last executing test programs: 4m22.05531682s ago: executing program 0 (id=1508): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=ANY=[@ANYBLOB="05000000"], 0x0, 0x1600) 4m21.775880374s ago: executing program 0 (id=1513): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x4}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) 4m19.794164501s ago: executing program 0 (id=1530): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0xfdfdffff, 0xfffffff7, 0x1, 0x4, 0x0, "518aba4d000000000000000000000000002000"}) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa41d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828eea399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f0e817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 4m19.570518232s ago: executing program 0 (id=1534): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x48) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000580)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb5008, 0x0) umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x4) 4m19.285563998s ago: executing program 0 (id=1537): r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) renameat2(r1, &(0x7f0000000340)='./bus\x00', r1, &(0x7f0000002200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 4m18.381621837s ago: executing program 0 (id=1544): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000640)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x65, 0x0, 0x0, 0x3a, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}, {0x8000, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x0, 0x3, 0x0, 0x100}}}}}}}, 0x0) 4m17.622883145s ago: executing program 32 (id=1544): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000640)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x65, 0x0, 0x0, 0x3a, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}, {0x8000, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x0, 0x3, 0x0, 0x100}}}}}}}, 0x0) 33.185605824s ago: executing program 3 (id=3875): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)=ANY=[@ANYBLOB="04010000100007000000000000000000ff010000000000000000000000000001e0000002000000000000000000000000ffff0040000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fc0000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000070000000000000000000000000000000000040000000000e80a000000000000000000000a000000700000000000000014000e"], 0x104}}, 0x0) 33.096812s ago: executing program 3 (id=3876): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}]]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0) 33.024101007s ago: executing program 3 (id=3877): r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000001280)={{0x12, 0x1, 0x300, 0x0, 0x1f, 0x66, 0x8, 0x58f, 0x6610, 0x4805, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x95, 0x70, 0x81, [{{0x9, 0x4, 0x0, 0x81, 0x0, 0xff, 0xff, 0xff, 0x2}}]}}]}}, &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23}) r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003) ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000a40)={&(0x7f0000000380)=[{0x3, 0x6000, 0x1, &(0x7f00000003c0)='t'}, {0x1, 0x2a00, 0x0, 0x0}], 0x2}) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000200)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0}) 31.978780153s ago: executing program 2 (id=3888): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x60, 0x10, 0x1, 0x470bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x64e10, 0x36a01}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x28, 0x5, 0x0, 0x1, [@IFLA_BRPORT_FLUSH={0x4}, @IFLA_BRPORT_STATE={0x5, 0x1, 0x3}, @IFLA_BRPORT_PROTECT={0x5, 0x6, 0x1}, @IFLA_BRPORT_PROXYARP_WIFI={0x5, 0xc, 0x1}, @IFLA_BRPORT_GROUP_FWD_MASK={0x6, 0x1f, 0xf}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x400c080}, 0x8002) 31.465845493s ago: executing program 2 (id=3892): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)=0xdfe5) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0}}, 0xfc36) 31.02980077s ago: executing program 5 (id=3898): r0 = getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30) 30.773638466s ago: executing program 1 (id=3901): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) unshare(0x2a020480) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0) 30.48153975s ago: executing program 1 (id=3904): r0 = socket(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4) sendto$inet(r0, 0x0, 0xffe5, 0x0, &(0x7f0000000000)={0x2, 0x4e20}, 0x10) recvmsg$inet_nvme(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x12000) 30.438906317s ago: executing program 3 (id=3905): setreuid(0xee00, 0x0) r0 = getuid() setreuid(0x0, r0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000002feffff720af0fff8ffffff71a4f0ff000000007110000000000000e5000500000000004704000001ed00000f030000000000001d44000000000000620a00fe040026ca7203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350844ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffffb9}, 0x48) 30.364442595s ago: executing program 1 (id=3906): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) semop(r0, &(0x7f00000000c0)=[{0x4}, {0x2}], 0x2) semctl$GETZCNT(r0, 0x1, 0xf, 0x0) 30.305688381s ago: executing program 2 (id=3907): r0 = fanotify_init(0x4, 0x101000) r1 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) fanotify_mark(r0, 0x641, 0x1019, r1, 0x0) fanotify_mark(r0, 0x2, 0x2, r1, 0x0) 30.113542492s ago: executing program 2 (id=3910): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0) setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f00000000c0)=0x8, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10) 30.101526727s ago: executing program 3 (id=3911): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000001ff0), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000f"], 0x20000078}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x5, 0x0, 0x0, {}, {0x77359400}, {}, 0x7, @can={{}, 0x0, 0x0, 0x0, 0x0, "a8c7e9385559d457"}}, 0x48}}, 0x0) 29.970808458s ago: executing program 4 (id=3912): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000001"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 29.717665189s ago: executing program 4 (id=3913): r0 = socket(0xa, 0x5, 0x0) listen(r0, 0x100) r1 = dup(r0) sendmsg$inet_sctp(r1, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000008400000005"], 0x18, 0x20008110}, 0x2400c8c5) 29.682162167s ago: executing program 5 (id=3914): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', 'syz', 0x20, 0xe8c}, 0x2d, 0xfffffffffffffff9) r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$instantiate(0xc, r0, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'user:', 'new '}, 0x19, 0xfffffffffffffffe) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 29.590808444s ago: executing program 4 (id=3915): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000de20000040"]) 29.425494109s ago: executing program 5 (id=3916): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="a0725ce9403b", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb8000", 0x38, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast2, {[], @time_exceed={0x4, 0x0, 0x0, 0x60, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @mcast1, @mcast1, [], "1b8d2069162baf34"}}}}}}}, 0x0) 29.324212311s ago: executing program 1 (id=3917): unshare(0x24020400) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x28) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000f2dcc6d0e5bfb6ecc27477a80d1fcf4b137d054bd61743b079bac97f2141d9f3fc65776a653c4ec621d3c20287f5605901decf24849b329a36c04e4b9ed84e68605ca797889c2552b819a920c3ea749c4760aa70f09c9c56b6a43f7c5b6d22e5b85ad8359b1ca3ce6562fb42785fa4a7fee635efcaa4ba6fab659971224383e4bf1cf7f3e03373a9750690557a2efd747ce8afce6d4cd5"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r1, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffff97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 29.284240083s ago: executing program 5 (id=3918): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @remote, 0xb}, 0x1c) syz_emit_ethernet(0xfef3, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010020641100fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0) 29.101681775s ago: executing program 5 (id=3919): write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10408}}, 0x50) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000002c0)={0xffffffff, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a) 29.073947611s ago: executing program 2 (id=3920): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) 28.951509458s ago: executing program 3 (id=3921): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x7) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 28.639002884s ago: executing program 5 (id=3922): r0 = socket(0x10, 0x803, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b595000000000000000002000000", @ANYRES32=r0, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x20008824}, 0x4800) 27.80745492s ago: executing program 1 (id=3923): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000005300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffc00000000000}, 0x18) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) writev(r1, &(0x7f0000000300)=[{&(0x7f0000000000)="1c", 0x1}], 0x1) 27.540005676s ago: executing program 1 (id=3924): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c0000001000ffff2cbd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2911000020100000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB="0500110001"], 0x4c}, 0x1, 0x0, 0x0, 0x8001}, 0x40040) 20.272839136s ago: executing program 2 (id=3925): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40) 15.872217977s ago: executing program 4 (id=3926): syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_DEFAULT_PHY={{0x4}}}}, 0x7) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000280)={0xf0f023}) syz_open_dev$video4linux(&(0x7f0000000280), 0x101, 0x81) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) 15.619174577s ago: executing program 4 (id=3927): openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 15.43387727s ago: executing program 4 (id=3928): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000940)=@newqdisc={0x130, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x100, 0x2, {{0xfffffffe, 0x2, 0x40, 0x7, 0xe9, 0xcc36}, [@TCA_NETEM_LOSS={0xb4, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x1, 0xffff, 0x0, 0x6}}, @NETEM_LOSS_GE={0x14, 0x2, {0x5, 0xfffffffa, 0xa, 0x4}}, @NETEM_LOSS_GE={0x11, 0x2, {0x1, 0x9, 0x1, 0x8}}, @NETEM_LOSS_GI={0x18, 0x1, {0xcfbb, 0x2, 0x10001, 0x8, 0x1}}, @NETEM_LOSS_GE={0x14, 0x2, {0x9, 0x5, 0x1003, 0xb}}, @NETEM_LOSS_GI={0x18, 0x1, {0x8, 0x0, 0xfffff001, 0xf6, 0x3}}, @NETEM_LOSS_GI={0x18, 0x1, {0x7, 0x3, 0x5, 0x4, 0xea}}, @NETEM_LOSS_GI={0x18, 0x1, {0x6, 0x8, 0x10000, 0x2, 0x7fff}}]}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x8, 0x1000}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0xbba5, 0x2}}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0xff}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x1}]}}}]}, 0x130}}, 0x0) 13.146809286s ago: executing program 33 (id=3922): r0 = socket(0x10, 0x803, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b595000000000000000002000000", @ANYRES32=r0, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x20008824}, 0x4800) 12.751510051s ago: executing program 34 (id=3921): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x7) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 11.970610773s ago: executing program 35 (id=3924): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c0000001000ffff2cbd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2911000020100000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB="0500110001"], 0x4c}, 0x1, 0x0, 0x0, 0x8001}, 0x40040) 4.877328922s ago: executing program 36 (id=3925): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40) 0s ago: executing program 37 (id=3928): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000940)=@newqdisc={0x130, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x100, 0x2, {{0xfffffffe, 0x2, 0x40, 0x7, 0xe9, 0xcc36}, [@TCA_NETEM_LOSS={0xb4, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x1, 0xffff, 0x0, 0x6}}, @NETEM_LOSS_GE={0x14, 0x2, {0x5, 0xfffffffa, 0xa, 0x4}}, @NETEM_LOSS_GE={0x11, 0x2, {0x1, 0x9, 0x1, 0x8}}, @NETEM_LOSS_GI={0x18, 0x1, {0xcfbb, 0x2, 0x10001, 0x8, 0x1}}, @NETEM_LOSS_GE={0x14, 0x2, {0x9, 0x5, 0x1003, 0xb}}, @NETEM_LOSS_GI={0x18, 0x1, {0x8, 0x0, 0xfffff001, 0xf6, 0x3}}, @NETEM_LOSS_GI={0x18, 0x1, {0x7, 0x3, 0x5, 0x4, 0xea}}, @NETEM_LOSS_GI={0x18, 0x1, {0x6, 0x8, 0x10000, 0x2, 0x7fff}}]}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x8, 0x1000}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0xbba5, 0x2}}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0xff}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x1}]}}}]}, 0x130}}, 0x0) kernel console output (not intermixed with test programs): ] vivid-000: Fill Percentage of Frame: 100 [ 373.596649][T12043] vivid-000: Horizontal Movement: No Movement [ 373.596671][T12043] vivid-000: Vertical Movement: No Movement [ 373.596692][T12043] vivid-000: OSD Text Mode: All [ 373.596713][T12043] vivid-000: Show Border: false [ 373.596733][T12043] vivid-000: Show Square: false [ 373.596753][T12043] vivid-000: Sensor Flipped Horizontally: false [ 373.596774][T12043] vivid-000: Sensor Flipped Vertically: false [ 373.596795][T12043] vivid-000: Insert SAV Code in Image: false [ 373.596815][T12043] vivid-000: Insert EAV Code in Image: false [ 373.596836][T12043] vivid-000: Insert Video Guard Band: false [ 373.596856][T12043] vivid-000: Reduced Framerate: false [ 373.596876][T12043] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 373.596899][T12043] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 373.596922][T12043] vivid-000: Enable Capture Cropping: true grabbed [ 373.596948][T12043] vivid-000: Enable Capture Composing: true grabbed [ 373.596981][T12043] vivid-000: Enable Capture Scaler: true grabbed [ 373.597007][T12043] vivid-000: Timestamp Source: End of Frame [ 373.597028][T12043] vivid-000: Colorspace: sRGB [ 373.597048][T12043] vivid-000: Transfer Function: Default [ 373.597069][T12043] vivid-000: Y'CbCr Encoding: Default [ 373.597090][T12043] vivid-000: HSV Encoding: Hue 0-179 [ 373.597111][T12043] vivid-000: Quantization: Default [ 373.597130][T12043] vivid-000: Apply Alpha To Red Only: false [ 373.597151][T12043] vivid-000: Standard Aspect Ratio: 4x3 [ 373.597173][T12043] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 373.597199][T12043] vivid-000: DV Timings: 640x480p59 inactive [ 373.597225][T12043] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 373.597247][T12043] vivid-000: Maximum EDID Blocks: 2 [ 373.597267][T12043] vivid-000: Limited RGB Range (16-235): false [ 373.597288][T12043] vivid-000: Rx RGB Quantization Range: Automatic [ 373.597310][T12043] vivid-000: Power Present: 0x00000001 [ 373.597332][T12043] tpg source WxH: 320x240 (Y'CbCr) [ 373.597346][T12043] tpg field: 1 [ 373.597354][T12043] tpg crop: (0,0)/320x240 [ 373.597369][T12043] tpg compose: (0,0)/320x240 [ 373.597383][T12043] tpg colorspace: 8 [ 373.597392][T12043] tpg transfer function: 0/2 [ 373.597403][T12043] tpg Y'CbCr encoding: 0/1 [ 373.597414][T12043] tpg quantization: 0/2 [ 373.597424][T12043] tpg RGB range: 0/2 [ 373.597435][T12043] vivid-000: ================== END STATUS ================== [ 374.112736][ T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 374.118631][T12061] program syz.4.2450 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 374.265175][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 374.267838][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 374.267875][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 374.267921][ T9] usb 6-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 374.267948][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 374.278160][ T9] usb 6-1: config 0 descriptor?? [ 374.747635][ T9] playstation 0003:054C:05C4.0014: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.5-1/input0 [ 374.799085][T12080] io-wq is not configured for unbound workers [ 374.913714][ T9] playstation 0003:054C:05C4.0014: Invalid byte count transferred, expected 16 got 0 [ 374.913748][ T9] playstation 0003:054C:05C4.0014: Failed to retrieve DualShock4 pairing info: -22 [ 374.913801][ T9] playstation 0003:054C:05C4.0014: Failed to get MAC address from DualShock4 [ 374.913820][ T9] playstation 0003:054C:05C4.0014: Failed to create dualshock4. [ 374.917031][ T9] playstation 0003:054C:05C4.0014: probe with driver playstation failed with error -22 [ 375.129860][ T5988] usb 6-1: USB disconnect, device number 7 [ 375.202897][ T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 375.256855][T12097] program syz.4.2467 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 375.332743][ T5994] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 375.379838][ T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 375.379868][ T9] usb 2-1: config 0 has no interface number 0 [ 375.379916][ T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 375.379944][ T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 375.379968][ T9] usb 2-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 375.380013][ T9] usb 2-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 375.380038][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 375.398313][ T9] usb 2-1: config 0 descriptor?? [ 375.468026][T12100] ALSA: mixer_oss: invalid OSS volume 'A141=w敐腣e]' [ 375.468307][T12100] ALSA: mixer_oss: invalid OSS volume '室盉寺;T`緻$櫩綞黧cXMYd,' [ 375.468357][T12100] ALSA: mixer_oss: invalid OSS volume 'b珟@h#' [ 375.468389][T12100] ALSA: mixer_oss: invalid OSS volume '晳h4繓蠿瑒S4v=0漘>&湎' [ 375.468478][T12100] ALSA: mixer_oss: invalid OSS volume '|/"tj' [ 375.468493][T12100] ALSA: mixer_oss: invalid OSS volume '-z5矈c^鱆6$' [ 375.468545][T12100] ALSA: mixer_oss: invalid OSS volume '0审T劗皔蒌瞵髩椽嚄俲朠&喅a飔' [ 375.468802][T12100] ALSA: mixer_oss: invalid OSS volume '|幞髜俓' [ 375.468855][T12100] ALSA: mixer_oss: invalid OSS volume '@鬪3b蓽憓樤G$#\("/鴒鶯' [ 375.468870][T12100] ALSA: mixer_oss: invalid OSS volume '' [ 375.546873][ T5994] usb 3-1: Using ep0 maxpacket: 32 [ 375.549311][ T5994] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 375.549342][ T5994] usb 3-1: config 0 has no interface number 0 [ 375.554169][ T5994] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=2c.d8 [ 375.554204][ T5994] usb 3-1: New USB device strings: Mfr=193, Product=2, SerialNumber=3 [ 375.554227][ T5994] usb 3-1: Product: syz [ 375.554243][ T5994] usb 3-1: Manufacturer: syz [ 375.554259][ T5994] usb 3-1: SerialNumber: syz [ 375.611297][ T5994] usb 3-1: config 0 descriptor?? [ 375.622849][ T5994] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 375.622885][ T5994] usb 3-1: selecting invalid altsetting 1 [ 375.622904][ T5994] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 375.635902][ T5994] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 375.636400][ T5994] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 375.636457][ T5994] usb 3-1: media controller created [ 375.751641][ T5994] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 375.968772][ T5994] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 375.968856][ T5994] zl10353_read_register: readreg error (reg=127, ret==-32) [ 376.126876][ T9] input: HID 28bd:0042 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:28BD:0042.0015/input/input29 [ 376.206103][T12111] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2473'. [ 376.268756][ T9] uclogic 0003:28BD:0042.0015: input,hidraw0: USB HID v0.00 Keypad [HID 28bd:0042] on usb-dummy_hcd.1-1/input1 [ 376.317175][ T9] usb 2-1: USB disconnect, device number 22 [ 376.569249][T12118] sctp: [Deprecated]: syz.4.2475 (pid 12118) Use of struct sctp_assoc_value in delayed_ack socket option. [ 376.569249][T12118] Use struct sctp_sack_info instead [ 377.125425][T12090] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 377.127003][ T5994] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 377.142649][ T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 377.281752][ T5994] usb 3-1: USB disconnect, device number 16 [ 377.314845][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 377.317621][ T9] usb 5-1: config 0 has an invalid interface number: 203 but max is 0 [ 377.317652][ T9] usb 5-1: config 0 has no interface number 0 [ 377.317704][ T9] usb 5-1: config 0 interface 203 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 377.336954][ T9] usb 5-1: New USB device found, idVendor=0499, idProduct=1026, bcdDevice=e8.af [ 377.336992][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.337018][ T9] usb 5-1: Product: syz [ 377.337037][ T9] usb 5-1: Manufacturer: syz [ 377.337055][ T9] usb 5-1: SerialNumber: syz [ 377.387228][ T9] usb 5-1: config 0 descriptor?? [ 377.390979][T12122] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 377.429395][ T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 377.601895][T12140] overlay: filesystem on ./bus not supported [ 377.902743][ T9] usb 2-1: new full-speed USB device number 23 using dummy_hcd [ 378.075001][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 378.075065][ T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 378.075097][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 378.075126][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 378.075151][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 378.078361][ T9] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 378.078392][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 378.078415][ T9] usb 2-1: Product: syz [ 378.078431][ T9] usb 2-1: Manufacturer: syz [ 378.078448][ T9] usb 2-1: SerialNumber: syz [ 378.089153][ T9] usb 2-1: config 0 descriptor?? [ 378.371804][ T9] radio-si470x 2-1:0.0: DeviceID=0xc8c8 ChipID=0xc500 [ 378.554087][ T9] radio-si470x 2-1:0.0: software version 200, hardware version 200 [ 378.732343][ T5994] usb 5-1: USB disconnect, device number 22 [ 378.755879][ T9] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 378.755945][ T9] radio-si470x 2-1:0.0: submitting int urb failed (-90) [ 378.756467][ T9] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 378.756838][ T9] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22 [ 378.821458][ T9] usb 2-1: USB disconnect, device number 23 [ 379.059269][T12168] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2500'. [ 379.315308][ T990] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 379.379530][T12174] tap0: tun_chr_ioctl cmd 1074025681 [ 379.474265][ T990] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 379.474331][ T990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.476085][ T990] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 379.476115][ T990] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 379.476138][ T990] usb 6-1: Manufacturer: syz [ 379.529159][ T990] usb 6-1: config 0 descriptor?? [ 379.654902][ T990] rc_core: IR keymap rc-hauppauge not found [ 379.654927][ T990] Registered IR keymap rc-empty [ 379.656627][ T990] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 379.660032][ T990] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input31 [ 379.764330][ T1111] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 379.835925][ T9] usb 6-1: USB disconnect, device number 8 [ 379.991580][T12187] sock: sock_set_timeout: `syz.2.2508' (pid 12187) tries to set negative timeout [ 380.222755][ T5994] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 380.392530][ T5994] usb 4-1: Using ep0 maxpacket: 8 [ 380.408772][ T5994] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 380.408806][ T5994] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.408829][ T5994] usb 4-1: Product: syz [ 380.408846][ T5994] usb 4-1: Manufacturer: syz [ 380.408862][ T5994] usb 4-1: SerialNumber: syz [ 380.455221][ T5994] usb 4-1: config 0 descriptor?? [ 380.492697][ T5994] gspca_main: se401-2.14.0 probing 047d:5003 [ 380.873113][ T5994] gspca_se401: Frame size: 115x0 bayer [ 380.873133][ T5994] gspca_se401: Frame size: 0x0 1/16th janggu [ 380.873148][ T5994] gspca_se401: Frame size: 0x0 1/16th janggu [ 381.078437][ T5994] input: se401 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input32 [ 381.138350][ T5994] usb 4-1: USB disconnect, device number 24 [ 382.151955][T12238] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2529'. [ 382.539875][T12252] netlink: 'syz.5.2537': attribute type 1 has an invalid length. [ 382.540145][T12252] netlink: 144 bytes leftover after parsing attributes in process `syz.5.2537'. [ 382.540183][T12252] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2537'. [ 383.074895][T12266] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2543'. [ 383.541140][T12275] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 384.187331][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.187447][ C1] vkms_vblank_simulate: vblank timer overrun [ 384.261633][T12299] sctp: [Deprecated]: syz.2.2558 (pid 12299) Use of struct sctp_assoc_value in delayed_ack socket option. [ 384.261633][T12299] Use struct sctp_sack_info instead [ 384.319792][ T5994] IPVS: starting estimator thread 0... [ 384.442911][T12300] IPVS: using max 6 ests per chain, 14400 per kthread [ 384.533659][ T9] usb 4-1: new full-speed USB device number 25 using dummy_hcd [ 384.692836][ T10] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 384.697552][ T9] usb 4-1: config 0 interface 0 altsetting 127 endpoint 0x81 has invalid wMaxPacketSize 0 [ 384.697585][ T9] usb 4-1: config 0 interface 0 has no altsetting 0 [ 384.697623][ T9] usb 4-1: New USB device found, idVendor=0b05, idProduct=1a30, bcdDevice= 0.00 [ 384.697650][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.708025][ T9] usb 4-1: config 0 descriptor?? [ 384.852614][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 384.861447][ T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 384.861533][ T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 384.861558][ T10] usb 2-1: config 0 interface 0 has no altsetting 0 [ 384.861756][ T10] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 384.861784][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.907581][ T10] usb 2-1: config 0 descriptor?? [ 384.973162][ T37] audit: type=1326 audit(1758927500.125:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fd9beec9 code=0x7ffc0000 [ 384.973700][ T37] audit: type=1326 audit(1758927500.125:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.974008][ T37] audit: type=1326 audit(1758927500.125:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.974263][ T37] audit: type=1326 audit(1758927500.125:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.974593][ T37] audit: type=1326 audit(1758927500.125:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.974910][ T37] audit: type=1326 audit(1758927500.125:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.975243][ T37] audit: type=1326 audit(1758927500.125:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.975622][ T37] audit: type=1326 audit(1758927500.125:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.975946][ T37] audit: type=1326 audit(1758927500.125:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 384.976300][ T37] audit: type=1326 audit(1758927500.125:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12315 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1fd95af79 code=0x7ffc0000 [ 385.265911][ T9] hid (null): unknown global tag 0xd [ 385.266367][ T9] hid (null): invalid report_size 17387 [ 385.266400][ T9] hid (null): report_id 2176741362 is invalid [ 385.266431][ T9] hid (null): unknown global tag 0xc [ 385.267083][ T9] hid (null): report_id 0 is invalid [ 385.392131][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.392924][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.392955][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.392984][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.393400][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.393431][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.393460][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.393886][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.393919][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.393948][ T9] asus 0003:0B05:1A30.0016: unknown main item tag 0x0 [ 385.458780][ T10] hid (null): report_id 0 is invalid [ 385.458811][ T10] hid (null): global environment stack underflow [ 385.458842][ T10] hid (null): unknown global tag 0x34 [ 385.458867][ T10] hid (null): global environment stack underflow [ 385.458885][ T10] hid (null): unknown global tag 0xd [ 385.485113][ T9] asus 0003:0B05:1A30.0016: collection stack underflow [ 385.485153][ T9] asus 0003:0B05:1A30.0016: item 0 2 0 12 parsing failed [ 385.486304][ T9] asus 0003:0B05:1A30.0016: Asus hid parse failed: -22 [ 385.486432][ T9] asus 0003:0B05:1A30.0016: probe with driver asus failed with error -22 [ 385.517424][ T9] usb 4-1: USB disconnect, device number 25 [ 385.560460][ T10] cougar 0003:060B:500A.0017: unexpected long global item [ 385.561399][ T10] cougar 0003:060B:500A.0017: parse failed [ 385.561510][ T10] cougar 0003:060B:500A.0017: probe with driver cougar failed with error -22 [ 385.693446][ T5988] usb 2-1: USB disconnect, device number 24 [ 386.562262][T12350] mkiss: ax0: crc mode is auto. [ 386.991436][T12359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2582'. [ 387.458470][T12382] program syz.4.2592 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 387.498738][ T5158] Bluetooth: hci2: unexpected event for opcode 0x1004 [ 387.571786][T12388] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2594'. [ 387.802699][ T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 387.952743][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 387.957741][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 387.957779][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 387.957822][ T9] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 387.957849][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.973699][ T9] usb 3-1: config 0 descriptor?? [ 388.415968][ T9] corsair 0003:1B1C:1B02.0018: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.2-1/input0 [ 388.576803][T12404] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2601'. [ 388.597401][ T9] corsair 0003:1B1C:1B02.0018: Read invalid backlight brightness: ce. [ 388.764488][T12410] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2606'. [ 388.856592][ T5993] usb 3-1: USB disconnect, device number 17 [ 389.096611][T12419] program syz.4.2608 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 391.126258][ T5988] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 391.282650][ T5988] usb 2-1: Using ep0 maxpacket: 32 [ 391.285378][ T5988] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 391.285408][ T5988] usb 2-1: config 0 has no interface number 0 [ 391.289049][ T5988] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 391.289084][ T5988] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.289108][ T5988] usb 2-1: Product: syz [ 391.289125][ T5988] usb 2-1: Manufacturer: syz [ 391.289141][ T5988] usb 2-1: SerialNumber: syz [ 391.349166][ T5988] usb 2-1: config 0 descriptor?? [ 391.374024][ T5988] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 391.539869][ T5158] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 391.541184][ T5158] Bluetooth: hci2: Injecting HCI hardware error event [ 391.548320][ T5855] Bluetooth: hci2: hardware error 0x00 [ 391.599974][ T5988] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 391.621435][ T5988] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 391.970152][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 391.981748][ T5994] usb 2-1: USB disconnect, device number 25 [ 392.016189][ T5994] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 392.043533][ T5994] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 392.044314][ T5994] quatech2 2-1:0.51: device disconnected [ 392.970541][T12521] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2650'. [ 393.852727][ T5855] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 394.162067][T12541] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 394.675203][ T9] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 394.835825][ T9] usb 6-1: unable to get BOS descriptor or descriptor too short [ 394.836453][ T9] usb 6-1: not running at top speed; connect to a high speed hub [ 394.837731][ T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 394.837756][ T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 394.853507][ T9] usb 6-1: string descriptor 0 read error: -22 [ 394.853713][ T9] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 394.853776][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.957679][ T9] usb 6-1: 0:2 : does not exist [ 395.418885][T12562] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2667'. [ 395.418912][T12562] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2667'. [ 395.418943][T12562] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2667'. [ 395.532686][ T5994] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 395.682829][ T5994] usb 5-1: Using ep0 maxpacket: 32 [ 395.685083][ T5994] usb 5-1: config 0 has an invalid interface number: 47 but max is 0 [ 395.685109][ T5994] usb 5-1: config 0 has no interface number 0 [ 395.685154][ T5994] usb 5-1: config 0 interface 47 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 395.685179][ T5994] usb 5-1: config 0 interface 47 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 395.688175][ T5994] usb 5-1: New USB device found, idVendor=08dd, idProduct=90ff, bcdDevice=7b.76 [ 395.688206][ T5994] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.688228][ T5994] usb 5-1: Product: syz [ 395.688243][ T5994] usb 5-1: Manufacturer: syz [ 395.688259][ T5994] usb 5-1: SerialNumber: syz [ 395.767081][ T5994] usb 5-1: config 0 descriptor?? [ 395.768809][T12558] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 395.769040][T12558] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 395.792797][ T9] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 395.815048][ T9] usb 6-1: 5:0: failed to get current value for ch 1 (-22) [ 395.958705][ T9] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 395.996305][ T9] usb 6-1: USB disconnect, device number 9 [ 396.165081][T12572] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 396.165258][T12572] syzkaller1: linktype set to 778 [ 396.193437][T12558] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 396.193717][T12558] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 396.395580][ T5994] asix 5-1:0.47 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 396.395809][ T5994] asix 5-1:0.47: probe with driver asix failed with error -71 [ 396.446640][ T5994] usb 5-1: USB disconnect, device number 23 [ 396.832835][ T5908] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 396.982681][ T5908] usb 6-1: Using ep0 maxpacket: 16 [ 396.985137][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 396.985172][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 396.985198][ T5908] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 396.985244][ T5908] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 396.985270][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.055853][ T5908] usb 6-1: config 0 descriptor?? [ 397.240504][T12588] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2679'. [ 397.503076][ T5908] hid_parser_main: 469 callbacks suppressed [ 397.503102][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x2 [ 397.503511][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.503541][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.503568][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.503595][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.503622][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.503648][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.503674][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.503700][ T5908] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0 [ 397.575256][ T5908] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0019/input/input33 [ 397.615259][ T5908] microsoft 0003:045E:07DA.0019: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 397.753209][ T10] usb 6-1: USB disconnect, device number 10 [ 398.046169][T12606] netlink: 'syz.1.2688': attribute type 2 has an invalid length. [ 400.216104][T12650] netlink: 'syz.3.2709': attribute type 3 has an invalid length. [ 401.632239][T12675] netlink: 136 bytes leftover after parsing attributes in process `syz.3.2719'. [ 401.632268][T12675] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 401.906367][T12685] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2724'. [ 404.172841][T12736] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2749'. [ 404.423295][T12741] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2750'. [ 405.075826][ T37] kauditd_printk_skb: 52 callbacks suppressed [ 405.075847][ T37] audit: type=1326 audit(1758927520.225:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.125706][ T37] audit: type=1326 audit(1758927520.255:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.125771][ T37] audit: type=1326 audit(1758927520.255:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.125820][ T37] audit: type=1326 audit(1758927520.255:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.125868][ T37] audit: type=1326 audit(1758927520.265:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.140025][ T37] audit: type=1326 audit(1758927520.285:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.140100][ T37] audit: type=1326 audit(1758927520.285:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.140155][ T37] audit: type=1326 audit(1758927520.285:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.144769][ T37] audit: type=1326 audit(1758927520.295:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 405.146622][ T37] audit: type=1326 audit(1758927520.295:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12755 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fded41baf79 code=0x7ffc0000 [ 406.794334][T12798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2775'. [ 406.794364][T12798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2775'. [ 407.155200][T12812] input: syz1 as /devices/virtual/input/input34 [ 407.442806][ T5908] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 407.595329][ T5908] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 407.595364][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.625986][ T5908] usb 2-1: config 0 descriptor?? [ 407.649454][ T5908] cp210x 2-1:0.0: cp210x converter detected [ 408.256833][ T5908] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 408.256891][ T5908] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 408.282925][ T5908] usb 2-1: cp210x converter now attached to ttyUSB0 [ 408.296472][ T5908] usb 2-1: USB disconnect, device number 26 [ 408.351697][ T5908] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 408.352208][ T5908] cp210x 2-1:0.0: device disconnected [ 408.602901][T12847] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2796'. [ 408.917715][T12855] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2800'. [ 409.276907][T12866] tap0: tun_chr_ioctl cmd 1074025677 [ 409.277146][T12866] tap0: linktype set to 825 [ 409.632633][ T9] usb 5-1: new full-speed USB device number 24 using dummy_hcd [ 409.665232][ T990] kernel write not supported for file /media1 (pid: 990 comm: kworker/1:2) [ 409.795612][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 409.795642][ T9] usb 5-1: config 0 has no interfaces? [ 409.795676][ T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 409.795702][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.842127][ T9] usb 5-1: config 0 descriptor?? [ 409.973005][ T5988] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 410.014277][T12888] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 410.014297][T12888] IPv6: NLM_F_CREATE should be set when creating new route [ 410.060306][ T5908] usb 5-1: USB disconnect, device number 24 [ 410.145623][ T5988] usb 6-1: Using ep0 maxpacket: 32 [ 410.148195][ T5988] usb 6-1: config index 0 descriptor too short (expected 35577, got 27) [ 410.148224][ T5988] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 410.148247][ T5988] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 410.148271][ T5988] usb 6-1: config 1 has no interface number 0 [ 410.148325][ T5988] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 410.148354][ T5988] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 410.148400][ T5988] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 410.148426][ T5988] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.202626][ T5990] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 410.258138][ T5988] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found [ 410.372577][ T5990] usb 4-1: Using ep0 maxpacket: 32 [ 410.376059][ T5990] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 410.376088][ T5990] usb 4-1: config 0 has no interface number 0 [ 410.376148][ T5990] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 410.376236][ T5990] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 410.376285][ T5990] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 410.376312][ T5990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.452995][ T5990] usb 4-1: config 0 descriptor?? [ 410.488778][ T5988] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now attached [ 410.795000][ T57] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 410.796326][T12896] openvswitch: netlink: IP tunnel dst address not specified [ 410.950131][ T5988] usb 6-1: USB disconnect, device number 11 [ 410.966082][ T5988] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected [ 411.096839][ T5990] uclogic 0003:28BD:0094.001A: pen parameters not found [ 411.096864][ T5990] uclogic 0003:28BD:0094.001A: interface is invalid, ignoring [ 411.312676][ T10] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 411.330277][ T5988] usb 4-1: USB disconnect, device number 26 [ 411.492597][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 411.496389][ T10] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 411.496422][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.546390][ T10] pvrusb2: Hardware description: Terratec Grabster AV400 [ 411.546413][ T10] pvrusb2: ********** [ 411.546421][ T10] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 411.546436][ T10] pvrusb2: Important functionality might not be entirely working. [ 411.546446][ T10] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 411.546459][ T10] pvrusb2: ********** [ 411.762975][ T2360] pvrusb2: Invalid write control endpoint [ 411.870508][ T2360] pvrusb2: Invalid write control endpoint [ 411.870526][ T2360] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 411.870537][ T2360] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 411.870545][ T2360] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 411.870556][ T2360] pvrusb2: Device being rendered inoperable [ 411.881436][ T2360] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 411.881517][ T2360] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 411.883040][ T2360] pvrusb2: Attached sub-driver cx25840 [ 411.883052][ T2360] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 411.883064][ T2360] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 411.993463][T12903] pvrusb2: Attempted to execute control transfer when device not ok [ 412.017319][ T5908] usb 5-1: USB disconnect, device number 25 [ 412.751287][T12930] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.2833'. [ 412.892660][ T990] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 413.064413][ T990] usb 5-1: Using ep0 maxpacket: 8 [ 413.066834][ T990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 413.066867][ T990] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 413.066913][ T990] usb 5-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 413.066940][ T990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.093152][ T990] usb 5-1: config 0 descriptor?? [ 413.131203][T12942] tap0: tun_chr_ioctl cmd 2147767506 [ 413.232670][ T5994] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 413.398770][ T5994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 413.399323][ T5994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 413.399433][ T5994] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 413.399460][ T5994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.428187][ T5994] usb 6-1: config 0 descriptor?? [ 413.675475][ T990] hid-rmi 0003:06CB:81A7.001B: unknown main item tag 0x6 [ 413.675582][ T990] hid-rmi 0003:06CB:81A7.001B: unknown main item tag 0x0 [ 413.675613][ T990] hid-rmi 0003:06CB:81A7.001B: unknown main item tag 0x0 [ 413.675642][ T990] hid-rmi 0003:06CB:81A7.001B: unknown main item tag 0x0 [ 413.675735][ T990] hid-rmi 0003:06CB:81A7.001B: unknown main item tag 0x0 [ 413.675763][ T990] hid-rmi 0003:06CB:81A7.001B: unbalanced collection at end of report description [ 413.677213][ T990] hid-rmi 0003:06CB:81A7.001B: parse failed [ 413.677667][ T990] hid-rmi 0003:06CB:81A7.001B: probe with driver hid-rmi failed with error -22 [ 413.877034][ T9] usb 5-1: USB disconnect, device number 26 [ 413.939375][ T5994] steelseries 0003:1038:12B6.001C: unknown main item tag 0x0 [ 413.939416][ T5994] steelseries 0003:1038:12B6.001C: unknown main item tag 0x0 [ 413.939447][ T5994] steelseries 0003:1038:12B6.001C: unknown main item tag 0x0 [ 413.939476][ T5994] steelseries 0003:1038:12B6.001C: unknown main item tag 0x0 [ 413.939506][ T5994] steelseries 0003:1038:12B6.001C: unknown main item tag 0x0 [ 413.976118][ T5994] steelseries 0003:1038:12B6.001C: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.5-1/input0 [ 414.016836][T12959] syz.3.2845 (12959): /proc/12958/oom_adj is deprecated, please use /proc/12958/oom_score_adj instead. [ 414.338867][T12968] sch_fq: defrate 0 ignored. [ 414.364477][ T990] usb 6-1: USB disconnect, device number 12 [ 414.830346][T12981] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 414.830512][T12981] syzkaller0: linktype set to 774 [ 415.101141][T12988] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 415.101174][T12988] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 415.191376][T12988] vhci_hcd vhci_hcd.0: Device attached [ 415.403166][ T9] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 415.432653][ T990] usb 39-1: new low-speed USB device number 2 using vhci_hcd [ 415.555539][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 415.560804][ T9] usb 4-1: config 0 has no interfaces? [ 415.560846][ T9] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 415.560872][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.597297][ T9] usb 4-1: config 0 descriptor?? [ 415.815933][ T9] usb 4-1: USB disconnect, device number 27 [ 415.842762][T12991] vhci_hcd: connection closed [ 415.869314][ T1111] vhci_hcd: stop threads [ 415.869331][ T1111] vhci_hcd: release socket [ 415.908901][ T1111] vhci_hcd: disconnect device [ 415.922880][ T990] vhci_hcd: vhci_device speed not set [ 416.162654][ T10] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 416.192701][ T5908] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 416.312616][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 416.345284][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 416.345322][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 416.345363][ T5908] usb 2-1: New USB device found, idVendor=1b96, idProduct=000f, bcdDevice= 0.00 [ 416.345390][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.350442][ T5908] usb 2-1: config 0 descriptor?? [ 416.432656][ T10] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 416.432684][ T10] usb 3-1: config 0 has no interface number 0 [ 416.432731][ T10] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 416.432757][ T10] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 416.491213][ T10] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 416.491249][ T10] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 416.491273][ T10] usb 3-1: Product: syz [ 416.491289][ T10] usb 3-1: SerialNumber: syz [ 416.526324][ T10] usb 3-1: config 0 descriptor?? [ 416.542110][ T10] cm109 3-1:0.8: invalid payload size 0, expected 4 [ 416.560478][ T10] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input35 [ 416.795128][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 416.905470][ T5908] ntrig 0003:1B96:000F.001D: hidraw0: USB HID v0.00 Device [HID 1b96:000f] on usb-dummy_hcd.1-1/input0 [ 417.036610][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.040135][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.040503][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.040752][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.041083][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.041419][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.043108][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.043431][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.043594][ T9] usb 3-1: USB disconnect, device number 18 [ 417.043682][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 417.043708][ C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 417.067440][ T5908] ntrig 0003:1B96:000F.001D: Firmware version: 7.15.12.55.4 (3dbf fc9e) [ 417.167925][ T9] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 417.303393][ T990] usb 2-1: USB disconnect, device number 27 [ 417.632623][ T5908] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 417.798178][ T5908] usb 5-1: config 0 has an invalid interface number: 217 but max is 0 [ 417.798217][ T5908] usb 5-1: config 0 has no interface number 0 [ 417.801294][ T5908] usb 5-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69 [ 417.801327][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 417.801351][ T5908] usb 5-1: Product: syz [ 417.801367][ T5908] usb 5-1: Manufacturer: syz [ 417.801384][ T5908] usb 5-1: SerialNumber: syz [ 417.833002][ T5908] usb 5-1: config 0 descriptor?? [ 417.838351][ T5908] hub 5-1:0.217: bad descriptor, ignoring hub [ 417.838402][ T5908] hub 5-1:0.217: probe with driver hub failed with error -5 [ 418.094004][ T5908] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state. [ 418.104514][ T5908] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 418.110761][ T5908] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo) [ 418.110824][ T5908] usb 5-1: media controller created [ 418.230053][ T5908] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 418.434482][ T5908] DVB: Unable to find symbol dib7000p_attach() [ 418.434501][ T5908] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo' [ 418.542639][ T5908] rc_core: IR keymap rc-dib0700-rc5 not found [ 418.542662][ T5908] Registered IR keymap rc-empty [ 418.542972][ T5908] dvb-usb: could not initialize remote control. [ 418.542982][ T5908] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected. [ 418.546305][ T5908] usb 5-1: USB disconnect, device number 27 [ 418.735733][ T5908] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected. [ 419.157298][ T5988] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 419.328928][ T5988] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 419.328961][ T5988] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 419.328988][ T5988] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 419.329013][ T5988] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 419.329056][ T5988] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 419.329081][ T5988] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.436147][ T5988] usb 2-1: config 0 descriptor?? [ 419.661211][ T5988] hdpvr 2-1:0.0: firmware version 0x0 dated [ 419.661235][ T5988] hdpvr 2-1:0.0: untested firmware, the driver might not work. [ 419.960153][T13073] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.239954][ T5988] hdpvr 2-1:0.0: Could not setup controls [ 420.240727][ T5988] hdpvr 2-1:0.0: registering videodev failed [ 420.261136][ T5988] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -71 [ 420.289619][ T5988] usb 2-1: USB disconnect, device number 28 [ 420.607258][T13092] netlink: 'syz.2.2903': attribute type 29 has an invalid length. [ 420.624625][T13092] netlink: 'syz.2.2903': attribute type 29 has an invalid length. [ 420.627308][T13092] netlink: 'syz.2.2903': attribute type 29 has an invalid length. [ 421.617976][T13126] netlink: 277 bytes leftover after parsing attributes in process `syz.5.2916'. [ 421.961731][T13136] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2921'. [ 421.961770][T13136] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2921'. [ 421.995010][T13136] gretap0: entered promiscuous mode [ 421.996604][T13136] batadv_slave_1: entered promiscuous mode [ 421.997572][T13136] debugfs: 'hsr1' already exists in 'hsr' [ 421.997597][T13136] Cannot create hsr debugfs directory [ 422.480646][T13150] program syz.3.2928 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 422.533412][ T1111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.723668][ T5994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 423.342701][ T5990] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 423.477917][T13187] IPv6: NLM_F_CREATE should be specified when creating new route [ 423.532774][ T5990] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 423.532807][ T5990] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.532831][ T5990] usb 2-1: Product: syz [ 423.532848][ T5990] usb 2-1: Manufacturer: syz [ 423.532865][ T5990] usb 2-1: SerialNumber: syz [ 423.616331][ T5990] usb 2-1: config 0 descriptor?? [ 423.623613][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 423.624501][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 423.716276][ T5994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 423.863291][ T5994] usb 2-1: USB disconnect, device number 29 [ 423.954872][T13195] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2947'. [ 424.616527][T13207] lo: entered allmulticast mode [ 424.633904][T13207] tunl0: entered allmulticast mode [ 424.645424][T13207] gre0: entered allmulticast mode [ 424.714924][T13207] gretap0: entered allmulticast mode [ 424.777072][T13207] erspan0: entered allmulticast mode [ 424.798199][T13207] ip_vti0: entered allmulticast mode [ 424.844190][T13207] ip6_vti0: entered allmulticast mode [ 424.882233][T13207] sit0: entered allmulticast mode [ 424.922656][T13207] ip6tnl0: entered allmulticast mode [ 424.995708][T13207] ip6gre0: entered allmulticast mode [ 425.497216][T13207] ip6gretap0: entered allmulticast mode [ 425.658672][T13207] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.659588][T13207] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.732973][T13207] bridge0: entered allmulticast mode [ 425.778199][T13207] vcan0: entered allmulticast mode [ 425.837881][T13207] bond0: entered allmulticast mode [ 425.837910][T13207] bond_slave_0: entered allmulticast mode [ 425.837934][T13207] bond_slave_1: entered allmulticast mode [ 425.887695][T13207] team0: entered allmulticast mode [ 425.887721][T13207] team_slave_0: entered allmulticast mode [ 425.887746][T13207] team_slave_1: entered allmulticast mode [ 425.914462][T13207] dummy0: entered allmulticast mode [ 426.013446][T13207] nlmon0: entered allmulticast mode [ 426.032783][T13207] caif0: entered allmulticast mode [ 426.033912][T13207] batadv0: entered allmulticast mode [ 426.080184][T13207] vxcan0: entered allmulticast mode [ 426.091813][T13207] vxcan1: entered allmulticast mode [ 426.104272][T13207] veth0: entered allmulticast mode [ 426.131016][T13207] veth1: entered allmulticast mode [ 426.313068][T13207] wg0: entered allmulticast mode [ 426.484670][T13207] wg1: entered allmulticast mode [ 426.612905][T13207] wg2: entered allmulticast mode [ 426.636609][T13207] veth0_to_bridge: entered allmulticast mode [ 426.695125][T13207] veth1_to_bridge: entered allmulticast mode [ 426.730197][T13207] veth0_to_bond: entered allmulticast mode [ 426.785542][T13207] veth1_to_bond: entered allmulticast mode [ 426.820654][T13207] veth0_to_team: entered allmulticast mode [ 426.894042][T13207] veth1_to_team: entered allmulticast mode [ 426.944414][T13207] veth0_to_batadv: entered allmulticast mode [ 426.971181][T13207] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 426.972051][T13207] batadv_slave_0: entered allmulticast mode [ 426.995824][T13207] veth1_to_batadv: entered allmulticast mode [ 427.003196][T13207] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 427.010388][T13207] batadv_slave_1: entered allmulticast mode [ 427.050871][T13207] xfrm0: entered allmulticast mode [ 427.077355][T13207] veth0_to_hsr: entered allmulticast mode [ 427.109374][T13207] hsr_slave_0: entered allmulticast mode [ 427.123880][T13207] veth1_to_hsr: entered allmulticast mode [ 427.163864][T13207] hsr_slave_1: entered allmulticast mode [ 427.212971][T13207] hsr0: entered allmulticast mode [ 427.221335][T13207] veth1_virt_wifi: entered allmulticast mode [ 427.239770][T13207] veth0_virt_wifi: entered allmulticast mode [ 427.252740][T13207] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 427.254057][T13207] veth1_vlan: entered allmulticast mode [ 427.260937][T13207] veth0_vlan: entered allmulticast mode [ 427.338272][T13207] vlan0: entered allmulticast mode [ 427.338517][T13207] vlan1: entered allmulticast mode [ 427.382852][T13207] macvlan0: entered allmulticast mode [ 427.422992][T13207] macvlan1: entered allmulticast mode [ 427.454844][T13207] ipvlan0: entered allmulticast mode [ 427.457590][T13207] ipvlan1: entered allmulticast mode [ 427.465999][T13207] veth1_macvtap: entered allmulticast mode [ 427.497973][T13207] veth0_macvtap: entered allmulticast mode [ 427.602873][T13207] macvtap0: entered allmulticast mode [ 427.632715][T13207] macsec0: entered allmulticast mode [ 427.737948][T13207] geneve0: entered allmulticast mode [ 427.844813][T13207] geneve1: entered allmulticast mode [ 428.079188][T13207] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode [ 428.083243][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 428.162378][T13243] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2969'. [ 428.273464][T13207] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode [ 428.294665][T13207] macsec1: entered allmulticast mode [ 428.295022][T13207] batman_adv: batadv0: Interface deactivated: macsec2 [ 428.299757][T13207] macsec2: entered allmulticast mode [ 428.328137][T13207] netdevsim netdevsim5 eth0: entered allmulticast mode [ 428.328435][T13207] netdevsim netdevsim5 eth1: entered allmulticast mode [ 428.328658][T13207] netdevsim netdevsim5 eth2: entered allmulticast mode [ 428.328878][T13207] netdevsim netdevsim5 eth3: entered allmulticast mode [ 428.329080][T13207] tap0: entered allmulticast mode [ 428.419625][ T1111] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.419789][T13243] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2969'. [ 428.428229][ T1111] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.428374][ T1111] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.428421][ T1111] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.560064][T13245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2971'. [ 430.548326][T13300] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2994'. [ 432.097983][T13354] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3017'. [ 432.098118][T13354] team_slave_0: entered promiscuous mode [ 432.098169][T13354] team_slave_1: entered promiscuous mode [ 432.367555][T13360] netlink: 212296 bytes leftover after parsing attributes in process `syz.5.3019'. [ 432.720095][T13373] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3025'. [ 432.805048][ T5990] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 432.972779][ T5990] usb 3-1: Using ep0 maxpacket: 16 [ 432.975781][ T5990] usb 3-1: config 166 has an invalid interface number: 177 but max is 1 [ 432.975813][ T5990] usb 3-1: config 166 has an invalid interface number: 34 but max is 1 [ 432.975836][ T5990] usb 3-1: config 166 has no interface number 0 [ 432.975854][ T5990] usb 3-1: config 166 has no interface number 1 [ 432.975923][ T5990] usb 3-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 432.975949][ T5990] usb 3-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 432.975989][ T5990] usb 3-1: config 166 interface 34 altsetting 1 has a duplicate endpoint with address 0x9, skipping [ 432.976018][ T5990] usb 3-1: config 166 interface 34 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 432.976140][ T5990] usb 3-1: config 166 interface 34 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024 [ 432.976177][ T5990] usb 3-1: config 166 interface 34 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024 [ 432.976206][ T5990] usb 3-1: config 166 interface 34 altsetting 1 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 432.976236][ T5990] usb 3-1: config 166 interface 34 altsetting 1 endpoint 0x85 has invalid wMaxPacketSize 0 [ 432.976260][ T5990] usb 3-1: config 166 interface 34 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 432.976292][ T5990] usb 3-1: config 166 interface 177 has no altsetting 0 [ 432.976313][ T5990] usb 3-1: config 166 interface 34 has no altsetting 0 [ 432.979846][ T5990] usb 3-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12 [ 432.979877][ T5990] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 432.979899][ T5990] usb 3-1: Product: syz [ 432.979915][ T5990] usb 3-1: Manufacturer: syz [ 432.979931][ T5990] usb 3-1: SerialNumber: syz [ 433.403005][ T5990] ums-realtek 3-1:166.177: USB Mass Storage device detected [ 433.612768][ T5990] ums-realtek 3-1:166.34: USB Mass Storage device detected [ 433.916800][ T5990] ums-realtek 3-1:166.34: probe with driver ums-realtek failed with error -5 [ 433.961830][T13399] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 434.001325][T13399] netdevsim netdevsim4 netdevsim0: left promiscuous mode [ 434.010124][ T5990] usb 3-1: Found UVC 0.00 device syz (0bda:0138) [ 434.010163][ T5990] usb 3-1: No valid video chain found. [ 434.053100][ T5990] usb 3-1: USB disconnect, device number 19 [ 434.746450][T13412] netlink: 'syz.3.3041': attribute type 1 has an invalid length. [ 435.772694][ T5908] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 435.925342][ T5908] usb 3-1: config 0 has an invalid interface number: 168 but max is 0 [ 435.925374][ T5908] usb 3-1: config 0 has no interface number 0 [ 435.925427][ T5908] usb 3-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06 [ 435.925455][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.934113][ T5908] usb 3-1: config 0 descriptor?? [ 436.152320][ T5855] Bluetooth: hci0: adv larger than maximum supported [ 436.152342][ T5855] Bluetooth: hci0: Malformed LE Event: 0x0d [ 436.159909][ T5908] usb 3-1: string descriptor 0 read error: -71 [ 436.169244][ T5908] usb-storage 3-1:0.168: USB Mass Storage device detected [ 436.196406][ T5908] usb-storage 3-1:0.168: Quirks match for vid 05ab pid 0060: 2 [ 436.335403][ T5908] usb 3-1: USB disconnect, device number 20 [ 436.459949][T13460] program syz.3.3063 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 436.542587][ T10] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 436.692560][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 436.701475][ T10] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 436.701506][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 436.701529][ T10] usb 5-1: config 0 has no interface number 0 [ 436.739923][ T10] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 436.739958][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 436.739981][ T10] usb 5-1: Product: syz [ 436.739998][ T10] usb 5-1: Manufacturer: syz [ 436.740014][ T10] usb 5-1: SerialNumber: syz [ 436.793296][ T10] usb 5-1: config 0 descriptor?? [ 436.802275][ T10] usb 5-1: Found UVC 0.00 device syz (046d:08f3) [ 436.802313][ T10] usb 5-1: No valid video chain found. [ 437.012899][ T10] usb 5-1: USB disconnect, device number 28 [ 437.282905][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 438.002745][ T10] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 438.013909][T13493] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3079'. [ 438.013970][T13493] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3079'. [ 438.165064][ T10] usb 5-1: config 0 has no interfaces? [ 438.179409][ T10] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=8e.0b [ 438.179442][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.179466][ T10] usb 5-1: Product: syz [ 438.179482][ T10] usb 5-1: Manufacturer: syz [ 438.179498][ T10] usb 5-1: SerialNumber: syz [ 438.225877][ T10] usb 5-1: config 0 descriptor?? [ 438.455529][ T990] usb 5-1: USB disconnect, device number 29 [ 438.952347][ T5908] kernel write not supported for file /dsp (pid: 5908 comm: kworker/1:3) [ 439.577088][ T37] kauditd_printk_skb: 477 callbacks suppressed [ 439.577110][ T37] audit: type=1326 audit(1758927554.725:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fcdfaf79 code=0x7ffc0000 [ 439.577368][ T37] audit: type=1326 audit(1758927554.725:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fce5eec9 code=0x7ffc0000 [ 439.577419][ T37] audit: type=1326 audit(1758927554.725:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fce5eec9 code=0x7ffc0000 [ 439.588015][ T37] audit: type=1326 audit(1758927554.735:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fcdfaf79 code=0x7ffc0000 [ 439.588086][ T37] audit: type=1326 audit(1758927554.735:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22fce5eec9 code=0x7ffc0000 [ 439.588904][ T37] audit: type=1326 audit(1758927554.735:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fcdfaf79 code=0x7ffc0000 [ 439.590236][ T37] audit: type=1326 audit(1758927554.735:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fcdfaf79 code=0x7ffc0000 [ 439.591611][ T37] audit: type=1326 audit(1758927554.735:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fcdfaf79 code=0x7ffc0000 [ 439.595626][ T37] audit: type=1326 audit(1758927554.745:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fcdfaf79 code=0x7ffc0000 [ 439.597479][ T37] audit: type=1326 audit(1758927554.745:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13517 comm="syz.5.3090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22fcdfaf79 code=0x7ffc0000 [ 440.754079][T13549] netlink: 292 bytes leftover after parsing attributes in process `syz.5.3103'. [ 441.822722][ T150] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 442.873816][T13599] Invalid logical block size (7) [ 443.312732][ T10] usb 5-1: new full-speed USB device number 30 using dummy_hcd [ 443.485245][ T10] usb 5-1: config 0 has no interfaces? [ 443.488611][ T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 443.488644][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.488666][ T10] usb 5-1: Product: syz [ 443.488682][ T10] usb 5-1: Manufacturer: syz [ 443.488698][ T10] usb 5-1: SerialNumber: syz [ 443.538231][ T10] usb 5-1: config 0 descriptor?? [ 443.748433][ T5908] usb 5-1: USB disconnect, device number 30 [ 444.272689][ T990] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 444.425889][ T990] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 444.425919][ T990] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 444.428114][ T990] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 444.428145][ T990] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 444.428167][ T990] usb 3-1: SerialNumber: syz [ 444.472954][ T5990] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 444.622593][ T5990] usb 6-1: Using ep0 maxpacket: 8 [ 444.625955][ T5990] usb 6-1: unable to get BOS descriptor or descriptor too short [ 444.627536][ T5990] usb 6-1: config 7 has an invalid interface number: 192 but max is 0 [ 444.627565][ T5990] usb 6-1: config 7 has no interface number 0 [ 444.627601][ T5990] usb 6-1: config 7 interface 192 altsetting 4 has an invalid endpoint descriptor of length 2, skipping [ 444.627628][ T5990] usb 6-1: config 7 interface 192 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 444.627659][ T5990] usb 6-1: config 7 interface 192 has no altsetting 0 [ 444.628664][ T5990] usb 6-1: language id specifier not provided by device, defaulting to English [ 444.631523][ T5990] usb 6-1: New USB device found, idVendor=12d1, idProduct=bb98, bcdDevice=6f.57 [ 444.631556][ T5990] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 444.631580][ T5990] usb 6-1: Product: syz [ 444.631597][ T5990] usb 6-1: Manufacturer: 鉁辨ū靷夒氤忎枖鈩曟敀 [ 444.631615][ T5990] usb 6-1: SerialNumber: syz [ 444.723788][ T990] usb 3-1: 0:2 : does not exist [ 444.871666][ T990] usb 3-1: USB disconnect, device number 21 [ 445.007587][ T5990] option 6-1:7.192: GSM modem (1-port) converter detected [ 445.025732][ T5990] usb 6-1: USB disconnect, device number 13 [ 445.028279][ T5990] option 6-1:7.192: device disconnected [ 445.611751][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.742629][ T10] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 446.922542][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 446.926667][ T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 446.926698][ T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 446.965576][ T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 446.965610][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.965632][ T10] usb 3-1: Product: syz [ 446.965647][ T10] usb 3-1: Manufacturer: syz [ 446.965662][ T10] usb 3-1: SerialNumber: syz [ 447.235021][ T10] usb 3-1: 0:2 : does not exist [ 447.258203][ T10] usb 3-1: 5:0: failed to get current value for ch 0 (-22) [ 447.289759][T13714] openvswitch: netlink: Multiple metadata blocks provided [ 447.311983][ T10] usb 3-1: USB disconnect, device number 22 [ 448.185973][T13880] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3191'. [ 448.572921][ T5994] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 448.687609][T14214] program syz.5.3196 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 448.752602][ T5994] usb 3-1: Using ep0 maxpacket: 16 [ 448.757310][ T5994] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 448.757366][ T5994] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 448.757392][ T5994] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.767283][ T5994] usb 3-1: config 0 descriptor?? [ 449.249083][ T5994] mcp2221 0003:04D8:00DD.001E: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0 [ 449.359517][T14474] debugfs: 'ptm0' already exists in 'caif_serial' [ 449.657059][ T5994] usb 3-1: USB disconnect, device number 23 [ 450.253138][ T5988] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 450.424143][ T5988] usb 2-1: Using ep0 maxpacket: 32 [ 450.430159][ T5988] usb 2-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 450.430195][ T5988] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 450.430218][ T5988] usb 2-1: Product: syz [ 450.430235][ T5988] usb 2-1: Manufacturer: syz [ 450.430252][ T5988] usb 2-1: SerialNumber: syz [ 450.485701][ T5988] usb 2-1: config 0 descriptor?? [ 450.998773][T14507] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 451.274076][ T5988] peak_usb 2-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 451.337243][ T5994] kernel write not supported for file /1441/attr/prev (pid: 5994 comm: kworker/1:7) [ 451.458966][ T5988] peak_usb 2-1:0.0: probe with driver peak_usb failed with error -71 [ 451.503221][ T5988] usb 2-1: USB disconnect, device number 30 [ 451.752842][T14533] tipc: Started in network mode [ 451.752879][T14533] tipc: Node identity ac14140f, cluster identity 4711 [ 451.753484][T14533] tipc: New replicast peer: 255.255.255.255 [ 451.754844][T14533] tipc: Enabled bearer , priority 10 [ 451.762327][T14533] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3225'. [ 451.762354][T14533] tipc: Disabling bearer [ 452.557615][T14551] hugetlbfs: syz.2.3234 (14551): Using mlock ulimits for SHM_HUGETLB is obsolete [ 452.578899][ T5908] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 452.734995][ T5908] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 452.735034][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 452.735066][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 452.738267][ T5908] usb 2-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24 [ 452.738301][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.738324][ T5908] usb 2-1: Product: syz [ 452.738340][ T5908] usb 2-1: Manufacturer: syz [ 452.738357][ T5908] usb 2-1: SerialNumber: syz [ 452.761007][ T5908] usb 2-1: config 0 descriptor?? [ 452.765414][T14544] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 452.972883][ T5908] powermate: unknown product id 0240 [ 452.972904][ T5908] powermate: Expected payload of 3--6 bytes, found 1024 bytes! [ 453.026820][ T5908] input: Griffin SoundKnob as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input39 [ 453.417753][ C1] powermate: config urb returned -71 [ 453.417998][ C1] powermate: config urb returned -71 [ 453.418231][ C1] powermate: config urb returned -71 [ 453.422194][ T5908] usb 2-1: USB disconnect, device number 31 [ 453.422292][ C1] powermate 2-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 454.566137][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 454.756685][T14610] bond0: option ad_select: unable to set because the bond device is up [ 455.011613][T14620] netlink: 146840 bytes leftover after parsing attributes in process `syz.4.3265'. [ 456.763438][T14655] netlink: 'syz.5.3281': attribute type 2 has an invalid length. [ 456.764739][T14653] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3280'. [ 457.027351][T14673] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3289'. [ 457.337666][T14682] netlink: 'syz.3.3294': attribute type 2 has an invalid length. [ 457.692968][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3301'. [ 457.695522][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3301'. [ 459.370253][T14735] program syz.1.3320 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 459.521514][T14739] netlink: 'syz.1.3322': attribute type 1 has an invalid length. [ 459.521542][T14739] netlink: 180 bytes leftover after parsing attributes in process `syz.1.3322'. [ 460.189440][T14767] netlink: 'syz.2.3336': attribute type 6 has an invalid length. [ 460.332180][T14771] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3338'. [ 460.939524][T14795] Attempt to restore checkpoint with obsolete wellknown handles [ 461.559456][T14817] netlink: 'syz.5.3357': attribute type 2 has an invalid length. [ 461.653876][T14820] vxcan0: tx address claim with dest, not broadcast [ 462.829656][T14861] ptrace attach of "./syz-executor exec"[14862] was attempted by "./syz-executor exec"[14861] [ 462.870395][T14866] syz_tun: tun_net_xmit 86 [ 463.193149][T14874] sctp: [Deprecated]: syz.3.3384 (pid 14874) Use of struct sctp_assoc_value in delayed_ack socket option. [ 463.193149][T14874] Use struct sctp_sack_info instead [ 463.920604][ T37] kauditd_printk_skb: 124 callbacks suppressed [ 463.920624][ T37] audit: type=1326 audit(1758927835.070:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 463.920680][ T37] audit: type=1326 audit(1758927835.070:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 463.921022][ T37] audit: type=1326 audit(1758927835.070:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 463.924600][ C0] syz_tun: tun_net_xmit 86 [ 463.931479][ T37] audit: type=1326 audit(1758927835.080:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 463.933000][ T37] audit: type=1326 audit(1758927835.090:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 463.942088][ T37] audit: type=1326 audit(1758927835.100:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 463.943370][ T37] audit: type=1326 audit(1758927835.100:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f547a1b5d67 code=0x7ffc0000 [ 463.943434][ T37] audit: type=1326 audit(1758927835.100:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f547a15af79 code=0x7ffc0000 [ 463.943489][ T37] audit: type=1326 audit(1758927835.100:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 463.943554][ T37] audit: type=1326 audit(1758927835.100:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14896 comm="syz.1.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547a1beec9 code=0x7ffc0000 [ 464.970865][ C0] syz_tun: tun_net_xmit 86 [ 465.302282][T14944] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3419' sets config #1986356271 [ 466.999762][ T5994] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 467.002627][T14989] kvm: kvm [14987]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010001) = 0x4 [ 467.154910][ T5994] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.158955][ T5994] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 467.158988][ T5994] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.159008][ T5994] usb 5-1: Product: syz [ 467.159022][ T5994] usb 5-1: Manufacturer: syz [ 467.159037][ T5994] usb 5-1: SerialNumber: syz [ 467.449594][ T10] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 467.622973][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 467.626121][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 467.626176][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 467.626206][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 467.626226][ T10] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 467.626248][ T10] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 467.627656][ T10] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 467.627683][ T10] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 467.627701][ T10] usb 6-1: Manufacturer: syz [ 467.645991][ T10] usb 6-1: config 0 descriptor?? [ 468.037212][ T5994] cdc_ncm 5-1:1.0: SET_CRC_MODE failed [ 468.037682][ T5994] cdc_ncm 5-1:1.0: SET_NTB_FORMAT failed [ 468.058471][ T5994] cdc_ncm 5-1:1.0: bind() failure [ 468.091298][ T5994] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 468.091348][ T5994] cdc_ncm 5-1:1.1: bind() failure [ 468.114737][ T5994] usb 5-1: USB disconnect, device number 31 [ 468.129153][ T10] rc_core: IR keymap rc-hauppauge not found [ 468.129175][ T10] Registered IR keymap rc-empty [ 468.129342][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.159457][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.181111][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 468.184022][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input40 [ 468.210059][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.294239][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.311131][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.329477][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.351710][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.379260][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.379456][ T5990] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 468.415984][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.429794][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.450771][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.471558][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 468.510790][ T10] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 468.528864][ T10] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 468.549497][ T5990] usb 3-1: Using ep0 maxpacket: 32 [ 468.552284][ T5990] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 468.552317][ T5990] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.557566][T15023] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 468.557705][T15023] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 468.598819][ T10] usb 6-1: USB disconnect, device number 14 [ 468.621936][ T5990] usb 3-1: config 0 descriptor?? [ 468.878972][ T5990] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 468.887595][ T5990] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 468.887801][T15023] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 468.894706][ T5990] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 468.894776][ T5990] usb 3-1: media controller created [ 468.895838][T15023] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 468.956253][ T5990] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 468.998331][T15023] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 469.005207][T15023] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 469.090360][ T5990] az6027: usb out operation failed. (-71) [ 469.095522][T15023] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 469.095611][T15023] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 469.103048][ T5990] az6027: usb out operation failed. (-71) [ 469.103072][ T5990] stb0899_attach: Driver disabled by Kconfig [ 469.103086][ T5990] az6027: no front-end attached [ 469.103086][ T5990] [ 469.103981][ T5990] az6027: usb out operation failed. (-71) [ 469.103999][ T5990] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 469.139109][ T5990] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input41 [ 469.153734][ T5990] dvb-usb: schedule remote query interval to 400 msecs. [ 469.153763][ T5990] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 469.182055][ T5990] usb 3-1: USB disconnect, device number 24 [ 469.229555][T15035] syz_tun: tun_net_xmit 86 [ 469.395470][ T5990] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 470.163795][T15059] input: syz0 as /devices/virtual/input/input42 [ 470.238201][ C1] syz_tun: tun_net_xmit 86 [ 470.568131][ T5158] Bluetooth: hci1: command 0x0406 tx timeout [ 470.699462][ T37] audit: type=1326 audit(1758927841.853:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fd9beec9 code=0x7ffc0000 [ 470.700871][ T37] audit: type=1326 audit(1758927841.853:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fd9beec9 code=0x7ffc0000 [ 470.701281][ T37] audit: type=1326 audit(1758927841.853:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb1fd9bd710 code=0x7ffc0000 [ 470.706569][ T37] audit: type=1326 audit(1758927841.853:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb1fd9bd710 code=0x7ffc0000 [ 470.708170][ T37] audit: type=1326 audit(1758927841.853:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fd9beec9 code=0x7ffc0000 [ 470.710707][ T37] audit: type=1326 audit(1758927841.864:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7fb1fd9beec9 code=0x7ffc0000 [ 470.713708][ T37] audit: type=1326 audit(1758927841.864:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fd9beec9 code=0x7ffc0000 [ 470.714570][ T37] audit: type=1326 audit(1758927841.864:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15072 comm="syz.2.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1fd9beec9 code=0x7ffc0000 [ 470.749394][T15076] program syz.3.3478 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 470.970338][ T5158] Bluetooth: hci0: command 0x0406 tx timeout [ 471.047677][ T5158] Bluetooth: hci3: command 0x0406 tx timeout [ 471.127653][ T5158] Bluetooth: hci4: command 0x0406 tx timeout [ 471.277840][ C1] syz_tun: tun_net_xmit 86 [ 472.117251][ T5994] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 472.267324][ T5994] usb 6-1: Using ep0 maxpacket: 16 [ 472.270412][ T5994] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.270447][ T5994] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.270480][ T5994] usb 6-1: config 0 interface 0 has no altsetting 0 [ 472.270514][ T5994] usb 6-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 472.270538][ T5994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.340043][ T5994] usb 6-1: config 0 descriptor?? [ 472.647088][ T5990] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 472.798130][ T5990] usb 5-1: Using ep0 maxpacket: 16 [ 472.801441][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.801480][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.801506][ T5990] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 472.801555][ T5990] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 472.801582][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.813555][ T5990] usb 5-1: config 0 descriptor?? [ 472.901119][ T5994] cougar 0003:060B:500A.001F: unexpected long global item [ 472.902060][ T5994] cougar 0003:060B:500A.001F: parse failed [ 472.902172][ T5994] cougar 0003:060B:500A.001F: probe with driver cougar failed with error -22 [ 472.942254][ T57] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 473.047289][ T5158] Bluetooth: hci0: command 0x0406 tx timeout [ 473.083576][ T5994] usb 6-1: USB disconnect, device number 15 [ 473.128570][ T5158] Bluetooth: hci3: command 0x0406 tx timeout [ 473.206895][ T5158] Bluetooth: hci4: command 0x0406 tx timeout [ 473.278823][ T5990] hid_parser_main: 3 callbacks suppressed [ 473.278850][ T5990] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0 [ 473.278883][ T5990] microsoft 0003:045E:07DA.0020: ignoring exceeding usage max [ 473.413655][T15130] openvswitch: netlink: Duplicate or invalid key (type 0). [ 473.413698][T15130] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 473.497132][ T5990] microsoft 0003:045E:07DA.0020: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 473.497170][ T5990] microsoft 0003:045E:07DA.0020: no inputs found [ 473.497185][ T5990] microsoft 0003:045E:07DA.0020: could not initialize ff, continuing anyway [ 473.737234][ T990] usb 5-1: USB disconnect, device number 32 [ 473.852814][ T5855] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 473.871724][ T5855] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 473.873605][ T5855] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 473.879841][ T5855] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 473.888105][ T5855] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 474.765496][T15137] chnl_net:caif_netlink_parms(): no params data found [ 475.225672][ T5994] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 475.377674][ T5994] usb 4-1: Using ep0 maxpacket: 8 [ 475.380197][ T5994] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 475.380229][ T5994] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.442525][ T5994] pvrusb2: Hardware description: Terratec Grabster AV400 [ 475.442547][ T5994] pvrusb2: ********** [ 475.442555][ T5994] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 475.442568][ T5994] pvrusb2: Important functionality might not be entirely working. [ 475.442579][ T5994] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 475.442591][ T5994] pvrusb2: ********** [ 475.496349][T15137] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.496533][T15137] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.496790][T15137] bridge_slave_0: entered allmulticast mode [ 475.506323][T15137] bridge_slave_0: entered promiscuous mode [ 475.517989][T15137] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.525505][T15137] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.525837][T15137] bridge_slave_1: entered allmulticast mode [ 475.532854][T15137] bridge_slave_1: entered promiscuous mode [ 475.657814][ T2360] pvrusb2: Invalid write control endpoint [ 475.790596][T15137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 475.817597][T15137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 475.889312][T15160] pvrusb2: Invalid write control endpoint [ 475.891883][ T10] usb 4-1: USB disconnect, device number 28 [ 475.927174][ T2360] pvrusb2: Invalid write control endpoint [ 475.927192][ T2360] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 475.927204][ T2360] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 475.927213][ T2360] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 475.927225][ T2360] pvrusb2: Device being rendered inoperable [ 475.930639][ T2360] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 475.930701][ T2360] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 475.931716][ T2360] pvrusb2: Attached sub-driver cx25840 [ 475.931728][ T2360] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 475.931741][ T2360] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 476.005464][ T5158] Bluetooth: hci1: command tx timeout [ 476.141422][T15137] team0: Port device team_slave_0 added [ 476.160549][T15137] team0: Port device team_slave_1 added [ 476.439873][T15137] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 476.439894][T15137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 476.439926][T15137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 476.442748][T15137] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 476.442765][T15137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 476.442797][T15137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 477.020418][T15137] hsr_slave_0: entered promiscuous mode [ 477.021982][T15137] hsr_slave_1: entered promiscuous mode [ 477.023027][T15137] debugfs: 'hsr0' already exists in 'hsr' [ 477.023056][T15137] Cannot create hsr debugfs directory [ 477.616558][T15223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3541'. [ 477.620867][T15223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3541'. [ 478.084347][ T5158] Bluetooth: hci1: command tx timeout [ 478.924420][T15137] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.314566][T15257] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 479.339569][T15137] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.416237][T15252] tap0: tun_chr_ioctl cmd 1074025677 [ 479.416490][T15252] tap0: linktype set to 804 [ 479.459286][T15259] loop7: detected capacity change from 0 to 7 [ 479.475562][ C1] blk_print_req_error: 130 callbacks suppressed [ 479.475590][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.475624][ C1] buffer_io_error: 118 callbacks suppressed [ 479.475637][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.520557][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.520599][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.545468][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.545504][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.545872][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.545898][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.546122][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.546146][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.550686][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.550726][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.551209][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.551242][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.551448][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.551477][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.551571][T15259] ldm_validate_partition_table(): Disk read failed. [ 479.551690][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.551720][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.551940][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 479.551969][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 479.552584][T15259] Dev loop7: unable to read RDB block 0 [ 479.595915][T15259] loop7: unable to read partition table [ 479.596219][T15259] loop7: partition table beyond EOD, truncated [ 479.596245][T15259] loop_reread_partitions: partition scan of loop7 (濉檳鼚綜阩號恽P=媒?銄X嫼 滊%醌`涉謤鶇{愆謵樔4FLQk輮) failed (rc=-5) [ 480.061356][T15137] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.163143][ T5158] Bluetooth: hci1: command tx timeout [ 480.461222][T15137] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 481.154945][T15137] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 481.238512][T15137] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 481.381731][T15137] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 481.434870][T15137] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 481.672431][ T5994] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 481.791150][T15137] 8021q: adding VLAN 0 to HW filter on device bond0 [ 481.828278][ T5994] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 481.828313][ T5994] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 481.828337][ T5994] usb 4-1: Product: syz [ 481.828353][ T5994] usb 4-1: Manufacturer: syz [ 481.828371][ T5994] usb 4-1: SerialNumber: syz [ 481.880288][ T5994] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 481.933966][T15137] 8021q: adding VLAN 0 to HW filter on device team0 [ 481.996093][ T1274] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.996760][ T1274] bridge0: port 1(bridge_slave_0) entered forwarding state [ 482.032329][ T990] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 482.069324][ T1274] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.070303][ T1274] bridge0: port 2(bridge_slave_1) entered forwarding state [ 482.232264][ T5158] Bluetooth: hci1: command tx timeout [ 482.700748][T15329] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3586'. [ 482.836497][T15327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 482.836982][T15327] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 483.193313][ T990] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 483.196051][ T990] ath9k_htc: Failed to initialize the device [ 483.316045][ T990] usb 4-1: ath9k_htc: USB layer deinitialized [ 483.339302][ T5990] usb 4-1: USB disconnect, device number 29 [ 483.514907][T15345] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3592'. [ 483.529590][T15137] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 483.746545][T15137] veth0_vlan: entered promiscuous mode [ 483.773304][T15137] veth1_vlan: entered promiscuous mode [ 483.903428][T15137] veth0_macvtap: entered promiscuous mode [ 483.987407][T15137] veth1_macvtap: entered promiscuous mode [ 484.048790][T15137] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 484.067293][T15137] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 484.121563][ T3545] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.137306][ T3545] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.161303][ T3545] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.173910][ T3545] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.768505][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 484.768528][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 484.935744][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 484.935771][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 485.251306][ T37] audit: type=1400 audit(1758927856.411:750): lsm=SMACK fn=smack_key_permission action=denied subject="w" object="_" requested=w pid=15388 comm="syz.5.3613" key_serial=423311175 key_desc="_uid_ses.0" [ 486.626180][T15445] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3639'. [ 486.764004][T15450] netlink: 10 bytes leftover after parsing attributes in process `syz.2.3638'. [ 487.486966][ T5993] kernel write not supported for file bpf-prog (pid: 5993 comm: kworker/1:6) [ 487.629525][ T44] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 487.779351][ T44] usb 6-1: Using ep0 maxpacket: 16 [ 487.782046][ T44] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 487.782074][ T44] usb 6-1: config 0 has no interfaces? [ 487.783751][ T44] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 487.783783][ T44] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 487.783805][ T44] usb 6-1: SerialNumber: syz [ 487.840979][ T44] usb 6-1: config 0 descriptor?? [ 488.062402][T15371] usb 6-1: USB disconnect, device number 16 [ 488.137615][T15493] netlink: 16370 bytes leftover after parsing attributes in process `syz.1.3658'. [ 488.797040][ T37] audit: type=1326 audit(1758927859.953:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15512 comm="syz.4.3668" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fded421eec9 code=0x0 [ 489.748568][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 489.842728][T15543] tap0: tun_chr_ioctl cmd 2147767507 [ 490.834376][T15580] binder: 15579:15580 ioctl c0306201 200000000100 returned -14 [ 490.978544][T15582] SQUASHFS error: Failed to read block 0x0: -5 [ 491.959348][T15617] netlink: 'syz.1.3714': attribute type 8 has an invalid length. [ 492.613247][ C1] vkms_vblank_simulate: vblank timer overrun [ 492.684387][ C1] vkms_vblank_simulate: vblank timer overrun [ 492.785085][ C1] vkms_vblank_simulate: vblank timer overrun [ 493.179882][ C1] vkms_vblank_simulate: vblank timer overrun [ 493.196629][ T5994] usb 2-1: new full-speed USB device number 32 using dummy_hcd [ 493.260009][T15644] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3726'. [ 493.260035][T15644] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3726'. [ 493.313981][ C1] vkms_vblank_simulate: vblank timer overrun [ 493.386637][ T5994] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 493.386670][ T5994] usb 2-1: config 1 has an invalid interface number: 4 but max is 0 [ 493.386693][ T5994] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 1 [ 493.386717][ T5994] usb 2-1: config 1 has no interface number 0 [ 493.386735][ T5994] usb 2-1: config 1 has no interface number 1 [ 493.386798][ T5994] usb 2-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 493.386846][ T5994] usb 2-1: config 1 interface 4 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 493.386871][ T5994] usb 2-1: config 1 interface 4 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 16 [ 493.386902][ T5994] usb 2-1: config 1 interface 105 has no altsetting 0 [ 493.386923][ T5994] usb 2-1: config 1 interface 4 has no altsetting 0 [ 493.407463][ T5994] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 493.407498][ T5994] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 493.407528][ T5994] usb 2-1: Product: syz [ 493.407545][ T5994] usb 2-1: Manufacturer: syz [ 493.407560][ T5994] usb 2-1: SerialNumber: syz [ 493.471824][ C1] vkms_vblank_simulate: vblank timer overrun [ 493.586856][ C1] vkms_vblank_simulate: vblank timer overrun [ 493.662086][ T5994] aqc111 2-1:1.105: probe with driver aqc111 failed with error -22 [ 493.711436][T15633] tap1: tun_chr_ioctl cmd 35111 [ 493.872791][ T5988] usb 2-1: USB disconnect, device number 32 [ 494.146209][ T5994] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 494.298645][ T5994] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 494.298690][ T5994] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 494.298732][ T5994] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 494.298756][ T5994] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.312446][ T5994] usb 5-1: config 0 descriptor?? [ 494.755137][ T5994] sony 0003:054C:024B.0021: unexpected long global item [ 494.763499][ T5994] sony 0003:054C:024B.0021: parse failed [ 494.763616][ T5994] sony 0003:054C:024B.0021: probe with driver sony failed with error -22 [ 494.954737][ T5988] usb 5-1: USB disconnect, device number 33 [ 495.607968][T15684] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3744'. [ 495.745385][ T5994] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 495.895288][ T5994] usb 3-1: Using ep0 maxpacket: 16 [ 495.898089][ T5994] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 495.898158][ T5994] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 495.898191][ T5994] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 495.898216][ T5994] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 495.898241][ T5994] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 495.899778][ T5994] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 495.899808][ T5994] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 495.899832][ T5994] usb 3-1: Manufacturer: syz [ 495.933813][ T5994] usb 3-1: config 0 descriptor?? [ 496.375017][ T5994] rc_core: IR keymap rc-hauppauge not found [ 496.375040][ T5994] Registered IR keymap rc-empty [ 496.375225][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.395154][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.416870][ T5994] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 496.443704][ T5994] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input43 [ 496.477431][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.498085][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.520549][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.552456][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.566187][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.585891][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.605008][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.626342][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.645182][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.665069][ T5994] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 496.705959][ T5994] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 496.706872][ T5994] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 496.751651][ T5994] usb 3-1: USB disconnect, device number 25 [ 497.240546][T15710] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3754'. [ 497.744418][ T5993] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 497.894309][ T5993] usb 2-1: Using ep0 maxpacket: 32 [ 497.896763][ T5993] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 497.896800][ T5993] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 497.896845][ T5993] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 497.896872][ T5993] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.911593][ T5993] usb 2-1: config 0 descriptor?? [ 497.931015][ T5993] hub 2-1:0.0: USB hub found [ 498.203364][ T5993] hub 2-1:0.0: config failed, can't read hub descriptor (err -90) [ 498.415307][ T5993] usbhid 2-1:0.0: can't add hid device: -71 [ 498.415451][ T5993] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 498.466604][ T5993] usb 2-1: USB disconnect, device number 33 [ 498.566148][T15746] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 498.566178][T15746] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 498.566274][T15746] vhci_hcd vhci_hcd.0: Device attached [ 498.823834][T15371] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 498.863936][ T5958] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 499.013834][ T5958] usb 3-1: Using ep0 maxpacket: 16 [ 499.016165][ T5958] usb 3-1: config 0 has no interfaces? [ 499.016206][ T5958] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 499.016301][ T5958] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.063418][ T5958] usb 3-1: config 0 descriptor?? [ 499.278361][T15747] usb 37-1: recv xbuf, 0 [ 499.311258][ T57] vhci_hcd: stop threads [ 499.318724][ T9] usb 3-1: USB disconnect, device number 26 [ 499.328335][ T57] vhci_hcd: release socket [ 499.328436][ T57] vhci_hcd: disconnect device [ 499.363676][T15371] vhci_hcd: vhci_device speed not set [ 500.553011][ T990] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 500.702992][ T990] usb 3-1: Using ep0 maxpacket: 8 [ 500.705179][ T990] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 500.705206][ T990] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.728960][ T990] pvrusb2: Hardware description: Terratec Grabster AV400 [ 500.728981][ T990] pvrusb2: ********** [ 500.728990][ T990] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 500.729005][ T990] pvrusb2: Important functionality might not be entirely working. [ 500.729017][ T990] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 500.729031][ T990] pvrusb2: ********** [ 500.956312][ T2360] pvrusb2: Invalid write control endpoint [ 501.124111][ T2360] pvrusb2: Invalid write control endpoint [ 501.124128][ T2360] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 501.124140][ T2360] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 501.124149][ T2360] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 501.124160][ T2360] pvrusb2: Device being rendered inoperable [ 501.124239][ T2360] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 501.124289][ T2360] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 501.192264][ T2360] pvrusb2: Attached sub-driver cx25840 [ 501.192280][ T2360] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 501.192293][ T2360] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 501.213287][ T990] usb 3-1: USB disconnect, device number 27 [ 501.240249][ T37] audit: type=1326 audit(1758927872.409:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.240309][ T37] audit: type=1326 audit(1758927872.409:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.261254][ T37] audit: type=1326 audit(1758927872.429:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.261326][ T37] audit: type=1326 audit(1758927872.429:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.273775][ T37] audit: type=1326 audit(1758927872.449:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.273855][ T37] audit: type=1326 audit(1758927872.449:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.274653][ T37] audit: type=1326 audit(1758927872.449:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.274700][ T37] audit: type=1326 audit(1758927872.449:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 501.274755][ T37] audit: type=1326 audit(1758927872.449:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15811 comm="syz.4.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded421eec9 code=0x7ffc0000 [ 501.684467][T15823] netlink: 'syz.5.3804': attribute type 9 has an invalid length. [ 501.684494][T15823] netlink: 211988 bytes leftover after parsing attributes in process `syz.5.3804'. [ 501.893744][T15829] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3807'. [ 502.106688][T15837] sch_tbf: burst 5 is lower than device lo mtu (65550) ! [ 502.176120][ T37] audit: type=1800 audit(1758927873.339:761): pid=15839 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.3811" name="nullb0" dev="devtmpfs" ino=3164 res=0 errno=0 [ 502.373839][T15841] block device autoloading is deprecated and will be removed. [ 502.726528][ T9] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 502.745783][T15857] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 502.880676][ T9] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 502.880711][ T9] usb 3-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 502.880735][ T9] usb 3-1: Product: syz [ 502.880752][ T9] usb 3-1: Manufacturer: syz [ 502.880768][ T9] usb 3-1: SerialNumber: syz [ 502.925282][ T9] usb 3-1: config 0 descriptor?? [ 502.928871][ T9] ch341 3-1:0.0: ch341-uart converter detected [ 502.942923][T15865] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3825'. [ 503.319416][T15371] kernel read not supported for file /usbmon9 (pid: 15371 comm: kworker/0:2) [ 503.760136][ T9] usb 3-1: failed to send control message: -71 [ 503.760212][ T9] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 503.798367][ T9] usb 3-1: USB disconnect, device number 28 [ 503.800736][ T9] ch341 3-1:0.0: device disconnected [ 504.137231][T15902] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3841'. [ 504.410768][T15914] mkiss: ax0: crc mode is auto. [ 505.278007][T15934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3855'. [ 505.730362][ T990] usb 3-1: new full-speed USB device number 29 using dummy_hcd [ 505.885798][ T990] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 505.894983][ T990] usb 3-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 505.895018][ T990] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 505.895040][ T990] usb 3-1: Product: syz [ 505.895056][ T990] usb 3-1: Manufacturer: syz [ 505.895072][ T990] usb 3-1: SerialNumber: syz [ 505.963089][ T990] usb 3-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 506.300201][ T9] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 506.337930][T15960] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3868'. [ 506.337961][T15960] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3868'. [ 506.471637][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 506.474568][ T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 506.474602][ T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 506.474631][ T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 506.474658][ T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 506.474708][ T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 506.474735][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.585244][T15964] C: renamed from team_slave_0 (while UP) [ 506.654376][T15964] netlink: 'syz.3.3869': attribute type 4 has an invalid length. [ 506.654483][T15964] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3869'. [ 506.658796][T15964] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 506.743463][ T9] usb 2-1: GET_CAPABILITIES returned 0 [ 506.743508][ T9] usbtmc 2-1:16.0: can't read capabilities [ 506.772117][ T990] usb 3-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 506.806784][ T990] usb 3-1: USB disconnect, device number 29 [ 506.952924][ T9] usb 2-1: USB disconnect, device number 34 [ 507.028534][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.459508][ T990] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 507.610616][T15987] netlink: 'syz.2.3882': attribute type 10 has an invalid length. [ 507.610969][ T990] usb 4-1: Using ep0 maxpacket: 8 [ 507.622638][ T990] usb 4-1: unable to get BOS descriptor or descriptor too short [ 507.625067][ T990] usb 4-1: config 4 interface 0 has no altsetting 0 [ 507.638051][ T990] usb 4-1: string descriptor 0 read error: -22 [ 507.638233][ T990] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 507.638261][ T990] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 507.700875][ T990] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 507.719592][ T990] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 507.720047][ T990] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 507.720099][ T990] usb 4-1: media controller created [ 507.769855][T15993] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3883'. [ 507.777336][ T990] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 507.821004][T15987] bond0: (slave bond_slave_0): Releasing backup interface [ 507.860812][T15987] bond_slave_0: left promiscuous mode [ 507.861289][T15987] bond_slave_0: left allmulticast mode [ 508.196164][T16001] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3887'. [ 508.542650][T16007] bridge0: port 2(bridge_slave_1) entered forwarding state [ 508.638260][T16012] netlink: 'syz.5.3890': attribute type 11 has an invalid length. [ 508.778925][ T37] audit: type=1326 audit(1758927879.933:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15994 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded421eec9 code=0x7fc00000 [ 509.138971][ T990] usb 4-1: USB disconnect, device number 30 [ 511.586567][T16077] netlink: 'syz.5.3922': attribute type 1 has an invalid length. [ 511.586593][T16077] netlink: 'syz.5.3922': attribute type 2 has an invalid length. [ 511.646892][T16078] netlink: 'syz.5.3922': attribute type 1 has an invalid length. [ 511.646915][T16078] netlink: 'syz.5.3922': attribute type 2 has an invalid length. [ 512.141572][T16075] debugfs: 'ptm0' already exists in 'caif_serial' [ 524.397840][ T5158] Bluetooth: hci3: unexpected event for opcode 0x2031 [ 527.801441][T16083] bond0: (slave macvlan2): Error -98 calling set_mac_address [ 529.065226][ T5855] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 529.096614][ T5855] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 529.107641][ T5855] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 529.117867][ T5855] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 529.126427][ T5855] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 529.291128][ T5158] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 529.339137][ T5158] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 529.357474][ T5158] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 529.373096][ T5158] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 529.374041][ T5158] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 529.750660][ T5855] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 529.755798][ T5855] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 529.757358][ T5855] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 529.785655][ T5855] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 529.787142][ T5855] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 531.169920][ T5855] Bluetooth: hci5: command tx timeout [ 531.487742][ T5855] Bluetooth: hci6: command tx timeout [ 531.887378][ T5855] Bluetooth: hci7: command tx timeout [ 533.247639][ T5855] Bluetooth: hci5: command tx timeout [ 533.566613][ T5855] Bluetooth: hci6: command tx timeout [ 533.966288][ T5855] Bluetooth: hci7: command tx timeout [ 535.329091][ T5855] Bluetooth: hci5: command tx timeout [ 535.646948][ T5855] Bluetooth: hci6: command tx timeout [ 536.045416][ T5855] Bluetooth: hci7: command tx timeout [ 536.119360][ T5158] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 536.156261][ T5158] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 536.158066][ T5158] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 536.159344][ T5158] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 536.160191][ T5158] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 537.405573][ T5158] Bluetooth: hci5: command tx timeout [ 537.728039][ T5158] Bluetooth: hci6: command tx timeout [ 538.124284][ T5158] Bluetooth: hci7: command tx timeout [ 538.284503][ T5158] Bluetooth: hci8: command tx timeout [ 540.366434][ T5158] Bluetooth: hci8: command tx timeout [ 541.125223][ T5855] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 541.158293][ T5855] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 541.159948][ T5855] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 541.161867][ T5855] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 541.186094][ T5855] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 542.442103][ T5855] Bluetooth: hci8: command tx timeout [ 543.245006][ T5855] Bluetooth: hci2: command tx timeout [ 544.521063][ T5855] Bluetooth: hci8: command tx timeout [ 545.320807][ T5855] Bluetooth: hci2: command tx timeout [ 547.399574][ T5855] Bluetooth: hci2: command tx timeout [ 549.478662][ T5855] Bluetooth: hci2: command tx timeout [ 551.908840][T16097] netem: incorrect ge model size [ 551.908863][T16097] netem: change failed [ 558.207183][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.970176][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 589.924390][ T5158] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 589.944088][ T5158] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 589.945665][ T5158] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 589.946907][ T5158] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 589.993704][ T5158] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 590.084719][ T5158] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 590.094428][ T5158] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 590.100359][ T5158] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 590.101758][ T5158] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 590.115042][ T5158] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 590.840591][ T5158] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 590.866419][ T5158] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 590.886740][ T5158] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 590.906933][ T5158] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 590.921608][ T5158] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 592.097324][ T5855] Bluetooth: hci0: command tx timeout [ 592.257209][ T5855] Bluetooth: hci3: command tx timeout [ 592.977004][ T5855] Bluetooth: hci4: command tx timeout [ 594.186157][ T5855] Bluetooth: hci0: command tx timeout [ 594.336508][ T5855] Bluetooth: hci3: command tx timeout [ 595.055940][ T5855] Bluetooth: hci4: command tx timeout [ 596.255845][ T5855] Bluetooth: hci0: command tx timeout [ 596.415129][ T5855] Bluetooth: hci3: command tx timeout [ 596.567996][ T5158] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 596.591531][ T5158] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 596.593695][ T5158] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 596.609291][ T5158] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 596.610248][ T5158] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 597.134845][ T5158] Bluetooth: hci4: command tx timeout [ 598.334244][ T5158] Bluetooth: hci0: command tx timeout [ 598.494165][T16139] Bluetooth: hci3: command tx timeout [ 599.262925][ T5158] Bluetooth: hci4: command tx timeout [ 599.340714][ T5855] Bluetooth: hci9: command tx timeout [ 601.374223][ T5158] Bluetooth: hci9: command tx timeout [ 601.995032][ T5855] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 601.999574][ T5855] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 602.031524][ T5855] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 602.047093][ T5855] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 602.060444][ T5855] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 603.463341][ T5855] Bluetooth: hci9: command tx timeout [ 604.253780][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 605.531070][ T5855] Bluetooth: hci9: command tx timeout [ 608.412348][ T5158] Bluetooth: hci10: command tx timeout [ 610.498433][ T5855] Bluetooth: hci10: command tx timeout [ 613.307547][ T5855] Bluetooth: hci10: command tx timeout [ 615.393640][ T5855] Bluetooth: hci10: command tx timeout [ 629.852337][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 649.572799][ T5158] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 649.583204][ T5158] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 649.587435][ T5158] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 649.609683][ T5158] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 649.610566][ T5158] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 649.780596][ T5855] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 649.795460][ T5855] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 649.797126][ T5855] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 649.799091][ T5855] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 649.800234][ T5855] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 650.226265][ T5158] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 650.242730][ T5158] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 650.261330][ T5158] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 650.263562][ T5158] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 650.264452][ T5158] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 651.837856][T16112] Bluetooth: hci11: command tx timeout [ 652.404373][T16158] Bluetooth: hci12: command tx timeout [ 652.404737][T16158] Bluetooth: hci6: command 0x0406 tx timeout [ 652.404878][T16158] Bluetooth: hci7: command 0x0406 tx timeout [ 652.405010][T16112] Bluetooth: hci5: command 0x0406 tx timeout [ 652.787165][T16160] Bluetooth: hci1: command tx timeout [ 653.908455][T16160] Bluetooth: hci11: command tx timeout [ 654.476216][T16160] Bluetooth: hci12: command tx timeout [ 654.875613][T16160] Bluetooth: hci1: command tx timeout [ 655.985389][T16160] Bluetooth: hci11: command tx timeout [ 656.544927][T16160] Bluetooth: hci12: command tx timeout [ 656.945057][T16160] Bluetooth: hci1: command tx timeout [ 657.530749][T16159] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 657.551819][T16159] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 657.562569][T16159] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 657.565713][T16159] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 657.566553][T16159] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 660.388426][T16159] Bluetooth: hci11: command tx timeout [ 660.388930][T16159] Bluetooth: hci12: command tx timeout [ 660.388959][T16159] Bluetooth: hci1: command tx timeout [ 662.626280][T16112] Bluetooth: hci8: command 0x0406 tx timeout [ 662.720810][T16167] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 662.755587][T16167] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 662.758203][T16167] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 662.759685][T16167] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 662.798426][T16167] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 667.739347][T16167] Bluetooth: hci2: command 0x0406 tx timeout [ 676.811657][T16112] Bluetooth: hci14: command tx timeout [ 678.853829][T16159] Bluetooth: hci14: command tx timeout [ 678.857121][ T5158] Bluetooth: hci13: command tx timeout [ 680.932878][T16159] Bluetooth: hci14: command tx timeout [ 680.932916][T16159] Bluetooth: hci13: command tx timeout [ 683.011818][T16159] Bluetooth: hci14: command tx timeout [ 683.011856][T16159] Bluetooth: hci13: command tx timeout [ 685.092626][T16139] Bluetooth: hci13: command tx timeout [ 691.253077][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 691.275374][ T1325] ieee802154 phy1 wpan1: encryption failed: -22 [ 695.086648][ T38] INFO: task syz-executor:16114 blocked for more than 148 seconds. [ 695.086702][ T38] Not tainted syzkaller #0 [ 695.086714][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 695.086725][ T38] task:syz-executor state:D stack:26952 pid:16114 tgid:16114 ppid:1 task_flags:0x400140 flags:0x00004004 [ 695.086804][ T38] Call Trace: [ 695.086812][ T38] [ 695.086828][ T38] __schedule+0x16f3/0x4c20 [ 695.086899][ T38] ? __pfx___schedule+0x10/0x10 [ 695.086957][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 695.086998][ T38] rt_mutex_schedule+0x77/0xf0 [ 695.087022][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 695.087053][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 695.087105][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 695.087138][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 695.087170][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 695.087198][ T38] ? __lock_acquire+0xab9/0xd20 [ 695.087243][ T38] ? inet_rtm_newaddr+0x3b0/0x18b0 [ 695.087278][ T38] ? is_bpf_text_address+0x26/0x2b0 [ 695.087315][ T38] ? inet_rtm_newaddr+0x3b0/0x18b0 [ 695.087339][ T38] mutex_lock_nested+0x16a/0x1d0 [ 695.087377][ T38] inet_rtm_newaddr+0x3b0/0x18b0 [ 695.087415][ T38] ? __pfx_inet_rtm_newaddr+0x10/0x10 [ 695.087464][ T38] ? __pfx_inet_rtm_newaddr+0x10/0x10 [ 695.087490][ T38] rtnetlink_rcv_msg+0x7cf/0xb70 [ 695.087524][ T38] ? __lock_acquire+0xab9/0xd20 [ 695.087558][ T38] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 695.087590][ T38] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 695.087646][ T38] netlink_rcv_skb+0x205/0x470 [ 695.087687][ T38] ? __lock_acquire+0xab9/0xd20 [ 695.087719][ T38] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 695.087754][ T38] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 695.087803][ T38] ? netlink_deliver_tap+0x2e/0x1b0 [ 695.087846][ T38] netlink_unicast+0x843/0xa10 [ 695.087888][ T38] ? __pfx_netlink_unicast+0x10/0x10 [ 695.087921][ T38] ? netlink_sendmsg+0x642/0xb30 [ 695.087954][ T38] ? skb_put+0x11b/0x210 [ 695.087995][ T38] netlink_sendmsg+0x805/0xb30 [ 695.088041][ T38] ? __pfx_netlink_sendmsg+0x10/0x10 [ 695.088085][ T38] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 695.088108][ T38] ? __pfx_netlink_sendmsg+0x10/0x10 [ 695.088145][ T38] __sock_sendmsg+0x21c/0x270 [ 695.088180][ T38] __sys_sendto+0x3c7/0x520 [ 695.088218][ T38] ? __pfx___sys_sendto+0x10/0x10 [ 695.088287][ T38] ? exc_page_fault+0x76/0xf0 [ 695.088327][ T38] ? do_user_addr_fault+0xc8a/0x1390 [ 695.088363][ T38] __x64_sys_sendto+0xde/0x100 [ 695.088404][ T38] do_syscall_64+0xfa/0x3b0 [ 695.088426][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 695.088462][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.088486][ T38] ? clear_bhb_loop+0x60/0xb0 [ 695.088515][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.088547][ T38] RIP: 0033:0x7fbde5230d5c [ 695.088572][ T38] RSP: 002b:00007ffd14de9340 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 695.088596][ T38] RAX: ffffffffffffffda RBX: 00007fbde5fb4620 RCX: 00007fbde5230d5c [ 695.088613][ T38] RDX: 0000000000000028 RSI: 00007fbde5fb4670 RDI: 0000000000000003 [ 695.088629][ T38] RBP: 0000000000000000 R08: 00007ffd14de9394 R09: 000000000000000c [ 695.088645][ T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 695.088659][ T38] R13: 0000000000000000 R14: 00007fbde5fb4670 R15: 0000000000000000 [ 695.088883][ T38] [ 695.088929][ T38] [ 695.088929][ T38] Showing all locks held in the system: [ 695.088943][ T38] 4 locks held by kworker/0:0/9: [ 695.088958][ T38] 2 locks held by ksoftirqd/0/15: [ 695.088971][ T38] #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 695.089116][ T38] #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 695.089187][ T38] 1 lock held by khungtaskd/38: [ 695.089201][ T38] #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 695.089260][ T38] 3 locks held by kworker/u8:5/150: [ 695.089273][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 695.089332][ T38] #1: ffffc90003a0fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 695.089391][ T38] #2: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 695.089449][ T38] 3 locks held by kworker/u8:6/1111: [ 695.089462][ T38] #0: ffff88814cfb1138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 695.089522][ T38] #1: ffffc90004ee7bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 695.089584][ T38] #2: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 695.089643][ T38] 4 locks held by kworker/u8:10/1308: [ 695.089656][ T38] #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 695.089715][ T38] #1: ffffc90005397bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 695.089774][ T38] #2: ffffffff8ecc6960 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800 [ 695.089838][ T38] #3: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x990 [ 695.089932][ T38] 2 locks held by getty/5599: [ 695.089945][ T38] #0: ffff88823bf820a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 695.090012][ T38] #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 695.090073][ T38] 3 locks held by kworker/0:3/5824: [ 695.090085][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 695.090146][ T38] #1: ffffc9000455fbc0 (ser_release_work){+.[ 695.090146][ T38] #1: ffffc9000455fbc0 (ser_release_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 695.090204][ T38] #2: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: ser_release+0x107/0x240 [ 695.090267][ T38] 3 locks held by kworker/1:6/5993: [ 695.090281][ T38] #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 695.090340][ T38] #1: ffffc900053e7bc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 695.090399][ T38] #2: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf30 [ 695.090453][ T38] 3 locks held by kworker/1:7/5994: [ 695.090466][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 695.090526][ T38] #1: ffffc90005477bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 695.090584][ T38] #2: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 695.090648][ T38] 1 lock held by syz.3.3921/16074: [ 695.090661][ T38] #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 695.090718][ T38] 1 lock held by syz.5.3922/16078: [ 695.090731][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 695.090796][ T38] 1 lock held by syz.1.3924/16083: [ 695.090809][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 695.090880][ T38] 1 lock held by syz.2.3925/16091: [ 695.090893][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 695.090958][ T38] 1 lock held by syz.4.3928/16097: [ 695.090972][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0 [ 695.091037][ T38] 1 lock held by syz-executor/16103: [ 695.091050][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 695.091112][ T38] 1 lock held by syz-executor/16105: [ 695.091125][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 695.091186][ T38] 1 lock held by syz-executor/16107: [ 695.091200][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 695.091261][ T38] 1 lock held by syz-executor/16110: [ 695.091275][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 695.091337][ T38] 1 lock held by syz-executor/16114: [ 695.091350][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091409][ T38] 9 locks held by kworker/0:10/16119: [ 695.091423][ T38] 1 lock held by syz-executor/16130: [ 695.091436][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091502][ T38] 1 lock held by syz-executor/16131: [ 695.091515][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091571][ T38] 1 lock held by syz-executor/16134: [ 695.091584][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091640][ T38] 1 lock held by syz-executor/16137: [ 695.091653][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091710][ T38] 1 lock held by syz-executor/16141: [ 695.091723][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091778][ T38] 1 lock held by syz-executor/16152: [ 695.091791][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091847][ T38] 1 lock held by syz-executor/16154: [ 695.091866][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091921][ T38] 1 lock held by syz-executor/16156: [ 695.091935][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.091990][ T38] 1 lock held by syz-executor/16162: [ 695.092004][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.092057][ T38] 2 locks held by kworker/u8:13/16164: [ 695.092071][ T38] 1 lock held by syz-executor/16166: [ 695.092084][ T38] #0: ffffffff8ecd3878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 695.092140][ T38] [ 695.092146][ T38] ============================================= [ 695.092146][ T38] [ 695.092170][ T38] NMI backtrace for cpu 1 [ 695.092203][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 695.092229][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 695.092243][ T38] Call Trace: [ 695.092252][ T38] [ 695.092263][ T38] dump_stack_lvl+0x189/0x250 [ 695.092303][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 695.092338][ T38] ? __pfx__printk+0x10/0x10 [ 695.092379][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 695.092413][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 695.092447][ T38] ? __pfx__printk+0x10/0x10 [ 695.092479][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 695.092511][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 695.092546][ T38] watchdog+0xf93/0xfe0 [ 695.092583][ T38] ? watchdog+0x1de/0xfe0 [ 695.092620][ T38] kthread+0x70e/0x8a0 [ 695.092660][ T38] ? __pfx_watchdog+0x10/0x10 [ 695.092688][ T38] ? __pfx_kthread+0x10/0x10 [ 695.092729][ T38] ? __pfx_kthread+0x10/0x10 [ 695.092772][ T38] ret_from_fork+0x436/0x7d0 [ 695.092807][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 695.092845][ T38] ? __switch_to_asm+0x39/0x70 [ 695.092874][ T38] ? __switch_to_asm+0x33/0x70 [ 695.092895][ T38] ? __pfx_kthread+0x10/0x10 [ 695.092931][ T38] ret_from_fork_asm+0x1a/0x30 [ 695.092972][ T38] [ 695.092981][ T38] Sending NMI from CPU 1 to CPUs 0: [ 695.093010][ C0] NMI backtrace for cpu 0 [ 695.093027][ C0] CPU: 0 UID: 0 PID: 16119 Comm: kworker/0:10 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 695.093049][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 695.093062][ C0] Workqueue: events_power_efficient neigh_periodic_work [ 695.093091][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x29/0x80 [ 695.093115][ C0] Code: 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 08 40 f6 91 65 8b 35 f8 d4 37 10 81 e6 00 00 ff 00 ba 00 01 00 00 23 91 0c 0b 00 00 <89> d7 09 f7 74 11 85 f6 75 39 85 d2 74 35 83 b9 d4 15 00 00 00 74 [ 695.093132][ C0] RSP: 0018:ffffc9000467e978 EFLAGS: 00000206 [ 695.093147][ C0] RAX: ffffffff8969b3e1 RBX: dffffc0000000000 RCX: ffff88802f001dc0 [ 695.093162][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000003 [ 695.093174][ C0] RBP: ffffc9000467ea90 R08: 0000000000000000 R09: ffff888030b8a000 [ 695.093187][ C0] R10: dffffc0000000000 R11: ffffed100653ddc1 R12: 1ffff920008cfd38 [ 695.093202][ C0] R13: ffff888035308000 R14: ffff888035308000 R15: ffff888023372a00 [ 695.093217][ C0] FS: 0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000 [ 695.093233][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 695.093246][ C0] CR2: 00007f8b7d4e5f40 CR3: 000000000d7a6000 CR4: 00000000003526f0 [ 695.093262][ C0] Call Trace: [ 695.093269][ C0] [ 695.093275][ C0] nf_hook+0x91/0x380 [ 695.093299][ C0] ? __pfx_nf_hook+0x10/0x10 [ 695.093325][ C0] ? ip_fast_csum+0x1ee/0x2b0 [ 695.093348][ C0] __ip_local_out+0x4db/0x600 [ 695.093365][ C0] ? __pfx_dst_output+0x10/0x10 [ 695.093385][ C0] ip_local_out+0x26/0x70 [ 695.093404][ C0] synproxy_send_client_synack+0x8bb/0xe20 [ 695.093443][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 695.093471][ C0] ? nft_synproxy_do_eval+0x298/0x570 [ 695.093493][ C0] ? synproxy_pernet+0x45/0x270 [ 695.093516][ C0] nft_synproxy_eval_v4+0x36e/0x560 [ 695.093541][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 695.093564][ C0] ? nf_ip_checksum+0x13c/0x510 [ 695.093587][ C0] nft_synproxy_do_eval+0x345/0x570 [ 695.093623][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 695.093655][ C0] nft_do_chain+0x40c/0x1920 [ 695.093686][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 695.093730][ C0] nft_do_chain_inet+0x25d/0x340 [ 695.093750][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 695.093770][ C0] ? __lock_acquire+0xab9/0xd20 [ 695.093802][ C0] ? NF_HOOK+0x9a/0x3a0 [ 695.093828][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 695.093849][ C0] nf_hook_slow+0xc2/0x220 [ 695.093881][ C0] NF_HOOK+0x206/0x3a0 [ 695.093908][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 695.093935][ C0] ? NF_HOOK+0x9a/0x3a0 [ 695.093960][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 695.093985][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 695.094013][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 695.094041][ C0] ? skb_dst+0x4f/0xd0 [ 695.094067][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 695.094096][ C0] NF_HOOK+0x30c/0x3a0 [ 695.094124][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 695.094150][ C0] ? NF_HOOK+0x9a/0x3a0 [ 695.094175][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 695.094202][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 695.094236][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 695.094261][ C0] __netif_receive_skb+0x143/0x380 [ 695.094284][ C0] ? rt_spin_unlock+0x65/0x80 [ 695.094311][ C0] ? process_backlog+0x27b/0x900 [ 695.094335][ C0] process_backlog+0x31e/0x900 [ 695.094368][ C0] __napi_poll+0xb3/0x540 [ 695.094395][ C0] net_rx_action+0x707/0xe00 [ 695.094432][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 695.094460][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 695.094494][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 695.094522][ C0] handle_softirqs+0x22f/0x710 [ 695.094551][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 695.094687][ C0] __local_bh_enable_ip+0x179/0x270 [ 695.094722][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 695.094746][ C0] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 695.094771][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 695.094807][ C0] ? neigh_periodic_work+0x57/0xe90 [ 695.094834][ C0] neigh_periodic_work+0xc37/0xe90 [ 695.094864][ C0] ? neigh_periodic_work+0x57/0xe90 [ 695.094890][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 695.094915][ C0] process_scheduled_works+0xade/0x17b0 [ 695.094958][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 695.094993][ C0] worker_thread+0x8a0/0xda0 [ 695.095033][ C0] kthread+0x70e/0x8a0 [ 695.095064][ C0] ? __pfx_worker_thread+0x10/0x10 [ 695.095088][ C0] ? __pfx_kthread+0x10/0x10 [ 695.095120][ C0] ? __pfx_kthread+0x10/0x10 [ 695.095149][ C0] ret_from_fork+0x436/0x7d0 [ 695.095174][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 695.095202][ C0] ? __switch_to_asm+0x39/0x70 [ 695.095220][ C0] ? __switch_to_asm+0x33/0x70 [ 695.095238][ C0] ? __pfx_kthread+0x10/0x10 [ 695.095266][ C0] ret_from_fork_asm+0x1a/0x30 [ 695.095294][ C0] [ 695.715297][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 695.715321][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 695.715348][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 695.715362][ T38] Call Trace: [ 695.715371][ T38] [ 695.715382][ T38] dump_stack_lvl+0x99/0x250 [ 695.715421][ T38] ? __asan_memcpy+0x40/0x70 [ 695.715447][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 695.715482][ T38] ? __pfx__printk+0x10/0x10 [ 695.715522][ T38] vpanic+0x281/0x750 [ 695.715560][ T38] ? __pfx_vpanic+0x10/0x10 [ 695.715593][ T38] ? preempt_schedule+0xae/0xc0 [ 695.715630][ T38] ? preempt_schedule_common+0x83/0xd0 [ 695.715673][ T38] panic+0xb9/0xc0 [ 695.715705][ T38] ? __pfx_panic+0x10/0x10 [ 695.715742][ T38] ? preempt_schedule_thunk+0x16/0x30 [ 695.715777][ T38] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 695.715812][ T38] watchdog+0xfd2/0xfe0 [ 695.715848][ T38] ? watchdog+0x1de/0xfe0 [ 695.715893][ T38] kthread+0x70e/0x8a0 [ 695.715933][ T38] ? __pfx_watchdog+0x10/0x10 [ 695.715962][ T38] ? __pfx_kthread+0x10/0x10 [ 695.716004][ T38] ? __pfx_kthread+0x10/0x10 [ 695.716042][ T38] ret_from_fork+0x436/0x7d0 [ 695.716076][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 695.716114][ T38] ? __switch_to_asm+0x39/0x70 [ 695.716134][ T38] ? __switch_to_asm+0x33/0x70 [ 695.716155][ T38] ? __pfx_kthread+0x10/0x10 [ 695.716192][ T38] ret_from_fork_asm+0x1a/0x30 [ 695.716233][ T38] [ 695.716519][ T38] Kernel Offset: disabled