.667792][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.669014][ T5225] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 192.685546][ T5225] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 192.694297][ T5225] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 192.702747][ T29] audit: type=1326 audit(1724962803.678:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.3.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f742dd79ef9 code=0x7ffc0000 [ 192.705846][ T9569] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1701'. [ 192.724197][ T29] audit: type=1326 audit(1724962803.708:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.3.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f742dd79ef9 code=0x7ffc0000 [ 192.724239][ T29] audit: type=1326 audit(1724962803.708:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9571 comm="syz.3.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f742dd79ef9 code=0x7ffc0000 [ 192.777392][ T5225] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 192.849065][ T9574] syz.1.1704: attempt to access beyond end of device [ 192.849065][ T9574] nbd1: rw=0, sector=6, nr_sectors = 2 limit=0 [ 192.870557][ T9574] ADFS-fs (nbd1): error: unable to read block 3, try 0 [ 193.417025][ T9568] chnl_net:caif_netlink_parms(): no params data found [ 193.844573][ T9568] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.888419][ T9568] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.927833][ T9568] bridge_slave_0: entered allmulticast mode [ 193.935174][ T9568] bridge_slave_0: entered promiscuous mode [ 193.968506][ T9568] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.985819][ T9568] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.993179][ T9568] bridge_slave_1: entered allmulticast mode [ 194.002161][ T9568] bridge_slave_1: entered promiscuous mode [ 194.008960][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 194.008974][ T29] audit: type=1400 audit(1724962805.048:53): lsm=SMACK fn=smack_file_receive action=denied subject="I" object="_" requested=w pid=9601 comm="syz.1.1712" path="pipe:[17026]" dev="pipefs" ino=17026 [ 194.082732][ T9568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.134142][ T9568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.219505][ T9568] team0: Port device team_slave_0 added [ 194.247126][ T9568] team0: Port device team_slave_1 added [ 194.386202][ T9568] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.393194][ T9568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.465727][ T9568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.484078][ T9568] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.501399][ T9568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.566178][ T9568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.598796][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.605133][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.819889][ T4615] Bluetooth: hci6: command tx timeout [ 195.163377][ T9568] hsr_slave_0: entered promiscuous mode [ 195.196927][ T9568] hsr_slave_1: entered promiscuous mode [ 195.217519][ T9568] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 195.225129][ T9568] Cannot create hsr debugfs directory [ 195.620264][ T9636] dccp_invalid_packet: P.Data Offset(0) too small [ 195.851374][ T9568] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.049235][ T9568] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.170232][ T9568] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.335878][ T9568] netdevsim netdevsim4 netdevsim0 (unregistering): left promiscuous mode [ 196.356328][ T9568] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.897943][ T4615] Bluetooth: hci6: command tx timeout [ 197.077609][ T9568] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 197.110659][ T9568] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 197.153857][ T9568] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 197.191714][ T9568] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 197.471842][ T9568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.557253][ T9657] kvm: kvm [9656]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x6b6e696c6e [ 197.567173][ T9568] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.577637][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.584866][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.628744][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.635980][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.759644][ T9568] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 198.189550][ T9568] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.329583][ T9681] kernel read not supported for file /eth0 (pid: 9681 comm: syz.1.1738) [ 198.370186][ T29] audit: type=1800 audit(1724962809.398:54): pid=9681 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.1738" name="eth0" dev="mqueue" ino=28042 res=0 errno=0 [ 198.940283][ T9568] veth0_vlan: entered promiscuous mode [ 198.973423][ T9568] veth1_vlan: entered promiscuous mode [ 198.979389][ T4615] Bluetooth: hci6: command tx timeout [ 199.135359][ T9568] veth0_macvtap: entered promiscuous mode [ 199.181144][ T9568] veth1_macvtap: entered promiscuous mode [ 199.256770][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.304294][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.327210][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.354502][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.386146][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.426866][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.447124][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.466009][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.499105][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.525736][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.547581][ T9568] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 199.581441][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.620438][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.664404][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.721203][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.747541][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.780002][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.803865][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.814977][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.825386][ T9568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.851406][ T9568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.874116][ T9568] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 199.926638][ T9568] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.947623][ T9568] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.965766][ T9568] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.985571][ T9568] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.065920][ T5302] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 200.234399][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.254525][ T396] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.273849][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.284814][ T396] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.286184][ T5302] usb 4-1: Using ep0 maxpacket: 16 [ 200.333985][ T5302] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 200.356518][ T5302] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 200.383027][ T5302] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 200.421934][ T5302] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 200.462266][ T5302] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.498458][ T5302] usb 4-1: config 0 descriptor?? [ 200.526601][ T5273] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 200.726218][ T5273] usb 2-1: Using ep0 maxpacket: 16 [ 200.746203][ T5273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 200.777115][ T5273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 200.820189][ T5273] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 200.869847][ T5273] usb 2-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 200.915804][ T5273] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.955603][ T5273] usb 2-1: config 0 descriptor?? [ 200.984578][ T5302] HID 045e:07da: Invalid code 65791 type 1 [ 201.025070][ T5302] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0010/input/input27 [ 201.056373][ T4615] Bluetooth: hci6: command tx timeout [ 201.106521][ T9734] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1758'. [ 201.141346][ T5302] microsoft 0003:045E:07DA.0010: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 201.221253][ T5302] usb 4-1: USB disconnect, device number 19 [ 201.412849][ T5273] wacom 0003:056A:0022.0011: ignoring exceeding usage max [ 201.442964][ T29] audit: type=1326 audit(1724962812.478:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9742 comm="syz.0.1762" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x0 [ 201.800445][ T5273] wacom 0003:056A:0022.0011: Unknown device_type for 'HID 056a:0022'. Assuming pen. [ 202.652579][ T9771] TCP: TCP_TX_DELAY enabled [ 202.919688][ T5273] wacom 0003:056A:0022.0011: hidraw0: USB HID v0.00 Device [HID 056a:0022] on usb-dummy_hcd.1-1/input0 [ 203.477482][ T5273] input: Wacom Intuos 9x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0022.0011/input/input28 [ 203.539556][ T5273] usb 2-1: USB disconnect, device number 17 [ 203.696154][ T5274] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 203.935092][ T5274] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 203.954568][ T5274] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 203.970793][ T5274] usb 1-1: New USB device found, idVendor=2c7c, idProduct=030e, bcdDevice=81.28 [ 203.984814][ T5274] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.996860][ T5274] usb 1-1: Product: syz [ 204.001673][ T5274] usb 1-1: Manufacturer: syz [ 204.013460][ T5274] usb 1-1: SerialNumber: syz [ 204.026047][ T5274] usb 1-1: config 0 descriptor?? [ 204.035618][ T9785] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 204.045549][ T9785] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 204.073632][ T5274] option 1-1:0.0: GSM modem (1-port) converter detected [ 204.092442][ T5274] usb 1-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 204.148028][ T5302] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 204.220148][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802ec30c00: rx timeout, send abort [ 204.228837][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802ec31000: rx timeout, send abort [ 204.237598][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802ec30c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 204.252109][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802ec31000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 204.590518][ T5394] usb 1-1: USB disconnect, device number 12 [ 204.626837][ T5394] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 204.674693][ T5394] option 1-1:0.0: device disconnected [ 207.648429][ T9826] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1795'. [ 207.870548][ T9838] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 207.955792][ T5274] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 208.157807][ T5274] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.172362][ T5274] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.205807][ T5274] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 208.225163][ T5274] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.247574][ T5274] usb 3-1: config 0 descriptor?? [ 208.404378][ T9862] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1808'. [ 208.670688][ T5274] hid (null): global environment stack underflow [ 208.685159][ T5274] itetech 0003:06CB:73F5.0012: unknown main item tag 0x0 [ 208.692950][ T5274] itetech 0003:06CB:73F5.0012: global environment stack underflow [ 208.702187][ T5274] itetech 0003:06CB:73F5.0012: item 0 1 1 11 parsing failed [ 208.712661][ T5274] itetech 0003:06CB:73F5.0012: probe with driver itetech failed with error -22 [ 208.922391][ T5274] usb 3-1: USB disconnect, device number 14 [ 210.118710][ T9901] ALSA: seq fatal error: cannot create timer (-22) [ 210.151871][ T9899] netlink: 'syz.1.1824': attribute type 2 has an invalid length. [ 210.603918][ T9922] MTD: Attempt to mount non-MTD device "./file0" [ 210.763316][ T9928] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 211.065857][ T5394] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 211.268078][ T5394] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.278447][ T5394] usb 3-1: config 0 has no interfaces? [ 211.284180][ T5394] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 211.293845][ T5394] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.321424][ T5394] usb 3-1: config 0 descriptor?? [ 211.539163][ T5394] kernel write not supported for file /sequencer (pid: 5394 comm: kworker/0:7) [ 211.574869][ T5275] usb 3-1: USB disconnect, device number 15 [ 212.078404][ T9975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1857'. [ 212.778127][T10006] (syz.0.1872,10006,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory. [ 213.010792][ T5274] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 213.044206][ T6746] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 213.078501][ T6746] hid-generic 0000:0000:0000.0013: hidraw0: HID v0.00 Device [syz0] on syz0 [ 213.205230][T10025] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 213.223345][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.243169][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.265602][ T5274] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 213.284097][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.308290][ T5274] usb 5-1: config 0 descriptor?? [ 213.749954][ T5274] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0 [ 213.759555][ T5274] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0 [ 213.777712][ T5274] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0 [ 213.785197][ T5274] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0 [ 213.793321][ T5274] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0 [ 213.803818][ T5274] hid-steam 0003:28DE:1142.0014: hidraw0: USB HID v0.40 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0 [ 213.943683][ T5302] usb 5-1: USB disconnect, device number 16 [ 214.453838][T10064] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 216.981944][T10163] pim6reg: entered allmulticast mode [ 217.001187][T10163] batadv_slave_0: entered allmulticast mode [ 217.015963][ T5394] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 217.228828][ T5394] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 217.238147][T10180] ALSA: seq fatal error: cannot create timer (-22) [ 217.259317][ T5394] usb 1-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00 [ 217.278684][ T5394] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.299649][ T5394] usb 1-1: config 0 descriptor?? [ 217.757693][ T5394] hid-steam 0003:28DE:1205.0015: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.0-1/input0 [ 217.835892][ T5394] hid-steam 0003:28DE:1205.0015: Steam Controller 'XXXXXXXXXX' connected [ 217.855407][ T5394] input: Steam Deck as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1205.0015/input/input32 [ 217.894911][ T5394] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1205.0015/input/input33 [ 217.980747][T10159] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 218.021938][ T5394] hid-steam 0003:28DE:1205.0016: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.0-1/input0 [ 218.065931][T10159] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 218.254207][ T5394] usb 1-1: USB disconnect, device number 13 [ 218.367622][ T5394] hid-steam 0003:28DE:1205.0015: Steam Controller 'XXXXXXXXXX' disconnected [ 218.656276][ T29] audit: type=1326 audit(1724962829.688:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 218.951154][T10234] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 219.379637][ T29] audit: type=1326 audit(1724962830.418:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.490694][ T29] audit: type=1326 audit(1724962830.418:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.552468][ T29] audit: type=1326 audit(1724962830.418:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.583642][ T29] audit: type=1326 audit(1724962830.418:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.608447][ T29] audit: type=1326 audit(1724962830.418:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.676875][ T29] audit: type=1326 audit(1724962830.418:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.754875][ T29] audit: type=1326 audit(1724962830.418:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.793216][ T29] audit: type=1326 audit(1724962830.418:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 219.830203][ T29] audit: type=1326 audit(1724962830.418:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10226 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a77979ef9 code=0x7fc00000 [ 220.045901][ T5302] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 220.237129][ T5302] usb 2-1: Using ep0 maxpacket: 16 [ 220.248468][ T5302] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 220.263134][ T5302] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 220.294895][ T5302] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 220.342306][ T5302] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 220.360423][ T5302] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.376993][ T5302] usb 2-1: Product: syz [ 220.399993][ T5302] usb 2-1: Manufacturer: syz [ 220.404634][ T5302] usb 2-1: SerialNumber: syz [ 220.473274][T10286] netlink: 'syz.4.1985': attribute type 10 has an invalid length. [ 220.528408][T10286] macvlan0: entered promiscuous mode [ 220.533855][T10286] macvlan0: entered allmulticast mode [ 220.586410][T10286] veth1_vlan: entered allmulticast mode [ 220.601413][T10286] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 220.897201][ T5302] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 220.982785][T10304] syz.3.1992[10304] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 220.982976][T10304] syz.3.1992[10304] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 221.488220][T10315] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 221.714287][ T5302] usb 2-1: 2:1: cannot get freq at ep 0x82 [ 221.804255][ T5302] usb 2-1: USB disconnect, device number 18 [ 221.917546][ T5220] udevd[5220]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 222.305755][ T5394] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 222.505836][ T5394] usb 1-1: Using ep0 maxpacket: 16 [ 222.526074][ T5394] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 222.549419][ T5394] usb 1-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=8b.57 [ 222.570350][ T5394] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.601559][ T5394] usb 1-1: Product: syz [ 222.607043][ T5394] usb 1-1: Manufacturer: syz [ 222.625939][ T5394] usb 1-1: SerialNumber: syz [ 222.638079][ T5394] usb 1-1: config 0 descriptor?? [ 222.649496][T10336] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 222.667165][ T5394] port100 1-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 222.701168][T10363] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 222.872243][T10371] loop0: detected capacity change from 0 to 7 [ 222.885320][ T5275] usb 1-1: USB disconnect, device number 14 [ 222.901942][T10371] Dev loop0: unable to read RDB block 7 [ 222.917038][T10371] loop0: AHDI p2 p3 [ 222.920991][T10371] loop0: partition table partially beyond EOD, truncated [ 222.937741][T10371] loop0: p2 start 6514546 is beyond EOD, truncated [ 223.725792][ T5394] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 223.947205][ T5394] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 223.965803][ T5394] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.993192][ T5394] usb 4-1: config 0 descriptor?? [ 224.018245][ T5394] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 224.828141][T10425] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2039'. [ 225.058410][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:2. Sending cookies. [ 225.284276][ T5394] gspca_cpia1: usb_control_msg 03, error -71 [ 225.291658][ T5394] gspca_cpia1: usb_control_msg 04, error -71 [ 225.310252][ T5394] cpia1 4-1:0.0: probe with driver cpia1 failed with error -71 [ 225.346206][ T5394] usb 4-1: USB disconnect, device number 21 [ 225.635819][ T5302] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 225.859172][ T5302] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 225.900405][ T5302] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.963351][ T5302] usb 5-1: config 0 descriptor?? [ 226.175949][ T5274] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 226.400282][ T5274] usb 2-1: Using ep0 maxpacket: 16 [ 226.419414][ T5274] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 226.454294][ T5274] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 226.495729][ T5274] usb 2-1: config 1 has no interface number 1 [ 226.509769][ T5274] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 226.543472][ T5274] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 226.596718][ T5274] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 226.629584][ T5274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.653866][ T5274] usb 2-1: Product: syz [ 226.680324][ T5274] usb 2-1: Manufacturer: syz [ 226.684977][ T5274] usb 2-1: SerialNumber: syz [ 226.859559][T10481] tls_set_device_offload_rx: netdev not found [ 226.997778][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 226.997797][ T29] audit: type=1326 audit(1724962838.038:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10482 comm="syz.0.2062" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ef9b79ef9 code=0x0 [ 227.146904][ T5274] usb 2-1: 2:1 : no UAC_FORMAT_TYPE desc [ 227.205323][ T5274] usb 2-1: USB disconnect, device number 19 [ 227.231028][ T5302] pegasus 5-1:0.0: can't reset MAC [ 227.237045][ T5302] pegasus 5-1:0.0: probe with driver pegasus failed with error -5 [ 227.290246][ T5241] udevd[5241]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 227.307143][ T5302] usb 5-1: USB disconnect, device number 17 [ 227.679124][T10495] netlink: 'syz.3.2066': attribute type 10 has an invalid length. [ 227.731124][T10495] team0: Port device netdevsim0 added [ 228.040434][T10503] : renamed from ipvlan1 [ 228.115887][ T6733] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 228.327958][ T6733] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 228.355689][ T6733] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 228.382776][ T6733] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 228.423723][ T6733] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 228.436288][ T6733] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.465517][T10497] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 228.492356][ T6733] hub 1-1:1.0: bad descriptor, ignoring hub [ 228.545881][ T6733] hub 1-1:1.0: probe with driver hub failed with error -5 [ 228.568765][ T6733] cdc_wdm 1-1:1.0: skipping garbage [ 228.574155][ T6733] cdc_wdm 1-1:1.0: skipping garbage [ 228.592838][ T6733] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 228.607465][T10522] netlink: 6 bytes leftover after parsing attributes in process `syz.4.2079'. [ 228.615067][ T6733] cdc_wdm 1-1:1.0: Unknown control protocol [ 228.906564][ T5274] usb 1-1: USB disconnect, device number 15 [ 228.956375][T10535] netlink: 'syz.4.2084': attribute type 4 has an invalid length. [ 229.030808][T10539] netlink: 'syz.4.2084': attribute type 4 has an invalid length. [ 230.239199][T10571] input: syz1 as /devices/virtual/input/input34 [ 231.401694][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.513289][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.600862][T10622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2120'. [ 231.637299][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.846583][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.143169][ T5225] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 232.153970][ T5225] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 232.162306][ T5225] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 232.176492][ T5225] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 232.184806][ T5225] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 232.194263][ T5225] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 232.215746][ T5394] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 232.347440][ T12] bridge_slave_1: left allmulticast mode [ 232.353147][ T12] bridge_slave_1: left promiscuous mode [ 232.363112][T10648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2133'. [ 232.410179][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.451718][ T12] bridge_slave_0: left allmulticast mode [ 232.475444][ T5394] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 232.490251][ T12] bridge_slave_0: left promiscuous mode [ 232.501770][ T5394] usb 3-1: config 0 has no interface number 0 [ 232.515318][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.530415][ T5394] usb 3-1: too many endpoints for config 0 interface 1 altsetting 0: 32, using maximum allowed: 30 [ 232.541869][ T5394] usb 3-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 232.569603][ T5394] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 232.589371][ T5394] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.628202][ T5394] usb 3-1: config 0 descriptor?? [ 232.665051][ T5394] cp210x 3-1:0.1: cp210x converter detected [ 233.080853][ T5394] cp210x 3-1:0.1: failed to get vendor val 0x000e size 3: -32 [ 233.143703][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 233.161868][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 233.174777][ T12] bond0 (unregistering): (slave macvlan0): Releasing backup interface [ 233.190425][ T12] veth1_vlan: left allmulticast mode [ 233.200297][ T12] bond0 (unregistering): Released all slaves [ 233.226069][T10653] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2132'. [ 233.285812][ T5302] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 233.325416][ T5394] usb 3-1: cp210x converter now attached to ttyUSB0 [ 233.465913][ T5302] usb 1-1: Using ep0 maxpacket: 16 [ 233.478587][ T5302] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 233.491121][ T5302] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 233.522291][ T5302] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 233.574826][ T5302] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.605258][ T5302] usb 1-1: config 0 descriptor?? [ 233.631952][ T6746] usb 3-1: USB disconnect, device number 16 [ 233.670953][ T6746] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 233.692128][T10675] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 233.699083][T10675] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 233.728462][ T6746] cp210x 3-1:0.1: device disconnected [ 233.747436][T10675] vhci_hcd vhci_hcd.0: Device attached [ 233.747805][T10678] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 233.805798][T10680] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(5) [ 233.812367][T10680] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 233.840618][T10680] vhci_hcd vhci_hcd.0: Device attached [ 233.866267][T10675] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(8) [ 233.872829][T10675] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 233.882731][T10675] vhci_hcd vhci_hcd.0: Device attached [ 233.924987][T10675] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(7) [ 233.931556][T10675] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 233.976352][ T6733] vhci_hcd: vhci_device speed not set [ 233.985835][ T12] hsr_slave_0: left promiscuous mode [ 233.996978][T10675] vhci_hcd vhci_hcd.0: Device attached [ 234.005003][ T12] hsr_slave_1: left promiscuous mode [ 234.011756][T10680] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12) [ 234.018384][T10680] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 234.026854][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 234.050984][T10675] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 234.065806][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 234.067276][T10680] vhci_hcd vhci_hcd.0: Device attached [ 234.075713][ T6733] usb 15-1: new full-speed USB device number 2 using vhci_hcd [ 234.103771][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 234.121561][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 234.130468][T10687] vhci_hcd: connection closed [ 234.133357][T10683] vhci_hcd: connection closed [ 234.135722][T10676] vhci_hcd: connection reset by peer [ 234.139195][T10685] vhci_hcd: connection closed [ 234.163579][ T3041] vhci_hcd: stop threads [ 234.196365][ T3041] vhci_hcd: release socket [ 234.224083][ T3041] vhci_hcd: disconnect device [ 234.236665][T10692] vhci_hcd: connection closed [ 234.251255][ T3041] vhci_hcd: stop threads [ 234.266118][ T4615] Bluetooth: hci6: command tx timeout [ 234.267171][ T3041] vhci_hcd: release socket [ 234.278433][ T12] veth1_macvtap: left promiscuous mode [ 234.283993][ T12] veth0_macvtap: left promiscuous mode [ 234.307480][ T12] veth1_vlan: left promiscuous mode [ 234.312840][ T12] veth0_vlan: left promiscuous mode [ 234.315749][ T3041] vhci_hcd: disconnect device [ 234.323367][ T3041] vhci_hcd: stop threads [ 234.336833][ T3041] vhci_hcd: release socket [ 234.353489][ T3041] vhci_hcd: disconnect device [ 234.371502][ T3041] vhci_hcd: stop threads [ 234.396685][ T3041] vhci_hcd: release socket [ 234.409244][ T3041] vhci_hcd: disconnect device [ 234.427806][ T3041] vhci_hcd: stop threads [ 234.438861][ T3041] vhci_hcd: release socket [ 234.455538][ T3041] vhci_hcd: disconnect device [ 234.796834][T10714] input: syz0 as /devices/virtual/input/input35 [ 235.669242][ T5394] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 235.773195][ T12] team0 (unregistering): Port device team_slave_1 removed [ 235.844621][ T5302] usbhid 1-1:0.0: can't add hid device: -71 [ 235.856264][ T5394] usb 2-1: Using ep0 maxpacket: 32 [ 235.866122][ T5302] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 235.895216][ T5394] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.934791][ T5302] usb 1-1: USB disconnect, device number 16 [ 235.941299][ T5394] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.963611][ T12] team0 (unregistering): Port device team_slave_0 removed [ 235.976143][ T5394] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 235.996223][ T5394] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.012114][ T5394] usb 2-1: config 0 descriptor?? [ 236.027164][ T5394] hub 2-1:0.0: USB hub found [ 236.231157][ T5394] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 236.335769][ T4615] Bluetooth: hci6: command tx timeout [ 236.417870][ T5275] kernel write not supported for file /input/event0 (pid: 5275 comm: kworker/0:5) [ 236.464234][ T5394] usbhid 2-1:0.0: can't add hid device: -71 [ 236.488520][ T5394] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 236.563172][ T5394] usb 2-1: USB disconnect, device number 20 [ 237.506702][T10637] chnl_net:caif_netlink_parms(): no params data found [ 237.718887][T10637] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.742078][T10637] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.758602][T10637] bridge_slave_0: entered allmulticast mode [ 237.774447][T10637] bridge_slave_0: entered promiscuous mode [ 237.796804][T10637] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.816903][T10637] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.830396][T10637] bridge_slave_1: entered allmulticast mode [ 237.846771][T10637] bridge_slave_1: entered promiscuous mode [ 237.973743][T10637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.018084][T10637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.129488][T10637] team0: Port device team_slave_0 added [ 238.141902][T10785] bridge0: entered promiscuous mode [ 238.155886][T10785] bridge0: entered allmulticast mode [ 238.164310][T10637] team0: Port device team_slave_1 added [ 238.359572][T10637] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.381084][T10637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.416136][ T4615] Bluetooth: hci6: command tx timeout [ 238.439205][T10637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.489662][T10637] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.527380][T10637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.619243][T10637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 238.787346][T10637] hsr_slave_0: entered promiscuous mode [ 238.802093][T10637] hsr_slave_1: entered promiscuous mode [ 238.813210][T10637] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 238.826620][T10637] Cannot create hsr debugfs directory [ 238.840719][T10798] sp0: Synchronizing with TNC [ 239.226670][ T6733] vhci_hcd: vhci_device speed not set [ 239.553880][T10810] ================================================================== [ 239.561999][T10810] BUG: KASAN: slab-use-after-free in uprobe_mmap+0xb9a/0x11a0 [ 239.569481][T10810] Read of size 8 at addr ffff8880294d1f30 by task syz.2.2178/10810 [ 239.577386][T10810] [ 239.579744][T10810] CPU: 0 UID: 0 PID: 10810 Comm: syz.2.2178 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0 [ 239.590615][T10810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 239.600691][T10810] Call Trace: [ 239.603971][T10810] [ 239.606904][T10810] dump_stack_lvl+0x241/0x360 [ 239.611615][T10810] ? __pfx_dump_stack_lvl+0x10/0x10 [ 239.616816][T10810] ? __pfx__printk+0x10/0x10 [ 239.621407][T10810] ? _printk+0xd5/0x120 [ 239.625553][T10810] ? __virt_addr_valid+0x183/0x530 [ 239.630653][T10810] ? __virt_addr_valid+0x183/0x530 [ 239.635751][T10810] print_report+0x169/0x550 [ 239.640243][T10810] ? __virt_addr_valid+0x183/0x530 [ 239.645340][T10810] ? __virt_addr_valid+0x183/0x530 [ 239.650435][T10810] ? __virt_addr_valid+0x45f/0x530 [ 239.655528][T10810] ? __phys_addr+0xba/0x170 [ 239.660024][T10810] ? uprobe_mmap+0xb9a/0x11a0 [ 239.664688][T10810] kasan_report+0x143/0x180 [ 239.669186][T10810] ? uprobe_mmap+0xb9a/0x11a0 [ 239.673856][T10810] uprobe_mmap+0xb9a/0x11a0 [ 239.678355][T10810] ? __pfx_uprobe_mmap+0x10/0x10 [ 239.683286][T10810] mmap_region+0x1891/0x2090 [ 239.687865][T10810] ? mark_lock+0x9a/0x350 [ 239.692197][T10810] ? __pfx_mmap_region+0x10/0x10 [ 239.697121][T10810] ? mm_get_unmapped_area+0xa5/0xd0 [ 239.702309][T10810] ? shmem_get_unmapped_area+0x2a7/0x8f0 [ 239.707935][T10810] ? cap_mmap_addr+0x163/0x2c0 [ 239.712691][T10810] ? __get_unmapped_area+0x2f0/0x360 [ 239.717964][T10810] do_mmap+0x8f9/0x1010 [ 239.722116][T10810] ? __pfx_do_mmap+0x10/0x10 [ 239.726693][T10810] ? __pfx_down_write_killable+0x10/0x10 [ 239.732329][T10810] ? __pfx_ima_file_mmap+0x10/0x10 [ 239.737426][T10810] ? security_mmap_file+0x178/0x1a0 [ 239.742611][T10810] vm_mmap_pgoff+0x1dd/0x3d0 [ 239.747192][T10810] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 239.752289][T10810] ? __fget_files+0x29/0x470 [ 239.756874][T10810] ? __fget_files+0x3f6/0x470 [ 239.761550][T10810] ksys_mmap_pgoff+0x4f1/0x720 [ 239.766304][T10810] ? __x64_sys_mmap+0x7f/0x140 [ 239.771072][T10810] do_syscall_64+0xf3/0x230 [ 239.775572][T10810] ? clear_bhb_loop+0x35/0x90 [ 239.780236][T10810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.786133][T10810] RIP: 0033:0x7f2a77979ef9 [ 239.790538][T10810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.810144][T10810] RSP: 002b:00007f2a7879e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 239.818562][T10810] RAX: ffffffffffffffda RBX: 00007f2a77b15f80 RCX: 00007f2a77979ef9 [ 239.826533][T10810] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 0000000020000000 [ 239.834499][T10810] RBP: 00007f2a779e793e R08: 0000000000000004 R09: 0000000000000000 [ 239.842475][T10810] R10: 0000000000010012 R11: 0000000000000246 R12: 0000000000000000 [ 239.850453][T10810] R13: 0000000000000000 R14: 00007f2a77b15f80 R15: 00007ffe5497c958 [ 239.858432][T10810] [ 239.861459][T10810] [ 239.863770][T10810] Allocated by task 10697: [ 239.868167][T10810] kasan_save_track+0x3f/0x80 [ 239.872843][T10810] __kasan_kmalloc+0x98/0xb0 [ 239.877429][T10810] __kmalloc_noprof+0x1fc/0x400 [ 239.882273][T10810] tomoyo_encode+0x26f/0x540 [ 239.886856][T10810] tomoyo_realpath_from_path+0x59e/0x5e0 [ 239.892566][T10810] tomoyo_path_perm+0x2b7/0x740 [ 239.897399][T10810] security_inode_getattr+0xd8/0x130 [ 239.902666][T10810] vfs_getattr+0x45/0x430 [ 239.906979][T10810] vfs_fstatat+0xe4/0x190 [ 239.911296][T10810] __x64_sys_newfstatat+0x11d/0x1a0 [ 239.916479][T10810] do_syscall_64+0xf3/0x230 [ 239.920966][T10810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.926841][T10810] [ 239.929146][T10810] Freed by task 10697: [ 239.933193][T10810] kasan_save_track+0x3f/0x80 [ 239.937851][T10810] kasan_save_free_info+0x40/0x50 [ 239.942870][T10810] poison_slab_object+0xe0/0x150 [ 239.947797][T10810] __kasan_slab_free+0x37/0x60 [ 239.952541][T10810] kfree+0x149/0x360 [ 239.956424][T10810] tomoyo_path_perm+0x5ab/0x740 [ 239.961346][T10810] security_inode_getattr+0xd8/0x130 [ 239.966616][T10810] vfs_getattr+0x45/0x430 [ 239.970928][T10810] vfs_fstatat+0xe4/0x190 [ 239.975243][T10810] __x64_sys_newfstatat+0x11d/0x1a0 [ 239.980427][T10810] do_syscall_64+0xf3/0x230 [ 239.984914][T10810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.990795][T10810] [ 239.993109][T10810] The buggy address belongs to the object at ffff8880294d1f00 [ 239.993109][T10810] which belongs to the cache kmalloc-64 of size 64 [ 240.007137][T10810] The buggy address is located 48 bytes inside of [ 240.007137][T10810] freed 64-byte region [ffff8880294d1f00, ffff8880294d1f40) [ 240.020832][T10810] [ 240.023143][T10810] The buggy address belongs to the physical page: [ 240.029539][T10810] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x294d1 [ 240.038286][T10810] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 240.045815][T10810] page_type: 0xfdffffff(slab) [ 240.050474][T10810] raw: 00fff00000000000 ffff8880154418c0 0000000000000000 dead000000000001 [ 240.059042][T10810] raw: 0000000000000000 0000000000200020 00000001fdffffff 0000000000000000 [ 240.067606][T10810] page dumped because: kasan: bad access detected [ 240.074004][T10810] page_owner tracks the page as allocated [ 240.079702][T10810] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4683, tgid 4683 (udevd), ts 30584651303, free_ts 30575848717 [ 240.098186][T10810] post_alloc_hook+0x1f3/0x230 [ 240.103028][T10810] get_page_from_freelist+0x2e4c/0x2f10 [ 240.108579][T10810] __alloc_pages_noprof+0x256/0x6c0 [ 240.113783][T10810] alloc_slab_page+0x5f/0x120 [ 240.118450][T10810] allocate_slab+0x5a/0x2f0 [ 240.122943][T10810] ___slab_alloc+0xcd1/0x14b0 [ 240.127617][T10810] __slab_alloc+0x58/0xa0 [ 240.131939][T10810] __kmalloc_noprof+0x25a/0x400 [ 240.136788][T10810] tomoyo_encode+0x26f/0x540 [ 240.141365][T10810] tomoyo_realpath_from_path+0x59e/0x5e0 [ 240.146982][T10810] tomoyo_path_perm+0x2b7/0x740 [ 240.151816][T10810] security_inode_getattr+0xd8/0x130 [ 240.157092][T10810] vfs_getattr+0x45/0x430 [ 240.161406][T10810] vfs_fstatat+0xe4/0x190 [ 240.165718][T10810] __x64_sys_newfstatat+0x11d/0x1a0 [ 240.170900][T10810] do_syscall_64+0xf3/0x230 [ 240.175385][T10810] page last free pid 4684 tgid 4684 stack trace: [ 240.181693][T10810] free_unref_page+0xd19/0xea0 [ 240.186446][T10810] __slab_free+0x31b/0x3d0 [ 240.190849][T10810] qlist_free_all+0x9e/0x140 [ 240.195419][T10810] kasan_quarantine_reduce+0x14f/0x170 [ 240.200888][T10810] __kasan_slab_alloc+0x23/0x80 [ 240.205729][T10810] kmem_cache_alloc_lru_noprof+0x139/0x2b0 [ 240.211530][T10810] __d_alloc+0x31/0x700 [ 240.215671][T10810] d_alloc+0x4b/0x190 [ 240.219634][T10810] lookup_one_qstr_excl+0xce/0x260 [ 240.224730][T10810] filename_create+0x297/0x540 [ 240.229482][T10810] do_symlinkat+0xf9/0x3a0 [ 240.233886][T10810] __x64_sys_symlink+0x7a/0x90 [ 240.238638][T10810] do_syscall_64+0xf3/0x230 [ 240.243122][T10810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.249000][T10810] [ 240.251305][T10810] Memory state around the buggy address: [ 240.256914][T10810] ffff8880294d1e00: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 240.264955][T10810] ffff8880294d1e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 240.272996][T10810] >ffff8880294d1f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 240.281034][T10810] ^ [ 240.286649][T10810] ffff8880294d1f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 240.294692][T10810] ffff8880294d2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 240.302742][T10810] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 240.366026][T10810] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 240.373271][T10810] CPU: 1 UID: 0 PID: 10810 Comm: syz.2.2178 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0 [ 240.384044][T10810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 240.394120][T10810] Call Trace: [ 240.397404][T10810] [ 240.400338][T10810] dump_stack_lvl+0x241/0x360 [ 240.405037][T10810] ? __pfx_dump_stack_lvl+0x10/0x10 [ 240.410261][T10810] ? __pfx__printk+0x10/0x10 [ 240.414865][T10810] ? preempt_schedule+0xe1/0xf0 [ 240.419727][T10810] ? vscnprintf+0x5d/0x90 [ 240.424072][T10810] panic+0x349/0x860 [ 240.427982][T10810] ? check_panic_on_warn+0x21/0xb0 [ 240.433096][T10810] ? __pfx_panic+0x10/0x10 [ 240.437527][T10810] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 240.443519][T10810] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 240.449856][T10810] ? print_report+0x502/0x550 [ 240.454544][T10810] check_panic_on_warn+0x86/0xb0 [ 240.459500][T10810] ? uprobe_mmap+0xb9a/0x11a0 [ 240.464193][T10810] end_report+0x77/0x160 [ 240.468450][T10810] kasan_report+0x154/0x180 [ 240.472972][T10810] ? uprobe_mmap+0xb9a/0x11a0 [ 240.477664][T10810] uprobe_mmap+0xb9a/0x11a0 [ 240.482183][T10810] ? __pfx_uprobe_mmap+0x10/0x10 [ 240.487136][T10810] mmap_region+0x1891/0x2090 [ 240.491741][T10810] ? mark_lock+0x9a/0x350 [ 240.496104][T10810] ? __pfx_mmap_region+0x10/0x10 [ 240.501051][T10810] ? mm_get_unmapped_area+0xa5/0xd0 [ 240.506268][T10810] ? shmem_get_unmapped_area+0x2a7/0x8f0 [ 240.511914][T10810] ? cap_mmap_addr+0x163/0x2c0 [ 240.516692][T10810] ? __get_unmapped_area+0x2f0/0x360 [ 240.521986][T10810] do_mmap+0x8f9/0x1010 [ 240.526154][T10810] ? __pfx_do_mmap+0x10/0x10 [ 240.530754][T10810] ? __pfx_down_write_killable+0x10/0x10 [ 240.536391][T10810] ? __pfx_ima_file_mmap+0x10/0x10 [ 240.541506][T10810] ? security_mmap_file+0x178/0x1a0 [ 240.546716][T10810] vm_mmap_pgoff+0x1dd/0x3d0 [ 240.551321][T10810] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 240.556442][T10810] ? __fget_files+0x29/0x470 [ 240.561044][T10810] ? __fget_files+0x3f6/0x470 [ 240.565741][T10810] ksys_mmap_pgoff+0x4f1/0x720 [ 240.570511][T10810] ? __x64_sys_mmap+0x7f/0x140 [ 240.575288][T10810] do_syscall_64+0xf3/0x230 [ 240.579801][T10810] ? clear_bhb_loop+0x35/0x90 [ 240.584487][T10810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.590397][T10810] RIP: 0033:0x7f2a77979ef9 [ 240.594819][T10810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.614435][T10810] RSP: 002b:00007f2a7879e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 240.622863][T10810] RAX: ffffffffffffffda RBX: 00007f2a77b15f80 RCX: 00007f2a77979ef9 [ 240.630842][T10810] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 0000000020000000 [ 240.638816][T10810] RBP: 00007f2a779e793e R08: 0000000000000004 R09: 0000000000000000 [ 240.646795][T10810] R10: 0000000000010012 R11: 0000000000000246 R12: 0000000000000000 [ 240.654774][T10810] R13: 0000000000000000 R14: 00007f2a77b15f80 R15: 00007ffe5497c958 [ 240.662763][T10810] [ 240.665909][T10810] Kernel Offset: disabled [ 240.670216][T10810] Rebooting in 86400 seconds..