last executing test programs: 2m46.122938479s ago: executing program 4 (id=3349): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000005400)=[{{0x0, 0x80101, &(0x7f0000000240)=[{&(0x7f00000037c0)='-', 0x8031e}], 0x1}}, {{0x0, 0x0, &(0x7f0000003d80)=[{&(0x7f0000003ac0)="bb", 0x1}], 0x218}}, {{0x0, 0x0, &(0x7f0000004200)=[{&(0x7f0000003e80)='Z', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000005380)=[{&(0x7f0000004280)="81", 0x1}], 0x1}}], 0x4, 0x60cd894) 2m45.994131588s ago: executing program 4 (id=3352): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040)={0x6000200c}) 2m45.841763902s ago: executing program 4 (id=3356): syz_emit_vhci(0x0, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000010000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a80180005"], 0x4c}}, 0x0) 2m45.713809409s ago: executing program 4 (id=3361): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0) mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x2081c80, 0x0) move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r0, &(0x7f0000000140)='./file0\x00', 0x0) 2m45.675164633s ago: executing program 4 (id=3362): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xeeee8000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xe}, {0x0, 0xeeee8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x5}, {0x2000, 0x4000, 0xc, 0x0, 0x7, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfc}, {0x3000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0xffff1000, 0x0, 0x4, 0x0, 0x4, 0x0, 0x80, 0x0, 0x3c}, {0x0, 0xdddd0000, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0xd, 0xfe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0xfe}, {0x1000, 0x3}, {}, 0xddf8ffdb, 0x0, 0x100000, 0x150030, 0x0, 0xf801, 0x0, [0x0, 0x0, 0xfffffffffffffffd]}) 2m45.439430026s ago: executing program 4 (id=3366): r0 = inotify_init1(0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0) inotify_add_watch(r0, &(0x7f0000000340)='./file0\x00', 0x42000203) ftruncate(r1, 0x6000000) pread64(r1, &(0x7f0000000080)=""/21, 0x15, 0x7ff) 2m45.299518553s ago: executing program 32 (id=3366): r0 = inotify_init1(0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0) inotify_add_watch(r0, &(0x7f0000000340)='./file0\x00', 0x42000203) ftruncate(r1, 0x6000000) pread64(r1, &(0x7f0000000080)=""/21, 0x15, 0x7ff) 59.543101169s ago: executing program 0 (id=5055): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x8082) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000240)=""/46, 0x2e}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) 49.975261163s ago: executing program 0 (id=5055): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x8082) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000240)=""/46, 0x2e}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) 36.498286744s ago: executing program 0 (id=5055): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x8082) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000240)=""/46, 0x2e}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) 25.948975186s ago: executing program 0 (id=5055): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x8082) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000240)=""/46, 0x2e}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) 15.988165392s ago: executing program 0 (id=5055): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x8082) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000240)=""/46, 0x2e}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) 5.598633722s ago: executing program 0 (id=5055): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x8082) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000240)=""/46, 0x2e}], 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) 3.709805518s ago: executing program 2 (id=5576): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, r2, 0x7, 0x70bd25, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8081}, 0x0) 3.145522988s ago: executing program 3 (id=5581): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0x81, 0x0) fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_all\x00', 0x275a, 0x0) read$FUSE(r1, 0x0, 0x0) 3.000808821s ago: executing program 3 (id=5583): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet(r1, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)="ba", 0x1}, {&(0x7f00000005c0)='0', 0xcea40}], 0x2}}], 0x1, 0x0) 2.801711875s ago: executing program 3 (id=5586): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80", @ANYRES16=r0], 0x44}}, 0x0) 2.75744978s ago: executing program 2 (id=5589): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0xe00040, 0x0) close(r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0) syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f00000000c0)=ANY=[], 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, 0x0) 1.983000464s ago: executing program 1 (id=5596): syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x129002) r0 = syz_io_uring_setup(0x4166, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 1.847551701s ago: executing program 3 (id=5597): r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xec, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0x2, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0x30, 0x2, 0x0, 0x1, {0x4, 0x1, 0x0, 0x1, [{0x3}, {0x8}, {0x4}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x11}, {0x8}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_MPLS={0x4}]}]}, 0xec}}, 0x0) 1.714769695s ago: executing program 3 (id=5599): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000580)={0x0, 0x0, 0x4, {0x4, 0x0, "54e4"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 1.714578148s ago: executing program 5 (id=5600): r0 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe) r1 = fcntl$dupfd(r0, 0x0, r0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xffffff17, 0x11, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc0686611, &(0x7f0000000180)={0x18, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) 1.606693156s ago: executing program 5 (id=5601): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000080)={@val={0x8, 0x800}, @val={0x0, 0x4, 0x0, 0x1}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "66cbe0ddfbda942ac1e2c78728c87f0dedc31462c7e4d2bae48d7fe2b1e543a7", "9e75fea4b15c0641bf4f22919c7aee7b", {"8af86dbf2020efc4e02714100a2f1321", "09f797f27b298ff4d62daf42206c6df9"}}}}}, 0x86) 1.605920801s ago: executing program 2 (id=5602): r0 = socket$kcm(0x29, 0x2, 0x0) write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x5452, &(0x7f0000000000)) sendmsg$kcm(r0, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x6) 1.345888548s ago: executing program 2 (id=5603): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r1}, 0x10) write$UHID_INPUT(r0, &(0x7f0000001480)={0xfc, {"a483885aed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f073063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801118c20b8f16bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a64002bebc2407aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827475e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b94025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b03512629f46366e7205dd8d6f37525c1a0e94210dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9154f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d603994732d6b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed608000000a006e39336d07c2b80817a28ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030f81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffdc3}}, 0x1039) ioctl$TIOCL_SCROLLCONSOLE(r0, 0x541c, &(0x7f0000000040)={0xd, 0xffff}) 1.156979881s ago: executing program 5 (id=5604): pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r1, 0x0, 0x4e) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) tee(r0, r2, 0x3, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000140)='b', 0x1}], 0x1, 0x2) 1.106178512s ago: executing program 2 (id=5605): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x6}, 0xe) listen(r0, 0x3) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) accept4(r0, 0x0, 0x0, 0x800) 1.065669935s ago: executing program 5 (id=5606): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000200000083000040"]) 805.186944ms ago: executing program 5 (id=5607): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x3, r2, 0x80000001, 0x80000001, 0xc, 0x1fd, 0x1}) 684.018923ms ago: executing program 5 (id=5608): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0xa8, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x6b, 0xe, {{{}, {}, @broadcast, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @val={0x4, 0x6, {0x0, 0xff, 0x0, 0x3ff}}, @void, @val={0x5, 0x3, {0x0, 0x2}}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @void, @void, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x400}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x10000}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x3}]}, 0xa8}}, 0x0) 436.763653ms ago: executing program 1 (id=5609): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c00)={{r0}, &(0x7f0000000b80), &(0x7f00000000c0)='%-5lx \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000008000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 381.930372ms ago: executing program 1 (id=5610): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="03000000000000001f0001c0"]) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[]) 182.532525ms ago: executing program 2 (id=5611): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r0) socket$inet6_tcp(0xa, 0x1, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8b0b, &(0x7f0000000000)={'wlan1\x00', @random="0100"}) 94.246754ms ago: executing program 1 (id=5612): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x4000001, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) 61.248717ms ago: executing program 1 (id=5613): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1ff, 0x13, "000000004d7d6d0500e4ffffffffe5ffff00"}) r1 = syz_open_pts(r0, 0x82101) r2 = dup3(r1, r0, 0x0) writev(r2, &(0x7f0000001680)=[{&(0x7f0000001280)='7', 0x1}], 0x1) 4.961362ms ago: executing program 3 (id=5614): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x79f7}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x200000c0}, 0x0) 0s ago: executing program 1 (id=5615): r0 = timerfd_create(0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) kernel console output (not intermixed with test programs): rt 3(vlan2) entered blocking state [ 333.961995][T16436] bridge0: port 3(vlan2) entered forwarding state [ 334.128375][T16447] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 334.345595][ T5976] usb 2-1: USB disconnect, device number 46 [ 334.408709][ T5881] gspca_nw80x: reg_w err -71 [ 334.415834][ T5881] nw80x 6-1:0.0: probe with driver nw80x failed with error -71 [ 334.444109][ T5881] usb 6-1: USB disconnect, device number 15 [ 334.445294][T16475] bridge0: port 3(syz_tun) entered blocking state [ 334.480086][T16475] bridge0: port 3(syz_tun) entered disabled state [ 334.500940][T16475] syz_tun: entered allmulticast mode [ 334.529599][T16475] syz_tun: entered promiscuous mode [ 334.546112][T16475] bridge0: port 3(syz_tun) entered blocking state [ 334.553272][T16475] bridge0: port 3(syz_tun) entered forwarding state [ 334.707493][T16495] netlink: 468 bytes leftover after parsing attributes in process `syz.0.4561'. [ 334.720779][T16495] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4561'. [ 335.099164][T16528] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4572'. [ 335.120833][ T3735] usb 1-1: new full-speed USB device number 42 using dummy_hcd [ 335.270773][ T5914] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 335.308872][ T3735] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 335.331957][ T3735] usb 1-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00 [ 335.360682][ T3735] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.377523][ T3735] usb 1-1: config 0 descriptor?? [ 335.431323][ T5914] usb 6-1: Using ep0 maxpacket: 8 [ 335.452022][ T5914] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 335.472254][ T5914] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 335.484939][ T5914] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 335.499366][ T5914] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 335.512870][ T5914] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 335.523010][ T5914] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.755379][ T5914] usb 6-1: GET_CAPABILITIES returned 0 [ 335.763685][ T5914] usbtmc 6-1:16.0: can't read capabilities [ 335.796956][ T3735] hid (null): unknown global tag 0xe [ 335.815687][ T3735] elecom 0003:056E:00E6.0032: unknown main item tag 0x7 [ 335.830645][ T3735] elecom 0003:056E:00E6.0032: unknown global tag 0xe [ 335.831096][ T5976] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 335.837576][ T3735] elecom 0003:056E:00E6.0032: item 0 0 1 14 parsing failed [ 335.853418][ T3735] elecom 0003:056E:00E6.0032: probe with driver elecom failed with error -22 [ 335.873125][T16545] IPVS: You probably need to specify IP address on multicast interface. [ 335.884588][T16545] IPVS: Error connecting to the multicast addr [ 335.971923][ T5881] usb 6-1: USB disconnect, device number 16 [ 336.002352][ T5976] usb 2-1: Using ep0 maxpacket: 32 [ 336.009850][ T5976] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 336.020761][ T5976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.031577][ T5976] usb 2-1: config 0 descriptor?? [ 336.060603][ T8] usb 1-1: USB disconnect, device number 42 [ 336.250522][ T5976] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 336.262421][ T5976] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 336.273847][T16626] netlink: 'syz.2.4589': attribute type 11 has an invalid length. [ 336.283761][ T5976] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 336.319973][ T5976] usb 2-1: media controller created [ 336.370147][ T5976] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 336.839232][T16653] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4598'. [ 337.161097][ T5976] az6027: usb out operation failed. (-71) [ 337.166914][ T5976] stb0899_attach: Driver disabled by Kconfig [ 337.173731][ T5976] az6027: no front-end attached [ 337.173731][ T5976] [ 337.185278][ T5976] az6027: usb out operation failed. (-71) [ 337.198835][ T5976] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 337.217824][ T5976] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input72 [ 337.241020][ T5881] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 337.264390][ T5976] dvb-usb: schedule remote query interval to 400 msecs. [ 337.279301][ T5976] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 337.295219][ T5976] usb 2-1: USB disconnect, device number 47 [ 337.373565][ T5976] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 337.412210][ T5881] usb 3-1: Using ep0 maxpacket: 8 [ 337.419044][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 337.431832][ T5881] usb 3-1: New USB device found, idVendor=05ac, idProduct=0217, bcdDevice=cf.dc [ 337.451292][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 337.483126][ T5881] usb 3-1: config 0 descriptor?? [ 337.489678][T16690] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4604'. [ 337.491753][ T5881] appletouch 3-1:0.0: Could not find int-in endpoint [ 337.513900][ T5881] appletouch 3-1:0.0: probe with driver appletouch failed with error -5 [ 337.524280][ T5881] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 337.738094][ T5914] usb 3-1: USB disconnect, device number 40 [ 337.884694][T16719] ipvlan1: entered promiscuous mode [ 337.907508][T16719] ipvlan1: left promiscuous mode [ 338.347494][ T46] kernel write not supported for file /542/timerslack_ns (pid: 46 comm: kworker/1:1) [ 338.950883][T16777] block device autoloading is deprecated and will be removed. [ 339.504214][T16800] xt_hashlimit: size too large, truncated to 1048576 [ 339.901129][ T5976] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 339.973048][ T29] audit: type=1326 audit(1729833410.908:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16818 comm="syz.3.4650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 340.015125][ T29] audit: type=1326 audit(1729833410.908:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16818 comm="syz.3.4650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 340.061028][ T29] audit: type=1326 audit(1729833410.908:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16818 comm="syz.3.4650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 340.099882][ T5976] usb 2-1: Using ep0 maxpacket: 32 [ 340.117637][ T5976] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 340.138154][ T5976] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 2 [ 340.147784][ T29] audit: type=1326 audit(1729833410.938:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16818 comm="syz.3.4650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 340.200302][ T29] audit: type=1326 audit(1729833410.938:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16818 comm="syz.3.4650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 340.223657][ T5976] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 340.232634][T16827] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4653'. [ 340.233241][ T5976] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.269962][ T5976] usb 2-1: Product: syz [ 340.274325][ T5976] usb 2-1: Manufacturer: syz [ 340.279107][ T5976] usb 2-1: SerialNumber: syz [ 340.290576][ T29] audit: type=1326 audit(1729833410.946:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16818 comm="syz.3.4650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 340.341321][ T29] audit: type=1326 audit(1729833410.946:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16818 comm="syz.3.4650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 340.543749][ T5976] usb 2-1: USB disconnect, device number 48 [ 341.007444][T16869] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 342.179199][ T29] audit: type=1326 audit(1729833413.116:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16908 comm="syz.0.4679" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f617a97e719 code=0x0 [ 342.448510][T16929] IPVS: sh: TCP 172.20.20.170:0 - no destination available [ 342.474260][T16931] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4691'. [ 343.141689][T16967] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4703'. [ 343.201009][T16967] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4703'. [ 343.400556][ T5914] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 343.596721][ T5914] usb 2-1: Using ep0 maxpacket: 16 [ 343.622306][ T5914] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA5, changing to 0x85 [ 343.651129][ T5914] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 104 [ 343.681475][ T5914] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 343.690971][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.699054][ T5914] usb 2-1: Product: syz [ 343.722228][ T5914] usb 2-1: Manufacturer: syz [ 343.730642][ T5914] usb 2-1: SerialNumber: syz [ 343.741387][ T5914] usb 2-1: config 0 descriptor?? [ 343.764704][T16955] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 343.781147][ T5914] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input74 [ 343.960473][ T29] audit: type=1326 audit(1729833414.896:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17009 comm="syz.5.4717" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1fa877e719 code=0x0 [ 344.009278][ T3735] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 344.172543][ T3735] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 344.184041][ T3735] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.211955][ T3735] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 344.234235][ T3735] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 344.253890][ T3735] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 344.273187][ T3735] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 344.314280][ T3735] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 344.329405][ T3735] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.347990][ T3735] usb 1-1: Product: syz [ 344.360022][ T3735] usb 1-1: Manufacturer: syz [ 344.374144][ T3735] usb 1-1: SerialNumber: syz [ 344.445629][ C1] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1 [ 344.462618][ T46] usb 2-1: USB disconnect, device number 49 [ 344.640705][ T5881] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 344.803229][ T5881] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 344.827305][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.847765][ T5881] usb 3-1: config 0 descriptor?? [ 344.856243][ T5881] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 345.061786][ T5881] gp8psk: usb in 128 operation failed. [ 345.273264][ T5881] gp8psk: usb in 146 operation failed. [ 345.278924][ T5881] gp8psk: failed to get FW version [ 345.291953][T17076] input: syz1 as /devices/virtual/input/input75 [ 345.320106][ T5881] gp8psk: FPGA Version = 9 [ 345.403484][ T3735] cdc_ncm 1-1:1.0: SET_NTB_FORMAT failed [ 345.440845][ T3735] cdc_ncm 1-1:1.0: bind() failure [ 345.456961][ T3735] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 345.480577][ T3735] cdc_ncm 1-1:1.1: bind() failure [ 345.501872][ T3735] usb 1-1: USB disconnect, device number 43 [ 345.521737][ T5881] gp8psk: usb in 138 operation failed. [ 345.530733][ T5881] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 345.558943][ T5881] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 345.574577][ T5881] usb 3-1: media controller created [ 345.597545][ T5881] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 345.648261][ T5881] gp8psk_fe: Frontend attached [ 345.661101][ T5881] usb 3-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 345.679422][ T5881] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 345.744102][ T5881] gp8psk: usb in 138 operation failed. [ 345.749622][ T5881] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 345.779840][ T5881] gp8psk: found Genpix USB device pID = 203 (hex) [ 345.794229][ T5881] usb 3-1: USB disconnect, device number 41 [ 345.881739][ T5881] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 345.972128][T17141] Invalid ELF header magic: != ELF [ 346.435154][T17158] netlink: 'syz.5.4750': attribute type 2 has an invalid length. [ 346.672672][ T5976] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 346.792864][T17184] 9pnet_fd: p9_fd_create_unix (17184): problem connecting socket: ./file0: -111 [ 346.879715][ T5976] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 346.889182][ T5976] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.907900][ T5976] usb 1-1: config 0 descriptor?? [ 346.925378][ T5976] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 347.050790][T17203] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 347.063642][T17205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4766'. [ 347.121751][ T46] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 347.147272][ T5849] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 347.292440][ T46] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 347.330642][ T46] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 347.359375][ T46] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 347.390552][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 347.398598][ T46] usb 2-1: SerialNumber: syz [ 347.628523][ T46] usb 2-1: 0:2 : does not exist [ 347.647549][ T46] usb 2-1: usbmixer: too many channels (61) in unit 5 [ 347.707210][ T46] usb 2-1: USB disconnect, device number 50 [ 347.769315][ T5976] gspca_stv06xx: I2C: Read error writing address: -71 [ 347.799174][ T5976] usb 1-1: USB disconnect, device number 44 [ 347.830133][T17257] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.4778'. [ 348.500637][ T5914] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 348.660769][ T5914] usb 4-1: Using ep0 maxpacket: 8 [ 348.667727][ T5914] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 348.678471][ T5914] usb 4-1: New USB device found, idVendor=05ac, idProduct=0217, bcdDevice=cf.dc [ 348.727288][ T5914] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.753071][ T5914] usb 4-1: config 0 descriptor?? [ 348.788296][ T5914] appletouch 4-1:0.0: Could not find int-in endpoint [ 348.805430][ T5914] appletouch 4-1:0.0: probe with driver appletouch failed with error -5 [ 348.827946][ T5914] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 348.840617][ T46] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 349.040707][ T46] usb 2-1: Using ep0 maxpacket: 16 [ 349.041238][ T5828] usb 4-1: USB disconnect, device number 43 [ 349.047424][ T46] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 349.060099][ T46] usb 2-1: config 0 has no interface number 0 [ 349.068464][ T46] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 349.077635][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 349.085731][ T46] usb 2-1: Product: syz [ 349.089908][ T46] usb 2-1: Manufacturer: syz [ 349.094685][ T46] usb 2-1: SerialNumber: syz [ 349.101700][ T46] usb 2-1: config 0 descriptor?? [ 349.126401][ T46] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 349.397707][T17366] ebt_limit: overflow, try lower: 570423552/2483027968 [ 349.690926][ T5914] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 349.721563][T17377] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4812'. [ 349.881324][ T5914] usb 3-1: Using ep0 maxpacket: 16 [ 349.888313][ T5914] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 349.902001][ T5914] usb 3-1: config 0 interface 0 has no altsetting 0 [ 349.908730][ T5914] usb 3-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 349.918899][ T5914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 349.934142][ T5914] usb 3-1: config 0 descriptor?? [ 350.173956][ T46] gspca_spca1528: reg_w err -71 [ 350.193317][ T46] spca1528 2-1:0.1: probe with driver spca1528 failed with error -71 [ 350.222418][ T46] usb 2-1: USB disconnect, device number 51 [ 350.372076][T17368] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 350.381428][T17368] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 350.395718][ T5914] kye 0003:0458:0138.0033: unknown main item tag 0x0 [ 350.410639][ T5914] kye 0003:0458:0138.0033: unknown main item tag 0x0 [ 350.420564][ T5914] kye 0003:0458:0138.0033: unexpected long global item [ 350.427954][ T5914] kye 0003:0458:0138.0033: parse failed [ 350.433761][ T5914] kye 0003:0458:0138.0033: probe with driver kye failed with error -22 [ 350.616193][ T5914] usb 3-1: USB disconnect, device number 42 [ 350.641159][ T5849] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 350.650688][ T5849] Bluetooth: hci0: command 0x0401 tx timeout [ 351.096773][T17437] netlink: 4272 bytes leftover after parsing attributes in process `syz.5.4826'. [ 351.114688][T17437] netlink: 'syz.5.4826': attribute type 1 has an invalid length. [ 351.134959][T17437] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4826'. [ 351.211341][ T5846] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 351.222292][ T5846] Bluetooth: hci0: Injecting HCI hardware error event [ 351.232327][ T5846] Bluetooth: hci0: hardware error 0x00 [ 351.700758][ T46] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 351.865429][ T46] usb 6-1: Using ep0 maxpacket: 32 [ 351.875695][ T46] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 351.885684][ T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 351.894057][ T46] usb 6-1: Product: syz [ 351.898251][ T46] usb 6-1: Manufacturer: syz [ 351.907064][ T46] usb 6-1: SerialNumber: syz [ 351.926822][ T46] usb 6-1: config 0 descriptor?? [ 351.963139][ T46] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 352.104410][ T29] audit: type=1326 audit(1729833423.046:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17504 comm="syz.3.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 352.125976][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.175949][T17509] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 352.218290][ T29] audit: type=1326 audit(1729833423.076:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17504 comm="syz.3.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 352.239880][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.290730][ T29] audit: type=1326 audit(1729833423.086:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17504 comm="syz.3.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 352.352021][ T29] audit: type=1326 audit(1729833423.086:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17504 comm="syz.3.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 352.356000][ T46] gspca_ov534_9: reg_w failed -71 [ 352.373597][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.421127][ T29] audit: type=1326 audit(1729833423.086:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17504 comm="syz.3.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x7ffc0000 [ 352.442695][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.510282][ C1] sd 0:0:1:0: [sda] tag#3354 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 352.520796][ C1] sd 0:0:1:0: [sda] tag#3354 CDB: Write(6) 0a 00 00 00 00 00 00 00 00 00 00 00 [ 352.568342][T17535] netlink: 120 bytes leftover after parsing attributes in process `syz.2.4860'. [ 352.598259][T17535] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4860'. [ 352.830664][ T46] gspca_ov534_9: Unknown sensor 0000 [ 352.830742][ T46] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22 [ 352.886934][ T46] usb 6-1: USB disconnect, device number 17 [ 353.361152][ T5846] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 353.404173][T17594] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 353.742390][ T5828] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 353.910831][ T5828] usb 6-1: Using ep0 maxpacket: 8 [ 353.922430][ T5828] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 353.940534][ T5828] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x2C, changing to 0xC [ 353.974807][ T5828] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 64 [ 354.010821][ T5828] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 2.40 [ 354.032515][ T5828] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.048220][T17629] ptrace attach of ""[17630] was attempted by "./syz-executor exec"[17629] [ 354.063761][T17608] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 355.092333][T17682] vivid-004: disconnect [ 355.101505][T17681] vivid-004: reconnect [ 355.175878][ T5828] cdc_ncm 6-1:1.0: bind() failure [ 355.198212][ T5828] usbtest 6-1:1.1: probe with driver usbtest failed with error -71 [ 355.238249][ T5828] usb 6-1: USB disconnect, device number 18 [ 355.673044][T17702] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:00, vlan:0) [ 355.874594][T17709] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:00, vlan:0) [ 356.309357][T17746] loop2: detected capacity change from 0 to 7 [ 356.316638][T17746] Dev loop2: unable to read RDB block 7 [ 356.329212][T17746] loop2: unable to read partition table [ 356.335517][T17746] loop2: partition table beyond EOD, truncated [ 356.355680][T17746] loop_reread_partitions: partition scan of loop2 (þ被) failed (rc=-5) [ 356.552346][ T46] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 356.711336][ T46] usb 4-1: Using ep0 maxpacket: 32 [ 356.728047][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 356.750919][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 356.781545][ T46] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 356.809561][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.845645][ T46] usb 4-1: config 0 descriptor?? [ 357.070714][ T5881] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 357.249205][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 357.273343][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 357.306606][ T46] lua 0003:1E7D:2C2E.0034: global environment stack underflow [ 357.307610][ T5881] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 357.314859][ T46] lua 0003:1E7D:2C2E.0034: item 0 0 1 11 parsing failed [ 357.326582][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.347310][ T5881] usb 3-1: config 0 descriptor?? [ 357.355692][ T46] lua 0003:1E7D:2C2E.0034: parse failed [ 357.367650][ T46] lua 0003:1E7D:2C2E.0034: probe with driver lua failed with error -22 [ 357.514616][ T5828] usb 4-1: USB disconnect, device number 44 [ 357.767918][ T5881] cm6533_jd 0003:0D8C:0022.0035: unknown main item tag 0x0 [ 357.789190][ T5881] cm6533_jd 0003:0D8C:0022.0035: unknown main item tag 0x0 [ 357.800375][ T5881] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0035/input/input76 [ 357.822247][ T5881] cm6533_jd 0003:0D8C:0022.0035: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 357.830676][ T46] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 357.947985][T17683] syz.1.4912 (17683): drop_caches: 1 [ 357.980165][ T5881] usb 3-1: USB disconnect, device number 43 [ 358.000625][ T46] usb 6-1: Using ep0 maxpacket: 32 [ 358.012714][ T46] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 358.027803][ T46] usb 6-1: config 0 has no interface number 0 [ 358.053428][ T46] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 358.070692][ T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.078737][ T46] usb 6-1: Product: syz [ 358.093602][ T46] usb 6-1: Manufacturer: syz [ 358.098742][ T46] usb 6-1: SerialNumber: syz [ 358.124629][ T46] usb 6-1: config 0 descriptor?? [ 358.152287][ T46] smsc95xx v2.0.0 [ 358.205590][T17854] netlink: 'syz.3.4952': attribute type 1 has an invalid length. [ 358.230773][T17854] netlink: 9328 bytes leftover after parsing attributes in process `syz.3.4952'. [ 358.239959][T17854] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4952'. [ 358.261451][T17854] netlink: 'syz.3.4952': attribute type 1 has an invalid length. [ 358.571620][ T46] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 358.582647][ T46] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 358.591155][T17891] netlink: 'syz.3.4958': attribute type 21 has an invalid length. [ 358.603882][T17891] netlink: 128 bytes leftover after parsing attributes in process `syz.3.4958'. [ 358.626545][T17891] netlink: 'syz.3.4958': attribute type 5 has an invalid length. [ 358.637871][T17891] netlink: 'syz.3.4958': attribute type 6 has an invalid length. [ 358.649663][T17891] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4958'. [ 358.678213][T17891] netlink: 'syz.3.4958': attribute type 21 has an invalid length. [ 358.686703][T17891] netlink: 128 bytes leftover after parsing attributes in process `syz.3.4958'. [ 358.696886][T17891] netlink: 'syz.3.4958': attribute type 5 has an invalid length. [ 358.710013][T17891] netlink: 'syz.3.4958': attribute type 6 has an invalid length. [ 358.728370][T17891] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4958'. [ 358.943386][T17902] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4963'. [ 359.009828][ T46] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000108: -71 [ 359.033994][ T46] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 359.045397][ T46] usb 6-1: USB disconnect, device number 19 [ 359.093787][T17910] netlink: 'syz.3.4961': attribute type 4 has an invalid length. [ 359.107049][T17920] Bluetooth: hci4: Opcode 0x0c20 failed: -22 [ 359.242791][T17927] netlink: 'syz.2.4967': attribute type 3 has an invalid length. [ 359.512242][T17942] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4975'. [ 359.541440][T17942] (unnamed net_device) (uninitialized): option ad_select: invalid value (36) [ 359.630129][T17944] syzkaller1: entered promiscuous mode [ 359.680894][T17944] syzkaller1: entered allmulticast mode [ 359.792119][T17967] overlayfs: failed to clone upperpath [ 359.847328][ T5881] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 359.925614][T17973] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 360.042785][ T5881] usb 2-1: config 0 has an invalid interface number: 185 but max is 0 [ 360.060893][ T5881] usb 2-1: config 0 has an invalid interface association descriptor of length 5, skipping [ 360.086417][ T5881] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config [ 360.123215][ T5881] usb 2-1: config 0 has no interface number 0 [ 360.139561][ T5881] usb 2-1: config 0 interface 185 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 360.164245][ T5881] usb 2-1: config 0 interface 185 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 16 [ 360.195832][ T5881] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=d2.82 [ 360.205369][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.236444][ T5881] usb 2-1: Product: syz [ 360.244234][ T5881] usb 2-1: Manufacturer: syz [ 360.255382][ T5881] usb 2-1: SerialNumber: syz [ 360.268872][ T5881] usb 2-1: config 0 descriptor?? [ 360.279671][ T5881] cdc_ether 2-1:0.185: skipping garbage [ 360.310710][ T5881] cdc_ether 2-1:0.185: skipping garbage [ 360.326554][ T5881] cdc_ether 2-1:0.185: skipping garbage [ 360.333040][ T5881] usb 2-1: bad CDC descriptors [ 360.338243][ T5881] usb 2-1: unsupported MDLM descriptors [ 360.355251][ T5976] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 360.526552][ T5976] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 360.543968][ T5976] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 360.574205][ T5976] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 360.579474][ T3735] usb 2-1: USB disconnect, device number 52 [ 360.590480][ T5976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 360.627622][ T5976] usb 4-1: SerialNumber: syz [ 360.851117][ T5976] usb 4-1: 0:2 : does not exist [ 360.875596][ T5976] usb 4-1: USB disconnect, device number 45 [ 360.981324][ T8] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 361.120638][ T5846] Bluetooth: hci4: command tx timeout [ 361.160815][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 361.179267][ T8] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 361.198959][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.216053][ T8] usb 1-1: Product: syz [ 361.220982][ T8] usb 1-1: Manufacturer: syz [ 361.225743][ T8] usb 1-1: SerialNumber: syz [ 361.243737][ T8] usb 1-1: config 0 descriptor?? [ 361.252529][ T8] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 362.122873][T18110] sctp: [Deprecated]: syz.5.5012 (pid 18110) Use of int in maxseg socket option. [ 362.122873][T18110] Use struct sctp_assoc_value instead [ 362.221976][T18114] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5015'. [ 362.342327][ T8] gspca_ov534_9: reg_w failed -71 [ 362.661443][ T8] gspca_ov534_9: Unknown sensor 0000 [ 362.661517][ T8] ov534_9 1-1:0.0: probe with driver ov534_9 failed with error -22 [ 362.691033][ T8] usb 1-1: USB disconnect, device number 45 [ 363.051307][T18171] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5031'. [ 363.181319][ T5976] usb 2-1: new high-speed USB device number 53 using dummy_hcd [ 363.242098][T18180] vivid-000: ================= START STATUS ================= [ 363.250391][T18180] vivid-000: Radio HW Seek Mode: Bounded [ 363.288411][T18180] vivid-000: Radio Programmable HW Seek: false [ 363.305589][T18180] vivid-000: RDS Rx I/O Mode: Block I/O [ 363.331232][T18180] vivid-000: Generate RBDS Instead of RDS: false [ 363.337706][T18180] vivid-000: RDS Reception: true [ 363.371061][T18180] vivid-000: RDS Program Type: 0 inactive [ 363.382991][ T5976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 363.395087][T18180] vivid-000: RDS PS Name: inactive [ 363.400366][T18180] vivid-000: RDS Radio Text: [ 363.410985][ T5976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 363.425657][T18180] inactive [ 363.428805][T18180] vivid-000: RDS Traffic Announcement: false inactive [ 363.446411][T18180] vivid-000: RDS Traffic Program: false inactive [ 363.453009][ T5976] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 363.470457][T18180] vivid-000: RDS Music: false inactive [ 363.487551][ T5976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.496812][T18180] vivid-000: ================== END STATUS ================== [ 363.508517][ T5976] usb 2-1: config 0 descriptor?? [ 363.942811][ T5976] cm6533_jd 0003:0D8C:0022.0036: unknown main item tag 0x0 [ 363.950387][ T5976] cm6533_jd 0003:0D8C:0022.0036: unknown main item tag 0x0 [ 363.977880][ T5976] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0036/input/input77 [ 363.994816][T18216] loop2: detected capacity change from 0 to 7 [ 364.014458][T18216] Dev loop2: unable to read RDB block 7 [ 364.032416][T18216] loop2: unable to read partition table [ 364.038180][T18216] loop2: partition table beyond EOD, truncated [ 364.045064][ T5828] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 364.055692][ T5976] cm6533_jd 0003:0D8C:0022.0036: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 364.068752][T18216] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 364.106281][ T7666] bridge0: port 3(syz_tun) entered disabled state [ 364.144954][ T7666] syz_tun (unregistering): left allmulticast mode [ 364.165831][ T7666] syz_tun (unregistering): left promiscuous mode [ 364.173600][ T25] usb 2-1: USB disconnect, device number 53 [ 364.185072][ T7666] bridge0: port 3(syz_tun) entered disabled state [ 364.200976][ T5828] usb 4-1: Using ep0 maxpacket: 8 [ 364.211893][ T5828] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 364.235126][ T5828] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 364.249016][ T5828] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 364.265805][ T5828] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 364.284019][ T5828] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 364.305514][ T5828] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 364.316824][ T5827] syz-executor (5827) used greatest stack depth: 18008 bytes left [ 364.331231][ T5828] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.426423][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.562720][ T5828] usb 4-1: usb_control_msg returned -32 [ 364.568770][ T5828] usbtmc 4-1:16.0: can't read capabilities [ 364.586698][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.709609][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.866004][ T35] team0: Port device netdevsim0 removed [ 364.882362][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.951641][ T5828] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 365.020079][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 365.038181][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 365.051881][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 365.065700][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 365.078721][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 365.088886][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 365.124795][ T5828] usb 6-1: Using ep0 maxpacket: 32 [ 365.134024][ T5828] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 365.142727][ T5828] usb 6-1: config 0 has no interface number 0 [ 365.144593][T18285] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.151701][ T5828] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 365.169121][ T5828] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.177829][ T5828] usb 6-1: Product: syz [ 365.182277][ T5828] usb 6-1: Manufacturer: syz [ 365.187181][ T5828] usb 6-1: SerialNumber: syz [ 365.198241][ T5828] usb 6-1: config 0 descriptor?? [ 365.207241][ T5828] smsc95xx v2.0.0 [ 365.292778][T18285] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.378338][T18285] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.479875][T18285] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.523204][T18279] chnl_net:caif_netlink_parms(): no params data found [ 365.664906][T18285] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.692156][T18285] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.701742][T18279] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.708947][T18279] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.716347][T18279] bridge_slave_0: entered allmulticast mode [ 365.723484][T18279] bridge_slave_0: entered promiscuous mode [ 365.732462][T18279] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.745399][T18279] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.753267][T18279] bridge_slave_1: entered allmulticast mode [ 365.760177][T18279] bridge_slave_1: entered promiscuous mode [ 365.778969][T18285] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.858567][T18285] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.874507][T18279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 365.886849][T18279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 365.919766][T18487] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5065'. [ 365.930048][T18487] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5065'. [ 365.947700][T18487] macvlan0: entered promiscuous mode [ 365.959171][T18487] batadv_slave_0: entered promiscuous mode [ 365.970127][T18487] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 365.978626][T18487] Cannot create hsr debugfs directory [ 365.989534][T18487] hsr1: Slave B (batadv_slave_0) is not up; please bring it up to get a fully working HSR network [ 366.049924][T18279] team0: Port device team_slave_0 added [ 366.061692][T18279] team0: Port device team_slave_1 added [ 366.135103][T18279] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 366.152203][T18279] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.181623][T18279] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 366.195398][T18279] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 366.203218][T18279] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.250228][T18279] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 366.290623][ T5828] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 366.317694][ T5828] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 366.346706][ T5828] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 366.359009][ T5828] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 366.399007][T18279] hsr_slave_0: entered promiscuous mode [ 366.408853][T18279] hsr_slave_1: entered promiscuous mode [ 366.428069][ T5828] usb 6-1: USB disconnect, device number 20 [ 366.442302][T18279] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 366.449915][T18279] Cannot create hsr debugfs directory [ 366.659505][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.674816][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 366.806608][ T5828] usb 4-1: USB disconnect, device number 46 [ 366.916501][ T29] audit: type=1326 audit(1729833437.856:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18675 comm="syz.3.5076" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe09337e719 code=0x0 [ 367.142259][T18682] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 367.169719][ T35] team0: Port device bridge0 removed [ 367.201619][ T5846] Bluetooth: hci1: command tx timeout [ 367.587686][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 367.617061][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 367.636635][ T35] bond0 (unregistering): Released all slaves [ 367.769596][ T35] tipc: Left network mode [ 367.837979][ T29] audit: type=1326 audit(1729833438.776:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18700 comm="syz.2.5085" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b3337e719 code=0x0 [ 368.284477][ T35] hsr_slave_0: left promiscuous mode [ 368.301989][ T35] hsr_slave_1: left promiscuous mode [ 368.327173][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 368.345229][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 368.359114][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 368.366963][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 368.406597][ T35] bridge_slave_0: left allmulticast mode [ 368.417630][ T35] veth1_macvtap: left promiscuous mode [ 368.423350][ T35] veth0_macvtap: left promiscuous mode [ 368.429091][ T35] veth1_vlan: left promiscuous mode [ 368.434606][ T35] veth0_vlan: left promiscuous mode [ 368.953410][ T5828] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 369.160914][ T5828] usb 2-1: Using ep0 maxpacket: 8 [ 369.188231][ T5828] usb 2-1: config 0 has no interfaces? [ 369.201607][ T5828] usb 2-1: config 0 has no interfaces? [ 369.208477][ T5828] usb 2-1: config 0 has no interfaces? [ 369.226711][ T5828] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 369.237374][ T5828] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.245606][ T5828] usb 2-1: Product: syz [ 369.249975][ T5828] usb 2-1: Manufacturer: syz [ 369.255444][ T5828] usb 2-1: SerialNumber: syz [ 369.262137][ T5828] usb 2-1: config 0 descriptor?? [ 369.282467][ T5846] Bluetooth: hci1: command tx timeout [ 369.374129][ T35] team0 (unregistering): Port device team_slave_1 removed [ 369.460286][ T35] team0 (unregistering): Port device team_slave_0 removed [ 369.488129][T18749] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 369.498431][T18749] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 369.509277][T18749] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 369.520683][T18749] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 369.531894][ T5828] usb 2-1: USB disconnect, device number 54 [ 370.011261][ T5828] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 370.066133][T18798] syz.5.5108: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 370.095254][T18798] CPU: 0 UID: 0 PID: 18798 Comm: syz.5.5108 Not tainted 6.12.0-rc4-syzkaller-00161-gae90f6a6170d #0 [ 370.106173][T18798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 370.116260][T18798] Call Trace: [ 370.119579][T18798] [ 370.122541][T18798] dump_stack_lvl+0x241/0x360 [ 370.127263][T18798] ? __pfx_dump_stack_lvl+0x10/0x10 [ 370.132496][T18798] ? __pfx__printk+0x10/0x10 [ 370.137114][T18798] ? __rcu_read_unlock+0xa1/0x110 [ 370.142151][T18798] warn_alloc+0x278/0x410 [ 370.146479][T18798] ? stack_depot_save_flags+0x29/0x830 [ 370.152027][T18798] ? __vmalloc_node_range_noprof+0x106/0x13f0 [ 370.158124][T18798] ? __pfx_warn_alloc+0x10/0x10 [ 370.162981][T18798] ? kasan_save_track+0x3f/0x80 [ 370.167829][T18798] ? __kasan_kmalloc+0x98/0xb0 [ 370.172630][T18798] ? xsk_setsockopt+0x598/0x950 [ 370.177484][T18798] ? do_sock_setsockopt+0x3af/0x720 [ 370.182685][T18798] ? __sys_setsockopt+0x1a2/0x250 [ 370.187729][T18798] ? __x64_sys_setsockopt+0xb5/0xd0 [ 370.192950][T18798] ? do_syscall_64+0xf3/0x230 [ 370.197647][T18798] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.203746][T18798] __vmalloc_node_range_noprof+0x126/0x13f0 [ 370.209658][T18798] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 370.216021][T18798] ? __kasan_kmalloc+0x98/0xb0 [ 370.220795][T18798] ? xskq_create+0x54/0x170 [ 370.225317][T18798] vmalloc_user_noprof+0x74/0x80 [ 370.230276][T18798] ? xskq_create+0xb6/0x170 [ 370.234781][T18798] xskq_create+0xb6/0x170 [ 370.239130][T18798] xsk_init_queue+0xa1/0x100 [ 370.243742][T18798] xsk_setsockopt+0x598/0x950 [ 370.248424][T18798] ? __pfx_xsk_setsockopt+0x10/0x10 [ 370.253629][T18798] ? __pfx_lock_acquire+0x10/0x10 [ 370.258660][T18798] ? __fget_files+0x29/0x470 [ 370.263252][T18798] ? __pfx_lock_release+0x10/0x10 [ 370.268276][T18798] ? do_futex+0x33b/0x560 [ 370.272610][T18798] ? __pfx_xsk_setsockopt+0x10/0x10 [ 370.277812][T18798] do_sock_setsockopt+0x3af/0x720 [ 370.282836][T18798] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 370.288377][T18798] ? __fget_files+0x29/0x470 [ 370.292988][T18798] ? __fget_files+0x3f3/0x470 [ 370.297689][T18798] ? __fget_files+0x29/0x470 [ 370.302293][T18798] __sys_setsockopt+0x1a2/0x250 [ 370.307176][T18798] __x64_sys_setsockopt+0xb5/0xd0 [ 370.312201][T18798] do_syscall_64+0xf3/0x230 [ 370.316707][T18798] ? clear_bhb_loop+0x35/0x90 [ 370.321382][T18798] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.327277][T18798] RIP: 0033:0x7f1fa877e719 [ 370.331694][T18798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 370.351325][T18798] RSP: 002b:00007f1fa9522038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 370.359740][T18798] RAX: ffffffffffffffda RBX: 00007f1fa8935f80 RCX: 00007f1fa877e719 [ 370.367708][T18798] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003 [ 370.375687][T18798] RBP: 00007f1fa87f12be R08: 0000000000000020 R09: 0000000000000000 [ 370.383681][T18798] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 370.391678][T18798] R13: 0000000000000000 R14: 00007f1fa8935f80 R15: 00007ffe16d490d8 [ 370.399676][T18798] [ 370.419135][T18798] Mem-Info: [ 370.422418][T18798] active_anon:14 inactive_anon:18870 isolated_anon:0 [ 370.422418][T18798] active_file:3056 inactive_file:10602 isolated_file:0 [ 370.422418][T18798] unevictable:768 dirty:169 writeback:0 [ 370.422418][T18798] slab_reclaimable:6203 slab_unreclaimable:97954 [ 370.422418][T18798] mapped:21430 shmem:16598 pagetables:813 [ 370.422418][T18798] sec_pagetables:0 bounce:0 [ 370.422418][T18798] kernel_misc_reclaimable:0 [ 370.422418][T18798] free:1358171 free_pcp:6683 free_cma:0 [ 370.468773][ T5828] usb 2-1: Using ep0 maxpacket: 8 [ 370.476195][T18798] Node 0 active_anon:56kB inactive_anon:75480kB active_file:12164kB inactive_file:42400kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:85660kB dirty:668kB writeback:0kB shmem:64856kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11108kB pagetables:3252kB sec_pagetables:0kB all_unreclaimable? no [ 370.511311][T18798] Node 1 active_anon:0kB inactive_anon:0kB active_file:60kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:60kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 370.542905][T18798] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 370.570671][T18798] lowmem_reserve[]: 0 2465 2466 0 0 [ 370.576049][T18798] Node 0 DMA32 free:1533264kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:52kB inactive_anon:75108kB active_file:11712kB inactive_file:42384kB unevictable:1536kB writepending:668kB present:3129332kB managed:2552504kB mlocked:0kB bounce:0kB free_pcp:2080kB local_pcp:416kB free_cma:0kB [ 370.607982][T18798] lowmem_reserve[]: 0 0 0 0 0 [ 370.612885][ T5828] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 370.623913][ T5828] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 370.633800][T18798] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:372kB active_file:452kB inactive_file:16kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:36kB local_pcp:32kB free_cma:0kB [ 370.633952][T18798] lowmem_reserve[]: 0 0 0 0 0 [ 370.634000][T18798] Node 1 Normal free:3884184kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:60kB inactive_file:8kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:24956kB local_pcp:19100kB free_cma:0kB [ 370.634060][T18798] lowmem_reserve[]: 0 0 0 0 0 [ 370.634106][T18798] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB [ 370.634233][ T5828] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 370.688572][T18279] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 370.696202][ T5828] usb 2-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice= 0.00 [ 370.735464][ T5828] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 370.745623][ T5828] usb 2-1: config 0 descriptor?? [ 370.751416][T18798] 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 370.762453][T18798] Node 0 DMA32: 537*4kB (UME) 286*8kB (UME) 160*16kB (UME) 271*32kB (UME) 92*64kB (UME) 82*128kB (UME) 183*256kB (UME) 166*512kB (UME) 85*1024kB (UME) 32*2048kB (UME) 297*4096kB (UM) = 1532980kB [ 370.789804][T18798] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 370.801853][T18798] Node 1 Normal: 208*4kB (UME) 57*8kB (UME) 45*16kB (UME) 162*32kB (UME) 88*64kB (UME) 35*128kB (UM) 15*256kB (UME) 13*512kB (UME) 4*1024kB (ME) 3*2048kB (UME) 939*4096kB (M) = 3884184kB [ 370.831976][T18279] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 370.832438][ T5828] imon:imon_init_intf0: usb_submit_urb failed for intf0 (-90) [ 370.848213][ T5828] imon 2-1:0.0: unable to initialize intf0, err -90 [ 370.855373][ T5828] imon:imon_probe: failed to initialize context! [ 370.860727][T18798] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 370.861744][ T5828] imon 2-1:0.0: unable to register, err -19 [ 370.879527][T18279] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 370.913008][T18798] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 370.939693][T18798] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 370.950630][T18798] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 370.960166][T18798] 30258 total pagecache pages [ 370.960233][T18279] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 370.970592][T18798] 2 pages in swap cache [ 370.976002][T18798] Free swap = 124352kB [ 370.980182][T18798] Total swap = 124996kB [ 370.984726][T18798] 2097051 pages RAM [ 370.988682][T18798] 0 pages HighMem/MovableOnly [ 370.994265][T18798] 427073 pages reserved [ 370.998545][T18798] 0 pages cma reserved [ 371.031056][ T25] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 371.149026][ T8] usb 2-1: USB disconnect, device number 55 [ 371.194864][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 371.210963][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 371.233435][T18279] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.242855][ T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 371.266457][ T25] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 371.277141][ T35] IPVS: stop unused estimator thread 0... [ 371.277807][T18279] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.299296][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.314799][T18387] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.322021][T18387] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.338049][ T25] usb 3-1: config 0 descriptor?? [ 371.365573][ T5846] Bluetooth: hci1: command tx timeout [ 371.367475][T18387] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.378136][T18387] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.629078][ T29] audit: type=1326 audit(1729833442.566:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18852 comm="syz.5.5118" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1fa877e719 code=0x0 [ 371.769866][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.776667][T18279] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.777633][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.803124][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.816946][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.839505][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.841151][T18279] veth0_vlan: entered promiscuous mode [ 371.857403][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.877644][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.886694][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.888902][T18279] veth1_vlan: entered promiscuous mode [ 371.907740][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.918536][ T25] microsoft 0003:045E:07DA.0037: unknown main item tag 0x0 [ 371.928763][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 371.939702][ T25] HID 045e:07da: Invalid code 768 type 1 [ 371.946363][ T25] HID 045e:07da: Invalid code 769 type 1 [ 371.947943][T18279] veth0_macvtap: entered promiscuous mode [ 371.953014][ T25] HID 045e:07da: Invalid code 770 type 1 [ 371.972159][ T25] HID 045e:07da: Invalid code 771 type 1 [ 371.977954][ T25] HID 045e:07da: Invalid code 772 type 1 [ 371.981952][T18279] veth1_macvtap: entered promiscuous mode [ 371.991454][ T8] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 372.026508][T18279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.026830][ T25] HID 045e:07da: Invalid code 773 type 1 [ 372.042714][T18279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.042742][T18279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.042758][T18279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.044112][T18279] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 372.070703][ T25] HID 045e:07da: Invalid code 774 type 1 [ 372.087297][ T25] HID 045e:07da: Invalid code 775 type 1 [ 372.093686][ T25] HID 045e:07da: Invalid code 776 type 1 [ 372.095167][T18279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.111575][T18279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.122078][T18279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.124513][ T25] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0037/input/input78 [ 372.132606][T18279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.133763][T18279] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 372.171387][T18279] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.180295][T18279] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.189818][T18279] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.198740][T18279] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.222072][ T25] microsoft 0003:045E:07DA.0037: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 372.261559][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 372.273701][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 372.321755][ T8] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 372.344642][T18387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.353673][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.363158][T18387] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.374481][ T8] usb 4-1: config 0 descriptor?? [ 372.416154][ T3512] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.429558][ T3512] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.598806][ T5831] usb 3-1: USB disconnect, device number 44 [ 373.030049][ T29] audit: type=1804 audit(1729833443.966:338): pid=18900 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.5125" name="/" dev="pidfs" ino=19206 res=1 errno=0 [ 373.197958][ T8] hid-led 0003:27B8:01ED.0038: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.3-1/input0 [ 373.232243][ T8] hid-led 0003:27B8:01ED.0038: ThingM blink(1) v1 initialized [ 373.408682][ T3735] usb 4-1: USB disconnect, device number 47 [ 373.976264][ T3512] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.464825][T18995] validate_nla: 1 callbacks suppressed [ 374.464843][T18995] netlink: 'syz.2.5149': attribute type 1 has an invalid length. [ 374.490716][T18995] netlink: 9320 bytes leftover after parsing attributes in process `syz.2.5149'. [ 374.499892][T18995] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5149'. [ 374.526846][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 374.543415][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 374.553683][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 374.561468][T18995] netlink: 'syz.2.5149': attribute type 1 has an invalid length. [ 374.569474][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 374.579534][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 374.587411][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 374.591148][T18995] netlink: 'syz.2.5149': attribute type 2 has an invalid length. [ 375.083690][ T3512] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.404834][ T3512] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.712626][ T3512] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.774367][T18996] chnl_net:caif_netlink_parms(): no params data found [ 376.275370][T18996] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.310822][T18996] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.346352][T18996] bridge_slave_0: entered allmulticast mode [ 376.360202][T18996] bridge_slave_0: entered promiscuous mode [ 376.430634][T18996] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.453222][T18996] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.467951][T18996] bridge_slave_1: entered allmulticast mode [ 376.484200][T18996] bridge_slave_1: entered promiscuous mode [ 376.656442][ T5846] Bluetooth: hci1: command tx timeout [ 376.668382][T18996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 376.719480][T18996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 376.791169][ T5828] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 377.032388][ T3512] bridge_slave_1: left allmulticast mode [ 377.038093][ T3512] bridge_slave_1: left promiscuous mode [ 377.060577][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 377.100771][ T3512] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.196370][ T3512] bridge_slave_0: left allmulticast mode [ 377.215572][ T3512] bridge_slave_0: left promiscuous mode [ 377.258569][ T3512] bridge0: port 1(bridge_slave_0) entered disabled state [ 377.330907][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 377.539048][T19027] syz.2.5153 (19027): drop_caches: 1 [ 378.036699][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 378.722421][ T5846] Bluetooth: hci1: command tx timeout [ 378.882797][T19265] netlink: 'syz.1.5171': attribute type 1 has an invalid length. [ 378.891049][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.891099][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.917336][T19265] netlink: 9116 bytes leftover after parsing attributes in process `syz.1.5171'. [ 378.944484][T19265] netlink: 'syz.1.5171': attribute type 2 has an invalid length. [ 378.960123][T19265] netlink: 193 bytes leftover after parsing attributes in process `syz.1.5171'. [ 379.171353][ T3512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 379.180762][T19278] Process accounting resumed [ 379.197311][ T3512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 379.220083][ T3512] bond0 (unregistering): Released all slaves [ 379.349561][T18996] team0: Port device team_slave_0 added [ 379.411317][ T5828] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 379.505552][T18996] team0: Port device team_slave_1 added [ 379.592175][ T5828] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 379.622244][ T5828] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 379.653711][ T5828] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 379.669330][ T5828] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 379.687993][ T5828] usb 2-1: SerialNumber: syz [ 379.712222][ T3735] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 379.720747][ T5831] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 379.758673][T18996] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 379.768721][T18996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 379.832762][T18996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 379.865415][T18996] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 379.878097][T18996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 379.911296][ T5831] usb 4-1: Using ep0 maxpacket: 16 [ 379.920607][ T3735] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 379.928550][ T5828] usb 2-1: 0:2 : does not exist [ 379.936981][ T3735] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.947270][ T3735] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 379.950952][ T5831] usb 4-1: config 0 has an invalid interface number: 107 but max is 0 [ 379.965371][ T5831] usb 4-1: config 0 has no interface number 0 [ 379.973387][ T5828] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 379.977416][T18996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 379.990710][ T5831] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 379.999386][ T3735] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.013438][ T5828] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5) [ 380.040487][ T5831] usb 4-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 380.051510][ T3735] usb 3-1: config 0 descriptor?? [ 380.070830][ T5831] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 380.084193][ T5828] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5) [ 380.110841][ T5831] usb 4-1: Product: syz [ 380.125081][ T5831] usb 4-1: Manufacturer: syz [ 380.130035][ T5828] usb 2-1: USB disconnect, device number 56 [ 380.152169][ T5831] usb 4-1: SerialNumber: syz [ 380.174086][ T5831] usb 4-1: config 0 descriptor?? [ 380.197320][ T5831] keyspan 4-1:0.107: Keyspan 4 port adapter converter detected [ 380.221573][ T5831] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 81 [ 380.229480][ T5831] keyspan 4-1:0.107: unsupported endpoint type 0 [ 380.246913][ T5831] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 1 [ 380.269122][ T5831] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 380.269714][T18996] hsr_slave_0: entered promiscuous mode [ 380.297732][ T5831] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 2 [ 380.312293][T18996] hsr_slave_1: entered promiscuous mode [ 380.322815][ T5831] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 380.342231][ T5831] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 4 [ 380.358122][ T5831] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 380.406432][ T5831] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 6 [ 380.444182][ T5831] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 380.482466][ T5831] usb 4-1: USB disconnect, device number 49 [ 380.496868][ T3735] cm6533_jd 0003:0D8C:0022.0039: unknown main item tag 0x0 [ 380.506663][ T5831] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 380.510689][ T3735] cm6533_jd 0003:0D8C:0022.0039: item fetching failed at offset 4/5 [ 380.539240][ T3512] hsr_slave_0: left promiscuous mode [ 380.552975][ T3735] cm6533_jd 0003:0D8C:0022.0039: parse failed [ 380.559612][ T5831] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 380.590691][ T5831] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 380.590952][ T3735] cm6533_jd 0003:0D8C:0022.0039: probe with driver cm6533_jd failed with error -22 [ 380.611639][ T3512] hsr_slave_1: left promiscuous mode [ 380.622036][ T5831] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 380.651003][ T5831] keyspan 4-1:0.107: device disconnected [ 380.657104][ T3512] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 380.676797][ T3512] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 380.696552][ T3512] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 380.716029][ T3512] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 380.771600][ T5828] usb 3-1: USB disconnect, device number 45 [ 380.801287][ T5846] Bluetooth: hci1: command tx timeout [ 380.813748][ T3512] veth1_macvtap: left promiscuous mode [ 380.819316][ T3512] veth0_macvtap: left promiscuous mode [ 380.841309][ T3512] veth1_vlan: left promiscuous mode [ 380.846640][ T3512] veth0_vlan: left promiscuous mode [ 382.052326][T19501] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 382.637551][ T3512] team0 (unregistering): Port device team_slave_1 removed [ 382.737945][ T3512] team0 (unregistering): Port device team_slave_0 removed [ 382.885292][ T5846] Bluetooth: hci1: command tx timeout [ 383.035605][T19522] sctp: [Deprecated]: syz.5.5200 (pid 19522) Use of int in max_burst socket option deprecated. [ 383.035605][T19522] Use struct sctp_assoc_value instead [ 383.901882][T19585] netlink: 412 bytes leftover after parsing attributes in process `syz.3.5207'. [ 384.040932][T19594] hsr0: entered promiscuous mode [ 384.054063][T19594] hsr_slave_0: left promiscuous mode [ 384.060191][T19594] hsr_slave_1: left promiscuous mode [ 384.070519][ T46] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 384.104343][T19594] hsr0 (unregistering): left promiscuous mode [ 384.230657][ T46] usb 2-1: Using ep0 maxpacket: 16 [ 384.237523][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 384.248842][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 384.280157][ T46] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 384.320273][ T46] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 384.340482][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.361369][ T46] usb 2-1: config 0 descriptor?? [ 384.424304][T18996] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 384.441404][T18996] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 384.469085][T18996] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 384.525223][T18996] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 384.566298][T19577] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 384.572862][T19577] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 384.586470][T19577] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 384.708598][T19634] netlink: 172 bytes leftover after parsing attributes in process `syz.3.5213'. [ 384.763923][T18996] 8021q: adding VLAN 0 to HW filter on device bond0 [ 384.816478][T18996] 8021q: adding VLAN 0 to HW filter on device team0 [ 384.838858][ T3512] bridge0: port 1(bridge_slave_0) entered blocking state [ 384.846028][ T3512] bridge0: port 1(bridge_slave_0) entered forwarding state [ 384.865906][ T46] microsoft 0003:045E:07DA.003A: unbalanced delimiter at end of report description [ 384.877764][ T3512] bridge0: port 2(bridge_slave_1) entered blocking state [ 384.884949][ T3512] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.893430][ T46] microsoft 0003:045E:07DA.003A: parse failed [ 384.899594][ T46] microsoft 0003:045E:07DA.003A: probe with driver microsoft failed with error -22 [ 385.014262][T19647] netlink: 'syz.2.5216': attribute type 1 has an invalid length. [ 385.024056][T19647] openvswitch: netlink: Actions may not be safe on all matching packets [ 385.097629][ T8] usb 2-1: USB disconnect, device number 57 [ 385.331747][ T5976] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 385.347612][T18996] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 385.405977][T18996] veth0_vlan: entered promiscuous mode [ 385.419060][T18996] veth1_vlan: entered promiscuous mode [ 385.455524][T18996] veth0_macvtap: entered promiscuous mode [ 385.469957][T18996] veth1_macvtap: entered promiscuous mode [ 385.482375][ T5976] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 385.493221][ T5976] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 385.510476][ T5976] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 385.514262][T18996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.519631][ T5976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 385.532781][T18996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.549040][T18996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.554995][ T5976] usb 4-1: SerialNumber: syz [ 385.560214][T18996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.576324][T18996] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 385.597997][T18996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.622299][T18996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.644779][T18996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 385.672423][T18996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.692409][T18996] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 385.709492][T18996] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.718851][T18996] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.729223][T18996] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.738852][T18996] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.803343][ T5976] usb 4-1: 0:2 : does not exist [ 385.849272][ T5976] usb 4-1: USB disconnect, device number 50 [ 385.905636][ T3557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.922074][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 385.941662][ T3557] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.022128][T18395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.040110][T18395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.270705][T19710] overlayfs: upper fs does not support tmpfile. [ 386.923945][T19748] syzkaller1: entered promiscuous mode [ 386.938302][T19748] syzkaller1: entered allmulticast mode [ 387.036137][T19757] syzkaller1: entered promiscuous mode [ 387.043860][T19757] syzkaller1: entered allmulticast mode [ 387.479570][T18395] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.071482][T19807] sctp: [Deprecated]: syz.5.5259 (pid 19807) Use of struct sctp_assoc_value in delayed_ack socket option. [ 388.071482][T19807] Use struct sctp_sack_info instead [ 388.146621][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 388.177428][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 388.187864][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 388.199359][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 388.208101][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 388.220687][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 388.504017][T19808] chnl_net:caif_netlink_parms(): no params data found [ 388.862783][T19808] bridge0: port 1(bridge_slave_0) entered blocking state [ 388.903845][T19808] bridge0: port 1(bridge_slave_0) entered disabled state [ 388.914028][T19808] bridge_slave_0: entered allmulticast mode [ 388.934792][T19808] bridge_slave_0: entered promiscuous mode [ 388.962505][T19808] bridge0: port 2(bridge_slave_1) entered blocking state [ 388.969677][T19808] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.001200][T19808] bridge_slave_1: entered allmulticast mode [ 389.014022][T19808] bridge_slave_1: entered promiscuous mode [ 389.245014][T18395] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.311225][T19808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 389.326942][T19808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 389.409456][T20013] bond0: entered promiscuous mode [ 389.420717][T20013] bond_slave_0: entered promiscuous mode [ 389.433326][T20013] bond_slave_1: entered promiscuous mode [ 389.446191][T20013] batadv0: entered promiscuous mode [ 389.504083][T18395] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.562245][T19808] team0: Port device team_slave_0 added [ 389.604485][T19808] team0: Port device team_slave_1 added [ 389.661011][T18395] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.783979][T19808] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 389.818555][T19808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 389.844503][ C0] vkms_vblank_simulate: vblank timer overrun [ 389.957081][T19808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 390.047072][T19808] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 390.054743][T19808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 390.091891][T19808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 390.318379][T19808] hsr_slave_0: entered promiscuous mode [ 390.326034][ T5849] Bluetooth: hci1: command tx timeout [ 390.359539][T19808] hsr_slave_1: entered promiscuous mode [ 390.379764][T19808] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 390.420062][T19808] Cannot create hsr debugfs directory [ 390.457496][T18395] bridge_slave_1: left allmulticast mode [ 390.482682][T18395] bridge_slave_1: left promiscuous mode [ 390.500716][T18395] bridge0: port 2(bridge_slave_1) entered disabled state [ 390.551366][T18395] bridge_slave_0: left allmulticast mode [ 390.583375][T18395] bridge_slave_0: left promiscuous mode [ 390.601322][T18395] bridge0: port 1(bridge_slave_0) entered disabled state [ 391.560896][ T3735] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 391.704538][T18395] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 391.731022][ T3735] usb 6-1: Using ep0 maxpacket: 8 [ 391.732019][T18395] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 391.753797][ T3735] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 391.774267][ T3735] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.785132][T18395] bond0 (unregistering): Released all slaves [ 391.788699][ T3735] usb 6-1: Product: syz [ 391.797605][ T3735] usb 6-1: Manufacturer: syz [ 391.803607][ T3735] usb 6-1: SerialNumber: syz [ 391.821794][ T3735] usb 6-1: config 0 descriptor?? [ 391.889140][T20161] netlink: 'syz.1.5283': attribute type 10 has an invalid length. [ 391.921746][T20161] bond0: (slave bond_slave_0): Releasing backup interface [ 391.959229][T20161] bond_slave_0: left promiscuous mode [ 392.064909][ T3735] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 392.103026][T20214] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 392.113781][T20214] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 392.189042][T20212] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 392.402697][ T5849] Bluetooth: hci1: command tx timeout [ 392.426674][T18395] hsr_slave_0: left promiscuous mode [ 392.506205][T18395] hsr_slave_1: left promiscuous mode [ 392.526296][T18395] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 392.534193][T18395] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 392.552416][T18395] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 392.569538][T18395] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 392.637219][T18395] veth1_macvtap: left promiscuous mode [ 392.680644][T18395] veth0_macvtap: left promiscuous mode [ 392.686352][T18395] veth1_vlan: left promiscuous mode [ 392.701265][T18395] veth0_vlan: left promiscuous mode [ 392.901421][ T3735] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 392.922321][ T3735] usb 6-1: USB disconnect, device number 21 [ 393.382170][T18395] team0 (unregistering): Port device team_slave_1 removed [ 393.439936][T18395] team0 (unregistering): Port device team_slave_0 removed [ 394.277930][T20268] team0: Port device macvlan1 added [ 394.294227][T20271] team0: entered promiscuous mode [ 394.299342][T20271] team_slave_0: entered promiscuous mode [ 394.309849][T20271] team_slave_1: entered promiscuous mode [ 394.327552][T20271] macvlan1: entered promiscuous mode [ 394.337677][T20271] team0: left promiscuous mode [ 394.349857][T20271] team_slave_0: left promiscuous mode [ 394.357310][T20271] team_slave_1: left promiscuous mode [ 394.364882][T20271] macvlan1: left promiscuous mode [ 394.480721][ T5849] Bluetooth: hci1: command tx timeout [ 395.000642][ T3735] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 395.099794][T20354] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5327'. [ 395.143572][T19808] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 395.155361][ T3735] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 395.156843][T19808] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 395.182349][ T3735] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 395.203488][ T3735] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 395.203970][T19808] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 395.224885][ T3735] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 395.239983][ T3735] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 395.249619][T19808] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 395.259264][ T3735] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 395.267878][ T3735] usb 6-1: Manufacturer: syz [ 395.277162][ T3735] usb 6-1: config 0 descriptor?? [ 395.388386][T19808] 8021q: adding VLAN 0 to HW filter on device bond0 [ 395.423018][T19808] 8021q: adding VLAN 0 to HW filter on device team0 [ 395.435719][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 395.442938][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 395.468705][T18392] bridge0: port 2(bridge_slave_1) entered blocking state [ 395.475959][T18392] bridge0: port 2(bridge_slave_1) entered forwarding state [ 395.567897][T20373] pim6reg1: entered promiscuous mode [ 395.582229][T20373] pim6reg1: entered allmulticast mode [ 395.693145][ T3735] appleir 0003:05AC:8243.003B: unknown main item tag 0x0 [ 395.716954][ T3735] appleir 0003:05AC:8243.003B: No inputs registered, leaving [ 395.742674][ T3735] appleir 0003:05AC:8243.003B: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 395.770381][T19808] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 395.816640][T19808] veth0_vlan: entered promiscuous mode [ 395.835567][T19808] veth1_vlan: entered promiscuous mode [ 395.902158][T19808] veth0_macvtap: entered promiscuous mode [ 395.912449][T19808] veth1_macvtap: entered promiscuous mode [ 395.936395][T19808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 395.954069][T19808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 395.964240][T19808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 395.974914][T19808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 395.986926][T19808] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 395.997809][T19808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 396.009385][T19808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.023186][ T5831] usb 6-1: USB disconnect, device number 22 [ 396.046023][T19808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 396.071276][T19808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.086110][T19808] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 396.114899][T19808] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.131758][T19808] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.142634][T19808] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.151806][T19808] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.292731][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 396.313716][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 396.374726][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 396.383986][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 396.561225][ T5849] Bluetooth: hci1: command tx timeout [ 397.380968][ T25] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 397.629976][ T25] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 397.644061][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.679080][ T25] usb 4-1: config 0 descriptor?? [ 397.688276][ T25] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 398.015984][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.502231][ T25] usb 4-1: USB disconnect, device number 51 [ 398.639790][ T8] kernel write not supported for file /snd/seq (pid: 8 comm: kworker/0:0) [ 398.829816][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 398.838954][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 398.860640][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 398.892978][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 398.904657][ T5846] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 398.912954][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 399.318715][T20515] chnl_net:caif_netlink_parms(): no params data found [ 399.350066][T20654] sctp: [Deprecated]: syz.5.5359 (pid 20654) Use of int in max_burst socket option. [ 399.350066][T20654] Use struct sctp_assoc_value instead [ 399.531557][T20709] syzkaller1: entered promiscuous mode [ 399.537347][T20709] syzkaller1: entered allmulticast mode [ 399.555670][T20515] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.563297][T20515] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.572388][T20515] bridge_slave_0: entered allmulticast mode [ 399.580334][T20515] bridge_slave_0: entered promiscuous mode [ 399.658988][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.688490][T20515] bridge0: port 2(bridge_slave_1) entered blocking state [ 399.697652][T20515] bridge0: port 2(bridge_slave_1) entered disabled state [ 399.706116][T20515] bridge_slave_1: entered allmulticast mode [ 399.716481][T20515] bridge_slave_1: entered promiscuous mode [ 399.775492][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.903224][T20515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 399.994534][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.026410][T20515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 400.134946][T20515] team0: Port device team_slave_0 added [ 400.171624][T20515] team0: Port device team_slave_1 added [ 400.292846][T20515] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 400.312136][T20515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.349136][T20515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 400.467183][T20515] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 400.494837][T20515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.568699][T20515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 400.766551][ T35] bridge_slave_1: left allmulticast mode [ 400.780346][ T35] bridge_slave_1: left promiscuous mode [ 400.789694][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.799525][ T35] bridge_slave_0: left allmulticast mode [ 400.806808][ T35] bridge_slave_0: left promiscuous mode [ 400.813157][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.958784][T20865] netlink: 'syz.2.5376': attribute type 11 has an invalid length. [ 400.970331][ T5834] Bluetooth: hci1: command tx timeout [ 400.978267][T20865] netlink: 134660 bytes leftover after parsing attributes in process `syz.2.5376'. [ 401.008648][T20865] openvswitch: netlink: Message has 8 unknown bytes. [ 401.020672][ T25] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 401.114644][T20871] atomic_op ffff88806c3d2198 conn xmit_atomic 0000000000000000 [ 401.180542][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 401.188017][ T25] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 401.197537][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 401.225747][ T25] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 401.249357][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 401.271806][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 401.300300][ T25] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 401.309340][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 401.329336][ T25] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 401.352764][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 401.368444][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 401.414725][ T25] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 401.425334][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 401.449908][ T25] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 401.465846][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 401.511013][ T25] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 401.566455][ T25] usb 4-1: string descriptor 0 read error: -22 [ 401.575612][ T25] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 401.592003][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.644961][ T25] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 401.736582][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 401.753837][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 401.769973][ T35] bond0 (unregistering): Released all slaves [ 401.799122][T20515] hsr_slave_0: entered promiscuous mode [ 401.812576][T20515] hsr_slave_1: entered promiscuous mode [ 401.907993][ T5881] usb 4-1: USB disconnect, device number 52 [ 402.293083][ T46] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 402.346304][ T35] hsr_slave_0: left promiscuous mode [ 402.352793][ T35] hsr_slave_1: left promiscuous mode [ 402.359213][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 402.367289][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 402.386023][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 402.393986][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 402.418569][ T35] veth1_macvtap: left promiscuous mode [ 402.424845][ T35] veth0_macvtap: left promiscuous mode [ 402.430761][ T8] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 402.438722][ T35] veth1_vlan: left promiscuous mode [ 402.444780][ T35] veth0_vlan: left promiscuous mode [ 402.460747][ T46] usb 6-1: Using ep0 maxpacket: 32 [ 402.481842][ T46] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 402.495319][ T46] usb 6-1: config 0 has no interface number 0 [ 402.502603][ T46] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 402.513910][ T46] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 402.525038][ T46] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 402.539141][ T46] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.550314][ T46] usb 6-1: config 0 descriptor?? [ 402.592645][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 402.609402][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 402.625347][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 402.649408][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 402.675497][ T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 402.685979][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 402.706336][ T8] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 402.737585][ T8] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 402.746497][ T8] usb 2-1: Manufacturer: syz [ 402.773367][ T8] usb 2-1: config 0 descriptor?? [ 402.993012][ T46] ft260 0003:0403:6030.003C: unknown main item tag 0x0 [ 403.040758][ T5834] Bluetooth: hci1: command tx timeout [ 403.096026][ T8] rc_core: IR keymap rc-hauppauge not found [ 403.102741][ T8] Registered IR keymap rc-empty [ 403.107846][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.122325][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.160137][ T8] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 403.177430][ T8] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input79 [ 403.207088][ T46] ft260 0003:0403:6030.003C: chip code: 6424 8183 [ 403.218513][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.261329][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.294511][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.323272][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.369645][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.408120][ T46] ft260 0003:0403:6030.003C: uart interface is not supported [ 403.409668][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.457378][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.472936][ T35] team0 (unregistering): Port device team_slave_1 removed [ 403.483245][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.526880][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.552087][ T35] team0 (unregistering): Port device team_slave_0 removed [ 403.560675][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.589567][ T8] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 403.621205][ T8] mceusb 2-1:0.0: Registered with mce emulator interface version 1 [ 403.629263][ T8] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 403.639567][ T46] usb 6-1: USB disconnect, device number 23 [ 403.660039][ T8] usb 2-1: USB disconnect, device number 58 [ 404.624141][T21083] input: syz0 as /devices/virtual/input/input80 [ 404.817529][T20515] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 404.885664][T20515] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 404.935639][T20515] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 404.952604][T20515] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 404.968740][T21120] kvm: kvm [21119]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x40000007) [ 405.050746][ T8] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 405.139692][ T5834] Bluetooth: hci1: command tx timeout [ 405.170811][T20515] 8021q: adding VLAN 0 to HW filter on device bond0 [ 405.188515][T20515] 8021q: adding VLAN 0 to HW filter on device team0 [ 405.220319][T21134] ebt_among: src integrity fail: 300 [ 405.240009][ T8] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 405.255699][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.284293][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 405.291499][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 405.307390][ T8] usb 6-1: config 0 descriptor?? [ 405.321170][ T8] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 405.372782][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state [ 405.379907][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 405.509256][T20515] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 405.527285][ T8] gp8psk: usb in 128 operation failed. [ 405.533804][T20515] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 405.540310][ T8] gp8psk: usb in 137 operation failed. [ 405.573609][ T8] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 405.598980][ T8] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 405.637256][ T8] usb 6-1: media controller created [ 405.687456][ T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 405.730812][ T8] gp8psk_fe: Frontend attached [ 405.735675][ T8] usb 6-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 405.768072][ T8] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 405.892591][ T8] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 405.923182][ T8] gp8psk: found Genpix USB device pID = 203 (hex) [ 405.997327][T20515] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 406.084121][T20515] veth0_vlan: entered promiscuous mode [ 406.121371][T20515] veth1_vlan: entered promiscuous mode [ 406.176684][ T8] usb 6-1: USB disconnect, device number 24 [ 406.231715][T20515] veth0_macvtap: entered promiscuous mode [ 406.263293][T20515] veth1_macvtap: entered promiscuous mode [ 406.304866][T20515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 406.316465][ T8] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 406.330243][T20515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.341357][T20515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 406.353827][T20515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.391798][T20515] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 406.411471][T20515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 406.443235][T20515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.455663][T20515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 406.467035][T20515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.479086][T20515] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 406.504881][T20515] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.531982][T20515] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.541096][T20515] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.549817][T20515] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.681287][ T5976] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 406.709070][T18392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 406.720494][T18392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 406.759779][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 406.787994][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 406.860961][ T5976] usb 3-1: Using ep0 maxpacket: 16 [ 406.875784][ T5976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 406.917170][ T5976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 406.937152][ T5976] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 406.966429][ T5976] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 406.985641][ T5976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.022664][ T5976] usb 3-1: config 0 descriptor?? [ 407.080724][ T5889] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 407.243217][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 407.259992][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 407.288385][ T5889] usb 6-1: New USB device found, idVendor=056a, idProduct=0101, bcdDevice= 0.00 [ 407.304237][ T5889] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.329292][ T5889] usb 6-1: config 0 descriptor?? [ 407.442345][ T5976] microsoft 0003:045E:07DA.003D: nested delimiters [ 407.448912][ T5976] microsoft 0003:045E:07DA.003D: item 0 4 2 10 parsing failed [ 407.458817][ T5976] microsoft 0003:045E:07DA.003D: parse failed [ 407.465696][ T5976] microsoft 0003:045E:07DA.003D: probe with driver microsoft failed with error -22 [ 407.687143][ T25] usb 3-1: USB disconnect, device number 46 [ 407.764545][ T5889] wacom 0003:056A:0101.003E: unknown main item tag 0x0 [ 407.773114][ T5889] wacom 0003:056A:0101.003E: hidraw0: USB HID v0.00 Device [HID 056a:0101] on usb-dummy_hcd.5-1/input0 [ 407.942657][ T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.027356][ T5889] usb 6-1: USB disconnect, device number 25 [ 408.271046][ T8] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 408.430954][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 408.439491][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 408.450767][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 408.461268][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 408.474279][ T8] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 408.483521][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.494693][ T8] usb 4-1: config 0 descriptor?? [ 408.623377][ T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.930664][ T5889] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 408.968362][ T8] hid-picolcd 0003:04D8:C002.003F: unknown main item tag 0xe [ 409.005216][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 409.017277][ T25] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 409.038705][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 409.039960][ T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.052987][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 409.061366][ T8] hid-picolcd 0003:04D8:C002.003F: No report with id 0x11 found [ 409.072032][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 409.089662][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 409.098853][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 409.106365][ T5889] usb 6-1: Using ep0 maxpacket: 32 [ 409.128358][ T5889] usb 6-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 409.137623][ T5889] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.147884][ T5889] usb 6-1: config 0 descriptor?? [ 409.156376][ T5889] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 409.184903][ T25] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 409.194885][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 409.203174][ T25] usb 3-1: Product: syz [ 409.204069][ T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.207601][ T25] usb 3-1: Manufacturer: syz [ 409.222796][ T25] usb 3-1: SerialNumber: syz [ 409.232039][ T25] usb 3-1: config 0 descriptor?? [ 409.258986][ T8] usb 4-1: USB disconnect, device number 53 [ 409.468595][ T52] bridge_slave_1: left allmulticast mode [ 409.475102][ T52] bridge_slave_1: left promiscuous mode [ 409.486493][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.506308][ T52] bridge_slave_0: left allmulticast mode [ 409.520658][ T52] bridge_slave_0: left promiscuous mode [ 409.528087][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.655755][ T25] usb 3-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (1) [ 409.667813][ T25] usb 3-1: Firmware version (0.0) predates our first public release. [ 409.690718][ T25] usb 3-1: Please update to version 0.2 or newer [ 409.975638][ T5889] gspca_nw80x: reg_r err -71 [ 409.982568][ T5889] nw80x 6-1:0.0: probe with driver nw80x failed with error -71 [ 409.993124][ T5889] usb 6-1: USB disconnect, device number 26 [ 410.102068][T21428] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 410.185627][T21431] netlink: 'syz.3.5457': attribute type 1 has an invalid length. [ 410.208894][T21431] netlink: 9116 bytes leftover after parsing attributes in process `syz.3.5457'. [ 410.234133][T21431] netlink: 205 bytes leftover after parsing attributes in process `syz.3.5457'. [ 410.435504][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 410.454898][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 410.485089][ T52] bond0 (unregistering): Released all slaves [ 410.597039][T21440] vlan2: entered allmulticast mode [ 410.622206][T21440] macvtap0: entered allmulticast mode [ 410.633984][ T25] usb 3-1: USB disconnect, device number 47 [ 410.644303][T21440] veth0_macvtap: entered allmulticast mode [ 410.651317][T21440] bridge0: port 1(vlan2) entered blocking state [ 410.657659][T21440] bridge0: port 1(vlan2) entered disabled state [ 410.665354][T21440] vlan2: entered promiscuous mode [ 410.670573][T21440] macvtap0: entered promiscuous mode [ 410.854049][T21312] chnl_net:caif_netlink_parms(): no params data found [ 410.967976][T21529] netlink: 5300 bytes leftover after parsing attributes in process `syz.5.5468'. [ 410.979448][T21499] netlink: 'syz.3.5466': attribute type 10 has an invalid length. [ 410.998906][T21529] openvswitch: netlink: IP tunnel dst address not specified [ 411.037344][T21499] team0: Port device netdevsim0 added [ 411.234705][ T5849] Bluetooth: hci1: command tx timeout [ 411.417415][ T52] hsr_slave_0: left promiscuous mode [ 411.434262][ T52] hsr_slave_1: left promiscuous mode [ 411.448630][T21572] netlink: 'syz.5.5473': attribute type 11 has an invalid length. [ 411.468021][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 411.476906][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 411.495215][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 411.505921][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 411.515957][ T29] audit: type=1326 audit(1729833482.456:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21582 comm="syz.2.5478" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b3337e719 code=0x0 [ 411.563196][ T52] veth1_macvtap: left promiscuous mode [ 411.570275][ T52] veth0_macvtap: left promiscuous mode [ 411.576653][ T52] veth1_vlan: left promiscuous mode [ 411.582289][ T52] veth0_vlan: left promiscuous mode [ 412.198182][ T52] team0 (unregistering): Port device team_slave_1 removed [ 412.256959][ T52] team0 (unregistering): Port device team_slave_0 removed [ 413.090758][T21312] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.109384][T21312] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.124902][T21312] bridge_slave_0: entered allmulticast mode [ 413.143155][T21312] bridge_slave_0: entered promiscuous mode [ 413.280687][ T5849] Bluetooth: hci1: command tx timeout [ 413.341856][T21635] netlink: 'syz.2.5493': attribute type 9 has an invalid length. [ 413.384277][T21635] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.5493'. [ 413.403110][T21312] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.413293][T21312] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.435019][T21312] bridge_slave_1: entered allmulticast mode [ 413.448422][T21312] bridge_slave_1: entered promiscuous mode [ 413.455259][T21637] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5494'. [ 413.515827][T21638] netlink: 'syz.2.5493': attribute type 9 has an invalid length. [ 413.576805][T21638] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.5493'. [ 413.731680][T21312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.777663][T21312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 413.799150][ T8] kernel write not supported for file /uinput (pid: 8 comm: kworker/0:0) [ 413.960139][T21312] team0: Port device team_slave_0 added [ 414.024153][T21312] team0: Port device team_slave_1 added [ 414.159209][T21312] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 414.191242][T21312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.230529][T21312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 414.250566][ T25] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 414.255540][T21312] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 414.265548][T21312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.296918][T21312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 414.441283][ T25] usb 3-1: Using ep0 maxpacket: 32 [ 414.463204][ T25] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 414.486969][T21312] hsr_slave_0: entered promiscuous mode [ 414.488443][ T25] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 414.521872][T21312] hsr_slave_1: entered promiscuous mode [ 414.555517][ T25] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 414.571172][ T25] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 414.579561][ T25] usb 3-1: Product: syz [ 414.609777][ T25] usb 3-1: Manufacturer: syz [ 414.626533][ T25] hub 3-1:4.0: USB hub found [ 414.820994][T21880] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:6401:0100 with DS=0xe7 [ 414.840582][ T8] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 414.841131][ T25] hub 3-1:4.0: 2 ports detected [ 414.994942][ T8] usb 6-1: Using ep0 maxpacket: 16 [ 415.059578][ T8] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 415.090012][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.123949][ T8] usb 6-1: Product: syz [ 415.130997][ T8] usb 6-1: Manufacturer: syz [ 415.146034][ T8] usb 6-1: SerialNumber: syz [ 415.182155][ T8] usb 6-1: config 0 descriptor?? [ 415.189252][ T8] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 415.200781][ T8] usb 6-1: Detected FT-X [ 415.376382][ T5849] Bluetooth: hci1: command tx timeout [ 415.404272][T21312] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 415.411985][ T8] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 415.426802][T21312] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 415.454096][T21312] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 415.467623][T21312] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 415.480988][ T5976] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 415.643010][ T5976] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 415.645469][T21312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 415.651839][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 415.673995][ T5976] usb 2-1: config 0 has no interface number 0 [ 415.681134][ T5976] usb 2-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30 [ 415.702622][T21922] netlink: 'syz.3.5512': attribute type 4 has an invalid length. [ 415.711446][ T5976] usb 2-1: config 0 interface 117 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 239 [ 415.735726][ T5976] usb 2-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46 [ 415.736628][T21312] 8021q: adding VLAN 0 to HW filter on device team0 [ 415.751054][ T5976] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.760033][ T5976] usb 2-1: Product: syz [ 415.764855][ T5976] usb 2-1: Manufacturer: syz [ 415.769567][ T5976] usb 2-1: SerialNumber: syz [ 415.780248][ T5976] usb 2-1: config 0 descriptor?? [ 415.792136][ T5976] HFC-S_USB 2-1:0.117: probe with driver HFC-S_USB failed with error -5 [ 415.825954][ T8] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 415.858083][T18395] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.865298][T18395] bridge0: port 1(bridge_slave_0) entered forwarding state [ 415.886729][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.893922][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 415.935335][ T25] hub 3-1:4.0: hub_hub_status failed (err = -32) [ 415.971931][ T25] hub 3-1:4.0: config failed, can't get hub status (err -32) [ 415.975699][T21312] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 416.022798][ T25] usb 3-1: USB disconnect, device number 48 [ 416.042079][ T5889] usb 6-1: USB disconnect, device number 27 [ 416.057066][ T5889] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 416.067532][ T5889] ftdi_sio 6-1:0.0: device disconnected [ 416.245372][ T25] usb 2-1: USB disconnect, device number 59 [ 416.277610][T21312] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 416.318711][T21312] veth0_vlan: entered promiscuous mode [ 416.331842][T21312] veth1_vlan: entered promiscuous mode [ 416.355444][T21312] veth0_macvtap: entered promiscuous mode [ 416.366328][T21312] veth1_macvtap: entered promiscuous mode [ 416.382422][T21312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.394222][T21312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.404852][T21312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.416301][T21312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.427441][T21312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 416.440092][T21312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.451410][T21312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.461486][T21312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.472161][T21312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.483373][T21312] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 416.495880][T21312] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.504824][T21312] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.513685][T21312] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.522609][T21312] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.582406][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.597143][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.636805][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.647462][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.724233][T22031] input: syz0 as /devices/virtual/input/input84 [ 418.019264][T22115] tap0: tun_chr_ioctl cmd 1074025675 [ 418.050722][T22115] tap0: persist enabled [ 418.056314][T22115] tap0: tun_chr_ioctl cmd 1074025675 [ 418.088374][T22115] tap0: persist disabled [ 418.398025][ T3512] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.381798][ T5834] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 419.456657][ T5834] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 419.468272][ T5834] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 419.476277][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 419.484419][ T5834] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 419.494073][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 419.682326][T22195] netlink: 'syz.5.5567': attribute type 10 has an invalid length. [ 419.705269][T22195] syz_tun: entered promiscuous mode [ 419.826532][T22195] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 419.914179][ T3512] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.969351][T22153] chnl_net:caif_netlink_parms(): no params data found [ 420.047157][ T3512] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.331218][ T3512] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.444787][T22153] bridge0: port 1(bridge_slave_0) entered blocking state [ 420.460720][T22153] bridge0: port 1(bridge_slave_0) entered disabled state [ 420.468249][T22153] bridge_slave_0: entered allmulticast mode [ 420.483674][T22153] bridge_slave_0: entered promiscuous mode [ 420.518230][T22153] bridge0: port 2(bridge_slave_1) entered blocking state [ 420.547568][T22153] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.562523][T22153] bridge_slave_1: entered allmulticast mode [ 420.582976][T22153] bridge_slave_1: entered promiscuous mode [ 420.678020][T22153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 420.778790][T22153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 420.841321][ T3512] bridge_slave_1: left allmulticast mode [ 420.847015][ T3512] bridge_slave_1: left promiscuous mode [ 420.860711][ T3512] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.875834][ T3512] bridge_slave_0: left allmulticast mode [ 420.881992][ T3512] bridge_slave_0: left promiscuous mode [ 420.887727][ T3512] bridge0: port 1(bridge_slave_0) entered disabled state [ 421.153133][T22444] random: crng reseeded on system resumption [ 421.603578][ T5849] Bluetooth: hci1: command tx timeout [ 421.913807][ T3512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 421.934776][ T3512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 421.947292][ T3512] bond0 (unregistering): Released all slaves [ 421.966374][T22153] team0: Port device team_slave_0 added [ 422.034098][T22472] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5597'. [ 422.076378][T22472] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5597'. [ 422.136216][T22153] team0: Port device team_slave_1 added [ 422.171198][ T8] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 422.284355][T22153] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.309292][T22153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.341258][T22153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.353711][T22485] syzkaller1: entered promiscuous mode [ 422.359216][T22485] syzkaller1: entered allmulticast mode [ 422.400943][ T5889] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 422.410059][ T8] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 422.422984][ T8] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 422.440866][ T8] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 422.454021][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 422.464440][T22153] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.471595][T22153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.512086][T22465] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 422.523883][ T8] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 422.532880][T22153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.553736][ T5889] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 422.578252][ T5889] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 422.602913][ T5889] usb 4-1: New USB device found, idVendor=056a, idProduct=0101, bcdDevice= 0.00 [ 422.602934][ T5889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 422.625810][ T5889] usb 4-1: config 0 descriptor?? [ 422.666490][ T3512] hsr_slave_0: left promiscuous mode [ 422.676145][ T3512] hsr_slave_1: left promiscuous mode [ 422.697773][ T3512] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 422.710493][ T3512] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 422.730103][ T3512] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 422.750766][ T3512] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 422.816189][ T3512] veth1_macvtap: left promiscuous mode [ 422.825506][ T3735] usb 2-1: USB disconnect, device number 60 [ 422.833235][ T3512] veth0_macvtap: left promiscuous mode [ 422.847307][ T3512] veth1_vlan: left promiscuous mode [ 422.858210][ T3512] veth0_vlan: left promiscuous mode [ 423.049456][ T5889] wacom 0003:056A:0101.0040: unknown main item tag 0x0 [ 423.069917][ T5889] wacom 0003:056A:0101.0040: hidraw0: USB HID v0.00 Device [HID 056a:0101] on usb-dummy_hcd.3-1/input0 [ 423.265245][ T5889] usb 4-1: USB disconnect, device number 54 [ 423.639352][ T3512] team0 (unregistering): Port device team_slave_1 removed [ 423.696652][ T5849] Bluetooth: hci1: command tx timeout [ 423.770782][ T3512] team0 (unregistering): Port device team_slave_0 removed [ 528.920434][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 528.927496][ C0] rcu: 1-...!: (1 GPs behind) idle=b304/1/0x4000000000000000 softirq=69843/69844 fqs=0 [ 528.938869][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P11839/1:b..l [ 528.946898][ C0] rcu: (detected by 0, t=10506 jiffies, g=76885, q=158 ncpus=2) [ 528.954624][ C0] Sending NMI from CPU 0 to CPUs 1: [ 528.954669][ C1] NMI backtrace for cpu 1 [ 528.954683][ C1] CPU: 1 UID: 0 PID: 22598 Comm: syz.1.5615 Not tainted 6.12.0-rc4-syzkaller-00161-gae90f6a6170d #0 [ 528.954702][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 528.954713][ C1] RIP: 0010:__lock_acquire+0x473/0x2050 [ 528.954748][ C1] Code: 68 83 e7 03 c1 e7 10 09 cf 8b 4c 24 60 83 e1 01 c1 e1 12 c1 e0 14 31 d2 83 7c 24 40 00 0f 95 c2 c1 e2 13 41 c1 e6 15 41 09 d6 <41> 09 c6 41 09 ce 41 09 fe 48 8b 44 24 20 0f b6 04 30 84 c0 0f 85 [ 528.954761][ C1] RSP: 0018:ffffc90000a18950 EFLAGS: 00000006 [ 528.954775][ C1] RAX: 0000000000000000 RBX: 0000000000004001 RCX: 0000000000040000 [ 528.954786][ C1] RDX: 0000000000080000 RSI: dffffc0000000000 RDI: 0000000000004001 [ 528.954797][ C1] RBP: 0000000000000005 R08: 0000000000000001 R09: ffff8880650728e0 [ 528.954807][ C1] R10: dffffc0000000000 R11: fffffbfff2037ac6 R12: ffff888065071e00 [ 528.954819][ C1] R13: 0000000000000001 R14: 0000000000080000 R15: ffffffff9a5f0280 [ 528.954830][ C1] FS: 000055558383f500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 528.954843][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.954855][ C1] CR2: 0000001b3001eff8 CR3: 000000006fad6000 CR4: 00000000003526f0 [ 528.954869][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 528.954878][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 528.954888][ C1] Call Trace: [ 528.954895][ C1] [ 528.954909][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 528.954931][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 528.954951][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 528.954981][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 528.954999][ C1] ? nmi_handle+0x14f/0x5a0 [ 528.955015][ C1] ? nmi_handle+0x2a/0x5a0 [ 528.955030][ C1] ? __lock_acquire+0x473/0x2050 [ 528.955048][ C1] ? default_do_nmi+0x63/0x160 [ 528.955068][ C1] ? exc_nmi+0x123/0x1f0 [ 528.955085][ C1] ? end_repeat_nmi+0xf/0x53 [ 528.955105][ C1] ? __lock_acquire+0x473/0x2050 [ 528.955124][ C1] ? __lock_acquire+0x473/0x2050 [ 528.955144][ C1] ? __lock_acquire+0x473/0x2050 [ 528.955163][ C1] [ 528.955168][ C1] [ 528.955179][ C1] lock_acquire+0x1ed/0x550 [ 528.955198][ C1] ? debug_object_deactivate+0x158/0x390 [ 528.955216][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 528.955238][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 528.955257][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 528.955279][ C1] _raw_spin_lock_irqsave+0xd5/0x120 [ 528.955298][ C1] ? debug_object_deactivate+0x158/0x390 [ 528.955312][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 528.955335][ C1] debug_object_deactivate+0x158/0x390 [ 528.955350][ C1] ? __pfx_debug_object_deactivate+0x10/0x10 [ 528.955366][ C1] ? timerqueue_add+0x260/0x290 [ 528.955383][ C1] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 528.955404][ C1] debug_deactivate+0x1b/0x220 [ 528.955420][ C1] __hrtimer_run_queues+0x305/0xd50 [ 528.955435][ C1] ? ktime_get_update_offsets_now+0x3c/0x250 [ 528.955460][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 528.955475][ C1] ? ktime_get_update_offsets_now+0x22d/0x250 [ 528.955495][ C1] hrtimer_interrupt+0x396/0x990 [ 528.955518][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 528.955534][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 528.955551][ C1] [ 528.955557][ C1] [ 528.955563][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 528.955580][ C1] RIP: 0010:unwind_next_frame+0x315/0x22d0 [ 528.955595][ C1] Code: 64 48 01 d2 48 01 f2 0f 84 42 01 00 00 48 8d 5a 04 4c 8d 72 05 48 89 d8 48 c1 e8 03 48 bd 00 00 00 00 00 fc ff df 0f b6 04 28 <84> c0 0f 85 58 18 00 00 4c 89 f0 48 c1 e8 03 0f b6 04 28 84 c0 0f [ 528.955608][ C1] RSP: 0018:ffffc900046a77d0 EFLAGS: 00000a02 [ 528.955622][ C1] RAX: 0000000000000000 RBX: ffffffff90afa94a RCX: ffffffff9035c388 [ 528.955634][ C1] RDX: ffffffff90afa946 RSI: ffffffff90afa92e RDI: ffffffff814156e0 [ 528.955646][ C1] RBP: dffffc0000000000 R08: 0000000000000007 R09: ffffc900046a7990 [ 528.955657][ C1] R10: ffffc900046a78f0 R11: ffffffff81809070 R12: 0000000000000004 [ 528.955669][ C1] R13: ffffc900046a78a0 R14: ffffffff90afa94b R15: ffffffff8214502e [ 528.955681][ C1] ? dput+0x19e/0x2b0 [ 528.955696][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 528.955716][ C1] ? unwind_next_frame+0xb0/0x22d0 [ 528.955734][ C1] ? dput+0x19f/0x2b0 [ 528.955750][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 528.955767][ C1] arch_stack_walk+0x11c/0x150 [ 528.955786][ C1] ? dput+0x19f/0x2b0 [ 528.955801][ C1] stack_trace_save+0x118/0x1d0 [ 528.955819][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 528.955838][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 528.955859][ C1] kasan_save_track+0x3f/0x80 [ 528.955878][ C1] ? kasan_save_track+0x3f/0x80 [ 528.955895][ C1] ? kasan_save_free_info+0x40/0x50 [ 528.955911][ C1] ? __kasan_slab_free+0x59/0x70 [ 528.955929][ C1] ? kmem_cache_free+0x1a2/0x420 [ 528.955945][ C1] ? __dentry_kill+0x497/0x630 [ 528.955959][ C1] ? dput+0x19f/0x2b0 [ 528.955995][ C1] kasan_save_free_info+0x40/0x50 [ 528.956012][ C1] __kasan_slab_free+0x59/0x70 [ 528.956030][ C1] ? __dentry_kill+0x497/0x630 [ 528.956044][ C1] kmem_cache_free+0x1a2/0x420 [ 528.956060][ C1] ? __dentry_kill+0x497/0x630 [ 528.956076][ C1] __dentry_kill+0x497/0x630 [ 528.956092][ C1] ? dput+0x37/0x2b0 [ 528.956105][ C1] dput+0x19f/0x2b0 [ 528.956119][ C1] __fput+0x5d2/0x880 [ 528.956138][ C1] task_work_run+0x24f/0x310 [ 528.956157][ C1] ? __pfx_task_work_run+0x10/0x10 [ 528.956174][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 528.956191][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 528.956209][ C1] do_syscall_64+0x100/0x230 [ 528.956226][ C1] ? clear_bhb_loop+0x35/0x90 [ 528.956242][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.956257][ C1] RIP: 0033:0x7fb016f7e719 [ 528.956276][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.956289][ C1] RSP: 002b:00007ffe652e7808 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 528.956304][ C1] RAX: 0000000000000000 RBX: 0000000000067790 RCX: 00007fb016f7e719 [ 528.956316][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 528.956326][ C1] RBP: 00007fb017137a80 R08: 0000000000000001 R09: 00007ffe652e7aff [ 528.956337][ C1] R10: 00007fb016e00000 R11: 0000000000000246 R12: 00000000000677c6 [ 528.956349][ C1] R13: 00007ffe652e7910 R14: 0000000000000032 R15: ffffffffffffffff [ 528.956366][ C1] [ 528.956661][ C0] task:syz-executor state:R running task stack:20992 pid:11839 tgid:11839 ppid:11826 flags:0x00004000 [ 529.611426][ C0] Call Trace: [ 529.614716][ C0] [ 529.617664][ C0] __schedule+0x185a/0x4b70 [ 529.622218][ C0] ? __pfx___schedule+0x10/0x10 [ 529.627093][ C0] ? mark_lock+0x9a/0x360 [ 529.631439][ C0] ? copy_pmd_range+0x7b35/0x85f0 [ 529.636488][ C0] ? preempt_schedule+0xe1/0xf0 [ 529.641351][ C0] preempt_schedule_common+0x84/0xd0 [ 529.646649][ C0] preempt_schedule+0xe1/0xf0 [ 529.651337][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 529.656718][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 529.662631][ C0] ? __page_table_check_ptes_set+0x30f/0x410 [ 529.668636][ C0] ? copy_pmd_range+0x7b35/0x85f0 [ 529.673676][ C0] preempt_schedule_thunk+0x1a/0x30 [ 529.678894][ C0] _raw_spin_unlock+0x3e/0x50 [ 529.683596][ C0] copy_pmd_range+0x7b90/0x85f0 [ 529.688487][ C0] ? mas_destroy+0x197c/0x1fe0 [ 529.693272][ C0] ? __pfx_copy_pmd_range+0x10/0x10 [ 529.698488][ C0] ? look_up_lock_class+0x77/0x170 [ 529.703617][ C0] ? register_lock_class+0x102/0x980 [ 529.708935][ C0] ? __pfx_mas_destroy+0x10/0x10 [ 529.713895][ C0] ? mark_lock+0x9a/0x360 [ 529.718251][ C0] ? __lock_acquire+0x1384/0x2050 [ 529.723321][ C0] copy_page_range+0x99f/0xe90 [ 529.728117][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 529.733416][ C0] ? __pfx_up_write+0x10/0x10 [ 529.738106][ C0] ? __rb_insert_augmented+0x2a4/0x6b0 [ 529.743576][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 529.750352][ C0] ? vma_interval_tree_augment_rotate+0x1b4/0x1c0 [ 529.756780][ C0] copy_mm+0x11fb/0x1f40 [ 529.761072][ C0] ? __pfx_copy_mm+0x10/0x10 [ 529.765691][ C0] ? __init_rwsem+0x122/0x160 [ 529.770382][ C0] ? copy_signal+0x52a/0x650 [ 529.774990][ C0] copy_process+0x1845/0x3d50 [ 529.779701][ C0] ? copy_process+0x9fa/0x3d50 [ 529.784482][ C0] ? __lock_acquire+0x1384/0x2050 [ 529.789525][ C0] ? __pfx_copy_process+0x10/0x10 [ 529.794579][ C0] kernel_clone+0x223/0x880 [ 529.799104][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 529.804166][ C0] __x64_sys_clone+0x258/0x2a0 [ 529.808955][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 529.814258][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 529.820267][ C0] ? exc_page_fault+0x590/0x8c0 [ 529.825132][ C0] ? do_syscall_64+0xb6/0x230 [ 529.829825][ C0] do_syscall_64+0xf3/0x230 [ 529.834366][ C0] ? clear_bhb_loop+0x35/0x90 [ 529.839081][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.845000][ C0] RIP: 0033:0x7fe093374f93 [ 529.849432][ C0] RSP: 002b:00007ffd6ac858d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 529.858220][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe093374f93 [ 529.868746][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 529.877881][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 529.886755][ C0] R10: 0000555577d457d0 R11: 0000000000000246 R12: 0000000000000000 [ 529.894748][ C0] R13: 0000000000067620 R14: 00000000000670e9 R15: 00007ffd6ac85a60 [ 529.902838][ C0] [ 529.905885][ C0] rcu: rcu_preempt kthread starved for 10506 jiffies! g76885 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 529.917092][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 529.927066][ C0] rcu: RCU grace-period kthread stack dump: [ 529.932957][ C0] task:rcu_preempt state:R running task stack:25296 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 529.944725][ C0] Call Trace: [ 529.948014][ C0] [ 529.950961][ C0] __schedule+0x185a/0x4b70 [ 529.955512][ C0] ? __pfx___schedule+0x10/0x10 [ 529.960388][ C0] ? __pfx_lock_release+0x10/0x10 [ 529.965513][ C0] ? __asan_memset+0x23/0x50 [ 529.970123][ C0] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 529.975949][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 529.982309][ C0] ? schedule+0x90/0x320 [ 529.986573][ C0] schedule+0x14b/0x320 [ 529.990749][ C0] schedule_timeout+0x1be/0x310 [ 529.995617][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 530.001006][ C0] ? __pfx_process_timeout+0x10/0x10 [ 530.006314][ C0] ? prepare_to_swait_event+0x330/0x350 [ 530.011882][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 530.016757][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 530.021970][ C0] ? rcu_gp_init+0x1256/0x1630 [ 530.026753][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 530.031697][ C0] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 530.037603][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 530.042986][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 530.048912][ C0] ? finish_swait+0xd4/0x1e0 [ 530.053523][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 530.058127][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 530.063422][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 530.069338][ C0] ? __kthread_parkme+0x169/0x1d0 [ 530.074382][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 530.079589][ C0] kthread+0x2f0/0x390 [ 530.083669][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 530.088896][ C0] ? __pfx_kthread+0x10/0x10 [ 530.093503][ C0] ret_from_fork+0x4b/0x80 [ 530.097937][ C0] ? __pfx_kthread+0x10/0x10 [ 530.102535][ C0] ret_from_fork_asm+0x1a/0x30 [ 530.107329][ C0] [ 530.110358][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 530.116687][ C0] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.12.0-rc4-syzkaller-00161-gae90f6a6170d #0 [ 530.127455][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 530.137519][ C0] Workqueue: events_unbound toggle_allocation_gate [ 530.144050][ C0] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2ca0 [ 530.150847][ C0] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 56 f3 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 01 ef 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 e5 ee [ 530.170488][ C0] RSP: 0018:ffffc900001076e0 EFLAGS: 00000293 [ 530.176597][ C0] RAX: ffffffff8188e88b RBX: 1ffff110170e8911 RCX: ffff88801d2c3c00 [ 530.184591][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 530.192581][ C0] RBP: ffffc900001078e0 R08: ffffffff8188e85a R09: 1ffffffff2852d00 [ 530.200570][ C0] R10: dffffc0000000000 R11: fffffbfff2852d01 R12: dffffc0000000000 [ 530.208555][ C0] R13: ffff8880b8744888 R14: ffff8880b863fc40 R15: 0000000000000001 [ 530.216540][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 530.225565][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 530.232162][ C0] CR2: 00007fe0940656c0 CR3: 000000000e734000 CR4: 00000000003526f0 [ 530.240147][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 530.248135][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 530.256123][ C0] Call Trace: [ 530.259417][ C0] [ 530.262282][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 530.268720][ C0] ? print_other_cpu_stall+0x1475/0x15b0 [ 530.274363][ C0] ? notifier_call_chain+0x19f/0x3e0 [ 530.279677][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 530.285512][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 530.291776][ C0] ? rcu_sched_clock_irq+0xa1a/0x10d0 [ 530.297172][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 530.302820][ C0] ? hrtimer_run_queues+0x16c/0x460 [ 530.308038][ C0] ? acct_account_cputime+0x207/0x210 [ 530.313430][ C0] ? update_process_times+0x1ce/0x230 [ 530.318818][ C0] ? tick_nohz_handler+0x37c/0x500 [ 530.323951][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 530.329424][ C0] ? __hrtimer_run_queues+0x551/0xd50 [ 530.334809][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 530.340830][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 530.346571][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 530.352667][ C0] ? hrtimer_interrupt+0x396/0x990 [ 530.357813][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 530.364003][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 530.369821][ C0] [ 530.372767][ C0] [ 530.375706][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 530.381886][ C0] ? smp_call_function_many_cond+0x19da/0x2ca0 [ 530.388051][ C0] ? smp_call_function_many_cond+0x1a0b/0x2ca0 [ 530.394223][ C0] ? smp_call_function_many_cond+0x19f3/0x2ca0 [ 530.400394][ C0] ? kmem_cache_alloc_bulk_noprof+0x156/0x7c0 [ 530.406473][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 530.411520][ C0] ? __pfx___text_poke+0x10/0x10 [ 530.416467][ C0] ? process_scheduled_works+0x976/0x1850 [ 530.422208][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 530.428546][ C0] ? __pfx___might_resched+0x10/0x10 [ 530.433844][ C0] ? __mutex_trylock_common+0x183/0x2e0 [ 530.439409][ C0] ? __pfx___might_resched+0x10/0x10 [ 530.444714][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 530.449779][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 530.454904][ C0] text_poke_bp_batch+0x352/0xb30 [ 530.459955][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 530.465515][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 530.470556][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 530.476816][ C0] ? process_scheduled_works+0x976/0x1850 [ 530.482554][ C0] text_poke_finish+0x30/0x50 [ 530.487245][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 530.493243][ C0] static_key_disable_cpuslocked+0xd2/0x1c0 [ 530.499155][ C0] static_key_disable+0x1a/0x20 [ 530.504023][ C0] toggle_allocation_gate+0x1bf/0x260 [ 530.509411][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 530.515320][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 530.521418][ C0] process_scheduled_works+0xa63/0x1850 [ 530.527012][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 530.533016][ C0] ? assign_work+0x364/0x3d0 [ 530.537628][ C0] worker_thread+0x870/0xd30 [ 530.542268][ C0] ? __kthread_parkme+0x169/0x1d0 [ 530.547337][ C0] ? __pfx_worker_thread+0x10/0x10 [ 530.552492][ C0] kthread+0x2f0/0x390 [ 530.556585][ C0] ? __pfx_worker_thread+0x10/0x10 [ 530.561717][ C0] ? __pfx_kthread+0x10/0x10 [ 530.566328][ C0] ret_from_fork+0x4b/0x80 [ 530.570770][ C0] ? __pfx_kthread+0x10/0x10 [ 530.575374][ C0] ret_from_fork_asm+0x1a/0x30 [ 530.580167][ C0]