last executing test programs: 5m58.68882353s ago: executing program 1 (id=347): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f00000003c0)=0x2, 0x7) 5m58.526038721s ago: executing program 1 (id=349): r0 = socket(0x10, 0x3, 0x0) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46380e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec1567e866497bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a9031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f7500", 0x2000, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000009740)=ANY=[@ANYBLOB="280000001200170a26bd70000000000007000000"], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x0) 5m58.387573432s ago: executing program 1 (id=351): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000b19000/0x3000)=nil, 0x3000, 0x2000000, 0x28011, r0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000100)=@ethtool_coalesce={0x12, 0x0, 0x9, 0x6, 0xe, 0xc, 0x0, 0xc0000000, 0x2, 0x33, 0x5, 0x7, 0x3, 0x6, 0x7f, 0xfffffffc, 0x0, 0x2, 0x80000000, 0x5, 0x1ff, 0xfffffff9, 0xa}}) 5m58.211763057s ago: executing program 1 (id=354): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x204) 5m57.961803721s ago: executing program 1 (id=360): syz_clone(0x800, &(0x7f0000000180)="fa344c1735b8a61f764d74840c1c6fdf77792050be5774bf22fd5ec71f4268873640a7", 0x23, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="08004e01"], 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x4) 5m57.56909576s ago: executing program 1 (id=365): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) ioctl$DMA_BUF_SET_NAME_A(r2, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00') 5m57.156661381s ago: executing program 32 (id=365): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) ioctl$DMA_BUF_SET_NAME_A(r2, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00') 2m27.167850829s ago: executing program 4 (id=3402): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, 0x0, &(0x7f0000000240)) 2m27.067343703s ago: executing program 4 (id=3405): writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f00000001c0)="390000fa461ad7e48489bffa56020013001118680907071200000f0000ff3f21000000170a00170000000004001400100003000131d7b2d0370a00f302415af0083f52b3ac322264dd2429f5160fe70b54eec0", 0x53}], 0x1) r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01) setreuid(0x0, 0xee00) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r0]) 2m26.876404807s ago: executing program 4 (id=3409): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000002800)=[{{&(0x7f0000000000)={0xa, 0x4e25, 0x6, @dev={0xfe, 0x80, '\x00', 0x2a}, 0x5}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000100)="93", 0x1}], 0x1}}], 0x1, 0xc010) shutdown(r0, 0x1) getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b) 2m26.756424652s ago: executing program 4 (id=3413): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) rename(&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='./file1\x00') 2m26.618654268s ago: executing program 4 (id=3416): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 2m26.05979235s ago: executing program 4 (id=3425): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000400eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 2m25.853193262s ago: executing program 33 (id=3425): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000400eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 3.038073055s ago: executing program 5 (id=5498): r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x100000001) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @dev}, 0x10) close(r0) 2.921223506s ago: executing program 5 (id=5502): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0xffff, @local}]}, &(0x7f0000000440)=0x10) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={r1, 0x7}, 0x8) 2.71285676s ago: executing program 5 (id=5506): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000240)) 1.942453805s ago: executing program 0 (id=5517): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0900000000000000000002000000140001"], 0x28}}, 0x0) 1.765555811s ago: executing program 5 (id=5521): r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000440)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000700)={0x0, 0x0, r2, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000480)={0x0, 0x0, r2, r3, 0x0, 0x2, 0x6, 0x200, {0x100, 0x7f, 0x180, 0x30b8, 0xfdfc, 0x2025, 0x3, 0x4, 0x3e40, 0x3, 0xfffe, 0x9, 0x2, 0x1, "12d5d7287bd287881d942450c7153a3243937ca92a4ccc476b1500"}}) 1.625972911s ago: executing program 5 (id=5523): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000099000040"]) 1.42364903s ago: executing program 5 (id=5526): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd9, 0x72, 0xa4, 0x40, 0x20b7, 0x1540, 0xb75a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000500)={0x34, &(0x7f00000001c0)={0x20, 0x10, 0x1, '\b'}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f00000009c0)=ANY=[@ANYBLOB='@\x00='], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000840)={0x2c, &(0x7f0000000640)={0x20, 0x13, 0x5, "e87eaedbee"}, 0x0, 0x0, 0x0, 0x0}) 1.202556854s ago: executing program 3 (id=5531): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0) 1.157190033s ago: executing program 3 (id=5532): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x60140, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)=0x5) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000140)={0x0, 0x0}) 1.07121551s ago: executing program 3 (id=5533): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @time={0x5, 0x6}, {0x40, 0xff}, {0x0, 0x9}, @note={0x3, 0x0, 0x0, 0xc0, 0xc0}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @time=@time={0x9, 0x1}}], 0x38) read$snapshot(r1, 0x0, 0xffffffbf) read$FUSE(r1, 0x0, 0x0) 1.070755134s ago: executing program 3 (id=5534): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000) syz_open_procfs$namespace(0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000003c0)='ns/pid_for_children\x00') 1.001181218s ago: executing program 0 (id=5535): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8401000010"], 0x184}}, 0x0) 861.773405ms ago: executing program 2 (id=5536): r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) setreuid(0x0, 0xee01) syz_clone3(&(0x7f0000000340)={0x200000000, 0x0, 0x0, 0x0, {0x3a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) 723.655454ms ago: executing program 0 (id=5537): mkdir(&(0x7f00000003c0)='./file0\x00', 0x21) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mkdir(&(0x7f0000000200)='./bus\x00', 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@userxattr}]}) 630.085044ms ago: executing program 2 (id=5538): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000280)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000001c0)={0x0, 0x0, r2, r3, 0x8, 0x2, 0x3, 0x9, {0x26, 0xa6, 0xa9b5, 0xa00, 0x0, 0x4, 0x100, 0x8, 0x6, 0x0, 0x8, 0x9, 0x4, 0x0, "4b303d47a4ff20e1adc5145d972e6b13c2c93f2f7b10a41c971bf63780e6cc37"}}) 570.237434ms ago: executing program 0 (id=5539): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="1a46339a22bd8c9a91334d31ca21b471252882101882f98cf04a3e59cba597b61aa2ab6320a39920bd4c", 0x2a}], 0x1, 0x0, 0x0, 0x10004814}}], 0x1, 0x480d0) recvmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x60) 391.677216ms ago: executing program 2 (id=5540): r0 = landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) r1 = open(&(0x7f0000000280)='.\x00', 0x141080, 0x0) fcntl$notify(r1, 0x402, 0x8000003d) symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 373.14349ms ago: executing program 0 (id=5541): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @multicast2}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4) bind$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) 311.693799ms ago: executing program 2 (id=5542): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x1b, 0x0, 0x7}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000000100000002"]) 218.562656ms ago: executing program 3 (id=5543): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f0000000280)=':', 0x1, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0x2, @empty}, 0x1c) shutdown(r0, 0x1) 213.287127ms ago: executing program 0 (id=5544): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0xb5, 0x40, 0x33, 0x40, 0x1a86, 0x7522, 0x3536, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe4, 0xd6, 0x24}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000040)={0x1c, &(0x7f0000000180)={0x40, 0x3, 0x2, '#\t'}, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 108.217579ms ago: executing program 3 (id=5545): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000440)="2e9b5b0007e03dd65193dfb6c575963f000d", 0x12}, {&(0x7f0000000100)="051ae2", 0x3}, {&(0x7f0000000300)="4204f7198b2702e0caf2", 0xa}], 0x3) 47.704543ms ago: executing program 2 (id=5546): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) 0s ago: executing program 2 (id=5547): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x4, 0x20}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x400, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0x7, 0x4, 0x7, 0x0, 0x2, {[@window={0x9, 0x3}, @sack_perm={0x4, 0x2}]}}}}}}, 0x3e) kernel console output (not intermixed with test programs): g dummy_hcd [ 285.290327][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 285.300269][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 285.315878][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 285.327338][ T9] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 285.337314][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.350704][ T9] usb 5-1: config 0 descriptor?? [ 285.799419][ T9] uclogic 0003:5543:0522.0011: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.4-1/input0 [ 285.995996][ T5910] usb 5-1: USB disconnect, device number 23 [ 286.910696][ T5910] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 287.073392][ T5910] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 287.082340][ T5910] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 287.093525][ T5910] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 287.103075][ T5910] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 287.114562][ T5910] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 287.132925][ T5910] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 287.143774][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 287.158628][ T5910] usb 3-1: Product: syz [ 287.166433][ T5910] usb 3-1: Manufacturer: syz [ 287.207081][ T5910] cdc_wdm 3-1:1.0: skipping garbage [ 287.217123][ T5910] cdc_wdm 3-1:1.0: skipping garbage [ 287.226720][ T5910] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 287.233742][ T5910] cdc_wdm 3-1:1.0: Unknown control protocol [ 287.419511][ T5860] usb 3-1: USB disconnect, device number 28 [ 288.193869][T12109] program syz.2.2639 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 289.030258][ T5860] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 289.192379][ T5860] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 289.211488][ T5860] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 289.229940][ T5860] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 289.243979][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 289.254741][ T5860] usb 3-1: SerialNumber: syz [ 289.277687][T12164] __nla_validate_parse: 5 callbacks suppressed [ 289.277706][T12164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2665'. [ 289.495010][ T5860] usb 3-1: 0:2 : does not exist [ 289.540174][ T5860] usb 3-1: USB disconnect, device number 29 [ 289.598667][ T5859] udevd[5859]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 291.586523][T12244] 9pnet_fd: Insufficient options for proto=fd [ 292.192454][T12275] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2718'. [ 292.981221][T12314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2738'. [ 293.481933][T12340] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2748'. [ 293.889267][T12360] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2754'. [ 294.068272][T12366] C: renamed from team_slave_0 (while UP) [ 294.095465][T12366] netlink: 'syz.4.2758': attribute type 2 has an invalid length. [ 294.105701][T12366] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2758'. [ 294.145883][T12366] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 296.370755][ T51] Bluetooth: hci4: command 0x1003 tx timeout [ 296.377292][ T5863] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 296.421298][T12448] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2788'. [ 296.483865][T12450] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2789'. [ 296.680172][ T30] audit: type=1326 audit(1752115925.986:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12457 comm="syz.4.2792" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7eb2b8e929 code=0x0 [ 297.000651][T12476] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0) [ 297.564097][T12504] pimreg: entered allmulticast mode [ 297.576859][T12504] pimreg: left allmulticast mode [ 297.686249][T12508] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2815'. [ 297.802885][T12514] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2819'. [ 298.022600][ T5860] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 298.200314][ T5860] usb 5-1: Using ep0 maxpacket: 8 [ 298.208645][ T5860] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 298.219942][ T5860] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 298.229109][ T5860] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.239714][ T5860] usb 5-1: config 0 descriptor?? [ 298.435940][T12530] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2826'. [ 298.461738][ T5860] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 298.657590][ T5910] usb 5-1: USB disconnect, device number 24 [ 298.860519][ T5860] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 299.050211][ T5860] usb 3-1: Using ep0 maxpacket: 8 [ 299.056955][ T5860] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 299.067462][ T5860] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 299.076837][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.088124][ T5860] usb 3-1: config 0 descriptor?? [ 299.099738][ T5860] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 299.288647][T12547] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2834'. [ 299.904997][ T5860] gspca_vc032x: reg_w err -71 [ 299.919561][ T5860] vc032x 3-1:0.0: probe with driver vc032x failed with error -71 [ 299.941623][ T5860] usb 3-1: USB disconnect, device number 30 [ 300.718061][T12600] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 301.404580][ T43] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 301.452644][ T43] hid-generic 0000:0000:0000.0012: hidraw0: HID v0.00 Device [syz1] on syz0 [ 301.670275][ T24] usb 5-1: new full-speed USB device number 25 using dummy_hcd [ 301.859207][ T24] usb 5-1: config 0 has no interfaces? [ 301.870894][ T24] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 301.902452][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 301.920166][ T24] usb 5-1: SerialNumber: syz [ 301.934670][ T24] usb 5-1: config 0 descriptor?? [ 302.164584][ T5910] usb 5-1: USB disconnect, device number 25 [ 302.448343][T12675] team0: No ports can be present during mode change [ 303.497743][T12721] Invalid ELF header len 16 [ 303.753758][T12731] kvm: kvm [12730]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000074) = 0x0 [ 305.031234][T12775] block nbd4: not configured, cannot reconfigure [ 305.457776][T12791] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2946'. [ 305.685593][T12791] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2946'. [ 305.698543][T12794] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2946'. [ 306.090246][ T5910] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 306.284419][ T5910] usb 5-1: Using ep0 maxpacket: 8 [ 306.296586][ T5910] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 306.317557][ T5910] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 306.335178][ T5910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.360325][ T5910] usb 5-1: config 0 descriptor?? [ 306.377419][ T5910] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 307.046361][T12867] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2982'. [ 307.058212][T12867] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2982'. [ 307.069639][T12867] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2982'. [ 307.206131][ T5910] gspca_vc032x: reg_w err -71 [ 307.230240][ T5910] vc032x 5-1:0.0: probe with driver vc032x failed with error -71 [ 307.268049][ T5910] usb 5-1: USB disconnect, device number 26 [ 307.289497][T12880] blk_print_req_error: 138 callbacks suppressed [ 307.289521][T12880] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.346714][T12880] buffer_io_error: 1 callbacks suppressed [ 307.346740][T12880] Buffer I/O error on dev nbd0, logical block 0, async page read [ 307.380419][T12880] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.410203][T12880] Buffer I/O error on dev nbd0, logical block 1, async page read [ 307.438986][T12880] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.459209][T12880] Buffer I/O error on dev nbd0, logical block 2, async page read [ 307.477766][T12880] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.497548][T12880] Buffer I/O error on dev nbd0, logical block 3, async page read [ 307.517108][T12880] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.547341][T12880] Buffer I/O error on dev nbd0, logical block 0, async page read [ 307.560443][T12880] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.580544][T12880] Buffer I/O error on dev nbd0, logical block 1, async page read [ 307.588558][T12880] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.620251][T12880] Buffer I/O error on dev nbd0, logical block 2, async page read [ 307.639014][T12880] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.660544][T12880] Buffer I/O error on dev nbd0, logical block 3, async page read [ 307.667183][T12889] netlink: 'syz.2.2992': attribute type 83 has an invalid length. [ 307.668614][T12880] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.709491][T12880] Buffer I/O error on dev nbd0, logical block 0, async page read [ 307.719048][T12880] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3 [ 307.729459][T12880] Buffer I/O error on dev nbd0, logical block 1, async page read [ 307.778059][T12880] ldm_validate_partition_table(): Disk read failed. [ 307.802696][T12880] Dev nbd0: unable to read RDB block 0 [ 307.828998][T12880] nbd0: unable to read partition table [ 308.387670][T12908] netlink: 'syz.2.3000': attribute type 29 has an invalid length. [ 308.771224][T12924] overlayfs: failed lookup in lower (/, name='file0', err=-66): unsupported object type [ 309.017477][T12936] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3013'. [ 309.043959][T12934] netlink: 'syz.4.3012': attribute type 29 has an invalid length. [ 309.129908][T12942] blkio.reset_stats is deprecated [ 310.463930][T13003] input: syz0 as /devices/virtual/input/input25 [ 310.955188][T13025] netlink: 'syz.4.3055': attribute type 29 has an invalid length. [ 310.980316][T13025] netlink: 'syz.4.3055': attribute type 29 has an invalid length. [ 311.004495][T13025] netlink: 'syz.4.3055': attribute type 29 has an invalid length. [ 311.489870][T13052] netlink: 'syz.2.3068': attribute type 29 has an invalid length. [ 311.503394][T13052] netlink: 'syz.2.3068': attribute type 29 has an invalid length. [ 311.514517][T13052] netlink: 'syz.2.3068': attribute type 29 has an invalid length. [ 311.869221][T13069] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3078'. [ 312.837365][T13122] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 313.022104][T13130] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 313.070404][T13132] tun0: tun_chr_ioctl cmd 1074025675 [ 313.075926][T13132] tun0: persist disabled [ 313.450352][ T43] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 313.525928][ T30] audit: type=1326 audit(1752115942.836:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.555694][ T30] audit: type=1326 audit(1752115942.856:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.584750][ T30] audit: type=1326 audit(1752115942.856:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.609161][ T30] audit: type=1326 audit(1752115942.856:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.637759][ T30] audit: type=1326 audit(1752115942.856:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.663368][ T30] audit: type=1326 audit(1752115942.856:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.670582][ T43] usb 5-1: Using ep0 maxpacket: 16 [ 313.690886][ T30] audit: type=1326 audit(1752115942.856:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.698798][ T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 313.720524][ T30] audit: type=1326 audit(1752115942.856:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.767051][ T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 313.768347][ T30] audit: type=1326 audit(1752115942.856:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 313.794859][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 313.817903][ T43] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 313.833630][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.846538][ T43] usb 5-1: config 0 descriptor?? [ 314.220186][ T5860] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 314.303889][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.317222][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.340416][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.347697][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.355453][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.371562][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.380295][ T5860] usb 3-1: Using ep0 maxpacket: 8 [ 314.392121][ T5860] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 314.393199][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.415266][ T5860] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 314.430666][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.449169][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.453348][ T5860] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 314.460144][ T43] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0 [ 314.489288][ T5860] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 314.503759][ T43] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0013/input/input26 [ 314.537040][ T5860] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 314.549304][ T43] microsoft 0003:045E:07DA.0013: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 314.577362][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.621365][ T43] usb 5-1: USB disconnect, device number 27 [ 314.699099][T13191] fido_id[13191]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory [ 314.740740][ T5859] udevd[5859]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory [ 314.773064][ T5859] udevd[5859]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 314.835525][ T5860] usb 3-1: GET_CAPABILITIES returned 0 [ 314.850251][ T5860] usbtmc 3-1:16.0: can't read capabilities [ 315.046660][ T43] usb 3-1: USB disconnect, device number 31 [ 316.915034][ T30] audit: type=1326 audit(1752115946.226:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.3.3167" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f224d18e929 code=0x0 [ 317.338076][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.344799][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.966043][T13317] wg2: entered promiscuous mode [ 317.982936][T13317] wg2: entered allmulticast mode [ 318.706540][T13358] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3212'. [ 318.718900][T13358] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3212'. [ 318.728396][T13357] tap0: tun_chr_ioctl cmd 1074025677 [ 318.734050][T13357] tap0: linktype set to 776 [ 319.825597][T13412] overlay: Unknown parameter 'subj_type' [ 320.030670][ T5936] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 320.200306][ T5936] usb 5-1: Using ep0 maxpacket: 16 [ 320.207915][ T5936] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 320.218270][ T5936] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 320.229508][ T5936] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 320.238827][ T5936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.246940][ T5936] usb 5-1: Product: syz [ 320.251257][ T5936] usb 5-1: Manufacturer: syz [ 320.255863][ T5936] usb 5-1: SerialNumber: syz [ 320.471562][ T5936] usb 5-1: 0:2 : does not exist [ 320.495893][ T5936] usb 5-1: USB disconnect, device number 28 [ 320.619995][T13431] wg2: entered promiscuous mode [ 320.628491][T13431] wg2: entered allmulticast mode [ 321.020650][T13448] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3255'. [ 321.340024][T13462] overlay: Unknown parameter 'subj_type' [ 322.541408][T13515] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3286'. [ 322.797769][T13523] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3291'. [ 323.390296][ T5917] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 323.550153][ T5917] usb 5-1: Using ep0 maxpacket: 8 [ 323.557409][ T5917] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 323.567671][ T5917] usb 5-1: config 0 has no interface number 0 [ 323.574672][ T5917] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 323.587828][ T5917] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 323.599849][ T5917] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 323.611236][ T5917] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 323.624447][ T5917] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 323.633597][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.644809][ T5917] usb 5-1: config 0 descriptor?? [ 323.682517][ T5917] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 323.922434][ T5917] usb 5-1: USB disconnect, device number 29 [ 323.928515][ C0] ldusb 5-1:0.55: usb_submit_urb failed (-19) [ 323.953285][ T5917] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 324.146838][T13545] ldusb: No device or device unplugged -19 [ 324.528703][T13580] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3317'. [ 324.711174][T13589] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3324'. [ 324.861032][ T24] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 325.040229][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 325.059740][ T24] usb 3-1: config 0 has an invalid interface number: 12 but max is 0 [ 325.080262][ T24] usb 3-1: config 0 has no interface number 0 [ 325.086452][ T24] usb 3-1: config 0 interface 12 has no altsetting 0 [ 325.101541][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 325.115913][ T24] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 325.130216][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.138425][ T24] usb 3-1: Product: syz [ 325.153621][ T24] usb 3-1: Manufacturer: syz [ 325.158274][ T24] usb 3-1: SerialNumber: syz [ 325.178354][ T24] usb 3-1: config 0 descriptor?? [ 325.307576][T13617] loop7: detected capacity change from 0 to 524255232 [ 325.604544][T13625] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3340'. [ 326.018117][ T24] f81534 3-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71 [ 326.037861][ T24] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71 [ 326.056594][ T24] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 326.066982][ T24] f81534 3-1:0.12: probe with driver f81534 failed with error -71 [ 326.091509][T13645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3349'. [ 326.094989][ T24] usb 3-1: USB disconnect, device number 32 [ 327.640201][ T5917] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 327.648947][T13722] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3389'. [ 327.820480][ T5917] usb 3-1: Using ep0 maxpacket: 16 [ 327.832975][ T5917] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 327.844636][ T5917] usb 3-1: config 0 has no interface number 0 [ 327.851575][ T5917] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 327.862548][ T5917] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 327.876162][ T5917] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 327.886087][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.894765][ T5917] usb 3-1: Product: syz [ 327.899138][ T5917] usb 3-1: Manufacturer: syz [ 327.908060][ T5917] usb 3-1: SerialNumber: syz [ 327.929884][ T5917] usb 3-1: config 0 descriptor?? [ 327.940930][T13712] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 327.948339][T13712] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 328.177515][T13712] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 328.189519][T13712] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 328.198355][T13746] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3399'. [ 328.371231][ T5910] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 328.532944][ T5910] usb 5-1: config index 0 descriptor too short (expected 64679, got 72) [ 328.545094][ T5910] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 328.554587][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.562772][ T5910] usb 5-1: Product: syz [ 328.566982][ T5910] usb 5-1: Manufacturer: syz [ 328.571927][ T5910] usb 5-1: SerialNumber: syz [ 328.585179][ T5910] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 328.612344][ T24] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 328.806829][ T5917] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 328.824244][ T5917] asix 3-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 328.835818][ T5917] asix 3-1:0.251: probe with driver asix failed with error -71 [ 328.858123][ T5917] usb 3-1: USB disconnect, device number 33 [ 328.887064][ T5910] usb 5-1: USB disconnect, device number 30 [ 329.403432][T13748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3401'. [ 329.437068][T13748] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 329.633893][T13760] program syz.4.3405 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 329.655366][ T24] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 329.664640][ T24] ath9k_htc: Failed to initialize the device [ 329.672025][ T5910] usb 5-1: ath9k_htc: USB layer deinitialized [ 329.835518][T13771] overlay: filesystem on ./bus not supported [ 329.867757][T13775] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3411'. [ 329.878326][T13773] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3411'. [ 329.891847][T13775] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3411'. [ 331.057173][T13815] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3434'. [ 331.353036][T13828] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3438'. [ 331.376145][T13825] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3438'. [ 331.401563][T13828] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3438'. [ 331.418378][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 331.428517][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 331.437525][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 331.446059][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 331.454727][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 331.942660][T13829] chnl_net:caif_netlink_parms(): no params data found [ 332.243229][T13829] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.250738][T13829] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.258406][T13829] bridge_slave_0: entered allmulticast mode [ 332.282828][T13829] bridge_slave_0: entered promiscuous mode [ 332.293405][T13829] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.301252][T13829] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.308516][T13829] bridge_slave_1: entered allmulticast mode [ 332.317331][T13829] bridge_slave_1: entered promiscuous mode [ 332.428213][T13829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 332.444999][T13829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 332.594535][T13829] team0: Port device team_slave_0 added [ 332.614358][T13829] team0: Port device team_slave_1 added [ 332.735041][T13829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 332.758331][T13829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 332.848918][T13829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 332.878330][T13829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 332.907643][T13829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 332.944586][T13829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 333.094872][ T59] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.239640][T13829] hsr_slave_0: entered promiscuous mode [ 333.255694][T13829] hsr_slave_1: entered promiscuous mode [ 333.269772][T13829] debugfs: 'hsr0' already exists in 'hsr' [ 333.278987][T13829] Cannot create hsr debugfs directory [ 333.326270][ T59] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.493989][ T51] Bluetooth: hci1: command tx timeout [ 333.509421][ T59] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.616609][ T59] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.001530][T13903] netlink: 'syz.2.3471': attribute type 83 has an invalid length. [ 334.135990][T13905] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3472'. [ 334.150464][ T59] bridge_slave_1: left allmulticast mode [ 334.156175][ T59] bridge_slave_1: left promiscuous mode [ 334.168024][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.188917][ T59] bridge_slave_0: left allmulticast mode [ 334.198362][ T59] bridge_slave_0: left promiscuous mode [ 334.218303][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.205354][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 335.229506][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 335.244431][ T59] bond0 (unregistering): Released all slaves [ 335.388328][T13829] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 335.465266][T13829] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 335.499420][T13829] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 335.577353][ T51] Bluetooth: hci1: command tx timeout [ 335.624845][T13829] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 336.001614][ T59] hsr_slave_0: left promiscuous mode [ 336.020255][ T59] hsr_slave_1: left promiscuous mode [ 336.036686][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 336.066204][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 336.085380][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.093981][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 336.155705][ T59] veth1_macvtap: left promiscuous mode [ 336.164982][ T59] veth0_macvtap: left promiscuous mode [ 336.183956][ T59] veth1_vlan: left promiscuous mode [ 336.189344][ T59] veth0_vlan: left promiscuous mode [ 337.069263][ T59] team0 (unregistering): Port device team_slave_1 removed [ 337.121445][ T59] team0 (unregistering): Port device C removed [ 337.650838][ T51] Bluetooth: hci1: command tx timeout [ 337.695039][T13829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 337.730602][T13829] 8021q: adding VLAN 0 to HW filter on device team0 [ 337.773568][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.780778][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 337.799947][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.807138][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 338.248382][T13829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 338.664106][T13829] veth0_vlan: entered promiscuous mode [ 338.678975][T13829] veth1_vlan: entered promiscuous mode [ 338.736704][T13829] veth0_macvtap: entered promiscuous mode [ 338.749357][T13829] veth1_macvtap: entered promiscuous mode [ 338.791850][T13829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 338.813892][T13829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 338.837541][ T4082] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 338.865562][ T4082] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 338.893614][ T4082] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 338.948783][ T59] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.038093][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 339.067438][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 339.118450][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 339.127329][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 339.563266][T14007] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3483'. [ 339.634199][T14007] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3483'. [ 339.662170][T14012] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3483'. [ 339.737325][ T51] Bluetooth: hci1: command tx timeout [ 339.845704][T14017] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3486'. [ 340.252355][T14036] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3498'. [ 340.270206][T14036] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3498'. [ 341.595041][T14079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3512'. [ 342.210803][ T5910] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 342.370303][ T5910] usb 3-1: Using ep0 maxpacket: 8 [ 342.383091][ T5910] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 342.400834][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.431303][ T5910] pvrusb2: Hardware description: Terratec Grabster AV400 [ 342.438472][ T5910] pvrusb2: ********** [ 342.457532][ T5910] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 342.488913][ T5910] pvrusb2: Important functionality might not be entirely working. [ 342.524832][ T5910] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 342.554469][ T5910] pvrusb2: ********** [ 342.633963][ T2346] pvrusb2: Invalid write control endpoint [ 342.739600][ T2346] pvrusb2: Invalid write control endpoint [ 342.753438][ T2346] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 342.764736][ T2346] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 342.791512][ T2346] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 342.824450][ T2346] pvrusb2: Device being rendered inoperable [ 342.847943][ T2346] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 342.872666][ T10] usb 3-1: USB disconnect, device number 34 [ 342.901215][ T2346] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 342.915607][ T2346] pvrusb2: Attached sub-driver cx25840 [ 342.927963][ T2346] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 342.978646][ T2346] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 344.098423][T14179] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3552'. [ 344.488609][T14195] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3548'. [ 344.529190][T14195] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3548'. [ 345.570662][ T9] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 345.750495][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 345.762366][ T9] usb 3-1: config 0 has no interfaces? [ 345.778403][ T9] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 345.806602][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.828595][ T9] usb 3-1: config 0 descriptor?? [ 346.071373][ T9] usb 3-1: USB disconnect, device number 35 [ 346.818988][T14283] program syz.5.3590 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 346.929054][T14288] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 350.365926][T14423] __nla_validate_parse: 1 callbacks suppressed [ 350.365947][T14423] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3645'. [ 350.384802][T14423] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3645'. [ 350.482122][T14426] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3648'. [ 350.496531][T14426] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3648'. [ 350.513127][T14426] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3648'. [ 351.420218][ T10] usb 3-1: new full-speed USB device number 36 using dummy_hcd [ 351.507579][T14465] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3672'. [ 351.519344][T14465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3672'. [ 351.588093][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 351.609541][ T10] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00 [ 351.628910][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.651596][ T10] usb 3-1: config 0 descriptor?? [ 351.887165][T14454] netlink: 312 bytes leftover after parsing attributes in process `syz.2.3659'. [ 351.917485][ T10] usbhid 3-1:0.0: can't add hid device: -71 [ 351.925995][ T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 351.955053][ T10] usb 3-1: USB disconnect, device number 36 [ 352.499445][T14505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3674'. [ 352.544375][T14505] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3674'. [ 352.902361][T14521] ªªªªªª†³?ÂHº: renamed from lo (while UP) [ 353.612803][ T51] Bluetooth: hci1: ISO packet too small [ 353.734155][T14565] raw_sendmsg: syz.3.3702 forgot to set AF_INET. Fix it! [ 353.890738][ T10] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 354.040669][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 354.052194][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 354.062839][T14575] netlink: 'syz.5.3706': attribute type 27 has an invalid length. [ 354.071133][ T10] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 354.087012][ T10] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 354.100582][ T10] usb 3-1: config 0 interface 0 has no altsetting 0 [ 354.107506][ T10] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 354.117180][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.147188][ T10] usb 3-1: config 0 descriptor?? [ 354.590507][ T10] hid-thrustmaster 0003:044F:B65D.0014: unknown main item tag 0x0 [ 354.623078][T14593] netlink: 'syz.3.3715': attribute type 27 has an invalid length. [ 354.629931][ T10] hid-thrustmaster 0003:044F:B65D.0014: unknown main item tag 0x0 [ 354.639830][ T10] hid-thrustmaster 0003:044F:B65D.0014: unknown main item tag 0x0 [ 354.654790][ T10] hid-thrustmaster 0003:044F:B65D.0014: unknown main item tag 0x0 [ 354.666226][ T10] hid-thrustmaster 0003:044F:B65D.0014: unknown main item tag 0x0 [ 354.700618][ T10] hid-thrustmaster 0003:044F:B65D.0014: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0 [ 354.735385][ T10] hid-thrustmaster 0003:044F:B65D.0014: Wrong number of endpoints? [ 354.893837][ C0] hid-thrustmaster 0003:044F:B65D.0014: Unknown packet type 0x0, unable to proceed further with wheel init [ 355.116283][ T43] usb 3-1: USB disconnect, device number 37 [ 355.537127][T14630] __nla_validate_parse: 3 callbacks suppressed [ 355.537149][T14630] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3727'. [ 355.679932][T14637] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3730'. [ 355.720149][T14637] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3730'. [ 356.009195][T14649] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3735'. [ 356.126939][T14656] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3738'. [ 356.156515][T14656] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3738'. [ 356.171723][T14656] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3738'. [ 356.309049][T14665] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3741'. [ 356.333262][T14665] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3741'. [ 357.570471][ T10] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 357.740167][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 357.747790][ T10] usb 3-1: config 0 has an invalid interface number: 184 but max is 0 [ 357.774693][ T10] usb 3-1: config 0 has no interface number 0 [ 357.790294][ T10] usb 3-1: config 0 interface 184 has no altsetting 0 [ 357.803694][ T10] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 357.820205][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.841227][ T10] usb 3-1: Product: syz [ 357.845451][ T10] usb 3-1: Manufacturer: syz [ 357.852975][ T10] usb 3-1: SerialNumber: syz [ 357.883232][ T10] usb 3-1: config 0 descriptor?? [ 357.899206][ T10] smsc75xx v1.0.0 [ 358.273477][T14738] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3760'. [ 358.713938][ T10] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71 [ 358.742478][ T10] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 358.756349][ T10] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 358.773917][ T10] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 358.784910][ T10] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 358.799953][ T10] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 358.816727][ T10] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71 [ 358.869823][ T10] usb 3-1: USB disconnect, device number 38 [ 360.252616][ T24] usb 3-1: new full-speed USB device number 39 using dummy_hcd [ 360.470586][ T24] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 360.487196][ T24] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 360.521991][ T24] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 360.550129][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.012030][ T24] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 361.050726][ T24] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input31 [ 361.134935][ T24] input: failed to attach handler kbd to device input31, error: -5 [ 361.188407][T14853] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 361.221511][ T24] usb 3-1: USB disconnect, device number 39 [ 361.823350][T14878] C: renamed from team_slave_0 (while UP) [ 361.858973][T14878] netlink: 'syz.5.3806': attribute type 1 has an invalid length. [ 361.884702][T14878] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 362.030209][ T5910] usb 3-1: new full-speed USB device number 40 using dummy_hcd [ 362.195497][ T5910] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 362.238391][ T5910] usb 3-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 362.249204][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.273500][ T5910] usb 3-1: Product: syz [ 362.277718][ T5910] usb 3-1: Manufacturer: syz [ 362.313078][ T5910] usb 3-1: SerialNumber: syz [ 362.329977][ T5910] usb 3-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 363.149411][ T5910] usb 3-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 363.207850][ T5910] usb 3-1: USB disconnect, device number 40 [ 363.253809][T14937] __nla_validate_parse: 2 callbacks suppressed [ 363.253832][T14937] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3828'. [ 363.285800][T14936] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3828'. [ 363.314665][T14937] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3828'. [ 364.119343][T14973] use of bytesused == 0 is deprecated and will be removed in the future, [ 364.130007][T14973] use the actual size instead. [ 364.634382][T14994] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3853'. [ 364.644325][T14993] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3853'. [ 364.654023][T14994] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3853'. [ 364.730662][ T5917] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 364.780641][ T5860] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 364.892342][ T5917] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 364.901430][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 364.910568][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 364.921614][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 364.929370][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 364.939782][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 364.950736][ T5860] usb 3-1: Using ep0 maxpacket: 32 [ 364.955988][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 364.965902][ T5860] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 364.975023][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 364.984001][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.992110][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 365.004989][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 365.012878][ T5860] usb 3-1: config 0 descriptor?? [ 365.025367][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 365.050204][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 365.077386][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 365.086988][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 365.116563][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 365.140260][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 365.156122][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 365.180834][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 365.203744][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 365.221533][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 365.231107][ T5860] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 365.250426][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 365.264051][ T5860] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 365.275419][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 365.293598][ T5860] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 365.304542][ T5917] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 365.313567][ T5860] usb 3-1: media controller created [ 365.330137][ T5917] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 365.360340][ T5917] usb 6-1: config 0 interface 0 has no altsetting 0 [ 365.370404][ T5917] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 365.382974][ T5860] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 365.391816][ T5917] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 365.401933][ T5917] usb 6-1: Product: syz [ 365.406223][ T5917] usb 6-1: Manufacturer: syz [ 365.411838][ T5917] usb 6-1: SerialNumber: syz [ 365.436863][ T5917] usb 6-1: config 0 descriptor?? [ 365.466269][ T5860] az6027: usb out operation failed. (-71) [ 365.473279][ T5917] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 365.492690][ T5860] az6027: usb out operation failed. (-71) [ 365.498788][ T5860] stb0899_attach: Driver disabled by Kconfig [ 365.509788][ T5860] az6027: no front-end attached [ 365.509788][ T5860] [ 365.520218][ T5860] az6027: usb out operation failed. (-71) [ 365.526040][ T5860] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 365.564115][ T5860] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input32 [ 365.616096][ T5860] dvb-usb: schedule remote query interval to 400 msecs. [ 365.640363][ T5860] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 365.670411][ T5860] usb 3-1: USB disconnect, device number 41 [ 365.769968][ T9] usb 6-1: USB disconnect, device number 2 [ 365.796501][ T9] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 365.817000][ T5860] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 366.165018][T15023] netlink: 'syz.0.3866': attribute type 1 has an invalid length. [ 366.174621][T15023] netlink: 624 bytes leftover after parsing attributes in process `syz.0.3866'. [ 366.806264][T15036] netlink: 'syz.5.3871': attribute type 3 has an invalid length. [ 366.828076][T15036] netlink: 108 bytes leftover after parsing attributes in process `syz.5.3871'. [ 366.907602][T15042] overlayfs: missing 'workdir' [ 367.130572][T15052] sctp: [Deprecated]: syz.0.3880 (pid 15052) Use of struct sctp_assoc_value in delayed_ack socket option. [ 367.130572][T15052] Use struct sctp_sack_info instead [ 367.510924][T15069] overlayfs: missing 'workdir' [ 368.022913][T15097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3901'. [ 368.940174][ T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 369.113027][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 369.125503][ T24] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 369.150205][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.177354][ T24] usb 6-1: config 0 descriptor?? [ 369.392819][ T24] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 369.430703][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 369.461071][ T24] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 369.472178][ T24] usb 6-1: media controller created [ 369.506963][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 369.598111][ T24] az6027: usb out operation failed. (-71) [ 369.614622][ T24] az6027: usb out operation failed. (-71) [ 369.624345][ T24] stb0899_attach: Driver disabled by Kconfig [ 369.641518][ T24] az6027: no front-end attached [ 369.641518][ T24] [ 369.651403][ T24] az6027: usb out operation failed. (-71) [ 369.657177][ T24] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 369.695408][ T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input33 [ 369.740896][ T24] dvb-usb: schedule remote query interval to 400 msecs. [ 369.768347][ T24] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 369.795639][ T24] usb 6-1: USB disconnect, device number 3 [ 369.955138][ T24] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 370.251553][T15178] input: syz1 as /devices/virtual/input/input34 [ 370.427668][T15186] program syz.2.3944 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 371.324880][T15226] overlay: ./file0 is not a directory [ 371.849072][T15252] netlink: 188 bytes leftover after parsing attributes in process `syz.2.3976'. [ 372.618805][T15275] program syz.2.3986 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 372.628865][T15277] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 373.444908][T15307] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 374.280553][T15325] netlink: 88 bytes leftover after parsing attributes in process `syz.2.4010'. [ 374.305514][T15325] netlink: 88 bytes leftover after parsing attributes in process `syz.2.4010'. [ 374.442035][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 374.442055][ T30] audit: type=1326 audit(1752116005.746:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15328 comm="syz.2.4012" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffaf4b8e929 code=0x0 [ 374.902769][T15336] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 376.603533][ T5910] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 376.762740][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 376.774230][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 376.780412][ T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 376.784408][ T5910] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 376.803541][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.815229][ T5910] usb 3-1: config 0 descriptor?? [ 376.940594][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 376.955450][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 376.969313][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 376.986634][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 376.997460][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 377.015161][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 377.026590][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.257641][ T9] usb 6-1: GET_CAPABILITIES returned 0 [ 377.266560][ T9] usbtmc 6-1:16.0: can't read capabilities [ 377.271895][ T5910] cp2112 0003:10C4:EA90.0015: unknown main item tag 0x0 [ 377.300851][ T5910] cp2112 0003:10C4:EA90.0015: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0 [ 377.465061][ T5910] cp2112 0003:10C4:EA90.0015: Part Number: 0x00 Device Version: 0x00 [ 377.496640][ T5860] usb 6-1: USB disconnect, device number 4 [ 377.536179][T15297] Set syz1 is full, maxelem 65536 reached [ 377.666015][ T5910] cp2112 0003:10C4:EA90.0015: error requesting SMBus config [ 377.676311][ T5910] cp2112 0003:10C4:EA90.0015: probe with driver cp2112 failed with error -71 [ 377.723738][ T5910] usb 3-1: USB disconnect, device number 42 [ 378.655981][T15419] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4053'. [ 378.777839][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.784454][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.257787][T15445] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4063'. [ 379.268247][T15442] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4063'. [ 379.280484][T15445] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4063'. [ 379.662407][T15459] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4068'. [ 379.690925][T15456] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4068'. [ 379.716176][T15459] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4068'. [ 380.593317][T15499] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4086'. [ 380.610561][T15496] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4086'. [ 380.622423][T15499] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4086'. [ 380.910178][ T145] Bluetooth: hci4: Frame reassembly failed (-84) [ 380.929723][T15507] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 381.825543][T15558] netlink: 'syz.2.4115': attribute type 83 has an invalid length. [ 382.503184][T15587] sctp: [Deprecated]: syz.0.4129 (pid 15587) Use of struct sctp_assoc_value in delayed_ack socket option. [ 382.503184][T15587] Use struct sctp_sack_info instead [ 382.830258][ T43] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 382.930658][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 382.931827][ T5863] Bluetooth: hci4: command 0x1003 tx timeout [ 382.992254][ T43] usb 3-1: Using ep0 maxpacket: 32 [ 383.008777][ T43] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 383.019656][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.050698][ T43] usb 3-1: Product: syz [ 383.054913][ T43] usb 3-1: Manufacturer: syz [ 383.059541][ T43] usb 3-1: SerialNumber: syz [ 383.078715][ T43] usb 3-1: config 0 descriptor?? [ 383.219665][T15608] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 383.735318][ T43] peak_usb 3-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 383.756071][ T43] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 383.773278][ T43] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 383.895404][ T43] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -22 [ 383.926232][T15635] program syz.0.4153 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 383.985676][ T43] usb 3-1: USB disconnect, device number 43 [ 384.057323][T15639] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 384.472573][ T30] audit: type=1326 audit(1752116015.786:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15654 comm="syz.3.4163" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f224d18e929 code=0x0 [ 384.890984][ T5860] usb 3-1: new low-speed USB device number 44 using dummy_hcd [ 385.065954][ T5860] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 385.090561][ T5860] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0 [ 385.103048][ T5860] usb 3-1: config 0 interface 0 has no altsetting 0 [ 385.109724][ T5860] usb 3-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00 [ 385.125468][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 385.151706][ T5860] usb 3-1: config 0 descriptor?? [ 385.603666][ T5860] holtek_mouse 0003:04D9:A067.0016: unknown main item tag 0x7 [ 385.624376][ T5860] holtek_mouse 0003:04D9:A067.0016: unknown main item tag 0x6 [ 385.656963][ T5860] holtek_mouse 0003:04D9:A067.0016: hidraw0: USB HID v0.00 Device [HID 04d9:a067] on usb-dummy_hcd.2-1/input0 [ 385.836348][ T5860] usb 3-1: USB disconnect, device number 44 [ 385.892716][T15698] fido_id[15698]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 386.348798][T15725] __nla_validate_parse: 6 callbacks suppressed [ 386.348821][T15725] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4192'. [ 386.372921][T15719] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4192'. [ 386.387793][T15719] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4192'. [ 386.479849][T15722] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4192'. [ 386.785078][ T30] audit: type=1326 audit(1752116018.096:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15738 comm="syz.3.4199" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f224d18e929 code=0x0 [ 386.806892][ C0] vkms_vblank_simulate: vblank timer overrun [ 387.530311][ T10] usb 3-1: new full-speed USB device number 45 using dummy_hcd [ 387.684663][ T10] usb 3-1: config 0 has an invalid interface number: 106 but max is 0 [ 387.696882][ T10] usb 3-1: config 0 has no interface number 0 [ 387.703520][ T10] usb 3-1: config 0 interface 106 has no altsetting 0 [ 387.713763][ T10] usb 3-1: New USB device found, idVendor=413c, idProduct=8217, bcdDevice=b2.59 [ 387.723676][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.732864][ T10] usb 3-1: Product: syz [ 387.737215][ T10] usb 3-1: Manufacturer: syz [ 387.742832][ T10] usb 3-1: SerialNumber: syz [ 387.751280][ T10] usb 3-1: config 0 descriptor?? [ 387.990569][ T10] usb 3-1: USB disconnect, device number 45 [ 388.808580][T15804] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4227'. [ 388.849341][T15800] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4227'. [ 388.874705][T15800] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4227'. [ 389.380180][ T24] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 389.570729][ T24] usb 3-1: Using ep0 maxpacket: 16 [ 389.577629][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 389.588636][ T24] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 389.597763][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.608358][ T24] usb 3-1: config 0 descriptor?? [ 390.038849][ T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 390.047282][ T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 390.055686][ T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 390.063412][ T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 390.070670][ T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 390.078768][ T24] mcp2221 0003:04D8:00DD.0017: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0 [ 390.100657][ T30] audit: type=1326 audit(1752116021.406:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15824 comm="syz.3.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f224d18e929 code=0x7fc00000 [ 390.123075][ C0] vkms_vblank_simulate: vblank timer overrun [ 390.249105][T15845] netlink: 188 bytes leftover after parsing attributes in process `syz.0.4246'. [ 390.449059][ T9] usb 3-1: USB disconnect, device number 46 [ 390.609291][T15859] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4251'. [ 390.626437][T15856] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4251'. [ 391.800349][ T5910] usb 3-1: new full-speed USB device number 47 using dummy_hcd [ 391.818929][ T51] Bluetooth: hci1: Invalid connection link type handle 0x00c8 [ 391.962784][ T5910] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 391.974114][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 391.987210][ T5910] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 392.014471][ T5910] usb 3-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00 [ 392.024764][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.046400][ T5910] usb 3-1: config 0 descriptor?? [ 392.056007][T15892] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 392.318809][T15924] comedi comedi1: Minor 0 could not be opened [ 392.433435][T15928] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 392.510856][T15930] __nla_validate_parse: 1 callbacks suppressed [ 392.510876][T15930] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4286'. [ 392.541743][ T5910] uclogic 0003:5543:0004.0018: hidraw0: USB HID v1.01 Device [HID 5543:0004] on usb-dummy_hcd.2-1/input0 [ 392.790887][ T5910] usb 3-1: USB disconnect, device number 47 [ 393.021410][T15946] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4290'. [ 393.043995][T15942] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4290'. [ 393.055238][T15946] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4290'. [ 393.098343][T15950] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4294'. [ 393.133848][T15950] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4294'. [ 393.145518][T15950] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4294'. [ 393.401042][T15958] nbd2: detected capacity change from 0 to 63 [ 393.415989][ T51] block nbd2: Receive control failed (result -32) [ 393.457074][T12199] block nbd2: Dead connection, failed to find a fallback [ 393.487746][T12199] block nbd2: shutting down sockets [ 393.507605][T12199] blk_print_req_error: 54 callbacks suppressed [ 393.507627][T12199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.556658][T12199] buffer_io_error: 54 callbacks suppressed [ 393.556678][T12199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 393.569236][ T30] audit: type=1326 audit(1752116024.886:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15967 comm="syz.0.4304" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fef5c38e929 code=0x0 [ 393.576900][T12199] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.628454][T12199] Buffer I/O error on dev nbd2, logical block 1, async page read [ 393.648871][T12199] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.658425][T12199] Buffer I/O error on dev nbd2, logical block 2, async page read [ 393.675553][T12199] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.687375][ T5910] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 393.697051][T12199] Buffer I/O error on dev nbd2, logical block 3, async page read [ 393.710403][T12199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.719866][T12199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 393.729460][T12199] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.739422][T12199] Buffer I/O error on dev nbd2, logical block 1, async page read [ 393.767509][T12199] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.787010][T12199] Buffer I/O error on dev nbd2, logical block 2, async page read [ 393.804336][T12199] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.836060][T12199] Buffer I/O error on dev nbd2, logical block 3, async page read [ 393.845810][T12199] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.850294][ T5910] usb 6-1: Using ep0 maxpacket: 8 [ 393.855706][T12199] Buffer I/O error on dev nbd2, logical block 0, async page read [ 393.868694][T12199] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 393.878101][T12199] Buffer I/O error on dev nbd2, logical block 1, async page read [ 393.888466][T15979] netlink: 'syz.2.4307': attribute type 5 has an invalid length. [ 393.895704][ T5910] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 393.906536][ T5910] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 393.920801][ T5910] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 393.934145][T12199] ldm_validate_partition_table(): Disk read failed. [ 393.940934][ T5910] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 393.956814][T12199] Dev nbd2: unable to read RDB block 0 [ 393.967497][T12199] nbd2: unable to read partition table [ 393.973211][ T5910] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 393.992092][ T5910] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.003704][T12199] ldm_validate_partition_table(): Disk read failed. [ 394.022737][T12199] Dev nbd2: unable to read RDB block 0 [ 394.034527][T12199] nbd2: unable to read partition table [ 394.224353][ T5910] usb 6-1: GET_CAPABILITIES returned 0 [ 394.240191][ T5910] usbtmc 6-1:16.0: can't read capabilities [ 394.453806][ T24] usb 6-1: USB disconnect, device number 5 [ 394.689558][T16000] netlink: 14478 bytes leftover after parsing attributes in process `syz.3.4318'. [ 394.724679][ T30] audit: type=1326 audit(1752116026.036:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 394.790201][ T30] audit: type=1326 audit(1752116026.036:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 394.875103][ T30] audit: type=1326 audit(1752116026.056:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 394.945109][ T30] audit: type=1326 audit(1752116026.056:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 395.070747][ T30] audit: type=1326 audit(1752116026.056:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 395.127777][ T30] audit: type=1326 audit(1752116026.056:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 395.204150][ T30] audit: type=1326 audit(1752116026.056:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 395.243789][T16021] loop7: detected capacity change from 0 to 524255232 [ 395.262692][ T30] audit: type=1326 audit(1752116026.056:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 395.302453][ T30] audit: type=1326 audit(1752116026.056:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 395.384944][ T30] audit: type=1326 audit(1752116026.056:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16001 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7ffc0000 [ 395.754396][T16036] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input35 [ 395.929037][T16045] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4339'. [ 396.068471][T16051] netlink: 'syz.5.4341': attribute type 2 has an invalid length. [ 396.193377][ T5936] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 396.353702][ T5936] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 396.357029][T16066] netlink: 'syz.0.4350': attribute type 83 has an invalid length. [ 396.374671][ T5936] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32 [ 396.397769][ T5936] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 396.415108][ T5936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 396.428113][ T5936] usb 3-1: Product: syz [ 396.437884][ T5936] usb 3-1: Manufacturer: syz [ 396.447053][ T5936] usb 3-1: SerialNumber: syz [ 396.691926][ T5936] cdc_ncm 3-1:1.0: bind() failure [ 396.709171][ T5936] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 396.720640][ T5936] cdc_ncm 3-1:1.1: bind() failure [ 396.732973][ T5936] usb 3-1: USB disconnect, device number 48 [ 398.000408][T16121] kvm_intel: kvm [16118]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3 [ 399.201293][ T9] IPVS: starting estimator thread 0... [ 399.320158][T16179] IPVS: using max 28 ests per chain, 67200 per kthread [ 400.800331][ T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 400.960240][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 400.967881][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 400.978566][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 400.990329][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 401.000449][ T10] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 401.010428][ T10] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 401.025383][ T10] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 401.034807][ T10] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 401.043283][ T10] usb 6-1: Manufacturer: syz [ 401.051467][ T10] usb 6-1: config 0 descriptor?? [ 401.380656][ T10] rc_core: IR keymap rc-hauppauge not found [ 401.386618][ T10] Registered IR keymap rc-empty [ 401.398872][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.432647][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.465215][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 401.480905][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input36 [ 401.507857][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.530366][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.550532][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.570661][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.591136][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.610522][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.640264][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.660421][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.681198][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.701347][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 401.723555][ T10] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 401.740900][ T10] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 401.782024][ T10] usb 6-1: USB disconnect, device number 6 [ 402.050314][ T30] audit: type=1326 audit(1752116033.356:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16251 comm="syz.3.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f224d18e929 code=0x7fc00000 [ 402.390531][ T5936] usb 3-1: new full-speed USB device number 49 using dummy_hcd [ 402.578415][ T5936] usb 3-1: config 0 has no interfaces? [ 402.584333][ T5936] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 402.603151][ T5936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.628151][ T5936] usb 3-1: config 0 descriptor?? [ 402.764594][T16283] Set syz1 is full, maxelem 65536 reached [ 402.871232][ T5936] usb 3-1: USB disconnect, device number 49 [ 403.595454][T16315] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4466'. [ 403.798113][T16325] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4469'. [ 403.938283][T16329] netlink: 'syz.5.4471': attribute type 12 has an invalid length. [ 404.183915][T16339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4477'. [ 404.805228][T16367] netlink: 160 bytes leftover after parsing attributes in process `syz.2.4491'. [ 404.815654][T16366] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4490'. [ 404.835744][T16366] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4490'. [ 404.846732][T16366] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4490'. [ 404.955615][T16366] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4490'. [ 404.965000][T16366] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4490'. [ 404.975098][T16366] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4490'. [ 405.442044][T16396] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 405.860297][ T10] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 405.920272][ T5936] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 406.010196][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 406.017760][ T10] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 406.026253][ T10] usb 3-1: config 0 has no interface number 0 [ 406.032962][ T10] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 406.044113][ T10] usb 3-1: config 0 interface 85 has no altsetting 0 [ 406.053298][ T10] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 406.062714][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 406.070967][ T10] usb 3-1: Product: syz [ 406.075165][ T10] usb 3-1: Manufacturer: syz [ 406.079749][ T10] usb 3-1: SerialNumber: syz [ 406.080185][ T5936] usb 6-1: Using ep0 maxpacket: 32 [ 406.091852][ T10] usb 3-1: config 0 descriptor?? [ 406.101996][ T5936] usb 6-1: config 0 has an invalid interface number: 126 but max is 0 [ 406.111895][ T5936] usb 6-1: config 0 has no interface number 0 [ 406.118056][ T5936] usb 6-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 406.129226][ T5936] usb 6-1: config 0 interface 126 altsetting 16 endpoint 0x82 has invalid wMaxPacketSize 0 [ 406.140790][ T5936] usb 6-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 0 [ 406.151137][ T5936] usb 6-1: config 0 interface 126 has no altsetting 0 [ 406.161378][ T5936] usb 6-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 406.171236][ T5936] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 406.179793][ T5936] usb 6-1: Product: syz [ 406.184450][ T5936] usb 6-1: Manufacturer: syz [ 406.189075][ T5936] usb 6-1: SerialNumber: syz [ 406.197010][ T5936] usb 6-1: config 0 descriptor?? [ 406.203104][T16407] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 406.635418][ T5936] ir_usb 6-1:0.126: IR Dongle converter detected [ 406.662977][T16426] vxcan1: tx address claim with dlc 0 [ 406.711242][ T10] appletouch 3-1:0.85: Geyser mode initialized. [ 406.721998][ T10] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input37 [ 406.833951][ T5936] usb 6-1: IRDA class descriptor not found, device not bound [ 406.914727][ T10] usb 3-1: USB disconnect, device number 50 [ 406.944781][ T10] appletouch 3-1:0.85: input: appletouch disconnected [ 407.048991][ T9] usb 6-1: USB disconnect, device number 7 [ 407.792496][ T5936] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 407.964460][ T5936] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 407.990657][ T5936] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 408.020627][ T5936] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 408.039931][ T5936] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 408.060982][ T5936] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 408.085549][ T5936] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 408.094974][ T5936] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 408.108010][ T5936] usb 3-1: Product: syz [ 408.115857][ T5936] usb 3-1: Manufacturer: syz [ 408.129999][ T5936] cdc_wdm 3-1:1.0: skipping garbage [ 408.136302][ T5936] cdc_wdm 3-1:1.0: skipping garbage [ 408.149821][ T5936] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 408.164278][ T5936] cdc_wdm 3-1:1.0: Unknown control protocol [ 408.261761][ T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 408.332364][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.339203][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.345552][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.352263][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.358557][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.365278][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.372547][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.379311][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.386203][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.392835][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.399848][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.406503][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.412958][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.419586][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.426350][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.432987][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.439823][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.445720][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 408.446441][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.458093][ T24] usb 3-1: USB disconnect, device number 51 [ 408.464000][ T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 408.464033][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 408.464057][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 408.464080][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11 [ 408.464104][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024 [ 408.464348][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 408.464371][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 408.464388][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 408.467323][ T9] usb 6-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 408.578874][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.587144][ T9] usb 6-1: Product: syz [ 408.594248][ T9] usb 6-1: Manufacturer: syz [ 408.599003][ T9] usb 6-1: SerialNumber: syz [ 408.618829][ T9] usb 6-1: config 0 descriptor?? [ 409.035558][ T9] iforce 6-1:0.0: usb_submit_urb failed: -32 [ 409.043920][ T9] input input38: Device does not respond to id packet M [ 409.264837][ T9] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 409.284742][ T9] input input38: Device does not respond to id packet B [ 409.298574][ T9] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 409.314654][ T9] input input38: Device does not respond to id packet N [ 409.330344][ T9] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 409.344023][ T9] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 409.353165][ T9] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 409.359754][ T9] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 409.376235][ T9] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input38 [ 409.451551][ T9] usb 6-1: USB disconnect, device number 8 [ 409.770233][ T24] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 409.943062][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 409.957461][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 409.972219][ T24] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 409.985229][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 409.994185][ T24] usb 3-1: Product: syz [ 409.998480][ T24] usb 3-1: Manufacturer: syz [ 410.003762][ T24] usb 3-1: SerialNumber: syz [ 410.020356][ T24] usb 3-1: config 0 descriptor?? [ 410.027048][T16504] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 410.035100][T16504] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 410.292352][T16504] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 410.333355][T16504] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 410.465463][T16538] __nla_validate_parse: 6 callbacks suppressed [ 410.465485][T16538] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4565'. [ 410.485079][T16538] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4565'. [ 410.514323][T16538] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4565'. [ 410.715182][T16546] misc userio: Begin command sent, but we're already running [ 410.765848][ T24] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00 [ 410.966909][ T24] dm9601 3-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 411.014677][ T24] usb 3-1: USB disconnect, device number 52 [ 411.362095][T16572] input: syz1 as /devices/virtual/input/input40 [ 412.047324][T16605] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 412.194803][T16613] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4601'. [ 412.207251][T16613] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4601'. [ 412.249798][T16613] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4601'. [ 413.779121][ T30] audit: type=1326 audit(1752116045.086:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16664 comm="syz.0.4624" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fef5c38e929 code=0x0 [ 414.110206][ T10] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 414.260289][ T9] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 414.270415][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 414.286249][ T10] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 414.304962][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.316663][ T10] usb 3-1: Product: syz [ 414.322518][ T10] usb 3-1: Manufacturer: syz [ 414.327362][ T10] usb 3-1: SerialNumber: syz [ 414.350733][ T10] r8152-cfgselector 3-1: Unknown version 0x0000 [ 414.357346][ T10] r8152-cfgselector 3-1: config 0 descriptor?? [ 414.420340][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 414.428466][T16690] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.4636'. [ 414.432455][ T9] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 414.447291][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.456224][ T9] usb 6-1: Product: syz [ 414.460743][ T9] usb 6-1: Manufacturer: syz [ 414.465536][ T9] usb 6-1: SerialNumber: syz [ 414.484494][ T9] usb 6-1: config 0 descriptor?? [ 414.495936][ T9] gspca_main: se401-2.14.0 probing 047d:5003 [ 414.575850][ T10] r8152-cfgselector 3-1: Needed 2 retries to read version [ 414.603758][ T10] r8152-cfgselector 3-1: Unknown version 0x0000 [ 414.623859][ T10] r8152-cfgselector 3-1: bad CDC descriptors [ 414.666461][T16694] sctp: [Deprecated]: syz.3.4638 (pid 16694) Use of int in max_burst socket option deprecated. [ 414.666461][T16694] Use struct sctp_assoc_value instead [ 414.790718][ T10] r8152-cfgselector 3-1: USB disconnect, device number 53 [ 414.868089][T16702] overlayfs: conflicting options: userxattr,metacopy=on [ 414.905888][ T9] gspca_se401: ExtraFeatures: 255 [ 414.919339][ T9] gspca_se401: Frame size: 2314x0 bayer [ 414.928102][ T9] gspca_se401: Frame size: 0x0 1/16th janggu [ 414.935813][ T9] gspca_se401: Frame size: 0x0 1/16th janggu [ 414.947499][ T9] gspca_se401: Frame size: 0x0 1/16th janggu [ 414.964079][ T9] gspca_se401: Frame size: 0x0 1/16th janggu [ 414.975705][ T9] gspca_se401: Frame size: 0x0 1/16th janggu [ 414.990094][ T9] gspca_se401: Frame size: 0x0 1/16th janggu [ 415.000341][ T9] gspca_se401: Frame size: 0x0 1/16th janggu [ 415.115617][ T9] input: se401 as /devices/platform/dummy_hcd.5/usb6/6-1/input/input41 [ 415.153012][ T9] usb 6-1: USB disconnect, device number 9 [ 416.057657][T16752] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 416.192430][T16756] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 416.659224][T16771] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4674'. [ 417.100190][ T5917] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 417.260689][ T5917] usb 6-1: Using ep0 maxpacket: 8 [ 417.266639][T16785] bpf: Bad value for 'uid' [ 417.268585][ T5917] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 417.285764][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.314901][ T5917] pvrusb2: Hardware description: Terratec Grabster AV400 [ 417.328415][ T5917] pvrusb2: ********** [ 417.334814][ T5917] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 417.349135][ T5917] pvrusb2: Important functionality might not be entirely working. [ 417.357183][ T5917] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 417.371127][ T5917] pvrusb2: ********** [ 417.517741][ T2346] pvrusb2: Invalid write control endpoint [ 417.567350][ T2346] pvrusb2: Invalid write control endpoint [ 417.576268][ T2346] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 417.587831][ T5910] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 417.588640][ T2346] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 417.605160][ T2346] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 417.615461][ T2346] pvrusb2: Device being rendered inoperable [ 417.621445][ T2346] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 417.628513][ T2346] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 417.636982][ T2346] pvrusb2: Attached sub-driver cx25840 [ 417.642516][ T2346] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 417.653515][ T2346] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 417.734532][T16776] pvrusb2: Attempted to execute control transfer when device not ok [ 417.744579][ T5936] usb 6-1: USB disconnect, device number 10 [ 417.752526][ T5910] usb 3-1: Using ep0 maxpacket: 16 [ 417.769202][ T5910] usb 3-1: config 0 has an invalid interface number: 214 but max is 0 [ 417.790614][ T5910] usb 3-1: config 0 has no interface number 0 [ 417.803594][ T5910] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 417.819820][ T5910] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 417.833236][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 417.841929][ T5910] usb 3-1: Product: syz [ 417.846125][ T5910] usb 3-1: Manufacturer: syz [ 417.851274][ T5910] usb 3-1: SerialNumber: syz [ 417.861427][ T5910] usb 3-1: config 0 descriptor?? [ 418.496351][ T5910] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.214/input/input42 [ 418.700778][ T5910] usb 3-1: USB disconnect, device number 54 [ 420.017249][T16852] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4705'. [ 421.225850][T16900] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4734'. [ 421.233272][T16902] @: renamed from vlan0 (while UP) [ 421.858232][T16924] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 422.330292][ T30] audit: type=1326 audit(1752116053.636:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16912 comm="syz.2.4740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x7fc00000 [ 422.549256][T16951] netlink: 'syz.3.4752': attribute type 37 has an invalid length. [ 424.339951][T17035] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4781'. [ 424.919358][T17061] overlayfs: failed to clone lowerpath [ 425.970274][ T5917] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 425.988201][T17085] batadv_slave_1: entered promiscuous mode [ 425.996196][T17084] batadv_slave_1: left promiscuous mode [ 426.135641][ T5917] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 426.158558][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.192987][ T5917] usb 6-1: config 0 descriptor?? [ 426.419698][ T5917] udl 6-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 426.637495][T17107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4815'. [ 426.653705][ T5917] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2 [ 426.669639][ T5917] [drm] Initialized udl on minor 2 [ 426.829807][ T5917] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed [ 426.837375][ T5917] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 427.038858][ T10] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 427.074049][ T10] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 427.083461][T17125] kernel read not supported for file /file1 (pid: 17125 comm: syz.2.4822) [ 427.089537][ T5917] usb 6-1: USB disconnect, device number 11 [ 427.104635][ T30] audit: type=1800 audit(1752116058.416:69): pid=17125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4822" name="file1" dev="mqueue" ino=60314 res=0 errno=0 [ 427.128948][ T10] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 427.217269][ T30] audit: type=1326 audit(1752116058.526:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17128 comm="syz.2.4825" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffaf4b8e929 code=0x0 [ 427.239272][ C1] vkms_vblank_simulate: vblank timer overrun [ 427.699204][T17151] sctp: [Deprecated]: syz.5.4834 (pid 17151) Use of struct sctp_assoc_value in delayed_ack socket option. [ 427.699204][T17151] Use struct sctp_sack_info instead [ 429.282628][T17201] hugetlbfs: syz.5.4858 (17201): Using mlock ulimits for SHM_HUGETLB is obsolete [ 429.661873][ T5917] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 429.856209][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.877927][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 429.900281][ T5917] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 429.920215][ T5917] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.942352][ T5917] usb 6-1: config 0 descriptor?? [ 430.382016][ T5917] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 430.402059][ T5917] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 430.423416][ T5917] isku 0003:1E7D:319C.0019: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.5-1/input0 [ 430.777451][ T5917] usb 6-1: USB disconnect, device number 12 [ 433.450499][ T43] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 433.498236][T17338] netlink: 'syz.3.4918': attribute type 6 has an invalid length. [ 433.612866][ T43] usb 6-1: Using ep0 maxpacket: 16 [ 433.626209][T17342] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4920'. [ 433.640718][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 433.662335][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 433.690095][ T43] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 433.720131][ T43] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 433.742098][ T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.768157][ T43] usb 6-1: config 0 descriptor?? [ 434.115312][T17356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4926'. [ 434.186907][T17324] random: crng reseeded on system resumption [ 434.240594][ T5860] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 434.253939][ T43] input: HID 0955:7214 Haptics as /devices/virtual/input/input43 [ 434.336509][ T43] shield 0003:0955:7214.001A: Registered Thunderstrike controller [ 434.363936][ T43] shield 0003:0955:7214.001A: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.5-1/input0 [ 434.415288][ T5860] usb 3-1: Using ep0 maxpacket: 16 [ 434.434555][ T5860] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 434.450710][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 434.458849][ T5860] usb 3-1: Product: syz [ 434.468349][ T43] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 434.497813][ T5936] usb 6-1: USB disconnect, device number 13 [ 434.497958][ T5860] usb 3-1: Manufacturer: syz [ 434.519157][ T5860] usb 3-1: SerialNumber: syz [ 434.546660][ T43] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 434.564561][ T5860] usb 3-1: config 0 descriptor?? [ 434.573809][ T43] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 434.588520][ T43] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 434.804883][ T43] usb 3-1: USB disconnect, device number 55 [ 434.906491][T17378] ptrace attach of "./syz-executor exec"[5854] was attempted by "./syz-executor exec"[17378] [ 435.325949][T17395] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4944'. [ 435.340957][T17395] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4944'. [ 435.900752][T17411] autofs: Bad value for 'fd' [ 436.145983][T17417] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 436.185391][T17420] vcan0: tx drop: invalid sa for name 0x000003fffffffffd [ 436.374329][T17427] Invalid/unusable pipe [ 436.477982][T17429] netlink: 'syz.2.4960': attribute type 6 has an invalid length. [ 436.503505][T17429] netlink: 'syz.2.4960': attribute type 4 has an invalid length. [ 436.522012][T17429] netlink: 'syz.2.4960': attribute type 6 has an invalid length. [ 436.529803][T17429] netlink: 'syz.2.4960': attribute type 13 has an invalid length. [ 436.545831][T17429] netlink: 'syz.2.4960': attribute type 15 has an invalid length. [ 436.555017][T17429] netlink: 'syz.2.4960': attribute type 19 has an invalid length. [ 436.563405][T17429] netlink: 3684 bytes leftover after parsing attributes in process `syz.2.4960'. [ 436.800262][T17443] netlink: 176 bytes leftover after parsing attributes in process `syz.0.4967'. [ 437.026278][T17452] pim6reg1: entered promiscuous mode [ 437.042003][T17452] pim6reg1: entered allmulticast mode [ 437.670132][ T5860] usb 3-1: new full-speed USB device number 56 using dummy_hcd [ 437.834826][ T5860] usb 3-1: config 0 has an invalid interface number: 161 but max is 0 [ 437.855298][ T5860] usb 3-1: config 0 has no interface number 0 [ 437.870732][ T5860] usb 3-1: New USB device found, idVendor=067b, idProduct=331a, bcdDevice=4a.31 [ 437.880468][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 437.888498][ T5860] usb 3-1: Product: syz [ 438.009150][ T5860] usb 3-1: Manufacturer: syz [ 438.013922][ T5860] usb 3-1: SerialNumber: syz [ 438.022509][ T5860] usb 3-1: config 0 descriptor?? [ 438.258260][T17468] netlink: 176 bytes leftover after parsing attributes in process `syz.2.4977'. [ 438.301049][ T5860] pl2303 3-1:0.161: required endpoints missing [ 438.322334][ T5860] usb 3-1: USB disconnect, device number 56 [ 438.723453][T17500] netlink: 'syz.5.4990': attribute type 39 has an invalid length. [ 439.687294][T17538] netlink: 'syz.2.5009': attribute type 2 has an invalid length. [ 439.978406][T17553] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5014'. [ 440.193063][ T24] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 440.216947][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.224274][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.293493][T17569] netlink: 'syz.2.5022': attribute type 29 has an invalid length. [ 440.307277][T17569] netlink: 'syz.2.5022': attribute type 29 has an invalid length. [ 440.316231][T17569] netlink: 'syz.2.5022': attribute type 29 has an invalid length. [ 440.332725][T17569] netlink: 'syz.2.5022': attribute type 29 has an invalid length. [ 440.353556][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 440.362094][ T24] usb 6-1: config 0 has an invalid interface number: 12 but max is 0 [ 440.375821][ T24] usb 6-1: config 0 has no interface number 0 [ 440.383016][ T24] usb 6-1: config 0 interface 12 has no altsetting 0 [ 440.394521][ T24] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 440.410226][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 440.418347][ T24] usb 6-1: Product: syz [ 440.426649][ T24] usb 6-1: Manufacturer: syz [ 440.433679][ T24] usb 6-1: SerialNumber: syz [ 440.444199][ T24] usb 6-1: config 0 descriptor?? [ 441.360241][ T5936] usb 3-1: new high-speed USB device number 57 using dummy_hcd [ 441.480202][ T24] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 441.487961][ T24] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71 [ 441.496212][ T24] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 441.504536][ T24] f81534 6-1:0.12: probe with driver f81534 failed with error -71 [ 441.520277][ T5936] usb 3-1: Using ep0 maxpacket: 8 [ 441.527538][ T5936] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 441.538962][ T24] usb 6-1: USB disconnect, device number 14 [ 441.552596][ T5936] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 441.567970][ T5936] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 441.581156][ T5936] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 441.592584][ T5936] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 441.606131][ T5936] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 441.615375][ T5936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.837360][ T5936] usb 3-1: GET_CAPABILITIES returned 0 [ 441.846531][ T5936] usbtmc 3-1:16.0: can't read capabilities [ 442.099087][T17623] vcan0: tx drop: invalid sa for name 0x0000000000000003 [ 442.122561][T17607] usbtmc 3-1:16.0: usb_control_msg returned -71 [ 442.123635][ T24] usb 3-1: USB disconnect, device number 57 [ 442.350121][ T5936] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 442.516282][ T5936] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 442.535937][ T5936] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 442.550341][ T5936] usb 6-1: Product: syz [ 442.555296][ T5936] usb 6-1: Manufacturer: syz [ 442.560165][ T5936] usb 6-1: SerialNumber: syz [ 442.575234][ T5936] usb 6-1: config 0 descriptor?? [ 442.593653][ T5936] ch341 6-1:0.0: ch341-uart converter detected [ 443.146131][T17661] netlink: 88 bytes leftover after parsing attributes in process `syz.3.5060'. [ 443.156140][T17661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5060'. [ 443.603484][ T5936] usb 6-1: failed to send control message: -71 [ 443.613204][ T5936] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 443.630413][ T5936] usb 6-1: USB disconnect, device number 15 [ 443.642022][ T5936] ch341 6-1:0.0: device disconnected [ 443.687820][ T30] audit: type=1800 audit(1752116074.996:71): pid=17680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5068" name="nullb0" dev="tmpfs" ino=938 res=0 errno=0 [ 444.296499][T17703] input: syz0 as /devices/virtual/input/input44 [ 445.478902][T17747] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 445.487990][T17747] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 445.505009][T17747] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 445.518345][T17747] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 445.524938][T17747] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 445.537351][T17747] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 445.541907][T17756] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 445.550793][T17755] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 445.930179][ T5860] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 446.107837][ T5860] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 446.121628][ T5860] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 446.137594][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.157822][ T5860] usb 3-1: config 0 descriptor?? [ 446.178517][ T5860] pwc: Askey VC010 type 2 USB webcam detected. [ 446.591195][ T5860] pwc: recv_control_msg error -32 req 02 val 2b00 [ 446.610352][ T5860] pwc: recv_control_msg error -32 req 02 val 2700 [ 446.829319][ T5860] pwc: recv_control_msg error -71 req 04 val 1000 [ 446.855318][ T5860] pwc: recv_control_msg error -71 req 04 val 1300 [ 446.874172][ T5860] pwc: recv_control_msg error -71 req 04 val 1400 [ 446.895200][ T5860] pwc: recv_control_msg error -71 req 02 val 2000 [ 446.905536][ T5860] pwc: recv_control_msg error -71 req 02 val 2100 [ 446.926973][ T5860] pwc: recv_control_msg error -71 req 04 val 1500 [ 446.944436][ T5860] pwc: recv_control_msg error -71 req 02 val 2500 [ 446.959179][ T5860] pwc: recv_control_msg error -71 req 02 val 2400 [ 446.980139][ T5860] pwc: recv_control_msg error -71 req 02 val 2600 [ 447.001684][ T5860] pwc: recv_control_msg error -71 req 02 val 2900 [ 447.025116][ T5860] pwc: recv_control_msg error -71 req 02 val 2800 [ 447.037074][ T5860] pwc: recv_control_msg error -71 req 04 val 1100 [ 447.051013][ T5860] pwc: recv_control_msg error -71 req 04 val 1200 [ 447.091002][ T5860] pwc: Registered as video103. [ 447.128066][ T5860] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input45 [ 447.176712][ T5860] usb 3-1: USB disconnect, device number 58 [ 447.414328][ T5863] Bluetooth: hci3: command 0x0406 tx timeout [ 447.578811][ T5863] Bluetooth: hci1: command 0x0405 tx timeout [ 448.146228][T17855] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5143'. [ 448.258601][T17863] blk_print_req_error: 138 callbacks suppressed [ 448.258621][T17863] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.305142][T17863] buffer_io_error: 138 callbacks suppressed [ 448.305165][T17863] Buffer I/O error on dev nbd2, logical block 0, async page read [ 448.350833][T17863] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.368142][T17863] Buffer I/O error on dev nbd2, logical block 1, async page read [ 448.410218][T17863] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.424172][T17863] Buffer I/O error on dev nbd2, logical block 2, async page read [ 448.435269][T17863] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.444664][T17863] Buffer I/O error on dev nbd2, logical block 3, async page read [ 448.453119][T17863] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.472729][T17863] Buffer I/O error on dev nbd2, logical block 0, async page read [ 448.493706][T17863] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.505453][T17863] Buffer I/O error on dev nbd2, logical block 1, async page read [ 448.529438][T17863] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.559597][T17863] Buffer I/O error on dev nbd2, logical block 2, async page read [ 448.621098][T17863] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.652707][T17863] Buffer I/O error on dev nbd2, logical block 3, async page read [ 448.689388][T17863] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.719090][T17863] Buffer I/O error on dev nbd2, logical block 0, async page read [ 448.729064][T17863] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 448.752298][ T5860] libceph: connect (1)[c::]:6789 error -101 [ 448.763861][ T5860] libceph: mon0 (1)[c::]:6789 connect error [ 448.773030][T17879] ceph: No mds server is up or the cluster is laggy [ 448.781997][ T5860] libceph: connect (1)[c::]:6789 error -101 [ 448.788142][ T5860] libceph: mon0 (1)[c::]:6789 connect error [ 448.795539][T17863] Buffer I/O error on dev nbd2, logical block 1, async page read [ 448.809286][T17863] ldm_validate_partition_table(): Disk read failed. [ 448.818747][T17863] Dev nbd2: unable to read RDB block 0 [ 448.827420][T17863] nbd2: unable to read partition table [ 448.959225][ T5220] ldm_validate_partition_table(): Disk read failed. [ 449.003459][ T5220] Dev nbd2: unable to read RDB block 0 [ 449.044201][ T5220] nbd2: unable to read partition table [ 449.066555][ T5220] ldm_validate_partition_table(): Disk read failed. [ 449.114432][ T5220] Dev nbd2: unable to read RDB block 0 [ 449.143152][ T5220] nbd2: unable to read partition table [ 449.209051][T12199] ldm_validate_partition_table(): Disk read failed. [ 449.252206][T12199] Dev nbd2: unable to read RDB block 0 [ 449.265819][T12199] nbd2: unable to read partition table [ 449.304091][T12199] ldm_validate_partition_table(): Disk read failed. [ 449.325510][T12199] Dev nbd2: unable to read RDB block 0 [ 449.343205][T12199] nbd2: unable to read partition table [ 449.490862][ T5863] Bluetooth: hci3: command 0x0406 tx timeout [ 449.547729][T17906] syzkaller1: entered promiscuous mode [ 449.553709][T17906] syzkaller1: entered allmulticast mode [ 449.650649][ T5863] Bluetooth: hci1: command 0x0405 tx timeout [ 450.355959][T17927] vivid-001: disconnect [ 450.380354][T17929] overlayfs: failed to clone upperpath [ 450.380958][T17927] vivid-001: reconnect [ 450.394849][T17929] overlayfs: failed to clone lowerpath [ 451.517312][T17972] input: syz1 as /devices/virtual/input/input46 [ 451.524211][T17972] input: failed to attach handler leds to device input46, error: -6 [ 451.570188][ T5863] Bluetooth: hci3: command 0x0406 tx timeout [ 451.730221][ T5863] Bluetooth: hci1: command 0x0405 tx timeout [ 452.201128][ T30] audit: type=1326 audit(1752116083.516:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17995 comm="syz.2.5204" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffaf4b8e929 code=0x0 [ 452.802085][T18011] tmpfs: Invalid gid '0x00000000ffffffff' [ 452.851634][T18013] C: entered promiscuous mode [ 452.856696][T18013] team_slave_1: entered promiscuous mode [ 452.863632][T18013] C: left promiscuous mode [ 452.868362][T18013] team_slave_1: left promiscuous mode [ 453.886080][T18036] sp0: Synchronizing with TNC [ 454.480188][ T43] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 454.650100][ T43] usb 6-1: Using ep0 maxpacket: 16 [ 454.658113][ T43] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 454.688805][ T43] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 454.721263][ T43] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 454.730652][ T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 454.748071][ T43] usb 6-1: Product: syz [ 454.752858][ T43] usb 6-1: Manufacturer: syz [ 454.757490][ T43] usb 6-1: SerialNumber: syz [ 455.004873][ T43] usb 6-1: 0:2 : does not exist [ 455.026165][ T43] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 455.119305][ T43] usb 6-1: USB disconnect, device number 16 [ 455.185047][T12199] udevd[12199]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 455.854114][ T5917] usb 6-1: new full-speed USB device number 17 using dummy_hcd [ 456.024419][ T5917] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 456.049618][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 456.086136][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 456.099255][ T5917] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 456.117869][ T5917] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 456.135851][ T5917] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 456.144400][ T5917] usb 6-1: Manufacturer: syz [ 456.158090][ T5917] usb 6-1: config 0 descriptor?? [ 456.490135][ T5917] rc_core: IR keymap rc-hauppauge not found [ 456.496108][ T5917] Registered IR keymap rc-empty [ 456.542822][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.580554][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.623187][ T5917] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 456.656575][ T5917] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input48 [ 456.676116][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.714009][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.764022][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.796079][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.836946][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.880311][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.910185][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.930364][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 456.972456][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 457.012880][ T5917] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 457.042944][ T5917] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 457.053273][ T5917] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 457.085125][ T5917] usb 6-1: USB disconnect, device number 17 [ 458.150676][ T5917] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 458.330516][ T5917] usb 3-1: Using ep0 maxpacket: 32 [ 458.357062][ T5917] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 458.393998][ T5917] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 458.419904][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 458.443364][ T5917] usb 3-1: Product: syz [ 458.449269][ T5917] usb 3-1: Manufacturer: syz [ 458.455106][T18164] sctp: [Deprecated]: syz.5.5273 (pid 18164) Use of struct sctp_assoc_value in delayed_ack socket option. [ 458.455106][T18164] Use struct sctp_sack_info instead [ 458.481617][ T5917] usb 3-1: SerialNumber: syz [ 458.499274][ T5917] usb 3-1: config 0 descriptor?? [ 458.517446][T18153] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 458.542021][ T5917] hub 3-1:0.0: bad descriptor, ignoring hub [ 458.548092][ T5917] hub 3-1:0.0: probe with driver hub failed with error -5 [ 458.654819][T18169] bridge0: entered allmulticast mode [ 458.961032][ T5917] usb 3-1: USB disconnect, device number 59 [ 459.037514][T18185] sctp: [Deprecated]: syz.0.5283 (pid 18185) Use of struct sctp_assoc_value in delayed_ack socket option. [ 459.037514][T18185] Use struct sctp_sack_info instead [ 459.718723][T18202] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5290'. [ 459.819941][T18205] input: syz1 as /devices/virtual/input/input49 [ 459.976235][T18211] sctp: [Deprecated]: syz.2.5293 (pid 18211) Use of struct sctp_assoc_value in delayed_ack socket option. [ 459.976235][T18211] Use struct sctp_sack_info instead [ 460.451566][ T43] usb 6-1: new full-speed USB device number 18 using dummy_hcd [ 460.622657][ T43] usb 6-1: config 150 has an invalid interface number: 204 but max is 1 [ 460.631722][ T43] usb 6-1: config 150 has no interface number 0 [ 460.638034][ T43] usb 6-1: config 150 interface 204 has no altsetting 0 [ 460.645846][ T43] usb 6-1: config 150 interface 1 has no altsetting 0 [ 460.655992][ T43] usb 6-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 460.665589][ T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.673681][ T43] usb 6-1: Product: syz [ 460.678034][ T43] usb 6-1: Manufacturer: syz [ 460.683173][ T43] usb 6-1: SerialNumber: syz [ 460.905831][ T43] xr_serial 6-1:150.204: xr_serial converter detected [ 461.704914][ T43] xr_serial ttyUSB0: Failed to set reg 0x0e: -71 [ 461.714550][ T43] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 461.730661][ T43] usb 6-1: USB disconnect, device number 18 [ 461.744344][ T43] xr_serial 6-1:150.204: device disconnected [ 462.369890][T18277] netlink: 'syz.2.5322': attribute type 21 has an invalid length. [ 462.403243][T18277] netlink: 14548 bytes leftover after parsing attributes in process `syz.2.5322'. [ 463.332465][T18303] netlink: 'syz.5.5334': attribute type 29 has an invalid length. [ 463.345362][T18303] netlink: 'syz.5.5334': attribute type 29 has an invalid length. [ 463.356280][T18303] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5334'. [ 464.203574][T18333] blk_print_req_error: 330 callbacks suppressed [ 464.203596][T18333] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.222329][T18333] buffer_io_error: 330 callbacks suppressed [ 464.222347][T18333] Buffer I/O error on dev nbd2, logical block 0, async page read [ 464.236997][T18333] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.246393][T18333] Buffer I/O error on dev nbd2, logical block 1, async page read [ 464.268732][T18333] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.288399][T18333] Buffer I/O error on dev nbd2, logical block 2, async page read [ 464.297197][T18333] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.313446][T18333] Buffer I/O error on dev nbd2, logical block 3, async page read [ 464.321791][T18333] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.331137][T18333] Buffer I/O error on dev nbd2, logical block 0, async page read [ 464.346309][T18333] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.356866][T18333] Buffer I/O error on dev nbd2, logical block 1, async page read [ 464.369150][T18333] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.379602][T18333] Buffer I/O error on dev nbd2, logical block 2, async page read [ 464.390231][T18333] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.400821][T18333] Buffer I/O error on dev nbd2, logical block 3, async page read [ 464.409154][T18333] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.438566][T18333] Buffer I/O error on dev nbd2, logical block 0, async page read [ 464.448737][T18333] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 464.459727][T18333] Buffer I/O error on dev nbd2, logical block 1, async page read [ 464.472263][T18333] ldm_validate_partition_table(): Disk read failed. [ 464.485630][T18333] Dev nbd2: unable to read RDB block 0 [ 464.498035][T18333] nbd2: unable to read partition table [ 464.895755][T18354] program syz.2.5358 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 466.945695][T18437] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5395'. [ 467.503231][T18460] overlayfs: upper fs does not support tmpfile. [ 467.638653][T18467] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5408'. [ 467.782556][T18471] kvm: apic: phys broadcast and lowest prio [ 468.634865][T18502] skbuff: bad partial csum: csum=65506/2 headroom=178 headlen=65526 [ 468.908577][T18517] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5430'. [ 469.232517][T18531] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 469.261399][ T9] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 469.425394][ T9] usb 6-1: config 0 interface 0 has no altsetting 0 [ 469.437225][ T9] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 469.460379][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.481191][ T9] usb 6-1: config 0 descriptor?? [ 469.867239][T18555] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5447'. [ 470.140232][ T43] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 470.296189][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 470.309243][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7 [ 470.338095][ T43] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 470.347567][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 470.374850][ T43] usb 3-1: Product: syz [ 470.379065][ T43] usb 3-1: Manufacturer: syz [ 470.394578][ T43] usb 3-1: SerialNumber: syz [ 470.403552][ T43] usb 3-1: config 0 descriptor?? [ 470.418041][T18562] batadv_slave_0: entered promiscuous mode [ 470.437835][T18561] batadv_slave_0: left promiscuous mode [ 470.522765][ T9] video4linux radio48: keene_cmd_set failed (-71) [ 470.536324][ T9] radio-keene 6-1:0.0: V4L2 device registered as radio48 [ 470.560565][ T9] usb 6-1: USB disconnect, device number 19 [ 470.684463][ T43] usb 3-1: USB disconnect, device number 60 [ 471.960523][ T43] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 472.060268][ T5936] usb 3-1: new high-speed USB device number 61 using dummy_hcd [ 472.112591][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.127977][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.146557][ T43] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 472.161177][ T43] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 472.178174][ T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.196438][ T43] usb 6-1: config 0 descriptor?? [ 472.234380][ T5936] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.254456][ T5936] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.268224][ T5936] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 472.287447][ T5936] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 472.297213][ T5936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.313516][ T5936] usb 3-1: config 0 descriptor?? [ 472.634579][ T43] plantronics 0003:047F:FFFF.001B: reserved main item tag 0xd [ 472.745561][ T5936] plantronics 0003:047F:FFFF.001C: reserved main item tag 0xd [ 472.753795][ T43] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 472.814393][ T5936] plantronics 0003:047F:FFFF.001C: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 472.959300][ T10] usb 6-1: USB disconnect, device number 20 [ 473.014246][ T9] usb 3-1: USB disconnect, device number 61 [ 474.243403][T18702] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5511'. [ 474.315307][T18705] netlink: 176 bytes leftover after parsing attributes in process `syz.2.5512'. [ 474.811976][T18720] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5517'. [ 474.860299][T18720] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5517'. [ 475.470116][ T5936] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 475.627071][ T5936] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 475.650415][ T5936] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.658508][ T5936] usb 6-1: Product: syz [ 475.673765][ T5936] usb 6-1: Manufacturer: syz [ 475.678430][ T5936] usb 6-1: SerialNumber: syz [ 475.690157][T18757] netlink: 'syz.0.5535': attribute type 29 has an invalid length. [ 475.696002][ T5936] usb 6-1: config 0 descriptor?? [ 475.713075][T18757] netlink: 'syz.0.5535': attribute type 29 has an invalid length. [ 475.740640][T18757] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5535'. [ 475.977277][T18764] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 476.657086][ C0] ------------[ cut here ]------------ [ 476.662987][ C0] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0 [ 476.673554][ C0] WARNING: net/mac80211/rate.c:403 at __rate_control_send_low+0x5df/0x820, CPU#0: syz.2.5547/18787 [ 476.684312][ C0] Modules linked in: [ 476.688597][ C0] CPU: 0 UID: 0 PID: 18787 Comm: syz.2.5547 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) [ 476.700391][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 476.710509][ C0] RIP: 0010:__rate_control_send_low+0x5df/0x820 [ 476.716801][ C0] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 40 bc d1 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 32 49 8d f6 90 <0f> 0b 90 90 e9 73 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c [ 476.733368][ T5936] usb 6-1: Firmware version (0.0) predates our first public release. [ 476.736629][ C0] RSP: 0018:ffffc90000007538 EFLAGS: 00010246 [ 476.750818][ C0] RAX: 1a5e64abf420f000 RBX: 000000000000000c RCX: ffff88802ea15a00 [ 476.752829][ T5936] usb 6-1: Please update to version 0.2 or newer [ 476.758820][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002 [ 476.758840][ C0] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004 [ 476.758854][ C0] R10: dffffc0000000000 R11: fffffbfff1c7a4c0 R12: ffff8880781b3028 [ 476.758869][ C0] R13: 0000000000000000 R14: ffff888024d18e40 R15: ffff888024d1b0d8 [ 476.758883][ C0] FS: 00007ffaf59b36c0(0000) GS:ffff88812579c000(0000) knlGS:0000000000000000 [ 476.758900][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 476.758915][ C0] CR2: 000000110c2fb1d2 CR3: 0000000061df0000 CR4: 00000000003526f0 [ 476.758934][ C0] Call Trace: [ 476.758943][ C0] [ 476.758970][ C0] rate_control_send_low+0x194/0x7a0 [ 476.759010][ C0] rate_control_get_rate+0x20b/0x5d0 [ 476.759046][ C0] ieee80211_beacon_get_finish+0x38c/0x6b0 [ 476.759079][ C0] ? __pfx_ieee80211_beacon_get_finish+0x10/0x10 [ 476.759102][ C0] ? __local_bh_enable_ip+0x12d/0x1c0 [ 476.759133][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 476.759168][ C0] ieee80211_beacon_get_ap+0x1478/0x19e0 [ 476.759214][ C0] ? __pfx_ieee80211_beacon_get_ap+0x10/0x10 [ 476.759253][ C0] ? __ieee80211_beacon_get+0x36/0x17b0 [ 476.879819][ C0] ? __ieee80211_beacon_get+0x36/0x17b0 [ 476.885440][ C0] __ieee80211_beacon_get+0x1179/0x17b0 [ 476.891264][ C0] ? __ieee80211_beacon_get+0x36/0x17b0 [ 476.896836][ C0] ieee80211_beacon_get_tim+0xb4/0x2b0 [ 476.902345][ C0] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 476.908453][ C0] mac80211_hwsim_beacon_tx+0x3ce/0x860 [ 476.914057][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 476.921322][ C0] __iterate_interfaces+0x2ab/0x590 [ 476.926538][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 476.932643][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 476.939886][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 476.946131][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 476.953205][ C0] mac80211_hwsim_beacon+0xbb/0x1c0 [ 476.958411][ C0] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 476.964350][ C0] __hrtimer_run_queues+0x529/0xc60 [ 476.969588][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 476.975346][ C0] ? read_tsc+0x9/0x20 [ 476.979447][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 476.985305][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 476.990465][ C0] handle_softirqs+0x283/0x870 [ 476.995243][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 477.000056][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 477.005391][ C0] __irq_exit_rcu+0xca/0x1f0 [ 477.010035][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 477.015269][ C0] irq_exit_rcu+0x9/0x30 [ 477.019770][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 477.025455][ C0] [ 477.028402][ C0] [ 477.031369][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 477.037374][ C0] RIP: 0010:memset_orig+0x8a/0xb0 [ 477.042440][ C0] Code: 89 d1 83 e1 38 74 14 c1 e9 03 66 0f 1f 44 00 00 ff c9 48 89 07 48 8d 7f 08 75 f5 83 e2 07 74 0a ff ca 88 07 48 8d 7f 01 75 f6 <4c> 89 d0 c3 cc cc cc cc 48 83 fa 07 76 e3 48 89 07 49 c7 c0 08 00 [ 477.062288][ C0] RSP: 0018:ffffc900040175d8 EFLAGS: 00000246 [ 477.068378][ C0] RAX: 0000000000000000 RBX: 0000000000000dc0 RCX: 0000000000000000 [ 477.076630][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805c069010 [ 477.084674][ C0] RBP: 0000000000000dc0 R08: 0000000000000004 R09: 0000000000000000 [ 477.092702][ C0] R10: ffff88805c069000 R11: fffffbfff1fc8fa7 R12: ffff88801a842140 [ 477.101094][ C0] R13: 0000000000000dc0 R14: ffff88805c069000 R15: 0000000000000fa0 [ 477.109375][ C0] kasan_save_alloc_info+0x3b/0x50 [ 477.114552][ C0] __kasan_kmalloc+0x93/0xb0 [ 477.119203][ C0] __kvmalloc_node_noprof+0x30d/0x5f0 [ 477.124620][ C0] ? pfifo_fast_init+0x10d/0x6b0 [ 477.129589][ C0] pfifo_fast_init+0x10d/0x6b0 [ 477.134414][ C0] qdisc_create_dflt+0x138/0x4e0 [ 477.139466][ C0] dev_activate+0x378/0x1150 [ 477.144119][ C0] __dev_open+0x69c/0x880 [ 477.148506][ C0] ? __pfx___dev_open+0x10/0x10 [ 477.153415][ C0] __dev_change_flags+0x1ea/0x6d0 [ 477.158468][ C0] ? __lock_acquire+0xab9/0xd20 [ 477.163384][ C0] ? __pfx___dev_change_flags+0x10/0x10 [ 477.169054][ C0] ? devinet_ioctl+0x323/0x1b50 [ 477.173963][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 477.179021][ C0] netif_change_flags+0x88/0x1a0 [ 477.184042][ C0] dev_change_flags+0x130/0x260 [ 477.188942][ C0] devinet_ioctl+0xbb4/0x1b50 [ 477.193877][ C0] ? __pfx_devinet_ioctl+0x10/0x10 [ 477.199018][ C0] ? get_user_ifreq+0x12c/0x180 [ 477.203920][ C0] inet_ioctl+0x3c0/0x4c0 [ 477.208286][ C0] ? __pfx_inet_ioctl+0x10/0x10 [ 477.213224][ C0] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 477.218280][ C0] ? packet_ioctl+0x254/0x350 [ 477.223031][ C0] sock_do_ioctl+0xd9/0x300 [ 477.228102][ C0] ? __pfx_sock_do_ioctl+0x10/0x10 [ 477.233251][ C0] ? __lock_acquire+0xab9/0xd20 [ 477.238138][ C0] sock_ioctl+0x576/0x790 [ 477.242524][ C0] ? __pfx_sock_ioctl+0x10/0x10 [ 477.247396][ C0] ? __fget_files+0x2a/0x420 [ 477.252051][ C0] ? __fget_files+0x3a0/0x420 [ 477.256954][ C0] ? __fget_files+0x2a/0x420 [ 477.261648][ C0] ? bpf_lsm_file_ioctl+0x9/0x20 [ 477.266716][ C0] ? __pfx_sock_ioctl+0x10/0x10 [ 477.271662][ C0] __se_sys_ioctl+0xf9/0x170 [ 477.276308][ C0] do_syscall_64+0xfa/0x3b0 [ 477.280917][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 477.286168][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.292328][ C0] ? clear_bhb_loop+0x60/0xb0 [ 477.297070][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.303155][ C0] RIP: 0033:0x7ffaf4b8e929 [ 477.307709][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 477.327559][ C0] RSP: 002b:00007ffaf59b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 477.336116][ C0] RAX: ffffffffffffffda RBX: 00007ffaf4db5fa0 RCX: 00007ffaf4b8e929 [ 477.344134][ C0] RDX: 0000200000000180 RSI: 0000000000008914 RDI: 0000000000000004 [ 477.352179][ C0] RBP: 00007ffaf4c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 477.360333][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.368343][ C0] R13: 0000000000000000 R14: 00007ffaf4db5fa0 R15: 00007ffcf9d63678 [ 477.376390][ C0] [ 477.379449][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 477.386733][ C0] CPU: 0 UID: 0 PID: 18787 Comm: syz.2.5547 Not tainted 6.16.0-rc5-next-20250709-syzkaller #0 PREEMPT(full) [ 477.398483][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 477.408539][ C0] Call Trace: [ 477.411825][ C0] [ 477.414686][ C0] dump_stack_lvl+0x99/0x250 [ 477.419298][ C0] ? __asan_memcpy+0x40/0x70 [ 477.423908][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 477.429132][ C0] ? __pfx__printk+0x10/0x10 [ 477.433734][ C0] panic+0x2e2/0x7b0 [ 477.437649][ C0] ? __pfx_panic+0x10/0x10 [ 477.442082][ C0] __warn+0x334/0x4c0 [ 477.446082][ C0] ? __rate_control_send_low+0x5df/0x820 [ 477.451720][ C0] ? __rate_control_send_low+0x5df/0x820 [ 477.457374][ C0] report_bug+0x2be/0x4f0 [ 477.461825][ C0] ? __rate_control_send_low+0x5df/0x820 [ 477.467499][ C0] ? __rate_control_send_low+0x5df/0x820 [ 477.473144][ C0] ? __rate_control_send_low+0x5e1/0x820 [ 477.478802][ C0] handle_bug+0x84/0x160 [ 477.483152][ C0] exc_invalid_op+0x1a/0x50 [ 477.487662][ C0] asm_exc_invalid_op+0x1a/0x20 [ 477.492603][ C0] RIP: 0010:__rate_control_send_low+0x5df/0x820 [ 477.498882][ C0] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 40 bc d1 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 32 49 8d f6 90 <0f> 0b 90 90 e9 73 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c [ 477.518938][ C0] RSP: 0018:ffffc90000007538 EFLAGS: 00010246 [ 477.525035][ C0] RAX: 1a5e64abf420f000 RBX: 000000000000000c RCX: ffff88802ea15a00 [ 477.533178][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002 [ 477.541263][ C0] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004 [ 477.549238][ C0] R10: dffffc0000000000 R11: fffffbfff1c7a4c0 R12: ffff8880781b3028 [ 477.557211][ C0] R13: 0000000000000000 R14: ffff888024d18e40 R15: ffff888024d1b0d8 [ 477.565380][ C0] ? __rate_control_send_low+0x5de/0x820 [ 477.571039][ C0] rate_control_send_low+0x194/0x7a0 [ 477.576349][ C0] rate_control_get_rate+0x20b/0x5d0 [ 477.581650][ C0] ieee80211_beacon_get_finish+0x38c/0x6b0 [ 477.587550][ C0] ? __pfx_ieee80211_beacon_get_finish+0x10/0x10 [ 477.593878][ C0] ? __local_bh_enable_ip+0x12d/0x1c0 [ 477.599270][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 477.605003][ C0] ieee80211_beacon_get_ap+0x1478/0x19e0 [ 477.610656][ C0] ? __pfx_ieee80211_beacon_get_ap+0x10/0x10 [ 477.616750][ C0] ? __ieee80211_beacon_get+0x36/0x17b0 [ 477.622320][ C0] ? __ieee80211_beacon_get+0x36/0x17b0 [ 477.627968][ C0] __ieee80211_beacon_get+0x1179/0x17b0 [ 477.633521][ C0] ? __ieee80211_beacon_get+0x36/0x17b0 [ 477.639073][ C0] ieee80211_beacon_get_tim+0xb4/0x2b0 [ 477.644540][ C0] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 477.650607][ C0] mac80211_hwsim_beacon_tx+0x3ce/0x860 [ 477.656152][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 477.663358][ C0] __iterate_interfaces+0x2ab/0x590 [ 477.668579][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 477.674731][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 477.681983][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 477.688061][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 477.695200][ C0] mac80211_hwsim_beacon+0xbb/0x1c0 [ 477.700928][ C0] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 477.706819][ C0] __hrtimer_run_queues+0x529/0xc60 [ 477.712030][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 477.717747][ C0] ? read_tsc+0x9/0x20 [ 477.721813][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 477.727622][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 477.732745][ C0] handle_softirqs+0x283/0x870 [ 477.737625][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 477.742411][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 477.747710][ C0] __irq_exit_rcu+0xca/0x1f0 [ 477.752473][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 477.757676][ C0] irq_exit_rcu+0x9/0x30 [ 477.761929][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 477.767572][ C0] [ 477.770597][ C0] [ 477.773535][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 477.779624][ C0] RIP: 0010:memset_orig+0x8a/0xb0 [ 477.784749][ C0] Code: 89 d1 83 e1 38 74 14 c1 e9 03 66 0f 1f 44 00 00 ff c9 48 89 07 48 8d 7f 08 75 f5 83 e2 07 74 0a ff ca 88 07 48 8d 7f 01 75 f6 <4c> 89 d0 c3 cc cc cc cc 48 83 fa 07 76 e3 48 89 07 49 c7 c0 08 00 [ 477.804374][ C0] RSP: 0018:ffffc900040175d8 EFLAGS: 00000246 [ 477.810505][ C0] RAX: 0000000000000000 RBX: 0000000000000dc0 RCX: 0000000000000000 [ 477.818611][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805c069010 [ 477.826587][ C0] RBP: 0000000000000dc0 R08: 0000000000000004 R09: 0000000000000000 [ 477.834594][ C0] R10: ffff88805c069000 R11: fffffbfff1fc8fa7 R12: ffff88801a842140 [ 477.842602][ C0] R13: 0000000000000dc0 R14: ffff88805c069000 R15: 0000000000000fa0 [ 477.850616][ C0] kasan_save_alloc_info+0x3b/0x50 [ 477.855730][ C0] __kasan_kmalloc+0x93/0xb0 [ 477.860322][ C0] __kvmalloc_node_noprof+0x30d/0x5f0 [ 477.865693][ C0] ? pfifo_fast_init+0x10d/0x6b0 [ 477.870644][ C0] pfifo_fast_init+0x10d/0x6b0 [ 477.875434][ C0] qdisc_create_dflt+0x138/0x4e0 [ 477.880372][ C0] dev_activate+0x378/0x1150 [ 477.884984][ C0] __dev_open+0x69c/0x880 [ 477.889346][ C0] ? __pfx___dev_open+0x10/0x10 [ 477.894199][ C0] __dev_change_flags+0x1ea/0x6d0 [ 477.899222][ C0] ? __lock_acquire+0xab9/0xd20 [ 477.904083][ C0] ? __pfx___dev_change_flags+0x10/0x10 [ 477.909646][ C0] ? devinet_ioctl+0x323/0x1b50 [ 477.914506][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 477.919529][ C0] netif_change_flags+0x88/0x1a0 [ 477.924467][ C0] dev_change_flags+0x130/0x260 [ 477.929332][ C0] devinet_ioctl+0xbb4/0x1b50 [ 477.934013][ C0] ? __pfx_devinet_ioctl+0x10/0x10 [ 477.939125][ C0] ? get_user_ifreq+0x12c/0x180 [ 477.943976][ C0] inet_ioctl+0x3c0/0x4c0 [ 477.948304][ C0] ? __pfx_inet_ioctl+0x10/0x10 [ 477.953175][ C0] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 477.958221][ C0] ? packet_ioctl+0x254/0x350 [ 477.962907][ C0] sock_do_ioctl+0xd9/0x300 [ 477.967438][ C0] ? __pfx_sock_do_ioctl+0x10/0x10 [ 477.972576][ C0] ? __lock_acquire+0xab9/0xd20 [ 477.977438][ C0] sock_ioctl+0x576/0x790 [ 477.981850][ C0] ? __pfx_sock_ioctl+0x10/0x10 [ 477.986716][ C0] ? __fget_files+0x2a/0x420 [ 477.991311][ C0] ? __fget_files+0x3a0/0x420 [ 477.996488][ C0] ? __fget_files+0x2a/0x420 [ 478.001085][ C0] ? bpf_lsm_file_ioctl+0x9/0x20 [ 478.006043][ C0] ? __pfx_sock_ioctl+0x10/0x10 [ 478.010888][ C0] __se_sys_ioctl+0xf9/0x170 [ 478.015479][ C0] do_syscall_64+0xfa/0x3b0 [ 478.019996][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 478.025209][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.031273][ C0] ? clear_bhb_loop+0x60/0xb0 [ 478.035973][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.041857][ C0] RIP: 0033:0x7ffaf4b8e929 [ 478.046319][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 478.065937][ C0] RSP: 002b:00007ffaf59b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 478.074627][ C0] RAX: ffffffffffffffda RBX: 00007ffaf4db5fa0 RCX: 00007ffaf4b8e929 [ 478.082596][ C0] RDX: 0000200000000180 RSI: 0000000000008914 RDI: 0000000000000004 [ 478.090776][ C0] RBP: 00007ffaf4c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 478.098842][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 478.106834][ C0] R13: 0000000000000000 R14: 00007ffaf4db5fa0 R15: 00007ffcf9d63678 [ 478.115032][ C0] [ 478.118417][ C0] Kernel Offset: disabled [ 478.122858][ C0] Rebooting in 86400 seconds..