last executing test programs: 17.117783495s ago: executing program 0 (id=5306): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) close(r0) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000040)="02", 0x1}], 0x1) 16.951882391s ago: executing program 0 (id=5307): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in6=@private1, @in=@local}, {@in=@multicast1, 0x0, 0x32}, @in=@dev, {0x8}, {}, {}, 0x0, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x0, 0x0, @in=@broadcast}}]}, 0x154}}, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002580)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c8", 0x71}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f354", 0x14}, {0x0}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326", 0x4ad}], 0x4}, 0x0) r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) setgroups(0x40000000000002e6, &(0x7f0000000140)=[0x0]) keyctl$KEYCTL_MOVE(0x3, r4, 0x0, 0x0, 0x0) 4.554605054s ago: executing program 1 (id=5385): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040ac05620200000000000109022400010000000009040000010300f3ff082100000001220500090581030000000000"], 0x0) r0 = socket(0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x400) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[], 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0) bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x4e, &(0x7f0000000340)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xc, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x12, 0x2, 0x0, [{@broadcast}, {@multicast1}, {@loopback}]}]}}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) r3 = socket(0x8000000010, 0x2, 0x0) write(r3, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc) r4 = socket(0x840000000002, 0x3, 0x100) connect$inet(r4, &(0x7f00000005c0)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r4, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @remote}, {0x20000010304, @dev}, 0x4, {0x2, 0x0, @multicast1=0xe000cc02}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0xa, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="37f605ccd5ea0a7d60e2191800000000000000efff000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 4.251719448s ago: executing program 0 (id=5308): timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) rt_sigaction(0x1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000380)) 2.940224103s ago: executing program 0 (id=5394): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) close(0xffffffffffffffff) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x6}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r1, &(0x7f0000000200), 0x20000000}, 0x20) recvmsg$unix(r0, &(0x7f0000000340)={0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000140)=""/246, 0xf6}], 0x1}, 0x0) sendmsg$inet(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) 2.792084911s ago: executing program 3 (id=5397): openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000400), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000200010000000800010000000000040008800400048038000c8014000b80080009"], 0x64}}, 0x0) 2.766914672s ago: executing program 3 (id=5398): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000300)={0xe0001, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2da7]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2.747515209s ago: executing program 1 (id=5399): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000040)=r0) 2.701111935s ago: executing program 3 (id=5400): ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000100)=0x80000) socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc2b02) ioctl$CEC_TRANSMIT(r0, 0xc0386105, 0x0) 2.700603476s ago: executing program 1 (id=5401): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000200)={0x0, 0xf000, &(0x7f00000001c0)={&(0x7f0000014040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="030300000000000000000700000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 2.656907357s ago: executing program 3 (id=5403): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10) r1 = openat$binderfs(0xffffff9c, &(0x7f0000000340)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000400)={0x44, 0x0, &(0x7f0000000700)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 2.595646952s ago: executing program 4 (id=5404): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x44}, {0x6}]}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) 2.584687481s ago: executing program 1 (id=5405): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{}]}]}}, &(0x7f0000000f40)=""/4089, 0x3a, 0xff9, 0xa}, 0x1f) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x11, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000005000000bf09000000000000650901000000000066000000ffffff80180100002020700800000000000000207b9a00fe000000005e9108000000000037010000f8ffffffb702000008000000b70300000000000056000000060000002c93000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x5}}, './file0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000580)={'wg1\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100e8ffffff000000001d0000002000018008000100", @ANYRES32=r4, @ANYBLOB="14000200776731"], 0x34}}, 0x0) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000001bc0), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$SNAPSHOT_S2RAM(r5, 0x330b) 2.570691496s ago: executing program 3 (id=5406): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) mq_unlink(0x0) 2.501919757s ago: executing program 3 (id=5407): socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'wlan0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x2c4, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x294, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "ca0fb762580766136d5ec4ec043657e3dda6b09124a58b8180fc3e503693b90a549393abbc32273876e0443ae40b45e4ca3ed3c6a671fbcfbcf0704bbc6304c1b3a748d39ba48c00555dd1fa5a1ddba64f0e54784d49da03d925c228d5ac61f5425e51bf618b9548a80c44f9c4c1c918fc529c43a34e302df28c23871d3316074d2b7c0169c7b32ed6c8b2c3e2ae0455de4ff1320ff7acec2ee2a38c8244af06d38467892e1de78c05139040d2549cefae949ac8f9a053d0a5a2f6ee7789988f93a700cc5b89cbd99b23d7ee7be321fff1a0d9bd6f53f68ee7878f6243b26894b051247c1d51ba4d1e50fc26d958614a2e0441f486f1eccd0120a84dbc4e26ef"}, @TCA_GRED_MAX_P={0x8}, @TCA_GRED_STAB={0x104, 0x2, "6f9c29745866749223f963f886722428930e39ec6ac30ee16c2c9d0768da8b274a8c33af0a3fc41551ab9e1d7c50ee8a7137d1c05b5299d86f52072fb08316fc155ee2334f6620cf89aa68eef43d1213c663705c51a341c8fca89f17defc32d1f0b6457e5a7f9704ff001c7f21bdaf5545d5270ed517a9de7ae6e124d5b471a188d954ba5f93be27f7e90360c07065cb07d9b690ecbf7eb0fbd8563bc50e3a7ae1778cb68ac34610c514bd046909d2ed4de92b06cb359486b946ef967ac20f4d25534f239693d0cb733b40ae226f001cf8b81b8fc4d8c5eb8a27631c82a01c43ff285ff1273bf76c37732624d2a8cbc061554fd533bde21659cc686b2ede7517"}, @TCA_GRED_PARMS={0x38, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, @TCA_GRED_PARMS={0x38}, @TCA_GRED_DPS={0x10}]}}]}, 0x2c4}}, 0x0) r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1e, 0x13, r3, 0x2000) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) write$binfmt_script(r5, &(0x7f0000000200), 0xfffffd9d) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c90012000e14000a0000000700ffff00000700000000"], 0x17) syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r6, 0x0, 0x0, 0x0, 0x0) socket$rds(0x15, 0x5, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) 2.444868769s ago: executing program 4 (id=5409): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'vlan0\x00'}) socket$netlink(0x10, 0x3, 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000000100), &(0x7f0000000300)) bind$inet6(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x46, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x0) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1f00030007"], 0xd) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000380)={0x0, 0x0}) setpgid(0x0, r2) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000440)={0x0, 0x0, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) ioctl$BTRFS_IOC_GET_DEV_STATS(r3, 0xc4089434, &(0x7f0000000840)={r4, 0x0, 0x1, [0x100, 0x3, 0x8, 0x560, 0x468], [0x8, 0x4, 0x8, 0x7, 0xef, 0x7, 0x401, 0x10, 0x9, 0x5, 0x5, 0x7, 0x4, 0x5, 0x80000000, 0xe, 0x7, 0x2, 0x7fffffffffffffff, 0x4, 0x4000000000000000, 0x7, 0x6, 0x7, 0x3, 0xffffffff, 0x1000, 0x7fffffff, 0xd0, 0xa, 0x9d, 0xa, 0x16ad, 0xd07e, 0x0, 0x38e2, 0x80, 0x9, 0x80000001, 0x1, 0x3ff, 0x0, 0x280000000000, 0x0, 0xf1, 0x0, 0x6, 0x4, 0x101, 0x0, 0x9, 0x0, 0x0, 0x7000, 0xbf, 0x5, 0x3, 0x1, 0x0, 0x4, 0x7e, 0x3, 0xa, 0x7, 0xcc4, 0x0, 0x0, 0xb5, 0x9, 0x4fd, 0xcd0, 0x1, 0x1, 0xd650, 0x9, 0x8001, 0x75, 0x5, 0x6, 0x5, 0x6, 0xb2, 0x0, 0x5, 0x68b6, 0x0, 0xc7f, 0x8, 0x80000000, 0x9, 0xeb99, 0x7, 0x2, 0x4, 0x1, 0x9, 0x3, 0xd, 0x0, 0x156, 0x4, 0x0, 0x1, 0x800, 0x6, 0x0, 0x0, 0x1, 0x7, 0x2560, 0x1, 0xfb, 0x5, 0xfe0, 0x3, 0x0, 0x7, 0x1ea2a00000000000, 0x8, 0x3, 0x9]}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0x9362, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) 2.442081433s ago: executing program 1 (id=5410): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000300)={0xe0001, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2da7]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2.312108301s ago: executing program 1 (id=5411): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) socket$xdp(0x2c, 0x3, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1}) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) 2.13589921s ago: executing program 4 (id=5413): ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000100)=0x80000) socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc2b02) ioctl$CEC_TRANSMIT(r0, 0xc0386105, 0x0) 2.092433026s ago: executing program 0 (id=5414): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000040)={[{@nr_blocks={'nr_blocks', 0x3d, [0x35]}}]}) 2.026580042s ago: executing program 4 (id=5415): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000200)={0x0, 0xf000, &(0x7f00000001c0)={&(0x7f0000014040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="030300000000000000000700000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 1.913774141s ago: executing program 4 (id=5416): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10) r1 = openat$binderfs(0xffffff9c, &(0x7f0000000340)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000400)={0x44, 0x0, &(0x7f0000000700)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 1.833919815s ago: executing program 0 (id=5417): socket$inet_tcp(0x2, 0x1, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298) r1 = socket$kcm(0x2a, 0x0, 0x0) sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) mknod$loop(0x0, 0x0, 0x1) r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8) socket$inet6_tcp(0xa, 0x1, 0x0) timer_create(0x9, 0x0, &(0x7f0000bbdffc)) read(r2, &(0x7f00000002c0)=""/199, 0xc7) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x0, @thr={0x0, &(0x7f00000000c0)='O'}}, &(0x7f0000044000)=0x0) timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0) timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) 1.779828722s ago: executing program 4 (id=5418): r0 = socket$inet_sctp(0x2, 0x0, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) shutdown(r0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x341042, 0x0) r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000080)=0x3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) ioctl$EVIOCGMASK(r2, 0x80015b12, 0x0) 896.536247ms ago: executing program 2 (id=5420): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{}]}]}}, &(0x7f0000000f40)=""/4089, 0x3a, 0xff9, 0xa}, 0x1f) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x11, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000005000000bf09000000000000650901000000000066000000ffffff80180100002020700800000000000000207b9a00fe000000005e9108000000000037010000f8ffffffb702000008000000b70300000000000056000000060000002c93000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x5}}, './file0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000580)={'wg1\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100e8ffffff000000001d0000002000018008000100", @ANYRES32=r4, @ANYBLOB="14000200776731"], 0x34}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b) 680.106162ms ago: executing program 2 (id=5421): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000300)={0xe0001, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2da7]}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 580.721634ms ago: executing program 2 (id=5422): syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe) 443.989077ms ago: executing program 2 (id=5423): r0 = syz_open_dev$video4linux(&(0x7f0000000740), 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f0000000400)) 303.864015ms ago: executing program 2 (id=5424): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) close(r2) 0s ago: executing program 2 (id=5425): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="e03f030026000b05d25a806c8c6f94f90324fc60100001000a", 0x19}], 0x1}, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'virt_wifi0\x00', 0x11}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001c40)='/sys/kernel/uevent_seqnum', 0x0, 0x0) readv(r2, &(0x7f0000002cc0)=[{&(0x7f0000000580)=""/4096, 0x1000}], 0x1) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r3, 0x0, 0x3, &(0x7f0000000180)=0x4, 0x4) syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r4) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) flock(0xffffffffffffffff, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r5, 0x0, r7, 0x0, 0x8000f28, 0x0) splice(r6, 0x0, r0, 0x0, 0x4, 0x0) kernel console output (not intermixed with test programs): eyspan 5-1:0.0: found no endpoint descriptor for endpoint 4 [ 302.558925][ T9] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 86 [ 302.566786][T12951] loop_reread_partitions: partition scan of loop0 (þ被YüŸÑø) failed (rc=-5) [ 302.588675][ T9] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 6 [ 302.610576][ T9] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 302.622724][ T4542] Dev loop0: unable to read RDB block 7 [ 302.628473][ T4542] loop0: unable to read partition table [ 302.636643][ T4542] loop0: partition table beyond EOD, truncated [ 302.665565][T12890] kvm: pic: non byte write [ 302.717347][T12960] usb usb9: usbfs: process 12960 (syz.1.3293) did not claim interface 0 before use [ 302.752711][T12960] pimreg: entered allmulticast mode [ 302.766362][T12960] pimreg: left allmulticast mode [ 302.866779][T12965] serio: Serial port pts0 [ 302.880167][ T5094] usb 5-1: USB disconnect, device number 6 [ 302.934634][ T5094] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 302.985840][ T5094] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 303.007965][ T5094] keyspan 5-1:0.0: device disconnected [ 303.242306][T12989] loop0: detected capacity change from 0 to 7 [ 303.263505][T12989] Dev loop0: unable to read RDB block 7 [ 303.275072][T12989] loop0: unable to read partition table [ 303.284944][T12989] loop0: partition table beyond EOD, truncated [ 303.294643][T12989] loop_reread_partitions: partition scan of loop0 (þ被YüŸÑø) failed (rc=-5) [ 303.516425][ T5094] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 303.658732][ C1] dccp_invalid_packet: P.Data Offset(0) too small [ 303.718225][ T5094] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 303.756604][ T5094] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 303.777523][ T5094] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 303.800193][ T5094] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 303.858664][ T5094] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 303.874456][ T5094] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 303.902579][ T5094] usb 3-1: Manufacturer: syz [ 303.919781][ T5094] usb 3-1: config 0 descriptor?? [ 304.350981][ T5094] appleir 0003:05AC:8243.0004: unknown main item tag 0x0 [ 304.380525][ T5094] appleir 0003:05AC:8243.0004: No inputs registered, leaving [ 304.424668][ T5094] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 304.628264][ T5137] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 304.816532][ T5137] usb 5-1: Using ep0 maxpacket: 16 [ 304.827621][ T5137] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 304.866382][ T5137] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 304.890498][ T5137] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 304.914709][ T5137] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 304.927101][ T46] usb 3-1: USB disconnect, device number 4 [ 304.945985][ T5137] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 304.992383][ T5137] usb 5-1: config 0 descriptor?? [ 305.423713][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.472212][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.501925][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.540804][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.574680][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.609783][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.627783][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.635205][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.675429][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.699130][ T5137] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 305.792184][ T5137] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0005/input/input16 [ 305.852689][ T5137] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 305.911187][ T5137] usb 5-1: USB disconnect, device number 7 [ 307.316440][ T11] bridge_slave_1: left allmulticast mode [ 307.325118][ T11] bridge_slave_1: left promiscuous mode [ 307.353242][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.396194][ T11] bridge_slave_0: left allmulticast mode [ 307.427574][ T11] bridge_slave_0: left promiscuous mode [ 307.455403][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.238993][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 308.266948][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 308.278481][ T11] bond0 (unregistering): Released all slaves [ 309.237482][T13186] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3385'. [ 309.249358][ T11] hsr_slave_0: left promiscuous mode [ 309.265158][ T11] hsr_slave_1: left promiscuous mode [ 309.281892][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 309.294062][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 309.308005][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 309.315728][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 309.415376][ T11] veth1_macvtap: left promiscuous mode [ 309.440093][ T11] veth0_macvtap: left promiscuous mode [ 309.461669][ T11] veth1_vlan: left promiscuous mode [ 309.480444][ T11] veth0_vlan: left promiscuous mode [ 310.696623][ T11] team0 (unregistering): Port device team_slave_1 removed [ 310.740310][ T11] team0 (unregistering): Port device team_slave_0 removed [ 311.121241][ T11] lo (unregistering): left allmulticast mode [ 311.744439][T13242] syz.0.3404[13242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 311.745122][T13242] syz.0.3404[13242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 313.064424][T13273] serio: Serial port pts0 [ 313.486165][T13290] kvm: pic: non byte write [ 315.912371][T13440] serio: Serial port pts1 [ 316.276123][T13458] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3492'. [ 316.883899][T13467] could not allocate digest TFM handle cbcmac-aes-ce [ 317.144263][T13492] serio: Serial port pts0 [ 317.413152][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.420260][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.670923][T13527] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 317.689302][T13527] kvm: pic: non byte write [ 318.724456][T13596] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3544'. [ 319.136795][T13612] input: syz0 as /devices/virtual/input/input17 [ 321.304067][T13667] syzkaller1: entered promiscuous mode [ 321.319956][T13667] syzkaller1: entered allmulticast mode [ 321.386401][ T5139] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 321.586421][ T5139] usb 1-1: Using ep0 maxpacket: 32 [ 321.599506][ T5139] usb 1-1: New USB device found, idVendor=06cd, idProduct=0110, bcdDevice=71.71 [ 321.626477][ T5139] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.654938][ T5139] usb 1-1: Product: syz [ 321.665064][ T5139] usb 1-1: Manufacturer: syz [ 321.678257][ T5139] usb 1-1: SerialNumber: syz [ 321.697092][ T5139] usb 1-1: config 0 descriptor?? [ 321.707439][ T5139] keyspan 1-1:0.0: Keyspan 2 port adapter converter detected [ 321.726373][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 87 [ 321.737107][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 7 [ 321.767746][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 81 [ 321.775511][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 1 [ 321.798350][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 2 [ 321.826582][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 85 [ 321.850009][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 5 [ 321.872827][ T5139] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 321.903015][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 83 [ 321.944203][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 3 [ 321.962666][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 4 [ 321.992997][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 86 [ 322.013462][ T5139] keyspan 1-1:0.0: found no endpoint descriptor for endpoint 6 [ 322.042524][ T5139] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 322.079600][ T5139] usb 1-1: USB disconnect, device number 7 [ 322.103786][ T5139] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 322.141175][ T5139] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 322.164793][ T5139] keyspan 1-1:0.0: device disconnected [ 322.597593][T13690] syzkaller1: entered promiscuous mode [ 322.615126][T13690] syzkaller1: entered allmulticast mode [ 323.260674][T13710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3596'. [ 323.611434][T13721] syzkaller1: entered promiscuous mode [ 323.620497][T13721] syzkaller1: entered allmulticast mode [ 323.998366][T13739] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3609'. [ 324.276998][T13749] dummy0: entered promiscuous mode [ 324.282395][T13749] macvtap1: entered promiscuous mode [ 324.298479][T13749] dummy0: left promiscuous mode [ 324.607123][T13772] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3623'. [ 324.612669][T13769] loop0: detected capacity change from 0 to 7 [ 324.638093][T12259] Dev loop0: unable to read RDB block 7 [ 324.645589][T12259] loop0: unable to read partition table [ 324.656772][T12259] loop0: partition table beyond EOD, truncated [ 324.664415][T13769] Dev loop0: unable to read RDB block 7 [ 324.672899][T13769] loop0: unable to read partition table [ 324.685396][T13769] loop0: partition table beyond EOD, truncated [ 324.695047][T13769] loop_reread_partitions: partition scan of loop0 (þ被YüŸÑø) failed (rc=-5) [ 324.731843][ T4542] Dev loop0: unable to read RDB block 7 [ 324.741583][ T4542] loop0: unable to read partition table [ 324.754564][ T4542] loop0: partition table beyond EOD, truncated [ 325.188396][T13801] syzkaller1: entered promiscuous mode [ 325.219501][T13801] syzkaller1: entered allmulticast mode [ 325.253599][T13808] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3635'. [ 328.563866][T13957] dummy0: entered promiscuous mode [ 328.593969][T13957] macvtap1: entered promiscuous mode [ 328.621803][T13957] dummy0: left promiscuous mode [ 329.045543][T13983] syzkaller1: entered promiscuous mode [ 329.069697][T13983] syzkaller1: entered allmulticast mode [ 329.448954][T14001] dummy0: entered promiscuous mode [ 329.483331][T14001] macvtap1: entered promiscuous mode [ 329.512094][T14001] dummy0: left promiscuous mode [ 329.661248][T14023] syzkaller1: entered promiscuous mode [ 329.669408][T14023] syzkaller1: entered allmulticast mode [ 330.305991][T14064] syzkaller1: entered promiscuous mode [ 330.312866][T14064] syzkaller1: entered allmulticast mode [ 330.482401][ C1] eth0: bad gso: type: 1, size: 1408 [ 330.546520][ T931] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 330.757045][ T931] usb 4-1: Using ep0 maxpacket: 16 [ 330.785985][ T931] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 330.799993][T14092] syzkaller1: entered promiscuous mode [ 330.804390][ T931] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 330.809481][T14092] syzkaller1: entered allmulticast mode [ 330.825473][ T931] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 330.863694][ T931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.905164][ T931] usb 4-1: config 0 descriptor?? [ 330.925714][ T931] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 331.161296][ T9] usb 4-1: USB disconnect, device number 10 [ 331.322917][T14110] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 331.346578][T14110] kvm: pic: non byte write [ 331.466040][T14125] syzkaller1: entered promiscuous mode [ 331.474048][T14125] syzkaller1: entered allmulticast mode [ 332.037167][T14157] syzkaller1: entered promiscuous mode [ 332.054841][T14157] syzkaller1: entered allmulticast mode [ 332.174666][T14167] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 51055 - 0 [ 332.185568][T14167] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 51055 - 0 [ 332.196518][T14167] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 51055 - 0 [ 332.205526][T14167] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 51055 - 0 [ 332.243369][T14167] team0: Port device geneve3 added [ 333.070777][T14215] syz.2.3818[14215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 333.070924][T14215] syz.2.3818[14215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 333.793441][T14232] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3828'. [ 334.032807][T14236] dummy0: entered promiscuous mode [ 334.049279][T14236] macvtap1: entered promiscuous mode [ 334.076803][T14236] dummy0: left promiscuous mode [ 334.966432][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 335.352756][T14258] syz.0.3838[14258] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 335.352910][T14258] syz.0.3838[14258] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 335.668980][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 335.696560][ T9] usb 3-1: New USB device found, idVendor=06cd, idProduct=0110, bcdDevice=71.71 [ 335.705729][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.720824][ T9] usb 3-1: Product: syz [ 335.725123][ T9] usb 3-1: Manufacturer: syz [ 335.729873][ T9] usb 3-1: SerialNumber: syz [ 335.736966][ T9] usb 3-1: config 0 descriptor?? [ 335.748211][ T9] keyspan 3-1:0.0: Keyspan 2 port adapter converter detected [ 335.755835][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 87 [ 335.797069][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 7 [ 335.816954][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 81 [ 335.834919][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 1 [ 335.865927][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 2 [ 335.983924][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 85 [ 335.991841][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 5 [ 336.004548][ T9] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 336.014232][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 83 [ 336.022037][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 3 [ 336.058234][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 4 [ 336.080467][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 86 [ 336.116119][ T9] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 6 [ 336.138344][ T9] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 336.170831][ T9] usb 3-1: USB disconnect, device number 5 [ 336.199077][ T9] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 336.252116][ T9] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 336.277454][ T9] keyspan 3-1:0.0: device disconnected [ 336.326604][ T46] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 336.528741][ T46] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 336.564172][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 336.585628][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 336.603087][ T46] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 336.632046][ T46] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 336.644218][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.667458][ T46] usb 5-1: config 0 descriptor?? [ 336.695669][T14272] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 337.123932][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.156376][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.174253][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.199990][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.216635][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.236428][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.254247][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.279634][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.312659][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.337452][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.365412][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.379599][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.389005][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.401832][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.409795][ T46] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 337.433267][ T46] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 337.477005][T14317] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 337.495092][ T46] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 337.525033][T14317] kvm: pic: non byte write [ 337.578967][ T46] usb 5-1: USB disconnect, device number 8 [ 340.724226][T14470] loop0: detected capacity change from 0 to 7 [ 340.747237][T14470] Dev loop0: unable to read RDB block 7 [ 340.755549][T14470] loop0: unable to read partition table [ 340.772371][T14470] loop0: partition table beyond EOD, truncated [ 340.782177][T14470] loop_reread_partitions: partition scan of loop0 (þ被YüŸÑø) failed (rc=-5) [ 340.809467][ T4542] Dev loop0: unable to read RDB block 7 [ 340.837396][ T4542] loop0: unable to read partition table [ 340.853805][ T4542] loop0: partition table beyond EOD, truncated [ 341.189094][T14496] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 341.242855][T14496] kvm: pic: non byte write [ 343.550940][T14612] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 343.564993][T14612] kvm: pic: non byte write [ 343.689900][T14615] loop0: detected capacity change from 0 to 7 [ 343.698543][T14615] Dev loop0: unable to read RDB block 7 [ 343.710517][T14615] loop0: unable to read partition table [ 343.721762][T14615] loop0: partition table beyond EOD, truncated [ 343.739370][T14615] loop_reread_partitions: partition scan of loop0 (þ被YüŸÑø) failed (rc=-5) [ 345.086610][ T4487] Bluetooth: hci1: command 0x0406 tx timeout [ 346.483376][T14731] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 346.567570][T14731] kvm: pic: non byte write [ 347.920225][T14799] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 347.964619][T14799] kvm: pic: non byte write [ 348.729887][T14817] syzkaller1: entered promiscuous mode [ 348.745797][T14817] syzkaller1: entered allmulticast mode [ 349.508100][T14843] syzkaller1: entered promiscuous mode [ 349.524742][T14843] syzkaller1: entered allmulticast mode [ 351.306576][ C1] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 351.477869][T14879] syz.0.4113[14879] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.478014][T14879] syz.0.4113[14879] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.634762][T14888] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 351.700838][T14888] kvm: pic: non byte write [ 351.973693][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888066a1cc00: rx timeout, send abort [ 352.063192][ C1] vxcan0: j1939_tp_rxtimer: 0xffff88802cb58c00: rx timeout, send abort [ 352.483611][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888066a1cc00: abort rx timeout. Force session deactivation [ 352.571674][ C1] vxcan0: j1939_tp_rxtimer: 0xffff88802cb58c00: abort rx timeout. Force session deactivation [ 353.503406][T14994] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 353.532900][T14994] kvm: pic: non byte write [ 353.646696][ T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 353.723962][T15011] serio: Serial port pts0 [ 353.839865][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 353.855465][ T9] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 353.875182][ T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 353.898505][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 353.935549][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 353.953680][ T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 353.968042][ T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 353.989684][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.199256][T15041] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 354.222844][ T9] usb 5-1: usb_control_msg returned -32 [ 354.238943][ T9] usbtmc 5-1:16.0: can't read capabilities [ 354.250110][T15035] kvm: pic: non byte write [ 354.364765][ C1] eth0: bad gso: type: 1, size: 1408 [ 355.055958][T15083] serio: Serial port pts1 [ 356.331944][ T931] usb 5-1: USB disconnect, device number 9 [ 357.010109][T15195] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 357.084054][T15191] kvm: pic: non byte write [ 359.063299][T15330] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 359.137481][T15330] kvm: pic: non byte write [ 361.306845][ T5137] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 361.526330][ T5137] usb 1-1: Using ep0 maxpacket: 8 [ 361.534455][ T5137] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 361.564434][ T5137] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 361.596548][ T5137] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 361.626497][ T5137] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 361.662407][ T5137] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 361.697476][ T5137] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 361.727203][ T5137] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.971231][ T5137] usb 1-1: usb_control_msg returned -32 [ 361.992576][ T5137] usbtmc 1-1:16.0: can't read capabilities [ 362.361499][ T5137] usb 1-1: USB disconnect, device number 8 [ 362.786437][ T931] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 362.996376][ T931] usb 2-1: Using ep0 maxpacket: 32 [ 363.009927][ T931] usb 2-1: New USB device found, idVendor=06cd, idProduct=0110, bcdDevice=71.71 [ 363.029556][ T931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.053981][ T931] usb 2-1: Product: syz [ 363.065579][ T931] usb 2-1: Manufacturer: syz [ 363.072058][ T931] usb 2-1: SerialNumber: syz [ 363.091352][ T931] usb 2-1: config 0 descriptor?? [ 363.125713][ T931] keyspan 2-1:0.0: Keyspan 2 port adapter converter detected [ 363.145468][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 87 [ 363.161420][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 7 [ 363.198680][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81 [ 363.209993][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1 [ 363.225542][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2 [ 363.254224][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 85 [ 363.272256][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 5 [ 363.312561][ T931] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 363.384971][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 83 [ 363.418315][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 3 [ 363.435908][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 4 [ 363.448348][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 86 [ 363.456226][ T931] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 6 [ 363.483165][ T931] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 363.538413][ T931] usb 2-1: USB disconnect, device number 9 [ 363.584590][ T931] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 363.632149][ T931] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 363.669294][ T931] keyspan 2-1:0.0: device disconnected [ 364.705530][T15578] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 364.730212][T15578] kvm: pic: non byte write [ 365.074644][T15602] serio: Serial port pts0 [ 365.305902][T15621] sctp: [Deprecated]: syz.4.4442 (pid 15621) Use of int in max_burst socket option. [ 365.305902][T15621] Use struct sctp_assoc_value instead [ 366.648689][T15681] syzkaller1: entered promiscuous mode [ 366.655174][T15681] syzkaller1: entered allmulticast mode [ 366.856653][T15697] usb usb9: usbfs: process 15697 (syz.4.4476) did not claim interface 0 before use [ 367.178938][T15713] syzkaller1: entered promiscuous mode [ 367.192537][T15713] syzkaller1: entered allmulticast mode [ 367.586869][ T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 367.765541][ T9] usb 2-1: device descriptor read/64, error -71 [ 368.066815][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 368.236553][ T9] usb 2-1: device descriptor read/64, error -71 [ 368.370869][ T9] usb usb2-port1: attempt power cycle [ 368.796457][ T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 368.857983][ T9] usb 2-1: device descriptor read/8, error -71 [ 369.196514][ T9] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 369.247409][ T9] usb 2-1: device descriptor read/8, error -71 [ 369.371022][ T9] usb usb2-port1: unable to enumerate USB device [ 370.258336][T15846] serio: Serial port pts0 [ 373.189743][T15934] veth1: entered promiscuous mode [ 373.203997][T15933] veth1: left promiscuous mode [ 373.327471][T15943] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4585'. [ 373.816738][T15964] syz.2.4583[15964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 373.816834][T15964] syz.2.4583[15964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 373.956060][T15968] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 374.095454][T15968] kvm: pic: non byte write [ 377.489568][T16172] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4687'. [ 377.616954][T16179] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4687'. [ 377.646734][T16172] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4687'. [ 377.898723][T16194] serio: Serial port pts0 [ 378.340818][ T4487] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 378.351493][ T4487] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 378.370186][ T4487] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 378.396555][ T4487] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 378.408549][ T4487] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 378.422561][ T4487] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 378.471739][ T5181] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.486453][ T5181] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 51055 - 0 [ 378.682475][ T5181] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.696401][ T5181] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 51055 - 0 [ 378.748364][T16232] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4709'. [ 378.855908][ T5181] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.870853][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.870958][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.887108][ T5181] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 51055 - 0 [ 378.923538][T16234] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4709'. [ 378.939999][T16232] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4709'. [ 379.104269][ T5181] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.139129][ T5181] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 51055 - 0 [ 379.517273][T16246] sctp: [Deprecated]: syz.4.4713 (pid 16246) Use of struct sctp_assoc_value in delayed_ack socket option. [ 379.517273][T16246] Use struct sctp_sack_info instead [ 379.692321][ T5181] bridge_slave_1: left allmulticast mode [ 379.725974][ T5181] bridge_slave_1: left promiscuous mode [ 379.751201][ T5181] bridge0: port 2(bridge_slave_1) entered disabled state [ 379.778125][ T5181] bridge_slave_0: left allmulticast mode [ 379.812447][ T5181] bridge_slave_0: left promiscuous mode [ 379.821441][ T5181] bridge0: port 1(bridge_slave_0) entered disabled state [ 379.912230][T16256] fuse: Bad value for 'fd' [ 380.526617][ T4487] Bluetooth: hci3: command tx timeout [ 380.663833][ T5181] team0: Port device geneve3 removed [ 381.064172][T16285] fuse: Bad value for 'fd' [ 381.166840][ T5181] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 381.218060][ T5181] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 381.256476][ T5181] bond0 (unregistering): Released all slaves [ 381.413462][T16214] chnl_net:caif_netlink_parms(): no params data found [ 381.561011][T16214] bridge0: port 1(bridge_slave_0) entered blocking state [ 381.570750][T16214] bridge0: port 1(bridge_slave_0) entered disabled state [ 381.585732][T16214] bridge_slave_0: entered allmulticast mode [ 381.613654][T16214] bridge_slave_0: entered promiscuous mode [ 381.657904][T16214] bridge0: port 2(bridge_slave_1) entered blocking state [ 381.673808][T16214] bridge0: port 2(bridge_slave_1) entered disabled state [ 381.684131][T16214] bridge_slave_1: entered allmulticast mode [ 381.691973][T16214] bridge_slave_1: entered promiscuous mode [ 381.769654][T16214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 381.789561][T16214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 381.868975][T16214] team0: Port device team_slave_0 added [ 381.881820][T16214] team0: Port device team_slave_1 added [ 381.936457][ T25] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 381.948335][T16214] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 381.955778][T16214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 381.984177][T16214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 381.999848][T16214] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 382.011710][T16214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 382.046609][T16214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 382.113983][T16214] hsr_slave_0: entered promiscuous mode [ 382.126822][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 382.137994][T16214] hsr_slave_1: entered promiscuous mode [ 382.139112][ T25] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 382.162814][ T25] usb 5-1: config 179 has no interface number 0 [ 382.171440][ T25] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 382.186600][ T5137] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 382.192250][ T25] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 382.215277][ T25] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 382.233234][ T25] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 382.252921][ T25] usb 5-1: config 179 interface 65 has no altsetting 0 [ 382.261187][ T25] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 382.270734][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.285902][T16308] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 382.368531][ T5137] usb 4-1: config 0 has no interfaces? [ 382.374072][ T5137] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 382.389073][ T5137] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.424985][ T5137] usb 4-1: config 0 descriptor?? [ 382.525603][ T5137] usb 5-1: USB disconnect, device number 10 [ 382.594979][ C0] dccp_invalid_packet: P.type (SYNC) not Data || [Data]Ack, while P.X == 0 [ 382.607633][ T4487] Bluetooth: hci3: command tx timeout [ 382.643906][T16318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 382.652702][T16318] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 382.664726][ T46] usb 4-1: USB disconnect, device number 11 [ 382.788896][T16214] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 382.801635][T16214] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 382.811980][T16214] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 382.823057][T16214] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 382.929693][T16214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 382.980100][T16214] 8021q: adding VLAN 0 to HW filter on device team0 [ 382.993872][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state [ 383.001074][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 383.030327][ T5137] bridge0: port 2(bridge_slave_1) entered blocking state [ 383.037524][ T5137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 383.258210][ T5181] hsr_slave_0: left promiscuous mode [ 383.272502][ T5181] hsr_slave_1: left promiscuous mode [ 383.282913][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 383.299252][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 383.317797][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 383.325306][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 383.375800][ T5181] veth1_macvtap: left promiscuous mode [ 383.401845][ T5181] veth0_macvtap: left promiscuous mode [ 383.408629][ T5181] veth1_vlan: left promiscuous mode [ 383.415365][ T5181] veth0_vlan: left promiscuous mode [ 383.428196][T16349] syz.4.4756[16349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 383.428752][T16349] syz.4.4756[16349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 384.686801][ T4487] Bluetooth: hci3: command tx timeout [ 384.720498][T16384] serio: Serial port pts0 [ 384.763512][ T5181] team0 (unregistering): Port device team_slave_1 removed [ 384.809744][ T5181] team0 (unregistering): Port device team_slave_0 removed [ 385.758717][T16214] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 385.852152][T16214] veth0_vlan: entered promiscuous mode [ 385.874732][T16214] veth1_vlan: entered promiscuous mode [ 385.929620][T16214] veth0_macvtap: entered promiscuous mode [ 385.958514][T16214] veth1_macvtap: entered promiscuous mode [ 385.990497][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.011585][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.024271][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.070097][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.083412][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.100815][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.111625][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.124641][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.137969][T16214] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 386.161674][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.173093][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.188096][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.211726][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.233690][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.255262][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.268001][T16214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.291793][T16214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.321128][T16214] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 386.381107][T16214] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.396923][T16214] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.406739][T16214] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.415473][T16214] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.622436][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.658870][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.725603][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.755678][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.766921][ T4487] Bluetooth: hci3: command tx timeout [ 388.031300][ T5093] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 388.043340][ T5093] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 388.057974][ T5093] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 388.069045][ T5093] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 388.078249][ T5093] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 388.081211][ T5181] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.096616][ T5093] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 388.332166][ T5181] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.557505][ T5181] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.870049][ T5181] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.079217][T16521] chnl_net:caif_netlink_parms(): no params data found [ 389.327396][ T5181] bridge_slave_1: left allmulticast mode [ 389.334822][ T5181] bridge_slave_1: left promiscuous mode [ 389.363711][T16597] serio: Serial port pts0 [ 389.368809][ T5181] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.427913][ T5181] bridge_slave_0: left allmulticast mode [ 389.447235][ T5181] bridge_slave_0: left promiscuous mode [ 389.475653][ T5181] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.112124][ T4487] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 390.123913][ T4487] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 390.134575][ T4487] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 390.152630][ T4487] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 390.163050][ T4487] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 390.171850][ T4487] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 390.207747][ T4487] Bluetooth: hci2: command tx timeout [ 390.443420][ T5181] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 390.456150][ T5181] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 390.469004][ T5181] bond0 (unregistering): Released all slaves [ 390.745485][T16521] bridge0: port 1(bridge_slave_0) entered blocking state [ 390.768073][T16521] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.776643][T16521] bridge_slave_0: entered allmulticast mode [ 390.787036][T16521] bridge_slave_0: entered promiscuous mode [ 390.799772][T16521] bridge0: port 2(bridge_slave_1) entered blocking state [ 390.812990][T16521] bridge0: port 2(bridge_slave_1) entered disabled state [ 390.833964][T16521] bridge_slave_1: entered allmulticast mode [ 390.844305][T16651] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 390.850076][T16521] bridge_slave_1: entered promiscuous mode [ 391.084181][T16521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 391.114878][T16521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 391.265201][T16521] team0: Port device team_slave_0 added [ 391.292345][ T5181] hsr_slave_0: left promiscuous mode [ 391.304852][ T5181] hsr_slave_1: left promiscuous mode [ 391.313464][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 391.315170][T16676] serio: Serial port pts0 [ 391.329627][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 391.338412][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 391.346046][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 391.365931][ T5181] veth1_macvtap: left promiscuous mode [ 391.371741][ T5181] veth0_macvtap: left promiscuous mode [ 391.377980][ T5181] veth1_vlan: left promiscuous mode [ 391.383288][ T5181] veth0_vlan: left promiscuous mode [ 391.872783][ T5181] team0 (unregistering): Port device team_slave_1 removed [ 391.930220][ T5181] team0 (unregistering): Port device team_slave_0 removed [ 392.209254][ T4487] Bluetooth: hci0: command tx timeout [ 392.292276][ T4487] Bluetooth: hci2: command tx timeout [ 392.502464][T16698] xt_hashlimit: overflow, rate too high: 0 [ 392.876115][T16521] team0: Port device team_slave_1 added [ 392.923904][T16521] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 392.931379][T16521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 392.975880][T16521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 393.003268][T16521] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 393.018465][T16521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 393.055470][T16521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 393.281735][T16521] hsr_slave_0: entered promiscuous mode [ 393.332153][T16521] hsr_slave_1: entered promiscuous mode [ 393.347647][T16521] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 393.366344][T16521] Cannot create hsr debugfs directory [ 393.495278][T16624] chnl_net:caif_netlink_parms(): no params data found [ 393.655347][ T5181] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.757810][T16624] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.764933][T16624] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.772860][T16624] bridge_slave_0: entered allmulticast mode [ 393.780460][T16624] bridge_slave_0: entered promiscuous mode [ 393.813862][ T5181] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.856109][T16624] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.863481][T16624] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.872230][T16624] bridge_slave_1: entered allmulticast mode [ 393.880729][T16624] bridge_slave_1: entered promiscuous mode [ 393.978378][ T29] audit: type=1326 audit(1721722102.083:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16729 comm="syz.0.4910" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe634975f19 code=0x0 [ 394.004950][ T5181] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.033532][T16624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 394.048013][T16624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 394.098895][ T5181] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.157507][T16624] team0: Port device team_slave_0 added [ 394.173046][T16624] team0: Port device team_slave_1 added [ 394.287492][ T4487] Bluetooth: hci0: command tx timeout [ 394.296130][T16624] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 394.328795][T16624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 394.367236][ T4487] Bluetooth: hci2: command tx timeout [ 394.410402][T16624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 394.448450][T16624] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 394.455414][T16624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 394.507805][T16738] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 394.507805][T16738] The task syz.3.4912 (16738) triggered the difference, watch for misbehavior. [ 394.526457][T16624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 394.745581][T16624] hsr_slave_0: entered promiscuous mode [ 394.758116][T16624] hsr_slave_1: entered promiscuous mode [ 394.774906][T16624] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 394.796385][T16624] Cannot create hsr debugfs directory [ 394.803087][ T5181] bridge_slave_1: left allmulticast mode [ 394.816356][ T5181] bridge_slave_1: left promiscuous mode [ 394.824414][ T5181] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.891241][ T5181] bridge_slave_0: left allmulticast mode [ 394.909241][ T5181] bridge_slave_0: left promiscuous mode [ 394.915142][ T5181] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.104868][ T29] audit: type=1326 audit(1721722103.203:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16751 comm="syz.0.4918" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe634975f19 code=0x0 [ 395.469618][ T5181] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 395.496177][ T5181] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 395.509721][ T5181] bond0 (unregistering): Released all slaves [ 395.551810][T16521] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 395.581154][T16521] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 395.621891][T16521] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 395.643199][T16521] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 395.846103][ T29] audit: type=1326 audit(1721722103.943:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16764 comm="syz.4.4922" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x0 [ 395.981164][ T5181] hsr_slave_0: left promiscuous mode [ 396.010988][ T5181] hsr_slave_1: left promiscuous mode [ 396.024854][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 396.032777][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 396.040941][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 396.049068][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 396.070270][ T5181] veth1_macvtap: left promiscuous mode [ 396.075798][ T5181] veth0_macvtap: left promiscuous mode [ 396.082495][ T5181] veth1_vlan: left promiscuous mode [ 396.088060][ T5181] veth0_vlan: left promiscuous mode [ 396.367080][ T4487] Bluetooth: hci0: command tx timeout [ 396.446503][ T4487] Bluetooth: hci2: command tx timeout [ 396.695907][ T5181] team0 (unregistering): Port device team_slave_1 removed [ 396.791555][ T5181] team0 (unregistering): Port device team_slave_0 removed [ 397.270628][T16521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 397.326168][T16521] 8021q: adding VLAN 0 to HW filter on device team0 [ 397.350571][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 397.357839][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 397.407758][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 397.414993][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 397.510466][T16785] mmap: syz.0.4928 (16785) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 397.533523][ T29] audit: type=1326 audit(1721722105.613:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16784 comm="syz.0.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe634975f19 code=0x7ffc0000 [ 397.576670][T16521] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 397.599256][ T29] audit: type=1326 audit(1721722105.613:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16784 comm="syz.0.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fe634975f19 code=0x7ffc0000 [ 397.664376][ T29] audit: type=1326 audit(1721722105.703:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16784 comm="syz.0.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe634975f19 code=0x7ffc0000 [ 397.722053][ T29] audit: type=1326 audit(1721722105.703:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16784 comm="syz.0.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe634975f19 code=0x7ffc0000 [ 397.810467][T16624] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 397.851428][T16624] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 397.874630][T16624] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 397.901954][T16624] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 398.000503][T16521] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 398.108204][ T931] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 398.119245][T16624] 8021q: adding VLAN 0 to HW filter on device bond0 [ 398.162494][T16624] 8021q: adding VLAN 0 to HW filter on device team0 [ 398.176816][T16521] veth0_vlan: entered promiscuous mode [ 398.193477][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state [ 398.200682][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 398.220275][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 398.227471][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 398.243798][T16521] veth1_vlan: entered promiscuous mode [ 398.306468][ T931] usb 1-1: Using ep0 maxpacket: 8 [ 398.318987][ T931] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 398.337257][ T931] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.362429][ T931] usb 1-1: config 0 descriptor?? [ 398.374810][T16521] veth0_macvtap: entered promiscuous mode [ 398.395714][T16521] veth1_macvtap: entered promiscuous mode [ 398.413001][T16624] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 398.425485][T16624] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 398.447164][ T4487] Bluetooth: hci0: command tx timeout [ 398.492966][T16521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 398.504144][T16521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 398.514932][T16521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 398.526214][T16521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 398.536988][T16521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 398.548015][T16521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 398.560103][T16521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 398.575598][T16521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 398.597112][T16521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 398.607378][T16521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 398.620619][T16521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 398.630935][T16521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 398.642039][T16521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 398.654913][T16521] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 398.700431][T16521] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 398.722165][T16521] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 398.744589][T16521] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 398.767377][T16521] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 398.831732][T16819] kvm: pic: non byte write [ 398.891106][T16624] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 398.938950][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 398.951984][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 399.036032][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 399.054792][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 399.109152][T16624] veth0_vlan: entered promiscuous mode [ 399.148001][T16624] veth1_vlan: entered promiscuous mode [ 399.190461][T16824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4939'. [ 399.205289][T16824] netlink: 'syz.3.4939': attribute type 11 has an invalid length. [ 399.227591][T16824] netlink: 'syz.3.4939': attribute type 12 has an invalid length. [ 399.269318][T16824] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 399.278666][T16824] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 399.288133][T16824] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 399.297507][T16824] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 399.317628][T16824] vxlan0: entered promiscuous mode [ 399.417633][T16833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4942'. [ 399.433771][T16833] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4942'. [ 399.503183][T16624] veth0_macvtap: entered promiscuous mode [ 399.525828][T16624] veth1_macvtap: entered promiscuous mode [ 399.554283][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.567564][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.579577][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.593559][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.608566][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.621081][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.631384][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 399.645578][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.664094][T16624] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 399.683961][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 399.708156][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.736471][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 399.753191][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.765042][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 399.777625][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.787665][T16624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 399.818145][T16624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 399.847280][T16624] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 399.884376][T16624] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 399.920061][T16624] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 399.950389][T16624] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 399.975400][T16624] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.262132][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 400.289821][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 400.403009][ T5181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 400.412631][ T931] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71 [ 400.435143][ T5181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 400.455736][ T931] asix 1-1:0.0: probe with driver asix failed with error -71 [ 400.481612][ T931] usb 1-1: USB disconnect, device number 9 [ 400.747469][T16876] fuse: Unknown parameter 'group_i00000000000000000000' [ 400.909110][T16883] netlink: 'syz.3.4961': attribute type 11 has an invalid length. [ 400.936574][T16883] netlink: 'syz.3.4961': attribute type 11 has an invalid length. [ 400.967570][T16883] debugfs: Directory 'netdev:' with parent 'phy15' already present! [ 401.079998][ T4487] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 401.147973][T16896] devtmpfs: Bad value for 'mpol' [ 401.263290][T16899] netdevsim netdevsim0: Direct firmware load for ng failed with error -2 [ 401.285421][T16899] netdevsim netdevsim0: Falling back to sysfs fallback for: ng [ 401.392336][T16911] fuse: Unknown parameter 'group_i00000000000000000000' [ 402.745959][ T29] audit: type=1326 audit(1721722110.843:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16924 comm="syz.3.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd576575f19 code=0x7ffc0000 [ 402.822768][ T29] audit: type=1326 audit(1721722110.843:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16924 comm="syz.3.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd576575f19 code=0x7ffc0000 [ 402.854677][ T29] audit: type=1326 audit(1721722110.853:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16924 comm="syz.3.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fd576575f19 code=0x7ffc0000 [ 402.887703][ T29] audit: type=1326 audit(1721722110.853:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16924 comm="syz.3.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd576575f19 code=0x7ffc0000 [ 402.893323][T16938] syz.3.4982 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 402.917105][ T29] audit: type=1326 audit(1721722110.853:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16924 comm="syz.3.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd576575f19 code=0x7ffc0000 [ 402.954105][ T29] audit: type=1326 audit(1721722110.853:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16924 comm="syz.3.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd576575f19 code=0x7ffc0000 [ 402.993603][T16933] kvm: pic: non byte write [ 403.007156][ T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 403.064947][T16940] fuse: Unknown parameter 'group_i00000000000000000000' [ 403.158225][ T46] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 403.192746][ T29] audit: type=1326 audit(1721722111.293:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16943 comm="syz.1.4985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 403.223253][ T29] audit: type=1326 audit(1721722111.293:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16943 comm="syz.1.4985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 403.239848][T16926] syz.2.4977[16926] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 403.244869][T16926] syz.2.4977[16926] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 403.255526][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 403.304318][ T29] audit: type=1326 audit(1721722111.293:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16943 comm="syz.1.4985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 403.327236][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 403.337950][ T29] audit: type=1326 audit(1721722111.293:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16943 comm="syz.1.4985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 403.358322][ T46] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 403.362023][ T8] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 403.384537][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 403.393067][ T46] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 403.396405][ T8] usb 5-1: SerialNumber: syz [ 403.423866][ T46] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 403.442278][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 403.451161][ T46] usb 1-1: SerialNumber: syz [ 403.680825][ T46] usb 1-1: 0:2 : does not exist [ 403.893907][T16967] fuse: Unknown parameter 'group_id00000000000000000000' [ 404.056855][ T8] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 404.072894][ T9] usb 1-1: USB disconnect, device number 10 [ 404.138527][ T8] usb 5-1: USB disconnect, device number 11 [ 404.466563][ T5094] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 404.858368][ T5094] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 404.899939][ T5094] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.962289][ T5094] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.166660][ T5094] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 405.184802][ T5094] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 405.194050][ T5094] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 405.204127][ T5094] usb 2-1: Manufacturer: syz [ 405.213316][ T5094] usb 2-1: config 0 descriptor?? [ 405.641806][ T5094] usbhid 2-1:0.0: can't add hid device: -71 [ 405.658290][ T5094] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 405.691086][ T5094] usb 2-1: USB disconnect, device number 14 [ 405.776415][ T46] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 405.970140][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 406.001520][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 406.028032][ T46] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 406.056468][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.078828][ T46] usb 3-1: config 0 descriptor?? [ 406.624232][ T46] hid (null): bogus close delimiter [ 407.050898][ T46] usb 3-1: language id specifier not provided by device, defaulting to English [ 407.483902][ T46] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0007/input/input20 [ 407.604267][ T46] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0007/input/input21 [ 407.656759][ T46] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0007/input/input22 [ 407.702932][ T46] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0007/input/input23 [ 407.743799][ T46] uclogic 0003:256C:006D.0007: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0 [ 407.779923][ T46] usb 3-1: USB disconnect, device number 6 [ 408.600614][ T5094] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 409.030329][ T5094] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 409.041528][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 409.054637][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 409.066021][ T5094] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 409.082854][ T5094] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 409.092063][ T5094] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 409.115850][ T5094] usb 4-1: Manufacturer: syz [ 409.145702][ T5094] usb 4-1: config 0 descriptor?? [ 409.565547][ T5094] usbhid 4-1:0.0: can't add hid device: -71 [ 409.626471][ T5094] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 409.688795][ T5094] usb 4-1: USB disconnect, device number 12 [ 409.992480][T17074] Bluetooth: MGMT ver 1.23 [ 410.303221][T17061] syz.0.5026: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 410.339692][T17061] CPU: 0 UID: 0 PID: 17061 Comm: syz.0.5026 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 410.350168][T17061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 410.360238][T17061] Call Trace: [ 410.363530][T17061] [ 410.366474][T17061] dump_stack_lvl+0x241/0x360 [ 410.371187][T17061] ? __pfx_dump_stack_lvl+0x10/0x10 [ 410.376408][T17061] ? __pfx__printk+0x10/0x10 [ 410.381029][T17061] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 410.387465][T17061] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 410.393985][T17061] warn_alloc+0x278/0x410 [ 410.398334][T17061] ? __pfx_warn_alloc+0x10/0x10 [ 410.403202][T17061] ? translate_table+0x174/0x2260 [ 410.408244][T17061] ? __get_vm_area_node+0x23d/0x270 [ 410.413472][T17061] __vmalloc_node_range_noprof+0x69f/0x1460 [ 410.419382][T17061] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 410.425163][T17061] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 410.431508][T17061] ? rcu_is_watching+0x15/0xb0 [ 410.436291][T17061] ? trace_kmalloc+0x1f/0xd0 [ 410.440893][T17061] ? __kmalloc_node_noprof+0x247/0x440 [ 410.446367][T17061] ? __kvmalloc_node_noprof+0x72/0x190 [ 410.451933][T17061] __kvmalloc_node_noprof+0x142/0x190 [ 410.457324][T17061] ? translate_table+0x174/0x2260 [ 410.462365][T17061] translate_table+0x174/0x2260 [ 410.467224][T17061] ? __pfx_translate_table+0x10/0x10 [ 410.472495][T17061] ? __might_fault+0xaa/0x120 [ 410.477266][T17061] ? __pfx_lock_release+0x10/0x10 [ 410.482283][T17061] ? __might_fault+0xaa/0x120 [ 410.486945][T17061] ? __might_fault+0xc6/0x120 [ 410.491610][T17061] ? _copy_from_user+0xa6/0xe0 [ 410.496367][T17061] ? copy_from_sockptr_offset+0x6b/0xb0 [ 410.501915][T17061] do_ipt_set_ctl+0xe3d/0x1250 [ 410.506669][T17061] ? __pfx___might_resched+0x10/0x10 [ 410.511942][T17061] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 410.517129][T17061] ? __pfx_lock_release+0x10/0x10 [ 410.522164][T17061] ? __mutex_unlock_slowpath+0x21d/0x750 [ 410.527786][T17061] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 410.533145][T17061] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 410.539122][T17061] ? __pfx___mutex_lock+0x10/0x10 [ 410.544129][T17061] ? module_put+0x13a/0x2d0 [ 410.548625][T17061] nf_setsockopt+0x295/0x2c0 [ 410.553290][T17061] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 410.559172][T17061] smc_setsockopt+0x275/0xe50 [ 410.563839][T17061] ? __pfx_smc_setsockopt+0x10/0x10 [ 410.569028][T17061] ? __pfx_lock_release+0x10/0x10 [ 410.574036][T17061] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 410.579569][T17061] ? security_socket_setsockopt+0x87/0xb0 [ 410.585271][T17061] ? __pfx_smc_setsockopt+0x10/0x10 [ 410.590466][T17061] do_sock_setsockopt+0x3af/0x720 [ 410.595486][T17061] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 410.601031][T17061] ? __fget_files+0x29/0x470 [ 410.605607][T17061] ? __fget_files+0x3f6/0x470 [ 410.610273][T17061] __sys_setsockopt+0x1ae/0x250 [ 410.615119][T17061] __x64_sys_setsockopt+0xb5/0xd0 [ 410.620227][T17061] do_syscall_64+0xf3/0x230 [ 410.624722][T17061] ? clear_bhb_loop+0x35/0x90 [ 410.629410][T17061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.635324][T17061] RIP: 0033:0x7fe634975f19 [ 410.639733][T17061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.659345][T17061] RSP: 002b:00007fe6356b9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 410.667745][T17061] RAX: ffffffffffffffda RBX: 00007fe634b05f60 RCX: 00007fe634975f19 [ 410.675786][T17061] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004 [ 410.683748][T17061] RBP: 00007fe6349e4e68 R08: 0000000000000298 R09: 0000000000000000 [ 410.691721][T17061] R10: 0000000020000300 R11: 0000000000000246 R12: 0000000000000000 [ 410.699683][T17061] R13: 000000000000000b R14: 00007fe634b05f60 R15: 00007ffd676377a8 [ 410.707668][T17061] [ 410.745491][T17061] Mem-Info: [ 410.757592][T17061] active_anon:267 inactive_anon:8935 isolated_anon:0 [ 410.757592][T17061] active_file:9542 inactive_file:47461 isolated_file:0 [ 410.757592][T17061] unevictable:768 dirty:203 writeback:0 [ 410.757592][T17061] slab_reclaimable:9524 slab_unreclaimable:96546 [ 410.757592][T17061] mapped:19398 shmem:5511 pagetables:834 [ 410.757592][T17061] sec_pagetables:0 bounce:0 [ 410.757592][T17061] kernel_misc_reclaimable:0 [ 410.757592][T17061] free:1366290 free_pcp:2700 free_cma:0 [ 411.821935][T17061] Node 0 active_anon:12472kB inactive_anon:22952kB active_file:38084kB inactive_file:189844kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:64648kB dirty:844kB writeback:0kB shmem:18932kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9992kB pagetables:3228kB sec_pagetables:0kB all_unreclaimable? no [ 411.866340][T17061] Node 1 active_anon:0kB inactive_anon:0kB active_file:84kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 411.970473][T17061] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 412.004469][T17061] lowmem_reserve[]: 0 2571 2571 0 0 [ 412.056024][T17061] Node 0 DMA32 free:1487620kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:1068kB inactive_anon:22820kB active_file:37824kB inactive_file:189792kB unevictable:1536kB writepending:840kB present:3129332kB managed:2659776kB mlocked:0kB bounce:0kB free_pcp:31940kB local_pcp:16204kB free_cma:0kB [ 412.111761][T17061] lowmem_reserve[]: 0 0 0 0 0 [ 412.126393][T17061] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:268kB inactive_file:52kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 412.175191][T17061] lowmem_reserve[]: 0 0 0 0 0 [ 412.190734][T17061] Node 1 Normal free:3953584kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:84kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 412.241466][T17061] lowmem_reserve[]: 0 0 0 0 0 [ 412.247510][T17061] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 412.261025][T17061] Node 0 DMA32: 3*4kB (ME) 3*8kB (E) 2*16kB (ME) 5*32kB (E) 56*64kB (UME) 176*128kB (UME) 106*256kB (UME) 42*512kB (UME) 15*1024kB (ME) 4*2048kB (M) 339*4096kB (M) = 1487076kB [ 412.321633][T17061] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 412.335514][T17061] Node 1 Normal: 6*4kB (UM) 9*8kB (UM) 13*16kB (UM) 12*32kB (UM) 8*64kB (UM) 4*128kB (UM) 1*256kB (U) 2*512kB (UM) 0*1024kB 1*2048kB (U) 964*4096kB (M) = 3953584kB [ 412.373579][T17061] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 412.387284][T17061] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 412.401325][T17061] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 412.411771][T17061] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 412.421598][T17061] 59267 total pagecache pages [ 412.426710][T17061] 0 pages in swap cache [ 412.441073][T17061] Free swap = 124728kB [ 412.452159][T17061] Total swap = 124996kB [ 412.463185][T17061] 2097051 pages RAM [ 412.484459][T17061] 0 pages HighMem/MovableOnly [ 412.501319][T17061] 400897 pages reserved [ 412.516631][T17061] 0 pages cma reserved [ 412.960420][T17122] fuse: Bad value for 'fd' [ 414.421535][T17141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5053'. [ 414.576433][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 415.682836][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.721192][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.751930][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 415.763016][T17156] fuse: Bad value for 'user_id' [ 415.782041][ T9] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 415.800891][T17156] fuse: Bad value for 'user_id' [ 415.835662][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.867981][ T9] usb 3-1: config 0 descriptor?? [ 417.036434][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 417.044141][ T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 417.068157][ T9] usb 3-1: USB disconnect, device number 7 [ 417.080404][ T5101] udevd[5101]: setting owner of /dev/bus/usb/003/007 to uid=0, gid=0 failed: No such file or directory [ 417.952404][T17186] fuse: Bad value for 'fd' [ 419.406653][ T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 419.737567][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 419.756348][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 419.786382][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 419.829935][ T9] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 419.853513][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.874085][ T9] usb 4-1: config 0 descriptor?? [ 420.850451][T17228] fuse: Bad value for 'fd' [ 420.853582][ T9] usbhid 4-1:0.0: can't add hid device: -71 [ 420.868144][ T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 420.891908][ T9] usb 4-1: USB disconnect, device number 13 [ 421.574234][ T2915] Bluetooth: hci5: Frame reassembly failed (-84) [ 421.715557][ T2915] Bluetooth: hci5: Frame reassembly failed (-84) [ 421.886993][T17220] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 422.029665][T17245] netlink: 'syz.1.5090': attribute type 29 has an invalid length. [ 422.040118][T17245] netlink: 'syz.1.5090': attribute type 29 has an invalid length. [ 422.052697][T17245] netlink: 'syz.1.5090': attribute type 29 has an invalid length. [ 422.062485][T17245] netlink: 'syz.1.5090': attribute type 29 has an invalid length. [ 422.073365][T17245] netlink: 'syz.1.5090': attribute type 29 has an invalid length. [ 422.086133][T17245] netlink: 'syz.1.5090': attribute type 29 has an invalid length. [ 422.096688][ T8] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 422.182264][T17255] fuse: Bad value for 'fd' [ 422.426548][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 422.687112][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 422.902379][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 422.923010][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 422.975677][ T8] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 422.977266][T17261] pim6reg1: entered promiscuous mode [ 422.990311][T17261] pim6reg1: entered allmulticast mode [ 422.995227][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.016526][ T931] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 423.026807][ T8] usb 4-1: config 0 descriptor?? [ 423.251294][ T931] usb 2-1: Using ep0 maxpacket: 16 [ 423.259842][ T931] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 423.276880][ T931] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 423.293596][ T931] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 423.304960][ T931] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 423.319107][ T931] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 423.332467][ T931] usb 2-1: config 1 interface 0 has no altsetting 0 [ 423.343243][ T931] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 423.359905][ T931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.383567][ T931] ums-sddr09 2-1:1.0: USB Mass Storage device detected [ 423.411127][ T4487] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 423.503992][ T8] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0 [ 423.518889][ T8] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0 [ 423.555856][ T8] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0 [ 423.570616][ T8] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0 [ 423.590459][ T8] microsoft 0003:045E:07DA.0008: No inputs registered, leaving [ 423.600266][ T8] microsoft 0003:045E:07DA.0008: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 423.614745][ T8] microsoft 0003:045E:07DA.0008: no inputs found [ 423.627761][ T8] microsoft 0003:045E:07DA.0008: could not initialize ff, continuing anyway [ 423.731561][ T5141] usb 4-1: USB disconnect, device number 14 [ 424.713797][T17294] kvm: pic: non byte write [ 425.628206][ T931] ums-sddr09 2-1:1.0: probe with driver ums-sddr09 failed with error -22 [ 425.994640][ T8] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 426.014825][ T931] usb 2-1: USB disconnect, device number 15 [ 426.081170][ T8] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 426.157676][ T8] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz1 [ 426.274886][T17331] netlink: 92 bytes leftover after parsing attributes in process `syz.0.5118'. [ 427.130606][T17365] binder: 17362:17365 ioctl 4018620d 0 returned -22 [ 428.499424][T17390] binder: BINDER_SET_CONTEXT_MGR already set [ 428.505882][T17390] binder: 17384:17390 ioctl 4018620d 20000040 returned -16 [ 429.178655][T17388] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5139'. [ 429.268833][T17388] bond_slave_0: entered promiscuous mode [ 429.275108][T17388] bond_slave_1: entered promiscuous mode [ 429.304774][T17388] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 429.347503][T17392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5139'. [ 429.660680][T17403] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5144'. [ 430.874654][T17438] binder: 17432:17438 ioctl 4018620d 0 returned -22 [ 431.341810][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 431.341828][ T29] audit: type=1107 audit(1721722395.443:35): pid=17445 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='E' [ 431.843883][T17456] serio: Serial port ptm0 [ 433.180909][ T29] audit: type=1326 audit(1721722397.283:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.251561][ T29] audit: type=1326 audit(1721722397.303:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.329668][ T29] audit: type=1326 audit(1721722397.313:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.384865][ T29] audit: type=1326 audit(1721722397.313:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.418024][ T29] audit: type=1326 audit(1721722397.313:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.459060][ T29] audit: type=1326 audit(1721722397.323:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.459115][ T29] audit: type=1326 audit(1721722397.323:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.459156][ T29] audit: type=1326 audit(1721722397.323:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17490 comm="syz.1.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 433.459232][ T29] audit: type=1326 audit(1721722397.393:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.0.5184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe634975f19 code=0x7ffc0000 [ 434.337945][T17509] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 434.364910][T17509] overlayfs: missing 'lowerdir' [ 434.515561][T17521] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5194'. [ 435.829952][ C1] dccp_invalid_packet: P.type (SYNC) not Data || [Data]Ack, while P.X == 0 [ 436.583829][T17553] kvm: pic: non byte write [ 437.033298][T17577] ip6tnl0: entered promiscuous mode [ 437.048868][T17577] vlan3: entered promiscuous mode [ 437.070509][T17577] ip6tnl0: left promiscuous mode [ 437.606816][ T5093] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 438.438169][ T5141] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 438.458917][ T5139] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 438.769863][ T5141] usb 3-1: config 0 has no interfaces? [ 438.769905][ T5141] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 438.769931][ T5141] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.833212][ T5141] usb 3-1: config 0 descriptor?? [ 438.856791][ T5139] usb 5-1: Using ep0 maxpacket: 8 [ 438.867046][ T5139] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 438.886848][ T5139] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 438.913445][ T5139] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 438.960855][ T5139] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 438.975082][ T5139] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 438.984516][ T5139] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.075035][ T5141] usb 3-1: string descriptor 0 read error: -71 [ 439.112300][ T5141] usb 3-1: USB disconnect, device number 8 [ 439.205970][ T5139] usb 5-1: usb_control_msg returned -32 [ 439.220734][ T5139] usbtmc 5-1:16.0: can't read capabilities [ 439.254219][ T5139] usb 5-1: USB disconnect, device number 12 [ 439.262159][T17640] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5240'. [ 440.135141][T17670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5252'. [ 440.289689][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.306402][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.916742][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 440.916759][ T29] audit: type=1326 audit(1721722405.023:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17701 comm="syz.2.5262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6103d75f19 code=0x7ffc0000 [ 440.949340][ T29] audit: type=1326 audit(1721722405.023:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17701 comm="syz.2.5262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6103d75f19 code=0x7ffc0000 [ 440.983137][ T29] audit: type=1326 audit(1721722405.053:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17701 comm="syz.2.5262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f6103d75f19 code=0x7ffc0000 [ 441.008476][ T29] audit: type=1326 audit(1721722405.053:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17701 comm="syz.2.5262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6103d75f19 code=0x7ffc0000 [ 441.038039][ T29] audit: type=1326 audit(1721722405.053:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17701 comm="syz.2.5262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6103d75f19 code=0x7ffc0000 [ 442.350593][ T29] audit: type=1326 audit(1721722406.453:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17728 comm="syz.1.5273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 442.403347][ T29] audit: type=1326 audit(1721722406.453:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17728 comm="syz.1.5273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 442.435884][ T29] audit: type=1326 audit(1721722406.493:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17728 comm="syz.1.5273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 442.488490][ T29] audit: type=1326 audit(1721722406.493:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17728 comm="syz.1.5273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 442.541645][ T29] audit: type=1326 audit(1721722406.493:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17728 comm="syz.1.5273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3805b75f19 code=0x7ffc0000 [ 443.435760][T17670] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5252'. [ 443.632958][T17763] syz.2.5283[17763] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 443.633105][T17763] syz.2.5283[17763] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 444.821874][T17788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5291'. [ 444.867792][T17788] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5291'. [ 445.080050][ T5181] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 445.174254][ T5181] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.304612][T17796] pim6reg1: entered promiscuous mode [ 445.321070][T17796] pim6reg1: entered allmulticast mode [ 445.370553][ T5181] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 445.402329][ T5181] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.562296][ T4487] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 445.574584][ T4487] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 445.580847][ T5181] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 445.598918][ T4487] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 445.611712][ T4487] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 445.614316][ T5181] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.697939][ T4487] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 445.705430][ T4487] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 446.240386][ T5181] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 446.524996][ T5181] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.154432][ T5181] bridge_slave_1: left allmulticast mode [ 447.177983][ T5181] bridge_slave_1: left promiscuous mode [ 447.183809][ T5181] bridge0: port 2(bridge_slave_1) entered disabled state [ 447.207279][ T5181] bridge_slave_0: left allmulticast mode [ 447.213284][ T5181] bridge_slave_0: left promiscuous mode [ 447.221257][ T5181] bridge0: port 1(bridge_slave_0) entered disabled state [ 447.229979][T17834] syz.1.5303[17834] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 447.230128][T17834] syz.1.5303[17834] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 447.271599][ T4487] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 447.296776][ T4487] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 447.306010][ T4487] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 447.319330][ T4487] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 447.333943][ T4487] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 447.341665][ T4487] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 447.791236][ T5181] team0: Port device bond0 removed [ 447.801435][ T5181] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 447.830803][ T5181] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 447.851436][ T5181] bond0 (unregistering): Released all slaves [ 447.896455][ T4487] Bluetooth: hci4: command tx timeout [ 447.931179][T17810] chnl_net:caif_netlink_parms(): no params data found [ 448.455610][T17810] bridge0: port 1(bridge_slave_0) entered blocking state [ 448.463278][T17810] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.471682][T17810] bridge_slave_0: entered allmulticast mode [ 448.479219][T17810] bridge_slave_0: entered promiscuous mode [ 448.506409][T17810] bridge0: port 2(bridge_slave_1) entered blocking state [ 448.524698][T17810] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.532463][T17810] bridge_slave_1: entered allmulticast mode [ 448.542363][T17810] bridge_slave_1: entered promiscuous mode [ 448.575649][ T5181] hsr_slave_0: left promiscuous mode [ 448.581656][ T5181] hsr_slave_1: left promiscuous mode [ 448.589276][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 448.597402][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 448.605305][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 448.614629][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 448.635409][ T5181] veth1_macvtap: left promiscuous mode [ 448.642239][ T5181] veth0_macvtap: left promiscuous mode [ 448.648298][ T5181] veth1_vlan: left promiscuous mode [ 448.988503][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 448.988520][ T29] audit: type=1326 audit(1721722413.093:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.031836][ T29] audit: type=1326 audit(1721722413.103:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.063444][ T29] audit: type=1326 audit(1721722413.103:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.091502][ T29] audit: type=1326 audit(1721722413.103:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.120044][ T29] audit: type=1326 audit(1721722413.103:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.146589][ T29] audit: type=1326 audit(1721722413.103:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.173117][ T29] audit: type=1326 audit(1721722413.183:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.201444][ T29] audit: type=1326 audit(1721722413.183:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.223560][ T29] audit: type=1326 audit(1721722413.213:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.245170][ T29] audit: type=1326 audit(1721722413.213:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17871 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf5975f19 code=0x7ffc0000 [ 449.412443][ T4487] Bluetooth: hci3: command tx timeout [ 449.426177][ T5181] team0 (unregistering): Port device team_slave_1 removed [ 449.463164][ T5181] team0 (unregistering): Port device team_slave_0 removed [ 449.945911][T17810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 449.966610][ T4487] Bluetooth: hci4: command tx timeout [ 450.017211][T17810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 450.132117][T17904] fuse: Bad value for 'fd' [ 450.228018][T17810] team0: Port device team_slave_0 added [ 450.268532][T17835] chnl_net:caif_netlink_parms(): no params data found [ 450.659742][T17810] team0: Port device team_slave_1 added [ 451.051585][T17915] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 451.213724][T17810] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 451.223678][T17810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 451.250928][T17810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 451.264320][T17810] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 451.271376][T17810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 451.297454][T17810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 451.486644][ T4487] Bluetooth: hci3: command tx timeout [ 451.515681][T17835] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.644348][T17835] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.652309][T17835] bridge_slave_0: entered allmulticast mode [ 451.660319][T17835] bridge_slave_0: entered promiscuous mode [ 451.669646][T17835] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.677362][T17835] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.684820][T17835] bridge_slave_1: entered allmulticast mode [ 451.692831][T17835] bridge_slave_1: entered promiscuous mode [ 452.056695][ T4487] Bluetooth: hci4: command tx timeout [ 452.617807][T17948] fuse: Bad value for 'fd' [ 452.635525][T17810] hsr_slave_0: entered promiscuous mode [ 452.674412][T17810] hsr_slave_1: entered promiscuous mode [ 452.692491][T17810] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 452.696869][T17951] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 452.706294][T17810] Cannot create hsr debugfs directory [ 452.706755][T17951] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 452.788798][T17835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 452.810469][T17951] vhci_hcd vhci_hcd.0: Device attached [ 452.850644][T17835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 452.956043][T17954] vhci_hcd: connection closed [ 452.964262][ T11] vhci_hcd: stop threads [ 452.975393][ T11] vhci_hcd: release socket [ 452.982470][ T11] vhci_hcd: disconnect device [ 453.003667][T17835] team0: Port device team_slave_0 added [ 453.040274][ T5181] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 453.057574][ T8] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 453.073348][T17835] team0: Port device team_slave_1 added [ 453.166075][ T5181] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 453.183670][T17835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 453.192075][T17835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 453.225893][T17835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 453.247609][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 453.261555][ T8] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 453.281592][ T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 453.284475][T17835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 453.297606][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 453.298868][T17835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 453.314620][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 453.334649][T17835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 453.363381][ T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 453.383937][ T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 453.393511][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.426676][ T5181] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 453.568170][ T4487] Bluetooth: hci3: command tx timeout [ 453.634693][ T8] usb 5-1: usb_control_msg returned -32 [ 453.676500][ T8] usbtmc 5-1:16.0: can't read capabilities [ 453.713240][ T5181] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 453.821615][T17835] hsr_slave_0: entered promiscuous mode [ 453.832832][T17835] hsr_slave_1: entered promiscuous mode [ 453.844045][T17835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 453.855645][T17835] Cannot create hsr debugfs directory [ 454.042220][T18002] can0: slcan on pts0. [ 454.059742][T17962] usbtmc 5-1:16.0: stb usb_control_msg returned -32 [ 454.126804][ T4487] Bluetooth: hci4: command tx timeout [ 454.173969][T18010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 454.199105][T18010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 454.246978][ T5181] bridge_slave_1: left allmulticast mode [ 454.252682][ T5181] bridge_slave_1: left promiscuous mode [ 454.259973][ T5181] bridge0: port 2(bridge_slave_1) entered disabled state [ 454.273392][ T5181] bridge_slave_0: left allmulticast mode [ 454.280421][ T5181] bridge_slave_0: left promiscuous mode [ 454.289204][ T5181] bridge0: port 1(bridge_slave_0) entered disabled state [ 454.330341][ T5142] usb 5-1: USB disconnect, device number 13 [ 454.638378][ T5181] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 454.653635][ T5181] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 454.664416][ T5181] bond0 (unregistering): Released all slaves [ 454.769906][T17810] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 454.791144][T18006] can0 (unregistered): slcan off pts0. [ 454.802274][T17810] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 454.869952][T17810] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 454.966785][T17810] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 455.178589][ T5181] hsr_slave_0: left promiscuous mode [ 455.184434][ T5181] hsr_slave_1: left promiscuous mode [ 455.200012][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 455.210977][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 455.220740][ T5181] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 455.233815][ T5181] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 455.258115][ T5094] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 455.268720][ T5181] veth1_macvtap: left promiscuous mode [ 455.274287][ T5181] veth0_macvtap: left promiscuous mode [ 455.283259][ T5181] veth1_vlan: left promiscuous mode [ 455.289152][ T5181] veth0_vlan: left promiscuous mode [ 455.458653][ T5094] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 455.477290][ T5094] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 455.500325][ T5094] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 455.509538][ T5094] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 455.518384][ T5094] usb 5-1: Manufacturer: syz [ 455.557094][ T5094] usb 5-1: config 0 descriptor?? [ 455.577421][ T5094] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 455.647715][ T4487] Bluetooth: hci3: command tx timeout [ 455.967935][ T5094] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 456.176419][ T5094] usb 3-1: Using ep0 maxpacket: 8 [ 456.192476][ T5094] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 456.224592][ T5094] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 456.234774][ T5094] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 456.268462][ T5094] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 456.292160][ T5094] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 456.308102][ T5181] team0 (unregistering): Port device team_slave_1 removed [ 456.327288][ T5094] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 456.336922][ T5094] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 456.381001][ T5181] team0 (unregistering): Port device team_slave_0 removed [ 456.560789][ T5094] usb 3-1: usb_control_msg returned -32 [ 456.568161][ T5094] usbtmc 3-1:16.0: can't read capabilities [ 456.657298][ T5139] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 456.848139][ T5139] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 456.871444][T17810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 456.880592][ T5139] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 456.894239][ T5139] usb 2-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00 [ 456.904088][ T5139] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 456.916040][ T5139] usb 2-1: config 0 descriptor?? [ 456.942226][T17810] 8021q: adding VLAN 0 to HW filter on device team0 [ 457.007451][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 457.014790][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 457.048012][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 457.055230][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 457.245289][T17835] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 457.245764][T18039] usbtmc 3-1:16.0: stb usb_control_msg returned -32 [ 457.281493][T17835] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 457.281911][ T5094] usb 3-1: USB disconnect, device number 9 [ 457.308167][T18055] netlink: 'syz.1.5372': attribute type 12 has an invalid length. [ 457.328986][T17835] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 457.362163][T17835] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 457.599465][T17835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 457.621747][ T5139] usb 2-1: string descriptor 0 read error: -71 [ 457.640773][ T5139] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 457.666023][T17835] 8021q: adding VLAN 0 to HW filter on device team0 [ 457.680086][ T5139] usb 2-1: USB disconnect, device number 16 [ 457.705719][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state [ 457.712956][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 457.742771][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 457.749979][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 457.774106][T17810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 457.835922][T17835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 457.914795][T17810] veth0_vlan: entered promiscuous mode [ 457.970308][T17810] veth1_vlan: entered promiscuous mode [ 458.026234][ T1724] usb 5-1: USB disconnect, device number 14 [ 458.055636][T17810] veth0_macvtap: entered promiscuous mode [ 458.077320][T17810] veth1_macvtap: entered promiscuous mode [ 458.122773][T17810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 458.134674][T17810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.161529][T17810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 458.188887][T17810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.199439][T17810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 458.213195][T17810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.225149][T17810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 458.249185][T17810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.271592][T17810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.294100][T17810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.308874][T17810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.322823][T17810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.347611][T17810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.364425][T17810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 458.375890][T17835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 458.395024][T17810] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.408431][T17810] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.417890][T17810] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.432299][T17810] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.593722][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.612588][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.614056][T17835] veth0_vlan: entered promiscuous mode [ 458.683683][ T2915] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.684759][T17835] veth1_vlan: entered promiscuous mode [ 458.696396][ T2915] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.760419][T17835] veth0_macvtap: entered promiscuous mode [ 458.785967][T17835] veth1_macvtap: entered promiscuous mode [ 458.815131][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 458.834554][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.845338][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 458.866473][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.881010][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 458.891647][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.901805][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 458.912381][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 458.927931][T17835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 458.961206][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 458.978124][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.007095][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 459.027505][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.041132][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 459.064065][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.088106][T17835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 459.106317][T17835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.133270][T17835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 459.151480][T17835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.162930][T17835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.172853][T17835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.184107][T17835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.357498][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 459.382245][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 459.397055][ T8] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 459.429003][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 459.442395][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 459.547085][ T5137] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 459.586937][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 459.600419][ T8] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 459.613255][ T8] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 459.624758][ T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 459.641608][ T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 459.664326][ T8] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 459.683849][ T8] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 459.704313][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 459.749082][ T5137] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 459.770174][ T5137] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 459.790895][ T5137] usb 2-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00 [ 459.805783][ T5137] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 459.834716][ T5137] usb 2-1: config 0 descriptor?? [ 459.958006][ T8] usb 3-1: usb_control_msg returned -32 [ 459.979854][ T8] usbtmc 3-1:16.0: can't read capabilities [ 460.113470][T18102] netlink: 'syz.1.5385': attribute type 12 has an invalid length. [ 460.441391][ T5137] usb 2-1: string descriptor 0 read error: -71 [ 460.470875][ T5137] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 460.496827][ T5137] usb 2-1: USB disconnect, device number 17 [ 460.638665][T18091] usbtmc 3-1:16.0: stb usb_control_msg returned -32 [ 460.650449][ T9] usb 3-1: USB disconnect, device number 10 [ 460.955977][T18138] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5397'. [ 460.967710][T18138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5397'. [ 462.350847][T18168] warn_alloc: 1 callbacks suppressed [ 462.350870][T18168] syz.1.5411: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 462.386931][ T931] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 462.399245][T18168] CPU: 1 UID: 0 PID: 18168 Comm: syz.1.5411 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 462.409695][T18168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 462.419769][T18168] Call Trace: [ 462.423063][T18168] [ 462.426002][T18168] dump_stack_lvl+0x241/0x360 [ 462.430708][T18168] ? __pfx_dump_stack_lvl+0x10/0x10 [ 462.435940][T18168] ? __pfx__printk+0x10/0x10 [ 462.440572][T18168] ? __rcu_read_unlock+0xa1/0x110 [ 462.445629][T18168] warn_alloc+0x278/0x410 [ 462.449998][T18168] ? __pfx_warn_alloc+0x10/0x10 [ 462.454877][T18168] ? vb2_vmalloc_alloc+0xf2/0x340 [ 462.459929][T18168] ? __get_vm_area_node+0x23d/0x270 [ 462.465158][T18168] __vmalloc_node_range_noprof+0x69f/0x1460 [ 462.471194][T18168] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 462.477550][T18168] ? __kasan_kmalloc+0x98/0xb0 [ 462.482338][T18168] ? vb2_vmalloc_alloc+0xb5/0x340 [ 462.487387][T18168] vmalloc_user_noprof+0x74/0x80 [ 462.492353][T18168] ? vb2_vmalloc_alloc+0xf2/0x340 [ 462.497395][T18168] vb2_vmalloc_alloc+0xf2/0x340 [ 462.502266][T18168] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 462.507743][T18168] __vb2_queue_alloc+0xa0f/0x16f0 [ 462.512821][T18168] vb2_core_reqbufs+0xd2e/0x17c0 [ 462.517804][T18168] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 462.523225][T18168] v4l2_m2m_ioctl_reqbufs+0x14e/0x230 [ 462.528627][T18168] __video_do_ioctl+0xc26/0xde0 [ 462.533605][T18168] ? __pfx___video_do_ioctl+0x10/0x10 [ 462.539004][T18168] ? smack_log+0x123/0x540 [ 462.543486][T18168] ? __might_fault+0xc6/0x120 [ 462.548198][T18168] video_usercopy+0x89b/0x1180 [ 462.552986][T18168] ? __pfx___video_do_ioctl+0x10/0x10 [ 462.558468][T18168] ? __pfx_video_usercopy+0x10/0x10 [ 462.563683][T18168] ? smack_file_ioctl+0x2fa/0x3a0 [ 462.568746][T18168] ? __fget_files+0x3f6/0x470 [ 462.573441][T18168] ? __fget_files+0x29/0x470 [ 462.578060][T18168] v4l2_ioctl+0x18c/0x1e0 [ 462.582506][T18168] ? __pfx_v4l2_ioctl+0x10/0x10 [ 462.587387][T18168] __se_sys_ioctl+0xfc/0x170 [ 462.592005][T18168] do_syscall_64+0xf3/0x230 [ 462.596624][T18168] ? clear_bhb_loop+0x35/0x90 [ 462.601322][T18168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 462.607250][T18168] RIP: 0033:0x7f3805b75f19 [ 462.611691][T18168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 462.631322][T18168] RSP: 002b:00007f380691c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 462.639763][T18168] RAX: ffffffffffffffda RBX: 00007f3805d05f60 RCX: 00007f3805b75f19 [ 462.647758][T18168] RDX: 00000000200000c0 RSI: 00000000c0145608 RDI: 0000000000000004 [ 462.655751][T18168] RBP: 00007f3805be4e68 R08: 0000000000000000 R09: 0000000000000000 [ 462.663831][T18168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 462.671825][T18168] R13: 000000000000004d R14: 00007f3805d05f60 R15: 00007fffa6f604a8 [ 462.679843][T18168] [ 462.709179][T18168] Mem-Info: [ 462.712314][T18168] active_anon:238 inactive_anon:6744 isolated_anon:0 [ 462.712314][T18168] active_file:9998 inactive_file:47702 isolated_file:0 [ 462.712314][T18168] unevictable:768 dirty:62 writeback:0 [ 462.712314][T18168] slab_reclaimable:9438 slab_unreclaimable:95893 [ 462.712314][T18168] mapped:16877 shmem:4068 pagetables:745 [ 462.712314][T18168] sec_pagetables:0 bounce:0 [ 462.712314][T18168] kernel_misc_reclaimable:0 [ 462.712314][T18168] free:1365396 free_pcp:4201 free_cma:0 [ 462.868273][T18168] Node 0 active_anon:952kB inactive_anon:26976kB active_file:39908kB inactive_file:190808kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:67508kB dirty:248kB writeback:0kB shmem:14736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9908kB pagetables:2880kB sec_pagetables:0kB all_unreclaimable? no [ 462.927445][ T931] usb 5-1: Using ep0 maxpacket: 8 [ 462.950046][ T931] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 462.960401][ T931] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 462.986464][ T931] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 463.001154][T18168] Node 1 active_anon:0kB inactive_anon:0kB active_file:84kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 463.042108][ T931] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 463.077065][ T931] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 463.106010][T18168] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 463.150710][ T931] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 463.169274][ T931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.187807][T18168] lowmem_reserve[]: 0 2571 2571 0 0 [ 463.214391][T18168] Node 0 DMA32 free:1462096kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:944kB inactive_anon:27056kB active_file:39640kB inactive_file:190756kB unevictable:1536kB writepending:300kB present:3129332kB managed:2659776kB mlocked:0kB bounce:0kB free_pcp:12564kB local_pcp:1036kB free_cma:0kB [ 463.267496][T18168] lowmem_reserve[]: 0 0 0 0 0 [ 463.275090][T18168] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:268kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 463.344962][T18168] lowmem_reserve[]: 0 0 0 0 0 [ 463.351069][T18168] Node 1 Normal free:3953528kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:84kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 463.393136][T18168] lowmem_reserve[]: 0 0 0 0 0 [ 463.398327][T18168] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 463.415613][ T931] usb 5-1: usb_control_msg returned -32 [ 463.421269][ T931] usbtmc 5-1:16.0: can't read capabilities [ 463.427968][T18168] Node 0 DMA32: 1*4kB (M) 10*8kB (ME) 5*16kB (UE) 150*32kB (ME) 178*64kB (ME) 165*128kB (ME) 103*256kB (ME) 41*512kB (ME) 15*1024kB (ME) 6*2048kB (UM) 326*4096kB (M) = 1447780kB [ 463.498597][T18168] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 463.528016][T18168] Node 1 Normal: 5*4kB (UM) 10*8kB (UM) 14*16kB (UM) 13*32kB (UM) 7*64kB (UM) 4*128kB (UM) 1*256kB (U) 2*512kB (UM) 0*1024kB 1*2048kB (U) 964*4096kB (M) = 3953572kB [ 463.562040][T18206] pim6reg1: entered promiscuous mode [ 463.567846][T18168] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 463.577640][T18206] pim6reg1: entered allmulticast mode [ 463.589683][T18168] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 463.631780][T18168] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 463.665700][T18168] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 463.679159][T18168] 61803 total pagecache pages [ 463.684574][T18168] 0 pages in swap cache [ 463.689888][T18168] Free swap = 124472kB [ 463.695333][T18168] Total swap = 124996kB [ 463.725259][T18168] 2097051 pages RAM [ 463.750115][T18168] 0 pages HighMem/MovableOnly [ 463.762374][T18168] 400897 pages reserved [ 568.846290][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 568.853317][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P18192/1:b..l [ 568.861926][ C1] rcu: (detected by 1, t=10502 jiffies, g=72333, q=587 ncpus=2) [ 568.869658][ C1] task:syz.4.5418 state:R running task stack:25728 pid:18192 tgid:18187 ppid:9767 flags:0x00004002 [ 568.882839][ C1] Call Trace: [ 568.886135][ C1] [ 568.889078][ C1] __schedule+0x17ae/0x4a10 [ 568.893635][ C1] ? __pfx___schedule+0x10/0x10 [ 568.898508][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 568.904518][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 568.909823][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 568.914958][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 568.920695][ C1] ? mark_lock+0x9a/0x350 [ 568.925059][ C1] irqentry_exit+0x5e/0x90 [ 568.929488][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 568.935484][ C1] RIP: 0010:lock_release+0x658/0xa30 [ 568.940795][ C1] Code: 3c 3b 00 74 08 4c 89 f7 e8 75 bb 87 00 f6 84 24 91 00 00 00 02 75 77 41 f7 c5 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 27 00 00 00 00 4b c7 44 27 08 00 00 00 00 65 48 8b 04 25 [ 568.960418][ C1] RSP: 0018:ffffc9000922f380 EFLAGS: 00000206 [ 568.966505][ C1] RAX: 0000000000000001 RBX: 1ffff92001245e82 RCX: ffffc9000922f403 [ 568.974483][ C1] RDX: 0000000000000001 RSI: ffffffff8bcae720 RDI: ffffffff8c1fcba0 [ 568.982549][ C1] RBP: ffffc9000922f4b0 R08: ffffffff8fae7bef R09: 1ffffffff1f5cf7d [ 568.990529][ C1] R10: dffffc0000000000 R11: fffffbfff1f5cf7e R12: 1ffff92001245e7c [ 568.998508][ C1] R13: 0000000000000246 R14: ffffc9000922f410 R15: dffffc0000000000 [ 569.006514][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 569.011575][ C1] ? percpu_ref_put+0x19/0x180 [ 569.016449][ C1] ? __pfx_lock_release+0x10/0x10 [ 569.021485][ C1] ? mem_cgroup_commit_charge+0x225/0x380 [ 569.027233][ C1] ? percpu_ref_put+0x19/0x180 [ 569.032013][ C1] percpu_ref_put+0xfa/0x180 [ 569.036628][ C1] __mem_cgroup_charge+0x59/0x80 [ 569.041579][ C1] folio_prealloc+0x52/0x170 [ 569.046186][ C1] handle_pte_fault+0x252d/0x6eb0 [ 569.051242][ C1] ? __pfx_handle_pte_fault+0x10/0x10 [ 569.056730][ C1] ? follow_page_pte+0x29a/0x1ee0 [ 569.061772][ C1] ? follow_page_pte+0x83f/0x1ee0 [ 569.066824][ C1] ? __pfx_lock_release+0x10/0x10 [ 569.071884][ C1] ? count_memcg_event_mm+0x3c2/0x420 [ 569.077278][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 569.082494][ C1] ? folio_mark_accessed+0x6f6/0x11b0 [ 569.087898][ C1] handle_mm_fault+0xf0b/0x1800 [ 569.092788][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 569.098105][ C1] ? __pfx_find_vma+0x10/0x10 [ 569.102794][ C1] ? vma_is_secretmem+0xd/0x50 [ 569.107576][ C1] ? check_vma_flags+0x531/0x5a0 [ 569.112532][ C1] __get_user_pages+0x6ec/0x16a0 [ 569.117502][ C1] ? __pfx___get_user_pages+0x10/0x10 [ 569.122900][ C1] populate_vma_page_range+0x264/0x330 [ 569.128383][ C1] ? __pfx_populate_vma_page_range+0x10/0x10 [ 569.134373][ C1] ? userfaultfd_unmap_complete+0x30c/0x360 [ 569.140368][ C1] ? do_mmap+0x915/0xfa0 [ 569.144627][ C1] __mm_populate+0x27a/0x460 [ 569.149237][ C1] ? __pfx___mm_populate+0x10/0x10 [ 569.154369][ C1] vm_mmap_pgoff+0x2c3/0x3d0 [ 569.159068][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 569.164198][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 569.170544][ C1] ? do_syscall_64+0x100/0x230 [ 569.175330][ C1] ? ksys_mmap_pgoff+0xdf/0x720 [ 569.180198][ C1] ? __x64_sys_mmap+0x7f/0x140 [ 569.184986][ C1] do_syscall_64+0xf3/0x230 [ 569.189501][ C1] ? clear_bhb_loop+0x35/0x90 [ 569.194188][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.200096][ C1] RIP: 0033:0x7fccf5975f19 [ 569.204517][ C1] RSP: 002b:00007fccf67b2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 569.212946][ C1] RAX: ffffffffffffffda RBX: 00007fccf5b06038 RCX: 00007fccf5975f19 [ 569.220927][ C1] RDX: 000000000000000f RSI: 0000000000b36000 RDI: 0000000020000000 [ 569.228906][ C1] RBP: 00007fccf59e4e68 R08: ffffffffffffffff R09: 0000000000000000 [ 569.236882][ C1] R10: 0000000004008032 R11: 0000000000000246 R12: 0000000000000000 [ 569.244859][ C1] R13: 000000000000006e R14: 00007fccf5b06038 R15: 00007ffeb4c78648 [ 569.252860][ C1] [ 569.255885][ C1] rcu: rcu_preempt kthread starved for 10286 jiffies! g72333 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 569.267102][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 569.277080][ C1] rcu: RCU grace-period kthread stack dump: [ 569.282983][ C1] task:rcu_preempt state:R running task stack:24912 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 569.294757][ C1] Call Trace: [ 569.298047][ C1] [ 569.300991][ C1] __schedule+0x17ae/0x4a10 [ 569.305542][ C1] ? __pfx___schedule+0x10/0x10 [ 569.310411][ C1] ? __pfx_lock_release+0x10/0x10 [ 569.315455][ C1] ? __asan_memset+0x23/0x50 [ 569.320146][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 569.325966][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 569.332308][ C1] ? schedule+0x90/0x320 [ 569.336569][ C1] schedule+0x14b/0x320 [ 569.340773][ C1] schedule_timeout+0x1be/0x310 [ 569.345639][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 569.351024][ C1] ? __pfx_process_timeout+0x10/0x10 [ 569.356335][ C1] ? prepare_to_swait_event+0x32e/0x350 [ 569.361896][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 569.366759][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 569.371986][ C1] ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10 [ 569.378071][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 569.383367][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 569.389368][ C1] ? finish_swait+0xd4/0x1e0 [ 569.393971][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 569.398666][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 569.403875][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 569.409790][ C1] ? __kthread_parkme+0x169/0x1d0 [ 569.414929][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 569.420314][ C1] kthread+0x2f0/0x390 [ 569.424389][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 569.429601][ C1] ? __pfx_kthread+0x10/0x10 [ 569.434199][ C1] ret_from_fork+0x4b/0x80 [ 569.438630][ C1] ? __pfx_kthread+0x10/0x10 [ 569.443316][ C1] ret_from_fork_asm+0x1a/0x30 [ 569.448109][ C1] [ 569.451132][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 569.457456][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 569.467439][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 569.477507][ C1] RIP: 0010:acpi_safe_halt+0x21/0x30 [ 569.482821][ C1] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 00 d7 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 45 f2 a0 00 f3 0f 1e fa fb f4 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 [ 569.502612][ C1] RSP: 0018:ffffc900001a7d08 EFLAGS: 00000246 [ 569.508705][ C1] RAX: ffff8880176e0000 RBX: ffff88801c699064 RCX: 00000000003bc409 [ 569.516772][ C1] RDX: 0000000000000001 RSI: ffff88801c699000 RDI: ffff88801c699064 [ 569.524759][ C1] RBP: 000000000003a678 R08: ffff8880b9537c7b R09: 1ffff110172a6f8f [ 569.532738][ C1] R10: dffffc0000000000 R11: ffffffff8b887690 R12: ffff88801c339800 [ 569.540719][ C1] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8eaca660 [ 569.548705][ C1] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 569.557638][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 569.564227][ C1] CR2: 00007f8163552a90 CR3: 000000007c476000 CR4: 00000000003506f0 [ 569.572202][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 569.580181][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 569.588182][ C1] Call Trace: [ 569.591466][ C1] [ 569.594334][ C1] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 569.600773][ C1] ? print_other_cpu_stall+0x1470/0x15a0 [ 569.606432][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 569.612254][ C1] ? __pfx_lock_release+0x10/0x10 [ 569.617303][ C1] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 569.623558][ C1] ? rcu_sched_clock_irq+0xa2c/0x10d0 [ 569.628951][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 569.634601][ C1] ? hrtimer_run_queues+0x16c/0x460 [ 569.639810][ C1] ? update_process_times+0x1ce/0x230 [ 569.645195][ C1] ? tick_nohz_handler+0x37c/0x500 [ 569.650322][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 569.655796][ C1] ? __hrtimer_run_queues+0x551/0xd50 [ 569.661178][ C1] ? ktime_get_update_offsets_now+0x3c/0x250 [ 569.667187][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 569.672915][ C1] ? ktime_get_update_offsets_now+0x22d/0x250 [ 569.679006][ C1] ? hrtimer_interrupt+0x396/0x990 [ 569.684147][ C1] ? __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 569.690359][ C1] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 569.696261][ C1] [ 569.699195][ C1] [ 569.702128][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 569.708303][ C1] ? __pfx_acpi_idle_enter+0x10/0x10 [ 569.713617][ C1] ? acpi_safe_halt+0x21/0x30 [ 569.718306][ C1] acpi_idle_enter+0xe4/0x140 [ 569.723004][ C1] cpuidle_enter_state+0x112/0x480 [ 569.728125][ C1] ? __pfx_menu_select+0x10/0x10 [ 569.733168][ C1] cpuidle_enter+0x5d/0xa0 [ 569.737600][ C1] do_idle+0x375/0x5d0 [ 569.741683][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 569.748036][ C1] ? __pfx_do_idle+0x10/0x10 [ 569.752630][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 569.757856][ C1] cpu_startup_entry+0x42/0x60 [ 569.762629][ C1] start_secondary+0x100/0x100 [ 569.767468][ C1] common_startup_64+0x13e/0x147 [ 569.772431][ C1]