last executing test programs: 3.863466368s ago: executing program 0 (id=816): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000003c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x24, r1, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0) 3.741623424s ago: executing program 0 (id=817): r0 = creat(&(0x7f0000000000)='./file0\x00', 0x175) close(r0) r1 = fanotify_init(0x12, 0x141402) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 2.690350524s ago: executing program 0 (id=826): r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x73, 0x9e, 0x61, 0x8, 0xfd9, 0x2c, 0x66b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x7, 0xd4, 0x40, 0x0, [{{0x9, 0x4, 0x65, 0x0, 0x1, 0xbe, 0x86, 0x6d, 0x1, [], [{{0x9, 0x5, 0x1, 0x2, 0x40, 0x1, 0x3, 0x9}}]}}]}}]}}, 0x0) syz_usb_ep_read(r0, 0x1, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) syz_usb_control_io$printer(r0, &(0x7f00000008c0)={0x14, 0x0, &(0x7f00000007c0)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0) 2.42197242s ago: executing program 3 (id=831): setreuid(0xee00, 0xee00) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ptrace(0x4206, r0) 2.254187729s ago: executing program 3 (id=834): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448cb, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7) 2.253857086s ago: executing program 2 (id=835): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d2000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050006000000140004"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 2.169513059s ago: executing program 2 (id=837): openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000000c0), 0x3f, 0x0) ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000000100)) 1.693941378s ago: executing program 4 (id=844): rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ppoll(&(0x7f0000000000)=[{r0, 0x211}], 0x1, 0x0, 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xa) 1.582833793s ago: executing program 4 (id=845): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) 1.482299356s ago: executing program 4 (id=846): setreuid(0x0, 0xee00) sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000040)={'sit0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x8002, 0x10, 0x0, 0x7, {{0x5, 0x4, 0x0, 0x13, 0x14, 0x78, 0xfffc, 0xfd, 0x5e55b37311de6d89, 0x0, @empty, @empty}}}}) 1.480478406s ago: executing program 4 (id=847): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$packet(r1, &(0x7f00000002c0)="48357e0287af48ffa745b497a54e0eec1bf2c69011f35b48339d15afaef1bd7efe075ff441b16e244b8b05fe09e29583ad142567826dfa5cbc6f979b050015bde8c4441cd0fa6be03213181bfe84743015ec12ced8b1aa8f44e5c30afac6f9fd2ab1303be0d1b2c02533bcc97cce7da9b507b053b11821323590d379e9e350a3291fbedb6382de878b7a56e4e38c7f746d0424029f5d49b04697a4", 0xfffffffffffffe20, 0x0, 0x0, 0x0) 1.274804043s ago: executing program 4 (id=848): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mount_setattr(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) 1.119886824s ago: executing program 3 (id=850): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x80) fcntl$notify(r0, 0x402, 0x26) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$notify(r0, 0x402, 0x0) 1.075465886s ago: executing program 2 (id=852): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'wp256\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f0000000040)="af", 0x1, 0xc000, 0x0, 0x0) 930.111586ms ago: executing program 2 (id=853): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)=r0) 929.794019ms ago: executing program 1 (id=854): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 929.632021ms ago: executing program 3 (id=855): mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 792.927517ms ago: executing program 1 (id=856): timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffb]}, 0x0, 0x8) timer_settime(r0, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) 652.949868ms ago: executing program 1 (id=857): r0 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003000600000000000000000006d1f1ac0000000004191bda0000200001"], 0x69) close(r0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 638.676967ms ago: executing program 2 (id=858): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x9) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000140)) 482.189062ms ago: executing program 1 (id=859): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010027bd7000fbdbdf254400000008000300", @ANYRES32=r2, @ANYBLOB="0a001800030303030303000008000d006a77545608000c006400"], 0x38}}, 0x0) 481.761197ms ago: executing program 0 (id=860): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x40050}, 0x40) 457.350722ms ago: executing program 3 (id=861): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0x23, 0xa502}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20090}}}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x18, 0x30, 0xb, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 395.155074ms ago: executing program 2 (id=862): r0 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0xfffffffa, 0xb, 0x4}) r1 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000180)=@userptr={0xfffffff4, 0xb, 0x4, 0x4000, 0x8, {}, {0x4, 0x8, 0x1, 0x9e, 0x6, 0x9, "f3ce2199"}, 0x0, 0x2, {0x0}}) 367.938874ms ago: executing program 0 (id=863): r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000001240)={0x2020}, 0x2020) r1 = openat$sequencer(0xffffff9c, &(0x7f0000000480), 0x0, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r1, 0xc0046d00, &(0x7f0000001500)) 367.520713ms ago: executing program 1 (id=864): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00') writev(r0, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000, 0x0, 0x0, 0x40000}) setpgid(0x0, 0x0) 321.800839ms ago: executing program 4 (id=865): r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) readv(r0, &(0x7f0000000080)=[{&(0x7f00000016c0)=""/149, 0x95}], 0x1) 233.278027ms ago: executing program 3 (id=866): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [], {0x14}}, 0x28}}, 0x0) r0 = fsopen(&(0x7f00000000c0)='nilfs2\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x8, 0x0, 0x0, 0x0) 227.734533ms ago: executing program 1 (id=867): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 0s ago: executing program 0 (id=868): socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x2, 0x80000000000004, 0x6}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.104' (ED25519) to the list of known hosts. [ 82.160934][ T5815] cgroup: Unknown subsys name 'net' [ 82.258260][ T5815] cgroup: Unknown subsys name 'cpuset' [ 82.266865][ T5815] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.744611][ T5815] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.872454][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.883243][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.885306][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.891973][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.905112][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.906085][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.921895][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.922486][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.938383][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.944793][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.954760][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.962547][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.964155][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.970571][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.984548][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.991887][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.994040][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.001173][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.015329][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.024111][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.031753][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.039498][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.044207][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.055345][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.081818][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.543120][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 88.719982][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 88.852307][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.860390][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.868386][ T5844] bridge_slave_0: entered allmulticast mode [ 88.877772][ T5844] bridge_slave_0: entered promiscuous mode [ 88.900623][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 88.950382][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.957878][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.965112][ T5844] bridge_slave_1: entered allmulticast mode [ 88.972112][ T5844] bridge_slave_1: entered promiscuous mode [ 89.036747][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.044038][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.051221][ T5831] bridge_slave_0: entered allmulticast mode [ 89.059883][ T5831] bridge_slave_0: entered promiscuous mode [ 89.083698][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 89.105197][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.112334][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.120187][ T5831] bridge_slave_1: entered allmulticast mode [ 89.127207][ T5831] bridge_slave_1: entered promiscuous mode [ 89.204587][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.226423][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 89.238180][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.245794][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.252946][ T5847] bridge_slave_0: entered allmulticast mode [ 89.260259][ T5847] bridge_slave_0: entered promiscuous mode [ 89.282716][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.308428][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.315808][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.322926][ T5847] bridge_slave_1: entered allmulticast mode [ 89.330577][ T5847] bridge_slave_1: entered promiscuous mode [ 89.340302][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.400055][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.433587][ T5844] team0: Port device team_slave_0 added [ 89.486541][ T5844] team0: Port device team_slave_1 added [ 89.512309][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.563144][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.570961][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.578238][ T5834] bridge_slave_0: entered allmulticast mode [ 89.586088][ T5834] bridge_slave_0: entered promiscuous mode [ 89.596265][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.609184][ T5831] team0: Port device team_slave_0 added [ 89.640988][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.648276][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.655795][ T5834] bridge_slave_1: entered allmulticast mode [ 89.662782][ T5834] bridge_slave_1: entered promiscuous mode [ 89.710538][ T5831] team0: Port device team_slave_1 added [ 89.718574][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.726579][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.754026][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.766242][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.773381][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.782916][ T5841] bridge_slave_0: entered allmulticast mode [ 89.790147][ T5841] bridge_slave_0: entered promiscuous mode [ 89.812318][ T5847] team0: Port device team_slave_0 added [ 89.822010][ T5847] team0: Port device team_slave_1 added [ 89.840626][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.847949][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.874528][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.886078][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.893311][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.900608][ T5841] bridge_slave_1: entered allmulticast mode [ 89.907765][ T5841] bridge_slave_1: entered promiscuous mode [ 89.929587][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.988107][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.026695][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.033665][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.060623][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.074913][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.097893][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.105054][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.131788][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.131849][ T5851] Bluetooth: hci1: command tx timeout [ 90.146847][ T5842] Bluetooth: hci0: command tx timeout [ 90.148274][ T5835] Bluetooth: hci4: command tx timeout [ 90.153678][ T5842] Bluetooth: hci2: command tx timeout [ 90.162888][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.171698][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.198487][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.201962][ T5842] Bluetooth: hci3: command tx timeout [ 90.223965][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.231004][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.258035][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.271039][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.295866][ T5834] team0: Port device team_slave_0 added [ 90.331479][ T5844] hsr_slave_0: entered promiscuous mode [ 90.338103][ T5844] hsr_slave_1: entered promiscuous mode [ 90.359226][ T5834] team0: Port device team_slave_1 added [ 90.385524][ T5841] team0: Port device team_slave_0 added [ 90.452608][ T5841] team0: Port device team_slave_1 added [ 90.471766][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.478828][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.505127][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.520892][ T5847] hsr_slave_0: entered promiscuous mode [ 90.529943][ T5847] hsr_slave_1: entered promiscuous mode [ 90.536054][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.543726][ T5847] Cannot create hsr debugfs directory [ 90.573814][ T5831] hsr_slave_0: entered promiscuous mode [ 90.580096][ T5831] hsr_slave_1: entered promiscuous mode [ 90.586445][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.594151][ T5831] Cannot create hsr debugfs directory [ 90.614219][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.621181][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.647189][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.742729][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.750118][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.777594][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.790525][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.797796][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.824511][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.929405][ T5834] hsr_slave_0: entered promiscuous mode [ 90.936398][ T5834] hsr_slave_1: entered promiscuous mode [ 90.942572][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.950251][ T5834] Cannot create hsr debugfs directory [ 91.017862][ T5841] hsr_slave_0: entered promiscuous mode [ 91.024554][ T5841] hsr_slave_1: entered promiscuous mode [ 91.030558][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.038888][ T5841] Cannot create hsr debugfs directory [ 91.382330][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.412321][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.423835][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.448967][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.500497][ T5844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.519083][ T5844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 91.546712][ T5844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 91.585846][ T5844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 91.619523][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 91.631605][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.645138][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.662283][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.723352][ T10] cfg80211: failed to load regulatory.db [ 91.777095][ T5841] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 91.825068][ T5841] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 91.857971][ T5841] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 91.872290][ T5841] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 91.890876][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.987629][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.000927][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 92.017692][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.046306][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 92.072182][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.079444][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.092880][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 92.123173][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 92.151865][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.159045][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.182020][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.195083][ T5842] Bluetooth: hci4: command tx timeout [ 92.195155][ T5851] Bluetooth: hci0: command tx timeout [ 92.200509][ T5842] Bluetooth: hci2: command tx timeout [ 92.206091][ T5835] Bluetooth: hci1: command tx timeout [ 92.221737][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.249993][ T3025] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.257195][ T3025] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.274601][ T5835] Bluetooth: hci3: command tx timeout [ 92.314219][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.321490][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.360913][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.400943][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.420389][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.427555][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.467441][ T1040] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.474677][ T1040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.522077][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.587119][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.594441][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.655845][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.663046][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.819786][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.881960][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.940833][ T2989] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.948065][ T2989] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.003504][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.010708][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.053545][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.137798][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.343314][ T5847] veth0_vlan: entered promiscuous mode [ 93.367547][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.380591][ T5844] veth0_vlan: entered promiscuous mode [ 93.423014][ T5844] veth1_vlan: entered promiscuous mode [ 93.442644][ T5847] veth1_vlan: entered promiscuous mode [ 93.472068][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.539304][ T5831] veth0_vlan: entered promiscuous mode [ 93.579482][ T5844] veth0_macvtap: entered promiscuous mode [ 93.620015][ T5831] veth1_vlan: entered promiscuous mode [ 93.646262][ T5844] veth1_macvtap: entered promiscuous mode [ 93.663334][ T5847] veth0_macvtap: entered promiscuous mode [ 93.683675][ T5847] veth1_macvtap: entered promiscuous mode [ 93.713677][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.751845][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.778744][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.790665][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.805725][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.830444][ T5844] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.839919][ T5844] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.849590][ T5844] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.861593][ T5844] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.879910][ T5847] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.888847][ T5847] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.898866][ T5847] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.907730][ T5847] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.999556][ T5831] veth0_macvtap: entered promiscuous mode [ 94.077357][ T5831] veth1_macvtap: entered promiscuous mode [ 94.157924][ T5834] veth0_vlan: entered promiscuous mode [ 94.179161][ T3025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.190011][ T3025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.231197][ T2989] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.237679][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.250152][ T2989] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.259356][ T5834] veth1_vlan: entered promiscuous mode [ 94.279617][ T5835] Bluetooth: hci2: command tx timeout [ 94.289666][ T5851] Bluetooth: hci1: command tx timeout [ 94.289687][ T5842] Bluetooth: hci0: command tx timeout [ 94.295123][ T5845] Bluetooth: hci4: command tx timeout [ 94.327540][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.348048][ T5841] veth0_vlan: entered promiscuous mode [ 94.364155][ T5842] Bluetooth: hci3: command tx timeout [ 94.385588][ T5834] veth0_macvtap: entered promiscuous mode [ 94.395371][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.404839][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.413789][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.422737][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.442425][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.451976][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.457513][ T5834] veth1_macvtap: entered promiscuous mode [ 94.505445][ T2989] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.516502][ T5841] veth1_vlan: entered promiscuous mode [ 94.518200][ T2989] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.546845][ T5844] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 94.571003][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.636115][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.671130][ T5841] veth0_macvtap: entered promiscuous mode [ 94.698519][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.710839][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.722395][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.732167][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.758395][ T5841] veth1_macvtap: entered promiscuous mode [ 94.879302][ T3025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.901895][ T3025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.919729][ T5951] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 94.922937][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.016497][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.077998][ T5841] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.100994][ T5841] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.114015][ T5841] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.130611][ T5841] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.170401][ T2989] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.184182][ T2989] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.315664][ T3025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.334188][ T3025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.466644][ T3025] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.494407][ T3025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.605750][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.635895][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.808216][ T3025] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.847467][ T3025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.941187][ T5965] pim6reg: entered allmulticast mode [ 95.988451][ T5967] pim6reg: left allmulticast mode [ 96.354323][ T5842] Bluetooth: hci0: command tx timeout [ 96.364109][ T5842] Bluetooth: hci2: command tx timeout [ 96.369752][ T5842] Bluetooth: hci1: command tx timeout [ 96.375369][ T5835] Bluetooth: hci4: command tx timeout [ 96.444762][ T5851] Bluetooth: hci3: command tx timeout [ 97.591095][ T6004] process 'syz.1.23' launched './file0' with NULL argv: empty string added [ 97.893234][ T6018] netlink: 'syz.1.27': attribute type 21 has an invalid length. [ 98.624716][ T5905] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 98.815080][ T5905] usb 5-1: Using ep0 maxpacket: 32 [ 98.830286][ T5905] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 98.854777][ T5905] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.934158][ T5905] usb 5-1: config 0 descriptor?? [ 99.169174][ T5905] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 99.189460][ T5905] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 99.230556][ T5905] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 99.249811][ T5905] usb 5-1: media controller created [ 99.260913][ T6050] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 99.280544][ T6049] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 99.336441][ T5905] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 99.436733][ T5905] az6027: usb out operation failed. (-71) [ 99.453225][ T5905] az6027: usb out operation failed. (-71) [ 99.485496][ T5905] stb0899_attach: Driver disabled by Kconfig [ 99.507652][ T5905] az6027: no front-end attached [ 99.507652][ T5905] [ 99.542702][ T5905] az6027: usb out operation failed. (-71) [ 99.573447][ T5905] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 99.613665][ T5905] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input6 [ 99.823720][ T5905] dvb-usb: schedule remote query interval to 400 msecs. [ 99.831337][ T5905] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 99.852765][ T5905] usb 5-1: USB disconnect, device number 2 [ 100.119484][ T5905] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 100.606108][ T6079] veth1_macvtap: left promiscuous mode [ 100.825222][ T6082] Driver unsupported XDP return value 0 on prog (id 12) dev N/A, expect packet loss! [ 101.793708][ T6099] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.802754][ T6099] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.279058][ T6099] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.331203][ T6099] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.593078][ T6099] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.605973][ T6099] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.616118][ T6099] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.639508][ T6099] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.665491][ T30] audit: type=1326 audit(1749211913.573:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 102.691769][ T30] audit: type=1326 audit(1749211913.583:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 102.742656][ T30] audit: type=1326 audit(1749211913.583:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 102.779885][ T30] audit: type=1326 audit(1749211913.583:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 102.917946][ T30] audit: type=1326 audit(1749211913.583:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 102.966053][ T30] audit: type=1326 audit(1749211913.583:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 103.008691][ T30] audit: type=1326 audit(1749211913.633:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 103.051733][ T30] audit: type=1326 audit(1749211913.643:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7398e929 code=0x7ffc0000 [ 103.106719][ T30] audit: type=1326 audit(1749211913.643:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbc739858e7 code=0x7ffc0000 [ 103.197993][ T30] audit: type=1326 audit(1749211913.643:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.4.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbc7392ab19 code=0x7ffc0000 [ 103.294410][ T6139] capability: warning: `syz.2.81' uses deprecated v2 capabilities in a way that may be insecure [ 103.666906][ T6156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.88'. [ 104.049136][ T6169] warning: `syz.0.94' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 104.283298][ T6187] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 104.297490][ T6185] batadv_slave_0: entered promiscuous mode [ 104.333980][ T6185] batadv_slave_0: left promiscuous mode [ 104.559054][ T6199] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.601171][ T6199] netlink: 'syz.1.110': attribute type 25 has an invalid length. [ 104.619294][ T6199] netlink: 'syz.1.110': attribute type 7 has an invalid length. [ 104.741712][ T6208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.113'. [ 104.786756][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.113'. [ 105.459843][ T6243] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.588184][ T6243] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.604109][ T5906] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 105.713224][ T6243] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.775233][ T5906] usb 1-1: Using ep0 maxpacket: 16 [ 105.788939][ T5906] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11 [ 105.813037][ T5906] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 105.832143][ T5906] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 105.859611][ T6243] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.881862][ T5906] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 105.901652][ T5906] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 105.920398][ T5906] usb 1-1: SerialNumber: syz [ 105.932714][ T6230] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 106.072837][ T6243] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.094321][ T6243] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.113732][ T6243] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.133156][ T6243] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.179117][ T5906] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 106.211766][ T5906] usb 1-1: USB disconnect, device number 3 [ 106.587375][ T6290] pim6reg0: tun_chr_ioctl cmd 1074025680 [ 108.820212][ T6409] capability: warning: `syz.1.204' uses 32-bit capabilities (legacy support in use) [ 108.874107][ T5947] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 108.933948][ T6413] ======================================================= [ 108.933948][ T6413] WARNING: The mand mount option has been deprecated and [ 108.933948][ T6413] and is ignored by this kernel. Remove the mand [ 108.933948][ T6413] option from the mount to silence this warning. [ 108.933948][ T6413] ======================================================= [ 108.968811][ C0] vkms_vblank_simulate: vblank timer overrun [ 109.044342][ T5947] usb 1-1: Using ep0 maxpacket: 16 [ 109.051641][ T5947] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 109.064816][ T5947] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 109.077055][ T5947] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 109.089825][ T5947] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 109.099764][ T5947] usb 1-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 109.130310][ T5947] usb 1-1: config 1 interface 0 has no altsetting 0 [ 109.144984][ T5947] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 109.166448][ T5947] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.187518][ T5947] ums-sddr09 1-1:1.0: USB Mass Storage device detected [ 109.402083][ T6395] netlink: 71 bytes leftover after parsing attributes in process `syz.0.197'. [ 109.423646][ T10] usb 1-1: USB disconnect, device number 4 [ 109.969289][ T6451] netlink: 'syz.1.221': attribute type 3 has an invalid length. [ 110.005384][ T6451] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 110.325784][ T6470] loop5: detected capacity change from 0 to 63 [ 110.738318][ T6487] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 110.754434][ T5835] Bluetooth: hci5: command 0x1003 tx timeout [ 110.760753][ T5851] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 110.869095][ T976] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 110.931811][ T6495] netlink: 'syz.1.244': attribute type 10 has an invalid length. [ 110.942298][ T6495] netlink: 40 bytes leftover after parsing attributes in process `syz.1.244'. [ 111.017380][ T6495] team0: Port device geneve0 added [ 111.055715][ T976] usb 1-1: Using ep0 maxpacket: 32 [ 111.089967][ T976] usb 1-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 111.117284][ T976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.124536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.139229][ T976] usb 1-1: Product: syz [ 111.143590][ T976] usb 1-1: Manufacturer: syz [ 111.158703][ T976] usb 1-1: SerialNumber: syz [ 111.541683][ T976] visor 1-1:1.0: Handspring Visor / Palm OS converter detected [ 111.569804][ T976] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 111.584351][ T6505] sock: sock_timestamping_bind_phc: sock not bind to device [ 111.872783][ T976] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 111.902786][ T976] usb 1-1: USB disconnect, device number 5 [ 111.930623][ T976] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 111.960525][ T976] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 111.993218][ T976] visor 1-1:1.0: device disconnected [ 112.418557][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 112.418576][ T30] audit: type=1800 audit(1749211923.333:62): pid=6524 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.255" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 112.517855][ T6530] netlink: 8 bytes leftover after parsing attributes in process `syz.0.259'. [ 112.790853][ T6544] pimreg: entered allmulticast mode [ 112.815455][ T6543] pimreg: left allmulticast mode [ 113.844059][ T5947] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 114.034131][ T5947] usb 5-1: Using ep0 maxpacket: 32 [ 114.044392][ T5947] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 114.052522][ T5947] usb 5-1: config 0 has no interface number 0 [ 114.090422][ T5947] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 114.099790][ T5947] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.116531][ T5947] usb 5-1: Product: syz [ 114.126150][ T5947] usb 5-1: Manufacturer: syz [ 114.133916][ T5947] usb 5-1: SerialNumber: syz [ 114.166606][ T5947] usb 5-1: config 0 descriptor?? [ 114.202017][ T5947] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 114.396374][ T5947] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 114.429900][ T5947] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 114.741454][ T6623] mmap: syz.2.298 (6623) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 114.789142][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 114.798709][ T5947] usb 5-1: USB disconnect, device number 3 [ 114.818854][ T5947] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 114.851795][ T5947] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 114.863477][ T5947] quatech2 5-1:0.51: device disconnected [ 116.477042][ T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 116.653985][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 116.688246][ T10] usb 2-1: config index 0 descriptor too short (expected 32804, got 36) [ 116.727529][ T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.755190][ T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.775534][ T10] usb 2-1: config 0 interface 0 has no altsetting 0 [ 116.790186][ T10] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 116.811281][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.849661][ T10] usb 2-1: config 0 descriptor?? [ 117.099365][ T6688] netlink: 124 bytes leftover after parsing attributes in process `syz.4.328'. [ 117.201901][ T6689] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.297209][ T10] hid (null): unknown global tag 0xd [ 117.302582][ T10] hid (null): unknown global tag 0xc [ 117.322911][ T10] hid (null): unknown global tag 0xc [ 117.433116][ T6703] netlink: 20 bytes leftover after parsing attributes in process `syz.3.332'. [ 117.509414][ T6707] openvswitch: netlink: VXLAN extension message has 2 unknown bytes. [ 117.530819][ T5906] usb 2-1: USB disconnect, device number 2 [ 117.847908][ T6720] netlink: 4 bytes leftover after parsing attributes in process `syz.4.341'. [ 118.344285][ T5906] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 118.438933][ T6753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.356'. [ 118.524107][ T5906] usb 5-1: Using ep0 maxpacket: 8 [ 118.546659][ T5906] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 177, changing to 11 [ 118.585908][ T5906] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 118.618598][ T5906] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.635903][ T5906] usb 5-1: Product: syz [ 118.646100][ T5906] usb 5-1: Manufacturer: syz [ 118.662760][ T5906] usb 5-1: SerialNumber: syz [ 119.507609][ T5906] cdc_ncm 5-1:1.0: SET_CRC_MODE failed [ 119.531132][ T5906] cdc_ncm 5-1:1.0: bind() failure [ 119.545401][ T5906] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 119.572617][ T5906] cdc_ncm 5-1:1.1: bind() failure [ 119.597635][ T5906] usb 5-1: USB disconnect, device number 4 [ 119.713602][ T6797] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.377'. [ 119.809268][ T6799] netlink: 'syz.2.378': attribute type 9 has an invalid length. [ 119.846407][ T6799] netlink: 212260 bytes leftover after parsing attributes in process `syz.2.378'. [ 120.422343][ T6824] netlink: 20 bytes leftover after parsing attributes in process `syz.1.389'. [ 120.480941][ T6824] netlink: 20 bytes leftover after parsing attributes in process `syz.1.389'. [ 120.524048][ T5947] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 120.674221][ T5947] usb 5-1: Using ep0 maxpacket: 32 [ 120.695716][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 195, changing to 11 [ 120.711896][ T5947] usb 5-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00 [ 120.755424][ T5947] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.786987][ T5947] usb 5-1: config 0 descriptor?? [ 121.209307][ T5947] aureal 0003:0755:2626.0002: unbalanced collection at end of report description [ 121.228442][ T5947] aureal 0003:0755:2626.0002: probe with driver aureal failed with error -22 [ 121.618230][ T5906] usb 5-1: USB disconnect, device number 5 [ 121.791219][ T6862] block nbd0: not configured, cannot reconfigure [ 122.124234][ T6869] pim6reg0: tun_chr_ioctl cmd 1074025680 [ 122.257757][ T6875] netlink: 4 bytes leftover after parsing attributes in process `syz.1.412'. [ 122.916379][ T6897] netlink: 104 bytes leftover after parsing attributes in process `syz.0.422'. [ 123.126009][ T6908] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 123.501996][ T6923] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 123.759578][ T6936] netlink: 10 bytes leftover after parsing attributes in process `syz.3.438'. [ 123.898979][ T6945] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 124.092738][ T2989] Bluetooth: hci5: Frame reassembly failed (-84) [ 124.781030][ T6990] input: syz0 as /devices/virtual/input/input7 [ 125.032521][ T7000] 8021q: adding VLAN 0 to HW filter on device bond1 [ 125.045636][ T7000] bond0: (slave bond1): Enslaving as an active interface with an up link [ 125.420862][ T7020] netlink: 'syz.2.478': attribute type 3 has an invalid length. [ 125.451433][ T7020] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 125.639539][ T30] audit: type=1326 audit(1749211936.553:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.668887][ T30] audit: type=1326 audit(1749211936.573:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.712519][ T30] audit: type=1326 audit(1749211936.583:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.738196][ T30] audit: type=1326 audit(1749211936.583:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.762557][ T30] audit: type=1326 audit(1749211936.583:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.789089][ T30] audit: type=1326 audit(1749211936.583:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.819757][ T30] audit: type=1326 audit(1749211936.583:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.841273][ T30] audit: type=1326 audit(1749211936.583:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.863599][ T30] audit: type=1326 audit(1749211936.583:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c33b8e929 code=0x7ffc0000 [ 125.944835][ T5906] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 126.104038][ T5906] usb 3-1: Using ep0 maxpacket: 16 [ 126.111475][ T5906] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 126.122555][ T5851] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 126.128840][ T5835] Bluetooth: hci5: command 0x1003 tx timeout [ 126.135577][ T5906] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.145389][ T5906] usb 3-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 126.157337][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.170407][ T5906] usb 3-1: config 0 descriptor?? [ 126.603584][ T5906] playstation 0003:054C:05C4.0003: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.2-1/input0 [ 126.796946][ T5906] playstation 0003:054C:05C4.0003: Invalid reportID received, expected 18 got 0 [ 126.831480][ T5906] playstation 0003:054C:05C4.0003: Failed to retrieve DualShock4 pairing info: -22 [ 126.862584][ T5906] playstation 0003:054C:05C4.0003: Failed to get MAC address from DualShock4 [ 126.898033][ T5906] playstation 0003:054C:05C4.0003: Failed to create dualshock4. [ 126.920882][ T5906] playstation 0003:054C:05C4.0003: probe with driver playstation failed with error -22 [ 127.017823][ T5947] usb 3-1: USB disconnect, device number 2 [ 127.830820][ T7107] A link change request failed with some changes committed already. Interface veth1_to_bridge may have been left with an inconsistent configuration, please check. [ 127.901518][ T7113] netlink: 'syz.1.522': attribute type 15 has an invalid length. [ 128.247589][ T7129] input: syz1 as /devices/virtual/input/input8 [ 128.634250][ T10] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 128.684356][ T5906] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 128.795329][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 128.802686][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.817752][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.844117][ T5906] usb 4-1: Using ep0 maxpacket: 16 [ 128.854511][ T10] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 128.875216][ T5906] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 128.890090][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.898504][ T5906] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 128.913673][ T5906] usb 4-1: Manufacturer: syz [ 128.925354][ T10] usb 3-1: config 0 descriptor?? [ 128.941568][ T5906] usb 4-1: config 0 descriptor?? [ 129.158005][ T5906] usb 4-1: Limiting number of CPorts to U8_MAX [ 129.185853][ T5906] usb 4-1: Not enough endpoints found in device, aborting! [ 129.359871][ T10] hid-picolcd 0003:04D8:F002.0004: unknown main item tag 0x0 [ 129.373055][ T5947] usb 4-1: USB disconnect, device number 3 [ 129.395758][ T7176] tap0: tun_chr_ioctl cmd 2147767507 [ 129.432453][ T10] hid-picolcd 0003:04D8:F002.0004: No report with id 0xf3 found [ 129.440465][ T10] hid-picolcd 0003:04D8:F002.0004: No report with id 0xf4 found [ 129.562299][ T10] usb 3-1: USB disconnect, device number 3 [ 129.711598][ T7188] netlink: 'syz.0.558': attribute type 46 has an invalid length. [ 129.723360][ T7188] netlink: 212868 bytes leftover after parsing attributes in process `syz.0.558'. [ 129.869574][ T7197] program syz.4.562 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.311233][ T30] audit: type=1400 audit(1749211941.223:72): lsm=SMACK fn=smack_task_setpgid action=denied subject="w" object="_" requested=w pid=7214 comm="syz.4.572" opid=7214 ocomm="syz.4.572" [ 130.335212][ T7221] sctp: [Deprecated]: syz.2.570 (pid 7221) Use of int in max_burst socket option deprecated. [ 130.335212][ T7221] Use struct sctp_assoc_value instead [ 130.491086][ T7225] openvswitch: netlink: Multiple metadata blocks provided [ 130.830064][ T7239] QAT: failed to copy from user cfg_data. [ 130.910282][ T7242] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 130.933838][ T7242] syzkaller1: linktype set to 780 [ 131.391131][ T7261] netlink: 12 bytes leftover after parsing attributes in process `syz.2.592'. [ 131.404662][ T7259] blkio.reset_stats is deprecated [ 131.794206][ T5835] Bluetooth: hci4: command 0x0405 tx timeout [ 131.933128][ T7279] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 132.678990][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.687927][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.737011][ T7303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.611'. [ 133.114156][ T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 133.244126][ T7329] netlink: 4 bytes leftover after parsing attributes in process `syz.0.625'. [ 133.275486][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 133.289128][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 133.310345][ T10] usb 5-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 133.330687][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.339037][ T7331] Falling back ldisc for ptm0. [ 133.372313][ T10] usb 5-1: config 0 descriptor?? [ 133.544817][ T7343] syz.2.631 uses obsolete (PF_INET,SOCK_PACKET) [ 133.786226][ T10] logitech 0003:046D:C20E.0005: rdesc size test failed for formula gp [ 133.806807][ T10] logitech 0003:046D:C20E.0005: unbalanced delimiter at end of report description [ 133.838570][ T10] logitech 0003:046D:C20E.0005: parse failed [ 133.854009][ T10] logitech 0003:046D:C20E.0005: probe with driver logitech failed with error -22 [ 134.000929][ T10] usb 5-1: USB disconnect, device number 6 [ 134.566849][ T7388] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 135.315111][ C0] hrtimer: interrupt took 14457 ns [ 135.454227][ T5907] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 135.627219][ T7438] netlink: 28 bytes leftover after parsing attributes in process `syz.2.673'. [ 135.644240][ T7438] Zero length message leads to an empty skb [ 135.660503][ T5907] usb 5-1: Using ep0 maxpacket: 32 [ 135.680206][ T5907] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 135.701032][ T5907] usb 5-1: config 0 has no interface number 0 [ 135.727706][ T5907] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 135.746912][ T5907] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.774087][ T5907] usb 5-1: Product: syz [ 135.787641][ T5907] usb 5-1: Manufacturer: syz [ 135.802604][ T5907] usb 5-1: SerialNumber: syz [ 135.836754][ T5907] usb 5-1: config 0 descriptor?? [ 135.854303][ T5907] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 135.902703][ T7442] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.039897][ T7449] loop8: detected capacity change from 0 to 1 [ 136.094286][ T5907] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 136.119133][ T5907] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 136.140705][ T7449] Dev loop8: unable to read RDB block 1 [ 136.156101][ T7449] loop8: unable to read partition table [ 136.172872][ T7449] loop8: partition table beyond EOD, truncated [ 136.192660][ T7449] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 136.302962][ T7422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.344449][ T7422] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.572533][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 136.584351][ T5906] usb 5-1: USB disconnect, device number 7 [ 136.606699][ T5906] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 136.635622][ T5906] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 136.651620][ T5906] quatech2 5-1:0.51: device disconnected [ 137.769427][ T7509] netlink: 16 bytes leftover after parsing attributes in process `syz.0.707'. [ 137.799174][ T49] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 137.825652][ T5906] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 137.834611][ T49] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 138.002734][ T7518] netlink: 28 bytes leftover after parsing attributes in process `syz.0.710'. [ 138.014296][ T5906] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 138.028526][ T7518] netlink: 'syz.0.710': attribute type 7 has an invalid length. [ 138.052696][ T7518] netlink: 'syz.0.710': attribute type 8 has an invalid length. [ 138.070246][ T7518] netlink: 4 bytes leftover after parsing attributes in process `syz.0.710'. [ 138.204446][ T10] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 138.674000][ T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 138.846174][ T10] usb 4-1: config 0 has an invalid interface number: 255 but max is 0 [ 138.866304][ T10] usb 4-1: config 0 has no interface number 0 [ 138.872451][ T10] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 138.914169][ T10] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 138.944122][ T10] usb 4-1: config 0 interface 255 has no altsetting 0 [ 138.968454][ T10] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 138.991646][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.013165][ T10] usb 4-1: config 0 descriptor?? [ 139.033126][ T10] ums-realtek 4-1:0.255: USB Mass Storage device detected [ 139.186540][ T7553] @: renamed from vlan0 [ 139.237100][ T10] usb 4-1: USB disconnect, device number 4 [ 139.482867][ T7561] kvm: kvm [7560]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0x3 [ 139.694537][ T7565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.731'. [ 139.723954][ T7565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.731'. [ 140.398933][ T7587] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.032808][ T7621] netlink: 12 bytes leftover after parsing attributes in process `syz.2.758'. [ 141.052017][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.2.758'. [ 141.084143][ T10] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 141.218128][ T7627] 8021q: adding VLAN 0 to HW filter on device bond1 [ 141.246628][ T10] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 141.260354][ T7627] bond0: (slave bond1): Enslaving as an active interface with an up link [ 141.272504][ T10] usb 5-1: config 0 has no interface number 0 [ 141.288590][ T10] usb 5-1: config 0 interface 41 has no altsetting 0 [ 141.319757][ T10] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 141.346491][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.376846][ T10] usb 5-1: Product: syz [ 141.381061][ T10] usb 5-1: Manufacturer: syz [ 141.408094][ T10] usb 5-1: SerialNumber: syz [ 141.427501][ T10] usb 5-1: config 0 descriptor?? [ 141.735278][ T7655] loop6: detected capacity change from 0 to 524287999 [ 141.834750][ T7662] openvswitch: netlink: IP tunnel TTL not specified. [ 141.840427][ T7660] binder: 7659:7660 ioctl c018620c 200000000640 returned -22 [ 141.971693][ T7670] netlink: 104 bytes leftover after parsing attributes in process `syz.2.781'. [ 142.124088][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 142.257639][ T10] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9 [ 142.272172][ T10] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -71 [ 142.305449][ T10] usb 5-1: USB disconnect, device number 8 [ 143.720228][ T7753] vivid-001: disconnect [ 143.734122][ T7751] vivid-001: reconnect [ 144.074036][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!! [ 144.082364][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!! [ 144.175676][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 144.381067][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 144.391055][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 144.934069][ T5947] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 144.983982][ T5907] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 145.055608][ T7789] netlink: 'syz.2.835': attribute type 11 has an invalid length. [ 145.106911][ T5947] usb 1-1: config 7 has an invalid interface number: 101 but max is 0 [ 145.119559][ T5947] usb 1-1: config 7 has no interface number 0 [ 145.128666][ T5947] usb 1-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b [ 145.139839][ T5907] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 145.154014][ T7787] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 145.166441][ T5907] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 145.175665][ T5947] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.183716][ T5947] usb 1-1: Product: syz [ 145.192483][ T5947] usb 1-1: Manufacturer: syz [ 145.199409][ T5947] usb 1-1: SerialNumber: syz [ 145.210161][ T5907] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 145.219443][ T5907] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.230845][ T5907] usb 2-1: Product: syz [ 145.236388][ T5907] usb 2-1: Manufacturer: syz [ 145.242660][ T5907] usb 2-1: SerialNumber: syz [ 145.464743][ T5907] usb 2-1: 0:2 : does not exist [ 145.481242][ T5907] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 145.529033][ T5907] usb 2-1: USB disconnect, device number 3 [ 145.867354][ T7792] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 145.884114][ T7792] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 145.890160][ T7792] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 145.908889][ T7792] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 145.927155][ T7792] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 145.933703][ T7792] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 145.950464][ T7792] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 145.961279][ T7792] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 145.971968][ T7792] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 145.992138][ T7792] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 146.008971][ T5947] as10x_usb: device has been detected [ 146.018529][ T5947] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 146.030489][ T7792] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 146.044162][ T7792] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 146.058176][ T5947] usb 1-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 146.069147][ T7792] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 146.095083][ T5947] as10x_usb: error during firmware upload part1 [ 146.111989][ T5947] Registered device Elgato EyeTV DTT Deluxe [ 146.218447][ T10] usb 1-1: USB disconnect, device number 6 [ 146.288323][ T10] Unregistered device Elgato EyeTV DTT Deluxe [ 146.300781][ T10] as10x_usb: device has been disconnected [ 146.693073][ T7840] tap0: tun_chr_ioctl cmd 2147767507 [ 146.984506][ T30] audit: type=1400 audit(1749211957.893:73): lsm=SMACK fn=smack_task_setpgid action=denied subject="w" object="_" requested=w pid=7851 comm="syz.1.864" opid=7851 ocomm="syz.1.864" [ 150.624065][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 167.874065][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 202.474722][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 252.073831][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 252.080916][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P7849/1:b..l [ 252.089178][ C0] rcu: (detected by 0, t=10502 jiffies, g=19445, q=368 ncpus=2) [ 252.096929][ C0] task:syz.2.862 state:R running task stack:22952 pid:7849 tgid:7849 ppid:5831 task_flags:0x400040 flags:0x00004002 [ 252.111119][ C0] Call Trace: [ 252.114424][ C0] [ 252.117379][ C0] __schedule+0x16a2/0x4cb0 [ 252.121942][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 252.127200][ C0] ? preempt_schedule_irq+0xb5/0x150 [ 252.132523][ C0] ? __pfx_css_rstat_updated+0x10/0x10 [ 252.138007][ C0] ? __pfx___schedule+0x10/0x10 [ 252.142889][ C0] ? __pfx___calc_delta+0x10/0x10 [ 252.147952][ C0] ? preempt_schedule_irq+0xaa/0x150 [ 252.153269][ C0] preempt_schedule_irq+0xb5/0x150 [ 252.158436][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 252.164201][ C0] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 252.170034][ C0] irqentry_exit+0x6f/0x90 [ 252.174468][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 252.180471][ C0] RIP: 0010:lock_release+0x2b5/0x3e0 [ 252.185787][ C0] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 bb 38 fb 10 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e [ 252.205424][ C0] RSP: 0018:ffffc9000aa67708 EFLAGS: 00000206 [ 252.211528][ C0] RAX: b875391b2dafaa00 RBX: 0000000000000202 RCX: b875391b2dafaa00 [ 252.219518][ C0] RDX: 0000000000000003 RSI: ffffffff8db54ebc RDI: ffffffff8be1af80 [ 252.227526][ C0] RBP: ffff888028cde568 R08: 0000000000000000 R09: ffffffff81cf3396 [ 252.235524][ C0] R10: ffffc9000aa67858 R11: ffffffff81ace580 R12: 0000000000000003 [ 252.243511][ C0] R13: 0000000000000003 R14: ffffffff8e13f060 R15: ffff888028cdda00 [ 252.251589][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 252.257775][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 252.263021][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 252.268258][ C0] is_bpf_text_address+0x28d/0x2b0 [ 252.273399][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 252.278621][ C0] kernel_text_address+0xa5/0xe0 [ 252.283579][ C0] __kernel_text_address+0xd/0x40 [ 252.288623][ C0] unwind_get_return_address+0x4d/0x90 [ 252.294102][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 252.300276][ C0] arch_stack_walk+0xfc/0x150 [ 252.304994][ C0] stack_trace_save+0x9c/0xe0 [ 252.309701][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 252.315111][ C0] ? __lock_acquire+0xab9/0xd20 [ 252.319989][ C0] kasan_save_track+0x3e/0x80 [ 252.324686][ C0] ? kasan_save_track+0x3e/0x80 [ 252.329554][ C0] ? kasan_save_free_info+0x46/0x50 [ 252.334863][ C0] ? __kasan_slab_free+0x62/0x70 [ 252.339820][ C0] ? kfree+0x18e/0x440 [ 252.343901][ C0] ? __vb2_queue_free+0x906/0xb00 [ 252.348942][ C0] ? vb2_core_queue_release+0x6b/0x150 [ 252.354425][ C0] ? vb2_fop_release+0x16e/0x200 [ 252.359384][ C0] ? v4l2_release+0x1ea/0x3b0 [ 252.364097][ C0] ? __fput+0x449/0xa70 [ 252.368316][ C0] ? task_work_run+0x1d1/0x260 [ 252.373110][ C0] ? exit_to_user_mode_loop+0xec/0x110 [ 252.378585][ C0] ? do_syscall_64+0x2bd/0x3b0 [ 252.383365][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.389513][ C0] kasan_save_free_info+0x46/0x50 [ 252.394586][ C0] __kasan_slab_free+0x62/0x70 [ 252.399367][ C0] ? __vb2_queue_free+0x906/0xb00 [ 252.404405][ C0] kfree+0x18e/0x440 [ 252.408330][ C0] __vb2_queue_free+0x906/0xb00 [ 252.413226][ C0] vb2_core_queue_release+0x6b/0x150 [ 252.418546][ C0] vb2_fop_release+0x16e/0x200 [ 252.423336][ C0] v4l2_release+0x1ea/0x3b0 [ 252.427866][ C0] ? __pfx_v4l2_release+0x10/0x10 [ 252.432931][ C0] __fput+0x449/0xa70 [ 252.436940][ C0] task_work_run+0x1d1/0x260 [ 252.441558][ C0] ? __pfx_task_work_run+0x10/0x10 [ 252.446787][ C0] ? exit_to_user_mode_loop+0x40/0x110 [ 252.452273][ C0] exit_to_user_mode_loop+0xec/0x110 [ 252.457672][ C0] do_syscall_64+0x2bd/0x3b0 [ 252.462292][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 252.467516][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.473608][ C0] ? clear_bhb_loop+0x60/0xb0 [ 252.478324][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.484236][ C0] RIP: 0033:0x7f33e558e929 [ 252.488684][ C0] RSP: 002b:00007ffdf7710ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 252.497129][ C0] RAX: 0000000000000000 RBX: 0000000000023de2 RCX: 00007f33e558e929 [ 252.505126][ C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 252.513131][ C0] RBP: 00007f33e57b7ba0 R08: 0000000000000001 R09: 00000004f7710dcf [ 252.521119][ C0] R10: 00007f33e5400000 R11: 0000000000000246 R12: 00007f33e57b5fac [ 252.529104][ C0] R13: 00007f33e57b5fa0 R14: ffffffffffffffff R15: 00007ffdf7710bf0 [ 252.537119][ C0] [ 252.540153][ C0] rcu: rcu_preempt kthread starved for 10500 jiffies! g19445 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 252.551360][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 252.561341][ C0] rcu: RCU grace-period kthread stack dump: [ 252.567233][ C0] task:rcu_preempt state:R running task stack:27320 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 252.580771][ C0] Call Trace: [ 252.584057][ C0] [ 252.587007][ C0] __schedule+0x16a2/0x4cb0 [ 252.591538][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 252.596752][ C0] ? schedule+0x165/0x360 [ 252.601106][ C0] ? __lock_acquire+0xab9/0xd20 [ 252.605985][ C0] ? __pfx___schedule+0x10/0x10 [ 252.610873][ C0] ? schedule+0x91/0x360 [ 252.615134][ C0] schedule+0x165/0x360 [ 252.619312][ C0] schedule_timeout+0x12b/0x270 [ 252.624179][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 252.629563][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 252.635499][ C0] ? __pfx_process_timeout+0x10/0x10 [ 252.640809][ C0] ? prepare_to_swait_event+0x341/0x380 [ 252.646395][ C0] rcu_gp_fqs_loop+0x301/0x1540 [ 252.651297][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 252.656514][ C0] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 252.662433][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 252.667752][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 252.672980][ C0] ? finish_swait+0xcd/0x1f0 [ 252.677593][ C0] rcu_gp_kthread+0x99/0x390 [ 252.682210][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 252.687435][ C0] ? __kthread_parkme+0x7b/0x200 [ 252.692404][ C0] ? __kthread_parkme+0x1a1/0x200 [ 252.697481][ C0] kthread+0x70e/0x8a0 [ 252.701571][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 252.706816][ C0] ? __pfx_kthread+0x10/0x10 [ 252.711427][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 252.716641][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 252.721873][ C0] ? __pfx_kthread+0x10/0x10 [ 252.726479][ C0] ret_from_fork+0x3f9/0x770 [ 252.731087][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 252.736229][ C0] ? __switch_to_asm+0x39/0x70 [ 252.741002][ C0] ? __switch_to_asm+0x33/0x70 [ 252.745782][ C0] ? __pfx_kthread+0x10/0x10 [ 252.750417][ C0] ret_from_fork_asm+0x1a/0x30 [ 252.755222][ C0] [ 252.758262][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 252.764626][ C0] CPU: 0 UID: 0 PID: 7855 Comm: syz.4.865 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 252.776174][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 252.786260][ C0] RIP: 0010:smp_call_function_many_cond+0xf69/0x12d0 [ 252.792990][ C0] Code: 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 50 78 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 fb 73 0b 00 eb 37 f3 90 <43> 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 e0 73 0b [ 252.812782][ C0] RSP: 0018:ffffc9000a9e75a0 EFLAGS: 00000293 [ 252.818866][ C0] RAX: ffffffff81b4d6f0 RBX: ffff8880b863c9c0 RCX: ffff88802abe0000 [ 252.826855][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 252.834836][ C0] RBP: ffffc9000a9e7700 R08: ffffffff8f9fd6f7 R09: 1ffffffff1f3fade [ 252.842821][ C0] R10: dffffc0000000000 R11: fffffbfff1f3fadf R12: 1ffff110170e825d [ 252.850805][ C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff8880b87412e8 [ 252.858785][ C0] FS: 0000000000000000(0000) GS:ffff888125c89000(0000) knlGS:0000000000000000 [ 252.867745][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 252.874352][ C0] CR2: 000000110c3b2c97 CR3: 000000000df38000 CR4: 00000000003526f0 [ 252.882343][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 252.890333][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 252.898440][ C0] Call Trace: [ 252.901824][ C0] [ 252.904795][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 252.911150][ C0] ? kernel_text_address+0xa5/0xe0 [ 252.916278][ C0] ? __kernel_text_address+0xd/0x40 [ 252.921504][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 252.927690][ C0] ? rcu_is_watching+0x15/0xb0 [ 252.932492][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 252.937709][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 252.942853][ C0] flush_tlb_mm_range+0x6b1/0x12c0 [ 252.947994][ C0] ? free_pgd_range+0x144b/0x14c0 [ 252.953053][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 252.958624][ C0] tlb_flush_mmu+0x1a7/0x680 [ 252.963257][ C0] tlb_finish_mmu+0xc3/0x1d0 [ 252.967877][ C0] ? free_pgd_range+0x144b/0x14c0 [ 252.972933][ C0] free_ldt_pgtables+0x17b/0x320 [ 252.977903][ C0] ? __pfx_free_ldt_pgtables+0x10/0x10 [ 252.983422][ C0] ? down_read+0x1ad/0x2e0 [ 252.987868][ C0] exit_mmap+0x17c/0xb50 [ 252.992170][ C0] ? uprobe_clear_state+0x20f/0x290 [ 252.997423][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 253.002210][ C0] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 253.007881][ C0] ? __pfx_exit_aio+0x10/0x10 [ 253.012592][ C0] ? uprobe_clear_state+0x274/0x290 [ 253.017809][ C0] ? mm_update_next_owner+0xa7/0x870 [ 253.023213][ C0] __mmput+0x118/0x420 [ 253.027329][ C0] exit_mm+0x1da/0x2c0 [ 253.031428][ C0] ? __pfx_exit_mm+0x10/0x10 [ 253.036039][ C0] ? rcu_is_watching+0x15/0xb0 [ 253.040848][ C0] do_exit+0x640/0x22e0 [ 253.045033][ C0] ? preempt_schedule_common+0x83/0xd0 [ 253.050535][ C0] ? preempt_schedule+0xae/0xc0 [ 253.055417][ C0] ? __pfx_do_exit+0x10/0x10 [ 253.060032][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 253.065438][ C0] do_group_exit+0x21c/0x2d0 [ 253.070061][ C0] __x64_sys_exit_group+0x3f/0x40 [ 253.075105][ C0] x64_sys_call+0x21ba/0x21c0 [ 253.079796][ C0] do_syscall_64+0xfa/0x3b0 [ 253.084336][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 253.089564][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.095653][ C0] ? clear_bhb_loop+0x60/0xb0 [ 253.100355][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.106296][ C0] RIP: 0033:0x7fbc7398e929 [ 253.110725][ C0] Code: Unable to access opcode bytes at 0x7fbc7398e8ff. [ 253.117757][ C0] RSP: 002b:00007ffc9e618678 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 253.126200][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbc7398e929 [ 253.134205][ C0] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 253.142190][ C0] RBP: 00007ffc9e6186dc R08: 000000049e61876f R09: 00000000000927c0 [ 253.150172][ C0] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000008f [ 253.158159][ C0] R13: 00000000000927c0 R14: 0000000000023d31 R15: 00007ffc9e618730 [ 253.166172][ C0]