last executing test programs: 7.587896929s ago: executing program 4 (id=2002): syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000100)) socket$key(0xf, 0x3, 0x2) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x5, &(0x7f0000000240)=[{0x15, 0x0, 0x0, 0x1}, {0x54}, {0x6}, {0xc, 0x5, 0x7f, 0x1}, {0x6, 0x0, 0xa, 0x5}]}) socket$netlink(0x10, 0x3, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0, 0x8}, 0x8) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000003c0)=@assoc_value, &(0x7f0000000280)=0x8) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) r1 = socket(0x0, 0x5, 0x0) getpeername$packet(r1, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x29, 0xff, 0x4, 0x8, 0x29, @private0, @dev={0xfe, 0x80, '\x00', 0x18}, 0x8, 0x8007, 0x9, 0xb9}}) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000540), &(0x7f0000000580)=0x4) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x80002, 0xf4240, 0xfff8}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$unix(0x1, 0x2, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(r2, 0x6430) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x1, 0x100, 0x200, 0x0, 0x0, 0x0, 0x2004ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffd], 0xf000, 0x200}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r5, 0xae80, 0x0) 6.150795679s ago: executing program 3 (id=2127): capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)) syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x0, 0x0}, &(0x7f0000000380)="bb9374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcff}) 6.141011282s ago: executing program 1 (id=2128): socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x10, 0x3, 0x10) r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) 5.920507339s ago: executing program 3 (id=2130): r0 = syz_open_dev$vim2m(0x0, 0x10000, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15247423360608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"}) 5.861688405s ago: executing program 4 (id=2131): symlinkat(0x0, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c) 5.68864939s ago: executing program 3 (id=2133): socket$inet6(0xa, 0x3, 0x6) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) write$binfmt_script(r1, &(0x7f0000000200), 0xfffffd9d) sendfile(r0, r1, 0x0, 0x8000002b) socket$inet6_udplite(0xa, 0x2, 0x88) syz_emit_ethernet(0x4a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd600000f500140600fe8000000000000000000000000000aafe8000"], 0x0) 5.67401862s ago: executing program 4 (id=2135): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b000000", @ANYRES32=r5, @ANYBLOB="38003300c0000000e7ffffffffff080211000000"], 0x54}}, 0x0) readv(r2, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) geteuid() r6 = syz_open_dev$dri(&(0x7f0000000340), 0x5, 0x408041) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[0x0, 0x0], 0x2}) syz_emit_ethernet(0x72, &(0x7f0000000780)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "7f00ef", 0x7, 0x2c, 0x0, @remote, @mcast2, {[@hopopts={0x67, 0x4, '\x00', [@calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @calipso={0x7, 0x8}]}], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r6, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000000280)=[0x0]}) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r7}, 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000001c0)='./bus\x00') r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r8, &(0x7f0000000f80)=""/4096, 0x300) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) read$FUSE(r2, 0x0, 0x0) 5.564533031s ago: executing program 1 (id=2136): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380)) eventfd2(0xcc, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0, 0x10000}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1}) socketpair$nbd(0x1, 0x1, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r2], 0x7c}}, 0x0) r4 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=""/4091}) r5 = socket$nl_audit(0x10, 0x3, 0x9) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000480), 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}}) connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) syz_clone(0xa61a2100, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) prctl$PR_SCHED_CORE(0x24, 0x1, 0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x34, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb905000000010902220001000000000904000001010351000905030e000000000007"], 0x0) 5.216099728s ago: executing program 2 (id=2138): socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'geneve0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c000000100001042cbd704b486fee0000480000", @ANYRES32=r0, @ANYBLOB="00000000000000001400030076657468305f766c616e000000000000080004000001"], 0x3c}}, 0x0) 4.877553178s ago: executing program 2 (id=2139): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) syz_io_uring_submit(r0, 0x0, 0x0) 4.751028317s ago: executing program 0 (id=2140): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3593], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) syz_open_dev$sndctrl(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r4 = socket(0x840000000002, 0x3, 0x100) sendmmsg$inet(r4, &(0x7f0000005240), 0x264e33, 0xfffe) 4.664387565s ago: executing program 2 (id=2141): syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000100)) socket$key(0xf, 0x3, 0x2) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x5, &(0x7f0000000240)=[{0x15, 0x0, 0x0, 0x1}, {0x54}, {0x6}, {0xc, 0x5, 0x7f, 0x1}, {0x6, 0x0, 0xa, 0x5}]}) socket$netlink(0x10, 0x3, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0, 0x8}, 0x8) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000003c0)=@assoc_value, &(0x7f0000000280)=0x8) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) r1 = socket(0x15, 0x0, 0x0) getpeername$packet(r1, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x29, 0xff, 0x4, 0x8, 0x29, @private0, @dev={0xfe, 0x80, '\x00', 0x18}, 0x8, 0x8007, 0x9, 0xb9}}) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000540), &(0x7f0000000580)=0x4) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x80002, 0xf4240, 0xfff8}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$unix(0x1, 0x2, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(r2, 0x6430) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x1, 0x100, 0x200, 0x0, 0x0, 0x0, 0x2004ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffd], 0xf000, 0x200}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r5, 0xae80, 0x0) 4.409902503s ago: executing program 3 (id=2142): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000000c0)=@abs, 0x6e) creat(&(0x7f0000000000)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) 3.95994484s ago: executing program 4 (id=2143): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r3) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) ioctl$TCGETA(0xffffffffffffffff, 0x5405, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, 0x0}) r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0x6611, 0x0) 3.668223933s ago: executing program 0 (id=2144): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x1c}}, 0x0) socket(0x10, 0x3, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0x980914, 0x8}) 3.36818591s ago: executing program 3 (id=2145): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) socket$nl_route(0x10, 0x3, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) 3.116483016s ago: executing program 0 (id=2146): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e640000000014000280050001000400000008001900ffff8099774e089e0b5b8d24709c498bc9cc7f60fdc26a47fb20621c5f5d4452fdb6230eac3605e1fa4a7bf18ea04200155e27fe0b0000f3eb83bbb0116040b069cf846f66db7aac4b4a03a45e161c89c8ae475d1a110e84a0904eca0e9a2c90d8eebbff14cbbc381ba9565ba7caa9ad116680fc53d13213126d649fd82dca9e3406111c1fdaed8e038001"], 0x44}}, 0x0) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e1f0a00"], 0x22) syz_emit_vhci(&(0x7f00000001c0)=ANY=[], 0x7) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r1, r0, &(0x7f0000002080)=0x64, 0x23b) socket$caif_seqpacket(0x25, 0x5, 0x4) syz_open_dev$vcsa(&(0x7f0000000140), 0x8000000000000000, 0x48014a05a278c2e) socket(0x10, 0x3, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001380)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r3, r2, &(0x7f0000002080)=0x64, 0x23b) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB, @ANYRES32=r5, @ANYBLOB="20005a801c0003800400020014000300"/28], 0x3c}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) syz_emit_ethernet(0x216, &(0x7f0000000880)={@local, @link_local, @void, {@ipv4={0x800, @dccp={{0x31, 0x4, 0x3, 0x18, 0x208, 0x64, 0x0, 0x1, 0x21, 0x0, @dev, @loopback, {[@rr={0x7, 0x7, 0xed, [@multicast2]}, @rr={0x7, 0xf, 0xd7, [@broadcast, @multicast2, @local]}, @timestamp={0x44, 0x4, 0xea, 0x0, 0x2}, @cipso={0x86, 0x3f, 0xffffffffffffffff, [{0x1, 0xf, "a6bb74c4f73acd320e52909f89"}, {0x7, 0x8, "6cfa90cf6248"}, {0x0, 0x11, "37b5bc499cb208729f3ff09b4de2af"}, {0x1, 0x11, "e0f579ee065be7c072aa19af3a5e68"}]}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x2c, 0xa4, 0x1, 0x8, [{@remote, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, {@empty, 0x3}, {@private=0xa010100, 0x6}, {@dev={0xac, 0x14, 0x14, 0x34}, 0xb6}]}, @end, @rr={0x7, 0x13, 0x0, [@multicast1, @empty, @local, @dev]}, @generic={0x44, 0x12, "bd0f8788f46f4ecd495f55a4231bc1fd"}]}}, {{0x4e22, 0x4e24, 0x4, 0x1, 0xd, 0x0, 0x0, 0x7, 0x1, "916e7f", 0xfa, "2cc8f6"}, "280cbefed41bfe2cb66602a6412a4bfd8167c13d54ac918e4a2ec8b9b80d8742ba3e665acd8d092c4c31f8fdf5d12c015bae97841a9dee6d261547f5611fd59fb7b20ca4e757e10151f3f87f62ddc3757ce324ca47231d8417e0c9f305e7d4c5d6c4311a6d023af7eaa1b52eb4b8dddb246df797664e83a2629ae85dc3979068b6db51563e41c18b26e6080827e5799b7e7aee04c2a9ccb598b500c9c568cfb8567c751fbc5102897dc2823b8f5940c07d70324b4bcc94ba29fe170bf3144fdb854e64854abdc090aedd5353839ffe0557d1a32d888c9c9f4881c7c0a9d54aea02293a468e32548515f234606051dd2cdab9de9aa7a4ac0544b0c4d5c6cb681e7980ec0b7a54ef8a21d8bd74d6e69edde2b2f19568c8a7510300d309000000ec37324dd67f04257e995a36dcd855b37be3509187"}}}}}, 0x0) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) socket$nl_generic(0x10, 0x3, 0x10) 2.515401154s ago: executing program 4 (id=2147): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c0004"], 0x54}}, 0x0) 2.408525331s ago: executing program 2 (id=2148): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1de6b9}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r2, 0x3ba0, &(0x7f0000000340)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x293528}) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000100), 0x1000a) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r5, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r2, 0x3ba0, &(0x7f0000000240)={0x48}) 2.316607468s ago: executing program 3 (id=2149): syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110f"], 0x14) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xca, &(0x7f00000000c0)={{0xa, 0x1000, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socket$inet6(0xa, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48) r1 = socket(0x10, 0x3, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, 0x0) read$char_usb(r2, &(0x7f0000000100)=""/169, 0xa9) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r4, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000000500)="03b7a2140f2db0465b891bcd", 0xc}, {&(0x7f0000000580)="cf331e07c105bf672c260fa137c3d4dc586ccb95da192511557e42e7087d16892ecd9745f92f68147947dbe493a95c9dbde28fa1a3b448194308f8e087", 0x3d}], 0x2}, 0x0) openat2(r2, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)={0x101800, 0x10}, 0x18) inotify_add_watch(r2, &(0x7f00000002c0)='./file0\x00', 0x80000001) setsockopt$sock_attach_bpf(r3, 0x1, 0x21, &(0x7f0000000540), 0x4) sendmsg$inet(r4, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x24, &(0x7f00000003c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) readlink(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x0) write(r1, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14) recvmmsg(r1, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) 2.25521921s ago: executing program 4 (id=2150): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400}) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) close(r1) 2.160330889s ago: executing program 1 (id=2151): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10) syz_io_uring_submit(r0, 0x0, 0x0) 2.084622768s ago: executing program 0 (id=2152): socket$inet6(0xa, 0x3, 0x6) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) write$binfmt_script(r1, &(0x7f0000000200), 0xfffffd9d) sendfile(r0, r1, 0x0, 0x8000002b) socket$inet6_udplite(0xa, 0x2, 0x88) syz_emit_ethernet(0x4a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd600000f500140600fe8000000000000000000000000000aafe8000"], 0x0) 2.04169588s ago: executing program 2 (id=2153): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf67000000000000160602000fff52007607000010000000d60600000ee60000bf050000000000001f63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070400000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999f9d60bb39d0af449deaa27ea949e8f9000d885dfea2783835e29eb532ba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f2686ee970d6482a2e7ddbf51c74ccac1c7b21bde7d1af255d6ebff9bff35e3888a0e356d82e43407a6d7fa94b2100204000000000000009ab62d7b07ba0a71a72145edade9941f04000000000000004ea9e4c70ef8b7407740ab3312edee62a4dc2fc85755d387bfa1bc8eb71fbe11b2216cc8d1f0160c237d929b49da28724b95555b74be2f76fb5f330b015a68587a75c01300"/467], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffe1}, 0x48) 1.927435039s ago: executing program 2 (id=2154): bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x13, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095002000000000000500000000000099782000000000000077f32f261d3a3c472d82528218600000fdffffff0000000003000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffa2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f00000001c0)=0x8, 0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e6400000000180002801400088008"], 0x48}}, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x2, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="070000000000000000000c00000008000300", @ANYRES32=r3, @ANYBLOB="0a00060008021100000000002c0050800400050011000100cabee339084eeef16f162471f40000000800070000000000050002"], 0x54}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, 0x0, &(0x7f0000000080)) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000480)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000180)={r7}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000002780)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000080)={r8, 0x3, r6, 0x5}) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2000000001090108000100000000000005000002efff04800800014000000007"], 0x20}, 0x1, 0x0, 0x0, 0x44801}, 0x804) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) sendmsg$TIPC_CMD_ENABLE_BEARER(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000000100000000200000014100000018001700000000000000007564703a73797a3100000000"], 0x34}, 0x1, 0x0, 0x0, 0x20040044}, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) 1.876034319s ago: executing program 1 (id=2155): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000000c0)=@abs, 0x6e) creat(&(0x7f0000000000)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) 1.708184181s ago: executing program 1 (id=2156): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)={0x1c, r1, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x1c}}, 0x0) socket(0x10, 0x3, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0x980914, 0x8}) 1.340395676s ago: executing program 1 (id=2157): r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501"], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f0000000040)=ANY=[]) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r2, 0x0, 0x0) 1.104923727s ago: executing program 0 (id=2158): syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000100)) socket$key(0xf, 0x3, 0x2) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x5, &(0x7f0000000240)=[{0x15, 0x0, 0x0, 0x1}, {0x54}, {0x6}, {0xc, 0x5, 0x7f, 0x1}, {0x6, 0x0, 0xa, 0x5}]}) socket$netlink(0x10, 0x3, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0, 0x8}, 0x8) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000003c0)=@assoc_value, &(0x7f0000000280)=0x8) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) r1 = socket(0x15, 0x0, 0x0) getpeername$packet(r1, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x29, 0xff, 0x4, 0x8, 0x29, @private0, @dev={0xfe, 0x80, '\x00', 0x18}, 0x8, 0x8007, 0x9, 0xb9}}) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000540), &(0x7f0000000580)=0x4) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x80002, 0xf4240, 0xfff8}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$unix(0x1, 0x2, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(r2, 0x6430) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x1, 0x100, 0x200, 0x0, 0x0, 0x0, 0x2004ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffd], 0xf000, 0x200}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r5, 0xae80, 0x0) 0s ago: executing program 0 (id=2159): r0 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x19, {0xa, 0x0, 0x0, @loopback}}, 0x24) r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000459bb240580403500000000000010902"], 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) madvise(&(0x7f0000885000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0xb, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xa) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'vcan0\x00'}) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f00001f1000/0x4000)=nil, 0x2948, &(0x7f0000000380)='\xde@\x1c\x17sc\x9a\x99\xeb\x9b\xb7\x04\xa05c*?+\xea\x82\x1f\x8c\x999t\xc8\xe7\xb6\xf3\x95\b$m?\xb4\x8f/\xdc\xe8-\xe3DLH\xc4\xcblM\xdd\xac\xff\x02\xf9r\t\xe4\x90\xef\x88\x86e\xcax\xce\xd6\xb8\xe17\x05U^\xe9\xe3\x87\xa4i)u\xe23I\x19j\xb2w\xf2\xd8\x8a\xed\x9f$\x15\xf7\xb8i0\x85\xa4\x80\xa3\x16tA\x91w;K5\r\xbdn\xd5\xf6\x14m\x02\x8e\xbfQo\xaa0\x7f\x0f\x02\x0f\xa3Y\x86\xc2)\xaf\x1e\x03:\xb7\x05\xb6\r\x83\x83@\xf6\xd7\xaf\x1e\x88\x19\xbb\x86\x1d\x87\xd4\xfcE\xb8\xde\x00J\xffl6\xce\x87\x1c]E\xdc\xb0\x90\x04p\xaabYw\xf4\xd0\xda\x15\xe8L\xdf\xc5\xf2\x89XN\xc2~\x91my\xd3\xf3\xb1U\xec\xe91\xe4\x9c\xf5uK\xa2\x19B\x1a\xcb(\x92\x1cT\xb2\xc4\a3G\"\x96\xb3\xd6\xcb_\xc4\xdcf\xcc5E\x1d\x1e=\x9d\xa8\xac\xfc\xb4\xc3\x1d+\xed\xfa\xe2\xfe\xf4$B\xca\x8c\xa16\xf0\xe6\x93\xbdU\x95|o\xe2>Y\xe6v\x8d\x1f\xe9\xea\xe22\xd8L\x03\x00\xf2\xe3\x8d\xa5r\xc9N\\\x8b\x8c\xb9\xa1\x9c\xff\x7f\xd5(\x85\xfa\t\xd3\xa2{\tog\xd0\n\n\xe6y^u\x83\x94\x9c\xcd\x83\x86\xf0\x1b9\xd1%?\x10\x13\x81\xb3)\x9e\x85\xb0\x84Ds\xaa\x82.\xf1%\xcb>\xb1E\xf0GV\xc8\x03\xe4\xde\x1c=\x8b\xab\x7f\xe5n\xb7\xdc:\xc9\x1a\x83\x808cu\x0fU\xb1\xb8\x05h\xc9D9^\b%pu\x03UGn}\xb5\x03\x82\x01\xf4\x86\xe9{\xd1e\n+&\xeema\r\x84$\xa7t&\xc5U\xf5\x19T\x83\xbc\x02\x87\xd0\xd8\x9e\xbe\x9d#W\x0f\xc9u\t\xf9r\xea\xe7\x8f\x01\x92v;\xe9bN \xc5\x03/f%*\xa4\xbf\fh\xba\xa3\xbek\xcc\x97M\xe5\x16XYtp') socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e04001a0c0001fc51a9ba606138d82f387e4d404718c19ec19d63d13b71b6acd3"], 0x7) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000000c0)="0bbb268dd6ffb80800000000800000000000210d0000aaa8fa0137b546f06942b6977242ba9380d4100000000000", 0x2e) socket$packet(0x11, 0x0, 0x300) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000001440)={&(0x7f0000a88000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x3000}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r5 = openat(r4, &(0x7f0000000200)='./cgroup\x00', 0x20000, 0x32) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup, 0xffffffffffffffff, 0x34, 0x0, 0x0, @prog_fd=r5}, 0x20) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='ns\x00') syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02000100"/17], 0x11) syz_open_dev$dri(&(0x7f0000000a80), 0x0, 0x0) kernel console output (not intermixed with test programs): 257.161446][ T4869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.199381][ T4869] usb 4-1: invalid MIDI in EP 0 [ 257.451801][ T8186] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 257.472074][ T4869] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 257.513683][ T4869] usb 4-1: USB disconnect, device number 21 [ 257.730153][ T5101] udevd[5101]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 257.989758][ T8195] netlink: 28 bytes leftover after parsing attributes in process `syz.0.955'. [ 258.368927][ T8202] usb usb8: usbfs: process 8202 (syz.1.958) did not claim interface 0 before use [ 258.777346][ T8216] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 259.263106][ T8245] usb usb8: usbfs: process 8245 (syz.0.972) did not claim interface 0 before use [ 260.266676][ T8283] syz.4.988 uses obsolete (PF_INET,SOCK_PACKET) [ 261.479833][ T8308] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 261.507996][ T8308] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 261.548580][ T8312] netlink: 28 bytes leftover after parsing attributes in process `syz.1.998'. [ 261.784257][ T8324] tipc: Enabling of bearer rejected, failed to enable media [ 261.873814][ T8332] Invalid option length (1048373) for dns_resolver key [ 261.987614][ T8338] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1007'. [ 262.548074][ T46] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 262.749114][ T46] usb 4-1: Using ep0 maxpacket: 32 [ 262.790352][ T46] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 262.821458][ T46] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 262.858305][ T46] usb 4-1: too many endpoints for config 1 interface 0 altsetting 255: 228, using maximum allowed: 30 [ 262.892779][ T46] usb 4-1: config 1 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 228 [ 262.932096][ T46] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 262.947191][ T46] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 262.977776][ T46] usb 4-1: config 1 interface 0 has no altsetting 1 [ 262.984454][ T46] usb 4-1: config 1 interface 1 has no altsetting 0 [ 263.036677][ T46] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 263.084850][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.107777][ T46] usb 4-1: Product: syz [ 263.112039][ T46] usb 4-1: Manufacturer: syz [ 263.114033][ T8370] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 263.135065][ T46] usb 4-1: SerialNumber: syz [ 263.166548][ T8370] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 263.284485][ T8370] tipc: Enabling of bearer rejected, failed to enable media [ 263.383178][ T8380] Invalid option length (1048373) for dns_resolver key [ 263.410829][ T46] usb 4-1: selecting invalid altsetting 0 [ 263.448757][ T46] usb 4-1: selecting invalid altsetting 0 [ 263.477903][ T46] cdc_ncm 4-1:1.0: bind() failure [ 263.493493][ T8387] binder: 8384:8387 ioctl 4018620d 0 returned -22 [ 263.510914][ T46] usb 4-1: selecting invalid altsetting 0 [ 263.524155][ T46] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -22 [ 263.545760][ T46] usb 4-1: selecting invalid altsetting 0 [ 263.559552][ T46] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -22 [ 263.586816][ T46] usb 4-1: selecting invalid altsetting 0 [ 263.652072][ T46] usbtest 4-1:1.1: probe with driver usbtest failed with error -22 [ 263.681471][ T46] usb 4-1: USB disconnect, device number 22 [ 265.237549][ T8413] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 265.254498][ T8416] binder: 8415:8416 ioctl 4018620d 0 returned -22 [ 265.282232][ T8413] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 265.425425][ T8423] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1042'. [ 265.502335][ T8418] tipc: Enabling of bearer rejected, failed to enable media [ 265.878108][ T46] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 266.124033][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 266.160476][ T46] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 266.177174][ T46] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 266.193133][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.220908][ T46] usb 5-1: config 0 descriptor?? [ 266.252575][ T46] gspca_main: spca561-2.14.0 probing abcd:cdee [ 266.441852][ T8446] binder: 8445:8446 unknown command 0 [ 266.470439][ T8446] binder: 8445:8446 ioctl c0306201 20000340 returned -22 [ 266.795443][ T46] spca561 5-1:0.0: probe with driver spca561 failed with error -22 [ 266.809309][ T46] usb 5-1: MIDIStreaming interface descriptor not found [ 266.897620][ T8454] binder: 8452:8454 ioctl 4018620d 0 returned -22 [ 267.478641][ T58] usb 5-1: USB disconnect, device number 26 [ 267.661508][ T8477] binder: 8476:8477 unknown command 0 [ 267.666965][ T8477] binder: 8476:8477 ioctl c0306201 20000340 returned -22 [ 267.788141][ T46] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 267.990311][ T46] usb 3-1: Using ep0 maxpacket: 8 [ 268.009247][ T46] usb 3-1: config 0 has no interfaces? [ 268.024666][ T46] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 268.049321][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.068981][ T46] usb 3-1: Product: syz [ 268.090456][ T46] usb 3-1: Manufacturer: syz [ 268.095135][ T46] usb 3-1: SerialNumber: syz [ 268.117561][ T46] usb 3-1: config 0 descriptor?? [ 268.356405][ T46] usb 3-1: USB disconnect, device number 35 [ 268.737514][ T8504] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 268.748984][ T8504] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 268.912834][ T8509] binder: 8506:8509 unknown command 0 [ 268.918889][ T8509] binder: 8506:8509 ioctl c0306201 20000340 returned -22 [ 268.931841][ T29] audit: type=1326 audit(1721519178.474:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8508 comm="syz.1.1072" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x0 [ 268.958479][ T8511] tipc: Enabling of bearer rejected, failed to enable media [ 269.084430][ T8514] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 269.228907][ T5107] Bluetooth: hci5: command 0x0406 tx timeout [ 270.156698][ T8541] binder: 8540:8541 unknown command 0 [ 270.187396][ T8541] binder: 8540:8541 ioctl c0306201 20000340 returned -22 [ 270.691662][ T8555] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 270.750813][ T8555] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 270.756301][ T8557] netlink: 'syz.2.1094': attribute type 3 has an invalid length. [ 270.799915][ T8557] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1094'. [ 270.868206][ T5148] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 270.950539][ T8558] tipc: Enabling of bearer rejected, failed to enable media [ 271.067999][ T5148] usb 1-1: Using ep0 maxpacket: 8 [ 271.082696][ T5148] usb 1-1: config 0 has no interfaces? [ 271.096445][ T5148] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 271.121529][ T5148] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.129275][ T8572] binder: 8571:8572 unknown command 0 [ 271.139000][ T5148] usb 1-1: Product: syz [ 271.145011][ T8572] binder: 8571:8572 ioctl c0306201 20000340 returned -22 [ 271.147889][ T5148] usb 1-1: Manufacturer: syz [ 271.167740][ T5148] usb 1-1: SerialNumber: syz [ 271.191312][ T5148] usb 1-1: config 0 descriptor?? [ 271.424306][ T5148] usb 1-1: USB disconnect, device number 31 [ 272.083422][ T8591] netlink: 'syz.3.1107': attribute type 3 has an invalid length. [ 272.106214][ T8591] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1107'. [ 272.223544][ T5148] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 272.567980][ T5148] usb 2-1: Using ep0 maxpacket: 32 [ 272.588771][ T5148] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 272.627143][ T5148] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 275.323614][ T8602] sched: RT throttling activated [ 276.384021][ T5148] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 276.449061][ T5148] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 276.517986][ T5148] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 276.548046][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1112'. [ 276.595404][ T5148] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 276.619048][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1112'. [ 276.700622][ T5148] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 276.789122][ T5148] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.832123][ T5148] usb 2-1: config 0 descriptor?? [ 276.849468][ T5148] usb 2-1: can't set config #0, error -71 [ 276.879960][ T5148] usb 2-1: USB disconnect, device number 19 [ 277.027044][ T8609] tipc: Enabling of bearer rejected, failed to enable media [ 277.048769][ T8631] netlink: 'syz.3.1119': attribute type 9 has an invalid length. [ 277.057615][ T8631] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1119'. [ 277.162268][ T8632] netlink: 'syz.3.1119': attribute type 9 has an invalid length. [ 277.196874][ T8632] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1119'. [ 277.638335][ T58] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 277.929444][ T58] usb 5-1: Using ep0 maxpacket: 8 [ 278.107242][ T58] usb 5-1: config 0 has no interfaces? [ 278.127442][ T58] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 278.177816][ T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.229249][ T58] usb 5-1: Product: syz [ 278.243989][ T58] usb 5-1: Manufacturer: syz [ 278.269939][ T58] usb 5-1: SerialNumber: syz [ 278.319449][ T58] usb 5-1: config 0 descriptor?? [ 278.458991][ T8656] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1127'. [ 278.469920][ T8656] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1127'. [ 278.488027][ T5148] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 278.561653][ T46] usb 5-1: USB disconnect, device number 27 [ 278.678494][ T5148] usb 4-1: Using ep0 maxpacket: 32 [ 278.731600][ T8662] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1130'. [ 278.745162][ T5148] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 278.758446][ T8662] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.767975][ T8662] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.776706][ T8662] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.785507][ T8662] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 278.799300][ T8662] vxlan0: entered promiscuous mode [ 278.808272][ T5148] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 278.860160][ T5148] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 278.883257][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 278.897641][ T5148] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 278.910741][ T5148] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 278.931488][ T5148] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 278.952450][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.963999][ T5148] usb 4-1: config 0 descriptor?? [ 279.026197][ T8664] tipc: Enabling of bearer rejected, failed to enable media [ 279.193210][ T5148] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 23 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 279.219977][ T5148] usb 4-1: USB disconnect, device number 23 [ 279.274810][ T5148] usblp0: removed [ 279.740171][ T8690] netlink: 'syz.2.1139': attribute type 10 has an invalid length. [ 279.763756][ T8690] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1139'. [ 279.789257][ T5148] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 279.793641][ T8690] A link change request failed with some changes committed already. Interface nlmon0 may have been left with an inconsistent configuration, please check. [ 280.008338][ T5148] usb 4-1: Using ep0 maxpacket: 32 [ 280.049865][ T5148] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 280.076687][ T8701] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1143'. [ 280.078186][ T5148] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 280.103668][ T5148] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 280.113660][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 280.126778][ T5148] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 280.137478][ T5148] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 280.156927][ T5148] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 280.166867][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.218109][ T5148] usb 4-1: config 0 descriptor?? [ 280.475242][ T5148] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 24 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 280.507788][ T46] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 280.730881][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 280.758929][ T46] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 280.807835][ T46] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 280.827608][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.875449][ T46] usb 5-1: config 0 descriptor?? [ 280.896504][ T46] gspca_main: spca561-2.14.0 probing abcd:cdee [ 281.433156][ T46] spca561 5-1:0.0: probe with driver spca561 failed with error -22 [ 281.465991][ T46] usb 5-1: MIDIStreaming interface descriptor not found [ 281.565115][ T8731] tipc: Enabling of bearer rejected, failed to enable media [ 281.895266][ T8745] netlink: 'syz.0.1156': attribute type 10 has an invalid length. [ 281.917597][ T5145] usb 4-1: USB disconnect, device number 24 [ 281.917807][ T8745] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1156'. [ 281.954197][ T5145] usblp0: removed [ 281.966656][ T8745] nlmon0: entered promiscuous mode [ 281.999650][ T8745] nlmon0: entered allmulticast mode [ 282.052249][ T8745] A link change request failed with some changes committed already. Interface nlmon0 may have been left with an inconsistent configuration, please check. [ 282.223366][ T8] usb 5-1: USB disconnect, device number 28 [ 283.303597][ T8780] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 283.499077][ T5145] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 283.553429][ T8785] tipc: Enabling of bearer rejected, failed to enable media [ 283.599857][ T8790] pim6reg1: entered promiscuous mode [ 283.620182][ T8790] pim6reg1: entered allmulticast mode [ 283.707759][ T5145] usb 1-1: Using ep0 maxpacket: 8 [ 283.725495][ T5145] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 283.748719][ T5145] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.794340][ T5145] usb 1-1: config 0 descriptor?? [ 284.139197][ T8799] Driver unsupported XDP return value 0 on prog (id 179) dev N/A, expect packet loss! [ 284.258918][ T5145] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32 [ 284.292934][ T5145] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffe0 [ 284.323669][ T8803] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1177'. [ 284.328250][ T5145] asix 1-1:0.0: probe with driver asix failed with error -32 [ 284.708837][ T5148] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 284.959895][ T5148] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 284.995149][ T5148] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 285.029110][ T5148] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 285.056364][ T5148] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.092983][ T5148] usb 2-1: config 0 descriptor?? [ 285.133682][ T5148] gspca_main: spca561-2.14.0 probing abcd:cdee [ 285.331638][ T5148] spca561 2-1:0.0: probe with driver spca561 failed with error -22 [ 285.351361][ T5148] usb 2-1: MIDIStreaming interface descriptor not found [ 285.476372][ T5148] usb 2-1: USB disconnect, device number 20 [ 285.809423][ T8613] udevd[8613]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 285.923266][ T8846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1192'. [ 285.965811][ T8846] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1192'. [ 286.296629][ T46] usb 1-1: USB disconnect, device number 32 [ 286.532884][ T8863] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 287.371500][ T8886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1207'. [ 287.406780][ T8886] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1207'. [ 289.877880][ T8] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 290.080081][ T8] usb 5-1: config 0 has no interfaces? [ 290.104117][ T8] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 290.127280][ T8956] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1236'. [ 290.150562][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.219284][ T8] usb 5-1: config 0 descriptor?? [ 291.252707][ T8971] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1241'. [ 291.577904][ T46] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 291.621549][ T8983] netlink: 'syz.3.1246': attribute type 3 has an invalid length. [ 291.648674][ T54] Bluetooth: hci2: unexpected event for opcode 0x0c1a [ 291.760248][ T54] Bluetooth: hci2: ACL packet for unknown connection handle 256 [ 291.805365][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 291.815557][ T46] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 291.826664][ T46] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 291.836543][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.849324][ T46] usb 1-1: config 0 descriptor?? [ 291.879839][ T46] gspca_main: spca561-2.14.0 probing abcd:cdee [ 292.088197][ T8990] netlink: 'syz.3.1249': attribute type 9 has an invalid length. [ 292.106675][ T8990] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1249'. [ 292.293535][ T46] spca561 1-1:0.0: probe with driver spca561 failed with error -22 [ 292.294381][ T8991] netlink: 'syz.3.1249': attribute type 9 has an invalid length. [ 292.303729][ T46] usb 1-1: MIDIStreaming interface descriptor not found [ 292.431181][ T8991] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1249'. [ 292.931628][ T46] usb 1-1: USB disconnect, device number 33 [ 293.134252][ T25] usb 5-1: USB disconnect, device number 29 [ 293.394553][ T8613] udevd[8613]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 293.952375][ T9018] syz.3.1259: attempt to access beyond end of device [ 293.952375][ T9018] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 293.994189][ T9018] FAT-fs (loop7): unable to read boot sector [ 294.212066][ T9023] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1260'. [ 294.580989][ T9031] netlink: 'syz.1.1263': attribute type 3 has an invalid length. [ 294.619003][ T9031] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1263'. [ 294.637827][ T25] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 294.808023][ T46] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 294.850403][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 294.874201][ T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 294.882873][ T9037] binder: 9036:9037 ioctl c0306201 0 returned -14 [ 294.911222][ T9037] binder: 9036:9037 unknown command 0 [ 294.917151][ T9037] binder: 9036:9037 ioctl c0306201 20000340 returned -22 [ 294.924396][ T25] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 294.924431][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.937243][ T25] usb 4-1: config 0 descriptor?? [ 295.000648][ T25] gspca_main: spca561-2.14.0 probing abcd:cdee [ 295.030006][ T46] usb 1-1: config 0 has no interfaces? [ 295.051037][ T46] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 295.097270][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.141744][ T46] usb 1-1: config 0 descriptor?? [ 295.203881][ T25] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 295.249444][ T25] usb 4-1: MIDIStreaming interface descriptor not found [ 295.338184][ T25] usb 4-1: USB disconnect, device number 25 [ 295.679006][ T8607] udevd[8607]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 295.710030][ T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 295.719200][ T54] Bluetooth: hci2: Injecting HCI hardware error event [ 295.729850][ T5107] Bluetooth: hci2: hardware error 0x00 [ 296.013630][ T54] Bluetooth: hci5: unexpected event for opcode 0x0c1a [ 296.087267][ T54] Bluetooth: hci5: ACL packet for unknown connection handle 256 [ 296.588081][ T5178] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 296.800416][ T5178] usb 5-1: Using ep0 maxpacket: 32 [ 296.817039][ T5178] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 296.818411][ T9068] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1278'. [ 296.839393][ T5178] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 296.867410][ T5178] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 296.898994][ T5178] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 296.930040][ T5178] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 296.953859][ T5178] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 296.968641][ T5178] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 297.000842][ T5178] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.029858][ T5178] usb 5-1: config 0 descriptor?? [ 297.282262][ T5178] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 297.388379][ T5178] usb 5-1: USB disconnect, device number 30 [ 297.483423][ T5178] usblp0: removed [ 297.867895][ T5107] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 297.956282][ T5148] usb 1-1: USB disconnect, device number 34 [ 298.044449][ T5178] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 298.279558][ T5178] usb 5-1: Using ep0 maxpacket: 32 [ 298.313939][ T5178] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 298.330471][ T5178] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 298.345485][ T5178] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 298.357045][ T5178] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 298.367620][ T5178] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 298.382322][ T5178] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 298.401277][ T5178] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 298.433725][ T5178] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.483344][ T5178] usb 5-1: config 0 descriptor?? [ 298.848193][ T5178] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 31 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 298.914450][ T9104] binder: 9101:9104 unknown command 0 [ 298.942293][ T9104] binder: 9101:9104 ioctl c0306201 20000340 returned -22 [ 299.193756][ T9110] syz.2.1292[9110] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 299.193956][ T9110] syz.2.1292[9110] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 299.450557][ T4869] usb 5-1: USB disconnect, device number 31 [ 299.488584][ T4869] usblp0: removed [ 299.532518][ T9114] pim6reg1: entered promiscuous mode [ 299.555830][ T9114] pim6reg1: entered allmulticast mode [ 300.029141][ T5107] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 300.038199][ T5107] Bluetooth: hci5: Injecting HCI hardware error event [ 300.101437][ T54] Bluetooth: hci5: hardware error 0x00 [ 300.657099][ T9130] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1299'. [ 301.027865][ T9139] binder: 9138:9139 unknown command 0 [ 301.048372][ T9139] binder: 9138:9139 ioctl c0306201 20000340 returned -22 [ 301.922519][ T9163] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1311'. [ 302.226537][ T8] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 302.335521][ T9174] binder: 9172:9174 unknown command 0 [ 302.357894][ T9174] binder: 9172:9174 ioctl c0306201 20000340 returned -22 [ 302.449187][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 302.478084][ T8] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 302.508304][ T54] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 302.548339][ T8] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 303.230243][ T54] Bluetooth: hci4: command 0x0406 tx timeout [ 303.285378][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 303.297788][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 303.308981][ T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 303.319123][ T8] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 303.347905][ T8] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 303.357119][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.402839][ T9184] netlink: 'syz.4.1321': attribute type 9 has an invalid length. [ 303.412358][ T9184] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.1321'. [ 303.510554][ T8] usb 1-1: config 0 descriptor?? [ 303.702290][ T9187] netlink: 'syz.4.1321': attribute type 9 has an invalid length. [ 303.715693][ T9187] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.1321'. [ 303.762238][ T8] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 35 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 303.781192][ T9196] ieee802154 phy0 wpan0: encryption failed: -22 [ 303.845340][ T8] usb 1-1: USB disconnect, device number 35 [ 303.877722][ T8] usblp0: removed [ 304.875344][ T9212] binder: 9209:9212 unknown command 0 [ 304.908000][ T9212] binder: 9209:9212 ioctl c0306201 20000340 returned -22 [ 305.089288][ T8] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 305.487301][ T9240] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1340'. [ 305.542024][ T9240] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1340'. [ 307.045092][ T9263] binder: 9258:9263 unknown command 0 [ 307.062234][ T9263] binder: 9258:9263 ioctl c0306201 20000340 returned -22 [ 307.194958][ T9268] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1351'. [ 307.242953][ T9261] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 307.958143][ T9298] binder: 9297:9298 unknown command 0 [ 307.969073][ T9298] binder: 9297:9298 ioctl c0306201 20000340 returned -22 [ 308.152426][ T9308] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1369'. [ 308.545525][ T9326] 9pnet_fd: Insufficient options for proto=fd [ 308.869235][ T9336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1379'. [ 309.105601][ T9346] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1384'. [ 309.227535][ T9352] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 309.434388][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1392'. [ 309.889226][ T9388] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1401'. [ 310.468941][ T9421] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1416'. [ 311.137987][ T9453] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1429'. [ 311.323312][ T9462] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1432'. [ 311.373360][ T9463] tipc: Enabling of bearer rejected, failed to enable media [ 311.398499][ T9462] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 311.470999][ T9466] ieee802154 phy0 wpan0: encryption failed: -90 [ 311.719005][ T9479] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1440'. [ 312.076855][ T9492] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 312.089600][ T8] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 312.104233][ T9496] netlink: 'syz.2.1446': attribute type 9 has an invalid length. [ 312.256816][ T9501] ieee802154 phy0 wpan0: encryption failed: -90 [ 312.309879][ T9499] netlink: 'syz.2.1446': attribute type 9 has an invalid length. [ 312.358967][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 312.368340][ T9499] __nla_validate_parse: 2 callbacks suppressed [ 312.368364][ T9499] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1446'. [ 312.404585][ T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 312.467981][ T8] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 312.503721][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.525460][ T8] usb 1-1: config 0 descriptor?? [ 312.547606][ T8] gspca_main: spca561-2.14.0 probing abcd:cdee [ 313.089067][ T8] spca561 1-1:0.0: probe with driver spca561 failed with error -22 [ 313.113466][ T8] usb 1-1: MIDIStreaming interface descriptor not found [ 313.202104][ T9516] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1453'. [ 313.231132][ T9519] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1455'. [ 313.490398][ T9528] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1458'. [ 313.538618][ T9525] tipc: Enabling of bearer rejected, failed to enable media [ 313.686728][ T9532] ieee802154 phy0 wpan0: encryption failed: -90 [ 313.730447][ T8] usb 1-1: USB disconnect, device number 37 [ 314.156631][ T9547] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 314.175879][ T9553] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1466'. [ 314.309981][ T9558] ieee802154 phy0 wpan0: encryption failed: -22 [ 314.582366][ T9566] ieee802154 phy0 wpan0: encryption failed: -90 [ 314.622855][ T9563] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1471'. [ 314.645683][ T9567] netlink: 'syz.0.1470': attribute type 11 has an invalid length. [ 314.711262][ T9567] netlink: 'syz.0.1470': attribute type 53 has an invalid length. [ 315.055208][ T9578] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1479'. [ 315.089586][ T9580] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1477'. [ 315.193551][ T9584] ieee802154 phy0 wpan0: encryption failed: -22 [ 315.336173][ T9593] ieee802154 phy0 wpan0: encryption failed: -90 [ 315.343986][ T9590] tipc: Enabling of bearer rejected, failed to enable media [ 315.489751][ T9599] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1486'. [ 315.607771][ T25] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 315.800668][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 315.827981][ T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 315.868980][ T25] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 315.907952][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.951748][ T25] usb 5-1: config 0 descriptor?? [ 316.011496][ T25] gspca_main: spca561-2.14.0 probing abcd:cdee [ 316.261052][ T9613] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 316.318056][ T9620] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1493'. [ 316.413629][ T9623] ieee802154 phy0 wpan0: encryption failed: -90 [ 316.562643][ T25] spca561 5-1:0.0: probe with driver spca561 failed with error -22 [ 316.582438][ T25] usb 5-1: MIDIStreaming interface descriptor not found [ 317.007984][ T25] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 317.179949][ T25] usb 2-1: device descriptor read/64, error -71 [ 317.218746][ T9642] Invalid option length (1048373) for dns_resolver key [ 317.263421][ T5145] usb 5-1: USB disconnect, device number 32 [ 317.457864][ T25] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 317.479669][ T9645] tipc: Enabling of bearer rejected, failed to enable media [ 317.559582][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.572149][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.658012][ T25] usb 2-1: device descriptor read/64, error -71 [ 317.780481][ T25] usb usb2-port1: attempt power cycle [ 317.991017][ T5145] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 318.144629][ T9655] __nla_validate_parse: 1 callbacks suppressed [ 318.144649][ T9655] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1508'. [ 318.189871][ T5145] usb 1-1: config 0 has no interfaces? [ 318.190338][ T25] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 318.198200][ T5145] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 318.238544][ T5145] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.249811][ T25] usb 2-1: device descriptor read/8, error -71 [ 318.276009][ T9657] ieee802154 phy0 wpan0: encryption failed: -90 [ 318.277101][ T5145] usb 1-1: config 0 descriptor?? [ 318.537907][ T25] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 318.594441][ T25] usb 2-1: device descriptor read/8, error -71 [ 318.669261][ T9675] Invalid option length (1048373) for dns_resolver key [ 318.721725][ T25] usb usb2-port1: unable to enumerate USB device [ 318.811096][ T9680] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1518'. [ 319.014555][ T9682] tipc: Enabling of bearer rejected, failed to enable media [ 319.463970][ T9686] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1520'. [ 319.595840][ T9692] ieee802154 phy0 wpan0: encryption failed: -90 [ 320.032829][ T9710] Invalid option length (1048373) for dns_resolver key [ 320.055674][ T9713] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1533'. [ 320.113185][ T9716] ieee802154 phy0 wpan0: encryption failed: -90 [ 320.120006][ T5145] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 320.202037][ T9720] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1536'. [ 320.317948][ T5145] usb 3-1: Using ep0 maxpacket: 32 [ 320.326556][ T5145] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 320.335211][ T5145] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 320.344384][ T5145] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 320.353612][ T5145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 320.364753][ T5145] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 320.374554][ T5145] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 320.388433][ T5145] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 320.398200][ T5145] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.412672][ T5145] usb 3-1: config 0 descriptor?? [ 320.452232][ T9724] tipc: Enabling of bearer rejected, failed to enable media [ 320.538308][ T5148] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 320.628353][ T5145] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 36 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 320.652199][ T5145] usb 3-1: USB disconnect, device number 36 [ 320.665259][ T5145] usblp0: removed [ 320.723937][ T46] usb 1-1: USB disconnect, device number 38 [ 320.737190][ T5148] usb 4-1: Using ep0 maxpacket: 32 [ 320.764975][ T5148] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 320.792927][ T5148] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 320.811568][ T5148] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 320.860303][ T5148] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 320.877618][ T5148] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.896909][ T5148] usb 4-1: Product: syz [ 320.907205][ T5148] usb 4-1: Manufacturer: syz [ 320.927406][ T5148] usb 4-1: SerialNumber: syz [ 321.179350][ T5148] cdc_ncm 4-1:1.0: skipping garbage [ 321.184630][ T5148] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 321.207403][ T5148] cdc_ncm 4-1:1.0: bind() failure [ 321.225892][ T5145] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 321.227796][ T5148] usb 4-1: USB disconnect, device number 26 [ 321.318927][ T9741] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1545'. [ 321.373060][ T9743] ieee802154 phy0 wpan0: encryption failed: -90 [ 321.427947][ T5145] usb 3-1: Using ep0 maxpacket: 32 [ 321.446344][ T5145] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 321.468356][ T5145] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 321.489805][ T5145] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 321.501530][ T5145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 321.512710][ T5145] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 321.525119][ T5145] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 321.540350][ T5145] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 321.554749][ T5145] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.590150][ T9753] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1550'. [ 321.598986][ T5145] usb 3-1: config 0 descriptor?? [ 321.635584][ T9750] Invalid option length (1048373) for dns_resolver key [ 321.660955][ T9756] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1550'. [ 321.814569][ T5145] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 37 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 321.853806][ T9760] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1553'. [ 322.015944][ T9760] tipc: Enabling of bearer rejected, failed to enable media [ 322.423690][ T46] usb 3-1: USB disconnect, device number 37 [ 322.474474][ T46] usblp0: removed [ 322.594577][ T9784] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1562'. [ 322.888109][ T5145] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 323.102426][ T9808] Invalid option length (1048373) for dns_resolver key [ 323.121212][ T5145] usb 1-1: Using ep0 maxpacket: 32 [ 323.141833][ T5145] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 323.164246][ T9812] __nla_validate_parse: 2 callbacks suppressed [ 323.164268][ T9812] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1575'. [ 323.182899][ T5145] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 323.254712][ T5145] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 323.324391][ T5145] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 323.347277][ T5145] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.357880][ T5145] usb 1-1: Product: syz [ 323.362103][ T5145] usb 1-1: Manufacturer: syz [ 323.366792][ T5145] usb 1-1: SerialNumber: syz [ 323.591505][ T9833] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1586'. [ 323.592650][ T5145] cdc_ncm 1-1:1.0: skipping garbage [ 323.631627][ T9836] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1584'. [ 323.644443][ T5145] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 323.676467][ T5145] cdc_ncm 1-1:1.0: bind() failure [ 323.705924][ T5145] usb 1-1: USB disconnect, device number 39 [ 324.196718][ T9863] ieee802154 phy0 wpan0: encryption failed: -90 [ 324.233176][ T9867] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1598'. [ 324.368196][ T932] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 324.483877][ T5145] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 324.509732][ T9877] Invalid option length (1048373) for dns_resolver key [ 324.570043][ T932] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 324.585118][ T932] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 324.596937][ T932] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 324.615416][ T932] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 324.644626][ T932] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 324.657615][ T932] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 324.666512][ T932] usb 3-1: Product: syz [ 324.671528][ T932] usb 3-1: Manufacturer: syz [ 324.690980][ T932] cdc_wdm 3-1:1.0: skipping garbage [ 324.702158][ T932] cdc_wdm 3-1:1.0: skipping garbage [ 324.708002][ T5145] usb 4-1: Using ep0 maxpacket: 32 [ 324.713675][ T932] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22 [ 324.724368][ T5145] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 324.733466][ T5145] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 324.750717][ T5145] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 324.775884][ T5145] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 324.797363][ T5145] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 324.844270][ T5145] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 324.881741][ T5145] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 324.894321][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.918006][ T5145] usb 4-1: config 0 descriptor?? [ 324.966516][ T932] usb 3-1: USB disconnect, device number 38 [ 325.144235][ T5145] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 27 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 325.190509][ T5145] usb 4-1: USB disconnect, device number 27 [ 325.209236][ T5145] usblp0: removed [ 325.239304][ T8616] udevd[8616]: setting mode of /dev/bus/usb/004/027 to 020664 failed: No such file or directory [ 325.270460][ T8616] udevd[8616]: setting owner of /dev/bus/usb/004/027 to uid=0, gid=7 failed: No such file or directory [ 325.364372][ T9896] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1611'. [ 325.936059][ T29] audit: type=1326 audit(1721519235.474:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9917 comm="syz.2.1618" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7c98d75b59 code=0x0 [ 325.967818][ T5145] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 326.106617][ T9921] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 326.169723][ T5145] usb 5-1: config 0 has no interfaces? [ 326.177855][ T5145] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 326.193144][ T5145] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.214663][ T5145] usb 5-1: config 0 descriptor?? [ 326.632105][ T9940] ieee802154 phy0 wpan0: encryption failed: -90 [ 326.643453][ T9941] binder: 9937:9941 unknown command 0 [ 326.660030][ T9941] binder: 9937:9941 ioctl c0306201 20000340 returned -22 [ 326.676384][ T9942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1626'. [ 327.038237][ T5145] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 327.237795][ T5145] usb 1-1: Using ep0 maxpacket: 32 [ 327.245664][ T5145] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 327.257727][ T5145] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 327.277049][ T5145] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 327.292820][ T5145] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 327.329351][ T5145] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 327.359820][ T5145] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 327.378008][ T5145] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 327.388167][ T5145] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.400923][ T5145] usb 1-1: config 0 descriptor?? [ 327.629208][ T5145] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 40 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 327.652696][ T9976] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1641'. [ 327.656097][ T5145] usb 1-1: USB disconnect, device number 40 [ 327.687360][ T5145] usblp0: removed [ 327.774927][ T29] audit: type=1326 audit(1721519237.314:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9978 comm="syz.1.1642" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x0 [ 328.047840][ T9980] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 328.318789][ T9989] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1643'. [ 328.710644][ T932] usb 5-1: USB disconnect, device number 33 [ 329.002528][T10018] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1657'. [ 329.445871][ T29] audit: type=1326 audit(1721519238.984:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10036 comm="syz.2.1666" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7c98d75b59 code=0x0 [ 329.507951][ T932] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 329.590510][T10040] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 329.637989][ T5148] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 329.690926][ T932] usb 2-1: config 0 has no interfaces? [ 329.704296][ T932] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 329.717271][ T932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.733704][ T932] usb 2-1: config 0 descriptor?? [ 329.850493][ T5148] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 329.870671][ T5148] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 329.889167][ T5148] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 329.903772][ T5148] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 329.919344][ T5148] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 329.935664][ T5148] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 329.944522][ T5148] usb 1-1: Product: syz [ 329.960096][ T5148] usb 1-1: Manufacturer: syz [ 329.972994][T10053] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1671'. [ 329.975391][ T5148] cdc_wdm 1-1:1.0: skipping garbage [ 329.987507][ T5148] cdc_wdm 1-1:1.0: skipping garbage [ 329.999918][ T5148] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 330.266524][ T932] usb 1-1: USB disconnect, device number 41 [ 330.347983][ T5148] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 330.555429][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 330.576620][ T5148] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 330.607843][ T5148] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 330.637869][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.670933][ T5148] usb 4-1: config 0 descriptor?? [ 330.693147][ T5148] gspca_main: spca561-2.14.0 probing abcd:cdee [ 331.221953][ T5148] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 331.253675][ T5148] usb 4-1: MIDIStreaming interface descriptor not found [ 331.313976][T10082] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1682'. [ 331.350576][T10077] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 332.056128][ T4869] usb 4-1: USB disconnect, device number 28 [ 332.285878][ T932] usb 2-1: USB disconnect, device number 25 [ 332.409153][T10105] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1692'. [ 332.607976][ T25] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 332.823709][ T25] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 332.853852][ T25] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 332.876439][ T25] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 332.901108][ T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 332.957273][ T25] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 332.977752][ T25] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 332.997784][ T25] usb 3-1: Product: syz [ 333.012072][ T25] usb 3-1: Manufacturer: syz [ 333.033117][ T25] cdc_wdm 3-1:1.0: skipping garbage [ 333.051080][ T25] cdc_wdm 3-1:1.0: skipping garbage [ 333.056391][ T25] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22 [ 333.108712][T10125] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1699'. [ 333.313292][ T932] usb 3-1: USB disconnect, device number 39 [ 333.361447][T10125] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 333.557862][ T29] audit: type=1326 audit(1721519243.094:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10133 comm="syz.4.1705" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0240d75b59 code=0x0 [ 333.881647][T10135] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 335.376572][T10181] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1721'. [ 335.423833][ T29] audit: type=1326 audit(1721519244.954:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10182 comm="syz.1.1723" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x0 [ 335.776178][T10185] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 335.831886][T10181] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 336.488027][ T25] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 336.579337][ T29] audit: type=1326 audit(1721519246.114:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10219 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x7ffc0000 [ 336.655172][ T29] audit: type=1326 audit(1721519246.114:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10219 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x7ffc0000 [ 336.729778][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 336.747923][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 336.777796][ T29] audit: type=1326 audit(1721519246.154:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10219 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f8a9b375b59 code=0x7ffc0000 [ 336.797849][ T5145] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 336.801101][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 336.851309][ T29] audit: type=1326 audit(1721519246.154:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10219 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x7ffc0000 [ 336.883553][ T25] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 336.918218][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.927005][ T29] audit: type=1326 audit(1721519246.154:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10219 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x7ffc0000 [ 336.958167][ T25] usb 4-1: config 0 descriptor?? [ 337.027856][ T5145] usb 5-1: Using ep0 maxpacket: 32 [ 337.048023][ T5145] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 337.072534][ T5145] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 337.123729][ T5145] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 337.126118][T10241] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1743'. [ 337.148075][ T5145] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 337.176936][ T5145] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 337.247830][ T5145] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 337.295140][ T5145] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 337.327185][T10241] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 337.348085][ T5145] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 337.366530][ T5145] usb 5-1: config 0 descriptor?? [ 337.397491][ T25] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 337.498946][ T25] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 337.571928][ T29] audit: type=1326 audit(1721519247.084:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10247 comm="syz.1.1747" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a9b375b59 code=0x0 [ 337.622618][T10218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 337.664563][T10218] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 337.808950][T10251] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 338.577825][T10264] pim6reg1: entered promiscuous mode [ 338.583249][T10264] pim6reg1: entered allmulticast mode [ 338.725079][ T5145] usblp 5-1:0.0: usblp1: USB Bidirectional printer dev 34 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 338.783661][ T5145] usb 5-1: USB disconnect, device number 34 [ 338.810830][ T5145] usblp1: removed [ 339.351269][T10292] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1761'. [ 339.670263][ T25] usb 4-1: USB disconnect, device number 29 [ 340.923852][T10292] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 341.968644][ T4869] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 342.138101][ T8] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 342.147963][ T4869] usb 3-1: device descriptor read/64, error -71 [ 342.363542][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 342.383723][ T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 342.405138][ T8] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 342.428010][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.439540][ T8] usb 5-1: config 0 descriptor?? [ 342.447784][ T4869] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 342.470127][ T8] gspca_main: spca561-2.14.0 probing abcd:cdee [ 342.618944][ T4869] usb 3-1: device descriptor read/64, error -71 [ 342.758871][ T4869] usb usb3-port1: attempt power cycle [ 342.981277][ T8] spca561 5-1:0.0: probe with driver spca561 failed with error -22 [ 343.001699][ T8] usb 5-1: MIDIStreaming interface descriptor not found [ 343.179282][ T4869] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 343.248588][ T4869] usb 3-1: device descriptor read/8, error -71 [ 343.548251][ T4869] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 343.602099][ T4869] usb 3-1: device descriptor read/8, error -71 [ 343.738480][ T4869] usb usb3-port1: unable to enumerate USB device [ 343.808571][ T932] usb 5-1: USB disconnect, device number 35 [ 343.937893][ T8] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 344.548368][ T54] Bluetooth: hci4: command 0x0406 tx timeout [ 344.898424][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 344.905818][ T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 344.926507][ T8] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 344.951391][ T8] usb 4-1: too many endpoints for config 1 interface 0 altsetting 255: 228, using maximum allowed: 30 [ 345.000464][ T8] usb 4-1: config 1 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 228 [ 345.084487][ T8] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 345.127316][ T8] usb 4-1: config 1 interface 0 has no altsetting 1 [ 345.153288][ T8] usb 4-1: config 1 interface 1 has no altsetting 0 [ 345.169806][ T8] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 345.185395][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.195583][ T8] usb 4-1: Product: syz [ 345.209736][ T8] usb 4-1: Manufacturer: syz [ 345.215184][ T8] usb 4-1: SerialNumber: syz [ 345.375582][T10407] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1805'. [ 345.463021][ T8] usb 4-1: selecting invalid altsetting 0 [ 345.479570][ T8] usb 4-1: selecting invalid altsetting 0 [ 345.485485][ T8] cdc_ncm 4-1:1.0: bind() failure [ 345.503503][ T8] usb 4-1: selecting invalid altsetting 0 [ 345.509964][ T8] usbtest 4-1:1.1: probe with driver usbtest failed with error -22 [ 345.520871][ T8] usb 4-1: USB disconnect, device number 30 [ 345.538946][T10411] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1805'. [ 345.549575][T10411] 8021q: adding VLAN 0 to HW filter on device bond7 [ 345.566733][T10413] netlink: 'syz.4.1806': attribute type 29 has an invalid length. [ 345.607297][T10409] netlink: 'syz.4.1806': attribute type 29 has an invalid length. [ 346.098478][ T8] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 346.277940][ T8] usb 5-1: device descriptor read/64, error -71 [ 346.575867][ T8] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 346.618049][T10436] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.464570][ T8] usb 5-1: device descriptor read/64, error -71 [ 347.644276][ T8] usb usb5-port1: attempt power cycle [ 348.078010][ T8] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 348.142778][ T8] usb 5-1: device descriptor read/8, error -71 [ 348.438178][ T8] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 348.478548][ T8] usb 5-1: device descriptor read/8, error -71 [ 348.614147][ T8] usb usb5-port1: unable to enumerate USB device [ 348.984680][T10472] ieee802154 phy0 wpan0: encryption failed: -22 [ 349.550853][ T8] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 350.412461][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 350.443967][ T8] usb 5-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 350.585477][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.597226][ T8] usb 5-1: config 0 descriptor?? [ 350.606737][ T8] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 351.197054][ T5178] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 351.466131][ T5178] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 351.495878][ T5178] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 351.517777][ T5178] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 351.537480][ T5178] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.574009][ T5178] usb 2-1: config 0 descriptor?? [ 351.602916][ T5178] gspca_main: spca561-2.14.0 probing abcd:cdee [ 351.986244][T10518] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1840'. [ 352.134138][ T5178] spca561 2-1:0.0: probe with driver spca561 failed with error -22 [ 352.149211][ T5178] usb 2-1: MIDIStreaming interface descriptor not found [ 352.151358][T10520] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1840'. [ 352.264641][T10520] 8021q: adding VLAN 0 to HW filter on device bond8 [ 352.865353][ T932] usb 2-1: USB disconnect, device number 26 [ 353.030810][T10542] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1845'. [ 354.040663][T10545] ptrace attach of "./syz-executor exec"[5094] was attempted by "./syz-executor exec"[10545] [ 354.348874][ T25] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 354.527993][ T25] usb 4-1: device descriptor read/64, error -71 [ 354.830051][ T25] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 354.998761][ T25] usb 4-1: device descriptor read/64, error -71 [ 355.148457][ T25] usb usb4-port1: attempt power cycle [ 355.670140][T10575] ptrace attach of "./syz-executor exec"[7044] was attempted by "./syz-executor exec"[10575] [ 355.728083][ T25] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 355.738402][T10578] ptrace attach of "./syz-executor exec"[5108] was attempted by "./syz-executor exec"[10578] [ 355.831462][T10579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1858'. [ 355.994719][ T25] usb 4-1: device descriptor read/8, error -71 [ 356.138283][ T5178] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 356.677923][ T25] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 356.860130][ T25] usb 4-1: device descriptor read/8, error -71 [ 356.898052][ T5178] usb 2-1: device descriptor read/64, error -71 [ 356.977743][ T5148] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 356.998058][ T25] usb usb4-port1: unable to enumerate USB device [ 357.148381][ T46] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 357.156163][ T5148] usb 3-1: device descriptor read/64, error -71 [ 357.188007][ T5178] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 357.337794][ T5178] usb 2-1: device descriptor read/64, error -71 [ 357.364169][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 357.390889][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 357.421169][ T46] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 357.441219][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.449690][ T5148] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 357.468947][ T5178] usb usb2-port1: attempt power cycle [ 357.488265][ T46] usb 1-1: config 0 descriptor?? [ 357.618718][ T5148] usb 3-1: device descriptor read/64, error -71 [ 357.768331][ T5148] usb usb3-port1: attempt power cycle [ 357.910870][ T46] hid (null): bogus close delimiter [ 357.928056][ T5178] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 357.971455][ T5178] usb 2-1: device descriptor read/8, error -71 [ 358.197929][ T5148] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 358.248188][ T5178] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 358.263830][ T5148] usb 3-1: device descriptor read/8, error -71 [ 358.300131][ T5178] usb 2-1: device descriptor read/8, error -71 [ 358.317011][ T46] usb 1-1: string descriptor 0 read error: -71 [ 358.337425][ T46] uclogic 0003:256C:006D.0004: failed retrieving string descriptor #200: -71 [ 358.348493][ T46] uclogic 0003:256C:006D.0004: failed retrieving pen parameters: -71 [ 358.356829][ T46] uclogic 0003:256C:006D.0004: failed probing pen v2 parameters: -71 [ 358.371355][ T46] uclogic 0003:256C:006D.0004: failed probing parameters: -71 [ 358.382043][ T46] uclogic 0003:256C:006D.0004: probe with driver uclogic failed with error -71 [ 358.413559][ T46] usb 1-1: USB disconnect, device number 42 [ 358.438421][ T5178] usb usb2-port1: unable to enumerate USB device [ 358.539284][ T5148] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 358.588555][ T5148] usb 3-1: device descriptor read/8, error -71 [ 358.718219][ T5148] usb usb3-port1: unable to enumerate USB device [ 359.028618][T10609] veth0_vlan: entered allmulticast mode [ 359.267983][T10612] veth0_vlan: left promiscuous mode [ 359.324889][T10612] veth0_vlan: entered promiscuous mode [ 359.343949][T10612] veth0_vlan: left allmulticast mode [ 360.211131][T10637] ptrace attach of "./syz-executor exec"[7044] was attempted by "./syz-executor exec"[10637] [ 360.253650][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 360.268923][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 360.288243][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 360.296380][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 360.305927][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 360.313432][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 360.658759][ T5178] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 360.837903][ T5178] usb 2-1: device descriptor read/64, error -71 [ 361.068973][T10638] chnl_net:caif_netlink_parms(): no params data found [ 361.157881][ T5178] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 361.327808][ T5178] usb 2-1: device descriptor read/64, error -71 [ 361.337366][T10638] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.361864][T10638] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.369883][T10638] bridge_slave_0: entered allmulticast mode [ 361.377505][T10638] bridge_slave_0: entered promiscuous mode [ 361.401380][T10638] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.419311][T10638] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.426640][T10638] bridge_slave_1: entered allmulticast mode [ 361.447800][T10638] bridge_slave_1: entered promiscuous mode [ 361.477210][ T5178] usb usb2-port1: attempt power cycle [ 361.527851][ T5148] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 361.584871][T10638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 361.631940][T10638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 361.689030][ C1] eth0: bad gso: type: 1, size: 1408 [ 361.748544][ T5148] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 361.785717][T10638] team0: Port device team_slave_0 added [ 361.791967][ T5148] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 361.792037][ T5148] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 361.856513][ T5148] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.860293][T10638] team0: Port device team_slave_1 added [ 361.927964][ T5178] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 361.956688][ T5148] usb 1-1: config 0 descriptor?? [ 361.968557][T10638] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 361.994846][T10638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 361.997069][ T5148] gspca_main: spca561-2.14.0 probing abcd:cdee [ 362.057805][ T5178] usb 2-1: device descriptor read/8, error -71 [ 362.093750][T10638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 362.165432][T10638] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 362.195455][T10638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.270108][T10638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 362.338728][ T5178] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 362.349019][ T54] Bluetooth: hci1: command tx timeout [ 362.412274][ T5178] usb 2-1: device descriptor read/8, error -71 [ 362.578566][ T5178] usb usb2-port1: unable to enumerate USB device [ 362.639866][T10638] hsr_slave_0: entered promiscuous mode [ 362.652741][ T5148] spca561 1-1:0.0: probe with driver spca561 failed with error -22 [ 362.676197][ T5148] usb 1-1: MIDIStreaming interface descriptor not found [ 362.684992][T10638] hsr_slave_1: entered promiscuous mode [ 363.179443][ T8] usb 1-1: USB disconnect, device number 43 [ 363.367985][ T5178] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 363.471567][T10638] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.579798][ T5178] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 363.599219][T10685] tipc: Enabling of bearer rejected, failed to enable media [ 363.611200][ T5178] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 363.643511][ T5178] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 363.687709][ T5178] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.717334][T10638] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.749253][ T5178] usb 3-1: config 0 descriptor?? [ 363.962202][T10638] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.112357][T10638] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.172754][ T5178] hid-rmi 0003:06CB:81A7.0005: unknown main item tag 0x0 [ 364.195338][ T5178] hid-rmi 0003:06CB:81A7.0005: unknown main item tag 0x0 [ 364.223531][ T5178] hid-rmi 0003:06CB:81A7.0005: unknown main item tag 0x0 [ 364.256381][ T5178] hid-rmi 0003:06CB:81A7.0005: unknown main item tag 0x0 [ 364.284361][ T5178] hid-rmi 0003:06CB:81A7.0005: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.2-1/input0 [ 364.379461][ T5178] usb 3-1: USB disconnect, device number 48 [ 364.427954][ T54] Bluetooth: hci1: command tx timeout [ 364.620631][T10638] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 364.672330][T10638] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 364.786771][T10638] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 364.859598][T10638] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 365.149740][T10709] netlink: 'syz.0.1900': attribute type 9 has an invalid length. [ 365.228020][T10709] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1900'. [ 366.067926][ T5148] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 366.289745][ T5148] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 366.310543][ T5148] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 366.337860][ T5148] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 366.356627][ T5148] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.391465][ T5148] usb 1-1: config 0 descriptor?? [ 366.431068][ T5148] gspca_main: spca561-2.14.0 probing abcd:cdee [ 366.509120][ T54] Bluetooth: hci1: command tx timeout [ 366.974907][ T5148] spca561 1-1:0.0: probe with driver spca561 failed with error -22 [ 366.999053][ T5148] usb 1-1: MIDIStreaming interface descriptor not found [ 368.587806][ T54] Bluetooth: hci1: command tx timeout [ 369.841840][T10727] tipc: Enabling of bearer rejected, failed to enable media [ 369.852000][ T5178] usb 1-1: USB disconnect, device number 44 [ 370.049020][T10638] 8021q: adding VLAN 0 to HW filter on device bond0 [ 370.113141][T10638] 8021q: adding VLAN 0 to HW filter on device team0 [ 370.171497][ T5151] bridge0: port 1(bridge_slave_0) entered blocking state [ 370.179579][ T5151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 370.282444][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state [ 370.289686][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 370.343901][T10744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1910'. [ 370.887254][T10759] netlink: 'syz.1.1914': attribute type 9 has an invalid length. [ 370.937825][T10759] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1914'. [ 371.013351][T10762] ptrace attach of "./syz-executor exec"[5890] was attempted by "./syz-executor exec"[10762] [ 371.163768][T10638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.178953][T10763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1909'. [ 371.337866][ T5151] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 371.447872][ T5148] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 371.520176][ T5151] usb 1-1: device descriptor read/64, error -71 [ 371.644200][ T5148] usb 2-1: Using ep0 maxpacket: 32 [ 371.670107][ T5148] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 371.692622][ T5148] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 371.714773][ T5148] usb 2-1: too many endpoints for config 1 interface 0 altsetting 255: 228, using maximum allowed: 30 [ 371.747566][ T5148] usb 2-1: config 1 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 228 [ 371.777253][ T5148] usb 2-1: config 1 interface 1 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 371.807072][ T5148] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 371.821118][ T5151] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 371.838025][ T5148] usb 2-1: config 1 interface 0 has no altsetting 1 [ 371.851564][ T5148] usb 2-1: config 1 interface 1 has no altsetting 0 [ 371.863105][ T5148] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 371.876929][ T5148] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.893226][ T5148] usb 2-1: Product: syz [ 371.908385][T10638] veth0_vlan: entered promiscuous mode [ 371.917791][ T5148] usb 2-1: Manufacturer: syz [ 371.924050][ T5148] usb 2-1: SerialNumber: syz [ 371.957483][T10775] tipc: Enabling of bearer rejected, failed to enable media [ 371.980222][T10638] veth1_vlan: entered promiscuous mode [ 371.998016][ T5151] usb 1-1: device descriptor read/64, error -71 [ 372.084268][T10638] veth0_macvtap: entered promiscuous mode [ 372.109878][T10638] veth1_macvtap: entered promiscuous mode [ 372.123017][ T5151] usb usb1-port1: attempt power cycle [ 372.156416][ T5148] usb 2-1: selecting invalid altsetting 0 [ 372.171685][ T5148] usb 2-1: selecting invalid altsetting 0 [ 372.171684][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.171714][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.199335][ T5148] cdc_ncm 2-1:1.0: bind() failure [ 372.215929][ T5148] usb 2-1: selecting invalid altsetting 0 [ 372.227795][ T5148] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -22 [ 372.236502][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.259106][ T5148] usb 2-1: selecting invalid altsetting 0 [ 372.264909][ T5148] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -22 [ 372.273453][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.293970][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.306295][ T5148] usb 2-1: selecting invalid altsetting 0 [ 372.320294][ T5148] usbtest 2-1:1.1: probe with driver usbtest failed with error -22 [ 372.337836][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.370894][ T5148] usb 2-1: USB disconnect, device number 35 [ 372.377528][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.407746][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.437689][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.457700][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.479982][T10638] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 372.518283][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.547767][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.567777][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.578939][ T5151] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 372.597953][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.617818][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.638619][ T5151] usb 1-1: device descriptor read/8, error -71 [ 372.650605][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.677731][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.698082][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.734290][T10638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.766386][T10638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.804469][T10777] rtc_cmos 00:00: Alarms can be up to one day in the future [ 372.809971][T10638] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 372.852160][T10638] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.876521][T10638] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.907019][T10638] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.915974][ T5151] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 372.927842][T10638] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.958839][ T5151] usb 1-1: device descriptor read/8, error -71 [ 373.088489][ T5151] usb usb1-port1: unable to enumerate USB device [ 373.210438][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 373.241178][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 373.387105][ T932] rtc_cmos 00:00: Alarms can be up to one day in the future [ 373.402610][ T2901] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 373.425813][ T932] rtc_cmos 00:00: Alarms can be up to one day in the future [ 373.440267][ T2901] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 373.453927][ T932] rtc_cmos 00:00: Alarms can be up to one day in the future [ 373.482389][ T932] rtc_cmos 00:00: Alarms can be up to one day in the future [ 373.507578][ T932] rtc rtc0: __rtc_set_alarm: err=-22 [ 374.302530][T10807] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1927'. [ 374.406584][T10808] tipc: Enabling of bearer rejected, failed to enable media [ 374.496533][T10807] pim6reg1: entered promiscuous mode [ 374.524203][T10807] pim6reg1: entered allmulticast mode [ 375.881479][T10836] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 376.941405][T10858] tipc: Enabling of bearer rejected, failed to enable media [ 377.204323][T10862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1945'. [ 377.235814][T10862] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1945'. [ 377.278235][ T54] Bluetooth: hci4: ACL packet for unknown connection handle 200 [ 377.326911][ T54] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 377.337121][ T54] CPU: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 377.347160][ T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 377.357263][ T54] Workqueue: hci4 hci_rx_work [ 377.362038][ T54] Call Trace: [ 377.365327][ T54] [ 377.368304][ T54] dump_stack_lvl+0x241/0x360 [ 377.373026][ T54] ? __pfx_dump_stack_lvl+0x10/0x10 [ 377.378237][ T54] ? __pfx__printk+0x10/0x10 [ 377.382837][ T54] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 377.388142][ T54] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 377.393733][ T54] sysfs_create_dir_ns+0x2ce/0x3a0 [ 377.399001][ T54] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 377.404683][ T54] kobject_add_internal+0x435/0x8d0 [ 377.409904][ T54] kobject_add+0x152/0x220 [ 377.414341][ T54] ? do_raw_spin_unlock+0x13c/0x8b0 [ 377.419544][ T54] ? device_add+0x3e7/0xbf0 [ 377.424097][ T54] ? __pfx_kobject_add+0x10/0x10 [ 377.429059][ T54] ? _raw_spin_unlock+0x28/0x50 [ 377.433969][ T54] ? get_device_parent+0x165/0x410 [ 377.439109][ T54] device_add+0x4e5/0xbf0 [ 377.443504][ T54] hci_conn_add_sysfs+0xe8/0x200 [ 377.448483][ T54] le_conn_complete_evt+0xc9f/0x12e0 [ 377.453875][ T54] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 377.459617][ T54] ? __mutex_unlock_slowpath+0x21d/0x750 [ 377.465259][ T54] ? __copy_skb_header+0x437/0x5b0 [ 377.470395][ T54] ? skb_pull_data+0x112/0x230 [ 377.475184][ T54] hci_le_enh_conn_complete_evt+0x185/0x420 [ 377.481097][ T54] hci_event_packet+0xa55/0x1540 [ 377.486047][ T54] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 377.491367][ T54] ? __pfx_hci_event_packet+0x10/0x10 [ 377.496747][ T54] ? do_raw_spin_unlock+0x13c/0x8b0 [ 377.501965][ T54] ? hci_send_to_monitor+0xd8/0x7f0 [ 377.507179][ T54] ? kcov_remote_start+0x9e/0x7e0 [ 377.512213][ T54] hci_rx_work+0x3e8/0xca0 [ 377.516639][ T54] ? process_scheduled_works+0x945/0x1830 [ 377.522364][ T54] process_scheduled_works+0xa2c/0x1830 [ 377.527945][ T54] ? __pfx_process_scheduled_works+0x10/0x10 [ 377.533935][ T54] ? assign_work+0x364/0x3d0 [ 377.538556][ T54] worker_thread+0x86d/0xd40 [ 377.543190][ T54] ? __kthread_parkme+0x169/0x1d0 [ 377.548242][ T54] ? __pfx_worker_thread+0x10/0x10 [ 377.553462][ T54] kthread+0x2f0/0x390 [ 377.557540][ T54] ? __pfx_worker_thread+0x10/0x10 [ 377.562655][ T54] ? __pfx_kthread+0x10/0x10 [ 377.567269][ T54] ret_from_fork+0x4b/0x80 [ 377.571787][ T54] ? __pfx_kthread+0x10/0x10 [ 377.576477][ T54] ret_from_fork_asm+0x1a/0x30 [ 377.581300][ T54] [ 377.647798][ T54] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 377.662147][ T54] Bluetooth: hci4: failed to register connection device [ 377.703445][ T29] audit: type=1800 audit(1721519287.234:89): pid=10869 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1948" name="/" dev="9p" ino=2 res=0 errno=0 [ 377.987702][ T29] audit: type=1326 audit(1721519287.514:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.023346][ T29] audit: type=1326 audit(1721519287.514:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.086720][ T29] audit: type=1326 audit(1721519287.514:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.154968][ T29] audit: type=1326 audit(1721519287.514:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.245684][ T29] audit: type=1326 audit(1721519287.514:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.312647][ T29] audit: type=1326 audit(1721519287.514:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.372374][ T29] audit: type=1326 audit(1721519287.514:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.495622][ T29] audit: type=1326 audit(1721519287.514:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.560523][ T29] audit: type=1326 audit(1721519287.514:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10878 comm="syz.3.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd29975b59 code=0x7ffc0000 [ 378.897409][ T8] usb 5-1: USB disconnect, device number 40 [ 378.922667][ T1110] bridge_slave_1: left allmulticast mode [ 378.943597][ T1110] bridge_slave_1: left promiscuous mode [ 378.966092][ T1110] bridge0: port 2(bridge_slave_1) entered disabled state [ 378.991473][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.009418][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.138162][ T1110] bridge_slave_0: left allmulticast mode [ 379.143878][ T1110] bridge_slave_0: left promiscuous mode [ 379.185294][ T1110] bridge0: port 1(bridge_slave_0) entered disabled state [ 379.464954][ T8] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 379.491509][ T5108] cgroup: fork rejected by pids controller in /syz2 [ 379.660755][ T8] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 379.697769][ T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 379.740461][ T8] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 379.817185][ T8] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 379.840085][ T8] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 379.868919][ T8] usb 2-1: Product: syz [ 379.873159][ T8] usb 2-1: Manufacturer: syz [ 379.907398][ T8] cdc_wdm 2-1:1.0: skipping garbage [ 379.927802][ T8] cdc_wdm 2-1:1.0: skipping garbage [ 379.933300][ T8] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22 [ 380.176335][ T8] usb 2-1: USB disconnect, device number 36 [ 380.357530][ T1110] bond1 (unregistering): (slave gretap1): Releasing backup interface [ 380.820309][ T1110] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 380.847327][ T1110] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 380.876628][ T1110] bond0 (unregistering): Released all slaves [ 380.921315][ T1110] bond1 (unregistering): Released all slaves [ 380.964042][ T1110] bond2 (unregistering): Released all slaves [ 381.003267][ T1110] bond3 (unregistering): Released all slaves [ 381.083589][ T1110] bond4 (unregistering): Released all slaves [ 381.141702][ T1110] bond5 (unregistering): Released all slaves [ 381.263242][ T7044] cgroup: fork rejected by pids controller in /syz1 [ 381.424328][T10954] 9pnet_virtio: no channels available for device syz [ 381.464051][ T1110] tipc: Left network mode [ 382.168780][T10962] netlink: 'syz.0.1982': attribute type 72 has an invalid length. [ 382.176674][T10962] netlink: 1016 bytes leftover after parsing attributes in process `syz.0.1982'. [ 382.547345][ T1110] hsr_slave_0: left promiscuous mode [ 382.606025][ T1110] hsr_slave_1: left promiscuous mode [ 382.624433][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 382.645182][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 382.695012][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 382.733809][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 382.879753][ T1110] veth1_macvtap: left promiscuous mode [ 382.924621][ T1110] veth0_macvtap: left promiscuous mode [ 382.951437][ T1110] veth1_vlan: left promiscuous mode [ 383.021201][ T5107] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 383.052546][ T5107] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 383.068212][ T5107] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 383.087006][ T5107] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 383.098421][ T5107] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 383.111593][ T5107] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 383.365982][T10638] cgroup: fork rejected by pids controller in /syz4 [ 383.419722][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 383.456296][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 383.466888][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 383.492143][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 383.500475][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 383.510909][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 383.541124][T10987] Bluetooth: MGMT ver 1.23 [ 383.551577][T10987] kAFS: No cell specified [ 383.559366][T10986] delete_channel: no stack [ 384.392934][ T1110] team0 (unregistering): Port device team_slave_1 removed [ 384.477573][ T1110] team0 (unregistering): Port device team_slave_0 removed [ 385.166217][ T5107] Bluetooth: hci0: command tx timeout [ 385.558446][ T5107] Bluetooth: hci2: command tx timeout [ 385.903262][T11010] netlink: 'syz.3.2001': attribute type 14 has an invalid length. [ 386.539702][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 386.562801][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 386.586098][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 386.594733][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 386.603034][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 386.612605][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 386.725739][T10971] chnl_net:caif_netlink_parms(): no params data found [ 386.893426][ T1110] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.046213][ T1110] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.231223][ T5107] Bluetooth: hci0: command tx timeout [ 387.243663][ T1110] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.472763][T10981] chnl_net:caif_netlink_parms(): no params data found [ 387.552864][ T1110] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.629313][ T5107] Bluetooth: hci2: command tx timeout [ 387.782128][T10971] bridge0: port 1(bridge_slave_0) entered blocking state [ 387.809076][T10971] bridge0: port 1(bridge_slave_0) entered disabled state [ 387.816600][T10971] bridge_slave_0: entered allmulticast mode [ 387.829931][T10971] bridge_slave_0: entered promiscuous mode [ 387.855339][T10971] bridge0: port 2(bridge_slave_1) entered blocking state [ 387.873660][T10971] bridge0: port 2(bridge_slave_1) entered disabled state [ 387.885483][T10971] bridge_slave_1: entered allmulticast mode [ 387.896690][T10971] bridge_slave_1: entered promiscuous mode [ 388.051531][T10971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 388.086359][T10971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 388.211788][ T1110] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.252538][T11054] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 388.309082][T10981] bridge0: port 1(bridge_slave_0) entered blocking state [ 388.324724][T10981] bridge0: port 1(bridge_slave_0) entered disabled state [ 388.344290][T10981] bridge_slave_0: entered allmulticast mode [ 388.353171][T10981] bridge_slave_0: entered promiscuous mode [ 388.443275][T10971] team0: Port device team_slave_0 added [ 388.493046][ T1110] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.507196][T10981] bridge0: port 2(bridge_slave_1) entered blocking state [ 388.525902][T10981] bridge0: port 2(bridge_slave_1) entered disabled state [ 388.533738][T10981] bridge_slave_1: entered allmulticast mode [ 388.548320][T10981] bridge_slave_1: entered promiscuous mode [ 388.603928][T10971] team0: Port device team_slave_1 added [ 388.672308][ T5107] Bluetooth: hci1: command tx timeout [ 388.684762][ T1110] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.757048][T10981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 388.792576][T10971] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 388.812710][T10971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 388.848000][ T5151] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 388.848939][T10971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 388.921053][ T1110] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.959549][T10981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 388.992285][T10971] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 389.013540][T10971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 389.050683][ T5151] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 389.057230][T10971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 389.067789][ T5151] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 389.097802][ T5151] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 389.114234][ T5151] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.165567][ T5151] usb 1-1: config 0 descriptor?? [ 389.184744][ T5151] gspca_main: spca561-2.14.0 probing abcd:cdee [ 389.245227][T10981] team0: Port device team_slave_0 added [ 389.317784][ T5107] Bluetooth: hci0: command tx timeout [ 389.370882][T10971] hsr_slave_0: entered promiscuous mode [ 389.416435][T10971] hsr_slave_1: entered promiscuous mode [ 389.430580][T10971] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 389.457731][T10971] Cannot create hsr debugfs directory [ 389.579236][T10981] team0: Port device team_slave_1 added [ 389.701446][ T5151] spca561 1-1:0.0: probe with driver spca561 failed with error -22 [ 389.709923][ T5107] Bluetooth: hci2: command tx timeout [ 389.729863][ T5151] usb 1-1: MIDIStreaming interface descriptor not found [ 390.369045][T10981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 390.390316][T10981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 390.467379][T10981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 390.516452][ T5178] usb 1-1: USB disconnect, device number 49 [ 390.577899][T10981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 390.622833][T10981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 390.695298][T10981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 390.747943][ T5107] Bluetooth: hci1: command tx timeout [ 390.816485][ T1110] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 390.816589][ T1110] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.025833][T11022] chnl_net:caif_netlink_parms(): no params data found [ 391.083069][ T1110] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 391.094466][ T1110] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.292717][T10981] hsr_slave_0: entered promiscuous mode [ 391.303572][T10981] hsr_slave_1: entered promiscuous mode [ 391.313563][T10981] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 391.353156][T10981] Cannot create hsr debugfs directory [ 391.388413][ T5107] Bluetooth: hci0: command tx timeout [ 391.493718][ T1110] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 391.516272][ T1110] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.788314][ T5107] Bluetooth: hci2: command tx timeout [ 391.851936][ T1110] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 391.886567][ T1110] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.111280][T11022] bridge0: port 1(bridge_slave_0) entered blocking state [ 392.130552][T11022] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.148106][T11022] bridge_slave_0: entered allmulticast mode [ 392.155402][T11022] bridge_slave_0: entered promiscuous mode [ 392.270280][T11022] bridge0: port 2(bridge_slave_1) entered blocking state [ 392.313114][T11022] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.332570][T11022] bridge_slave_1: entered allmulticast mode [ 392.354398][T11022] bridge_slave_1: entered promiscuous mode [ 392.827841][ T5107] Bluetooth: hci1: command tx timeout [ 392.963808][T11022] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 393.030744][T11130] input: syz0 as /devices/virtual/input/input27 [ 393.055254][T11022] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 393.314721][T11022] team0: Port device team_slave_0 added [ 393.476301][T11022] team0: Port device team_slave_1 added [ 393.677757][ T1110] bridge_slave_1: left allmulticast mode [ 393.689032][ T1110] bridge_slave_1: left promiscuous mode [ 393.694960][ T1110] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.764975][ T1110] bridge_slave_0: left allmulticast mode [ 393.777815][ T1110] bridge_slave_0: left promiscuous mode [ 393.783779][ T1110] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.802111][T11156] netlink: 1068 bytes leftover after parsing attributes in process `syz.3.2038'. [ 393.821272][ T1110] bridge_slave_1: left allmulticast mode [ 393.827588][ T1110] bridge_slave_1: left promiscuous mode [ 393.834080][ T1110] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.864063][ T1110] bridge_slave_0: left allmulticast mode [ 393.878369][ T1110] bridge_slave_0: left promiscuous mode [ 393.884351][ T1110] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.924493][ T1110] bridge_slave_1: left allmulticast mode [ 393.942724][ T1110] bridge_slave_1: left promiscuous mode [ 393.962000][ T1110] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.998836][ T1110] bridge_slave_0: left allmulticast mode [ 394.004542][ T1110] bridge_slave_0: left promiscuous mode [ 394.032270][ T1110] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.784726][ T1110] bond2 (unregistering): (slave gretap1): Releasing backup interface [ 394.918118][ T5107] Bluetooth: hci1: command tx timeout [ 395.174240][T11170] netlink: 'syz.0.2042': attribute type 9 has an invalid length. [ 395.195679][T11170] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2042'. [ 395.339357][T11174] 9pnet_fd: Insufficient options for proto=fd [ 395.527105][ T1110] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 395.545632][ T1110] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 395.558520][ T1110] bond0 (unregistering): Released all slaves [ 395.697969][ T1110] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 395.717431][ T1110] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 395.737150][ T1110] bond0 (unregistering): Released all slaves [ 395.751647][ T1110] bond1 (unregistering): Released all slaves [ 395.768840][ T1110] bond2 (unregistering): Released all slaves [ 395.785456][ T1110] bond3 (unregistering): Released all slaves [ 395.816027][ T1110] bond4 (unregistering): Released all slaves [ 395.831179][ T1110] bond5 (unregistering): Released all slaves [ 395.864953][ T1110] bond6 (unregistering): Released all slaves [ 395.998773][ T1110] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 396.011526][ T1110] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 396.023981][ T1110] bond0 (unregistering): Released all slaves [ 396.041442][ T1110] bond1 (unregistering): Released all slaves [ 396.057464][ T1110] bond2 (unregistering): Released all slaves [ 396.072320][ T1110] bond3 (unregistering): Released all slaves [ 396.100180][ T1110] bond4 (unregistering): Released all slaves [ 396.116405][ T1110] bond5 (unregistering): Released all slaves [ 396.139371][ T1110] bond6 (unregistering): Released all slaves [ 396.285915][ T1110] bond7 (unregistering): Released all slaves [ 396.413991][ T1110] bond8 (unregistering): Released all slaves [ 396.431076][ T1110] bond9 (unregistering): Released all slaves [ 396.465921][T11022] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 396.473377][T11022] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 396.501428][T11022] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 396.674213][T11022] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 396.708064][T11022] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 396.744073][T11022] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 397.050523][T11188] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2050'. [ 397.157444][T11022] hsr_slave_0: entered promiscuous mode [ 397.185953][T11022] hsr_slave_1: entered promiscuous mode [ 397.206753][T11022] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 397.209246][T11196] netlink: 'syz.0.2053': attribute type 9 has an invalid length. [ 397.215037][T11022] Cannot create hsr debugfs directory [ 397.238312][T11196] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2053'. [ 397.299090][T11198] 9pnet_fd: Insufficient options for proto=fd [ 397.396572][T11200] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.2056'. [ 397.464867][T11202] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.2057'. [ 398.281688][T10971] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 398.528496][T10971] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 398.560994][T10971] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 398.604575][T11237] netlink: 'syz.0.2066': attribute type 9 has an invalid length. [ 398.615963][T11237] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2066'. [ 398.683317][T11239] 9pnet_fd: Insufficient options for proto=fd [ 398.732518][ T1110] hsr_slave_0: left promiscuous mode [ 398.738689][ T1110] hsr_slave_1: left promiscuous mode [ 398.751507][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 398.759678][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 398.778805][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 398.794115][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 398.806234][ T1110] hsr_slave_0: left promiscuous mode [ 398.813361][ T1110] hsr_slave_1: left promiscuous mode [ 398.840824][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 398.853679][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 398.862215][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 398.879061][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 398.901197][ T1110] hsr_slave_0: left promiscuous mode [ 398.929795][ T1110] hsr_slave_1: left promiscuous mode [ 398.959313][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 398.966809][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 398.975464][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 398.983905][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 399.058172][ T1110] veth1_macvtap: left promiscuous mode [ 399.063800][ T1110] veth0_macvtap: left promiscuous mode [ 399.070031][ T1110] veth1_vlan: left promiscuous mode [ 399.075436][ T1110] veth0_vlan: left promiscuous mode [ 399.082699][ T1110] veth1_macvtap: left promiscuous mode [ 399.088624][ T1110] veth0_macvtap: left promiscuous mode [ 399.094425][ T1110] veth1_vlan: left promiscuous mode [ 399.100287][ T1110] veth0_vlan: left promiscuous mode [ 399.109766][ T1110] veth1_macvtap: left promiscuous mode [ 399.115901][ T1110] veth0_macvtap: left promiscuous mode [ 399.126054][ T1110] veth1_vlan: left promiscuous mode [ 399.167820][ T25] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 399.381438][ T25] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 399.407773][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 399.428852][ T25] usb 1-1: config 0 descriptor?? [ 400.415316][ T25] gs_usb 1-1:0.0: Configuring for 1 interfaces [ 400.844075][ T1110] team0 (unregistering): Port device team_slave_1 removed [ 400.894146][ T1110] team0 (unregistering): Port device team_slave_0 removed [ 401.041422][ T5151] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 401.240777][ T5151] usb 4-1: Using ep0 maxpacket: 8 [ 401.249030][ T5151] usb 4-1: config 0 has no interfaces? [ 401.281672][ T5151] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 401.290999][ T5151] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.316058][ T5151] usb 4-1: Product: syz [ 401.326169][ T5151] usb 4-1: Manufacturer: syz [ 401.330996][ T5151] usb 4-1: SerialNumber: syz [ 401.344566][ T5151] usb 4-1: config 0 descriptor?? [ 401.581438][ T932] usb 4-1: USB disconnect, device number 35 [ 401.950089][ T1110] team0 (unregistering): Port device team_slave_1 removed [ 402.002922][ T1110] team0 (unregistering): Port device team_slave_0 removed [ 402.260204][T11264] netlink: 'syz.3.2077': attribute type 9 has an invalid length. [ 402.269328][T11264] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2077'. [ 403.546304][ T1110] team0 (unregistering): Port device team_slave_1 removed [ 403.630522][ T1110] team0 (unregistering): Port device team_slave_0 removed [ 404.445924][T10971] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 404.662493][ T25] usb 1-1: USB disconnect, device number 50 [ 405.002422][T10971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 405.174039][T10971] 8021q: adding VLAN 0 to HW filter on device team0 [ 405.369539][ T4869] bridge0: port 1(bridge_slave_0) entered blocking state [ 405.376758][ T4869] bridge0: port 1(bridge_slave_0) entered forwarding state [ 405.541934][T10981] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 405.579993][T10981] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 405.591439][ T932] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 405.618569][T10981] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 405.827674][ T932] usb 1-1: Using ep0 maxpacket: 8 [ 405.859288][T10981] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 405.870732][ T932] usb 1-1: config 0 has no interfaces? [ 405.891150][ T932] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 405.902279][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state [ 405.909496][ T5145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 405.929954][ T932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.947980][ T932] usb 1-1: Product: syz [ 405.952212][ T932] usb 1-1: Manufacturer: syz [ 405.956838][ T932] usb 1-1: SerialNumber: syz [ 405.990422][ T932] usb 1-1: config 0 descriptor?? [ 406.222418][ T4869] usb 1-1: USB disconnect, device number 51 [ 406.345868][T11279] syz.3.2083 (11279): drop_caches: 2 [ 406.432254][T11280] syz.3.2083 (11280): drop_caches: 2 [ 406.830941][T10981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 406.847341][T11311] netlink: 'syz.3.2088': attribute type 9 has an invalid length. [ 406.864196][T11311] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2088'. [ 406.893759][T11022] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 406.927227][T11022] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 406.997861][T11022] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 407.009363][T11022] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 407.020491][T11315] input: syz1 as /devices/virtual/input/input28 [ 407.051864][T10981] 8021q: adding VLAN 0 to HW filter on device team0 [ 407.097197][T10971] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 407.139411][ T5151] bridge0: port 1(bridge_slave_0) entered blocking state [ 407.146564][ T5151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 407.230193][ T5151] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.237409][ T5151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 408.092583][T10971] veth0_vlan: entered promiscuous mode [ 408.149079][T11022] 8021q: adding VLAN 0 to HW filter on device bond0 [ 408.167499][T10981] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 408.188712][T10981] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 408.249170][T10971] veth1_vlan: entered promiscuous mode [ 408.282671][T11022] 8021q: adding VLAN 0 to HW filter on device team0 [ 408.351541][ T932] bridge0: port 1(bridge_slave_0) entered blocking state [ 408.358781][ T932] bridge0: port 1(bridge_slave_0) entered forwarding state [ 408.380034][ T932] bridge0: port 2(bridge_slave_1) entered blocking state [ 408.387309][ T932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 408.549974][T10971] veth0_macvtap: entered promiscuous mode [ 408.649099][T10971] veth1_macvtap: entered promiscuous mode [ 408.706061][T10971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.728278][T10971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.742035][T10971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.756405][T10971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.786472][T10971] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 409.703491][T10971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.716936][T10971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.733212][T10971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.747958][T10971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.773972][T10971] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 409.784509][T11350] netlink: 'syz.3.2100': attribute type 9 has an invalid length. [ 409.803268][T10971] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.803388][T11350] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2100'. [ 409.817332][T10971] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.831736][T10971] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.841350][T10971] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.968022][T10981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 410.197218][T10981] veth0_vlan: entered promiscuous mode [ 410.318537][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 410.326439][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 410.339752][T10981] veth1_vlan: entered promiscuous mode [ 410.576076][T11022] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 410.644772][ T2833] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 410.656604][T10981] veth0_macvtap: entered promiscuous mode [ 410.669988][ T2833] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 410.739943][T10981] veth1_macvtap: entered promiscuous mode [ 410.841672][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 410.960913][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.132389][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.216992][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.247165][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.542736][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.587159][T10981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 411.649931][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.708016][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.750290][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.797816][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.817687][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.836894][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.884320][T10981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 411.922512][T11385] syz.2.1980 (11385): drop_caches: 2 [ 411.951750][T10981] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 411.991403][T11385] syz.2.1980 (11385): drop_caches: 2 [ 411.997119][T10981] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.019424][T10981] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.035603][T10981] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.306055][T11384] syz.2.1980 (11384): drop_caches: 2 [ 412.419240][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 412.427111][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 412.537043][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 412.563815][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 412.633767][T11022] veth0_vlan: entered promiscuous mode [ 412.710059][T11022] veth1_vlan: entered promiscuous mode [ 412.882386][T11022] veth0_macvtap: entered promiscuous mode [ 412.951972][T11022] veth1_macvtap: entered promiscuous mode [ 413.045915][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.096703][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.126970][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.146470][T11426] netlink: 'syz.2.2112': attribute type 9 has an invalid length. [ 413.178949][T11426] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2112'. [ 413.188357][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.188399][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.188420][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.188436][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.188452][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.190598][T11022] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 413.440393][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 413.527477][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.540487][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 413.561512][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.575912][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 413.586889][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.602214][T11022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 413.613468][T11022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.663561][T11022] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 413.763579][T11022] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.814469][T11022] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.849922][T11022] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.898112][T11022] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.209698][ T973] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 414.279598][ T973] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 414.657335][ T2932] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 414.685651][ T2932] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 415.230082][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 415.230105][ T29] audit: type=1326 audit(1721519324.764:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11466 comm="syz.4.2002" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9ee0175b59 code=0x0 [ 415.642555][T11478] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 416.648910][T11497] netlink: 'syz.1.2128': attribute type 9 has an invalid length. [ 416.723082][T11497] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2128'. [ 417.099926][T11520] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2136'. [ 417.190840][T11525] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2135'. [ 417.557829][ T9] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 417.691262][T11525] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 417.831599][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 417.892549][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 418.138851][ T9] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 418.190160][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.481197][ T9] usb 2-1: config 0 descriptor?? [ 418.627716][ T29] audit: type=1326 audit(1721519328.164:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11545 comm="syz.2.2141" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7f5f75b59 code=0x0 [ 418.680599][ T9] gspca_main: spca561-2.14.0 probing abcd:cdee [ 419.236159][ T9] spca561 2-1:0.0: probe with driver spca561 failed with error -22 [ 419.938797][ T5107] Bluetooth: hci4: sending frame failed (-49) [ 419.957149][ T54] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 420.033972][ T9] usb 2-1: MIDIStreaming interface descriptor not found [ 420.210414][T11570] syz.0.2146 (11570): drop_caches: 2 [ 420.210464][T11569] syz.0.2146 (11569): drop_caches: 2 [ 420.253664][T11570] syz.0.2146 (11570): drop_caches: 2 [ 420.296238][T11569] syz.0.2146 (11569): drop_caches: 2 [ 421.649979][ T29] audit: type=1326 audit(1721519331.194:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11610 comm="syz.0.2158" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2232975b59 code=0x0 [ 421.811985][T11612] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 440.431946][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.438396][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.870848][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.877275][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 509.067828][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 509.074455][ T54] Bluetooth: hci0: command 0x0406 tx timeout [ 563.312131][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.318757][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.867767][ T30] INFO: task kworker/0:1:9 blocked for more than 143 seconds. [ 565.875312][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 565.882705][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 565.897690][ T30] task:kworker/0:1 state:D stack:21592 pid:9 tgid:9 ppid:2 flags:0x00004000 [ 565.915384][ T30] Workqueue: usb_hub_wq hub_event [ 565.920855][ T30] Call Trace: [ 565.924180][ T30] [ 565.927164][ T30] __schedule+0x17ae/0x4a10 [ 565.939694][ T30] ? __pfx___schedule+0x10/0x10 [ 565.944674][ T30] ? __pfx_lock_release+0x10/0x10 [ 565.957328][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 565.966101][ T30] ? kthread_data+0x52/0xd0 [ 565.973119][ T30] ? schedule+0x90/0x320 [ 565.977419][ T30] ? wq_worker_sleeping+0x66/0x240 [ 565.983036][ T30] ? schedule+0x90/0x320 [ 565.987332][ T30] schedule+0x14b/0x320 [ 565.991588][ T30] schedule_preempt_disabled+0x13/0x30 [ 565.997104][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 566.003401][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 566.009980][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 566.016565][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 566.021733][ T30] ? __kernfs_new_node+0x559/0x870 [ 566.026914][ T30] down_write+0x1d7/0x220 [ 566.031401][ T30] ? __pfx_down_write+0x10/0x10 [ 566.036318][ T30] kernfs_add_one+0x9a/0x8b0 [ 566.049257][ T30] kernfs_create_dir_ns+0xd9/0x120 [ 566.054459][ T30] internal_create_group+0x4f5/0x11d0 [ 566.059980][ T30] ? __pfx_internal_create_group+0x10/0x10 [ 566.067397][ T30] ? device_add_attrs+0x48c/0x600 [ 566.072559][ T30] ? __pfx_device_add_attrs+0x10/0x10 [ 566.083786][ T30] ? bus_add_device+0xde/0x460 [ 566.088677][ T30] dpm_sysfs_add+0x69/0x280 [ 566.093419][ T30] device_add+0x5bc/0xbf0 [ 566.103489][ T30] usb_create_ep_devs+0x130/0x230 [ 566.109215][ T30] usb_new_device+0x1168/0x19a0 [ 566.114147][ T30] ? __pfx_usb_new_device+0x10/0x10 [ 566.126014][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 566.131370][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 566.136623][ T30] hub_event+0x2d6a/0x5150 [ 566.141348][ T30] ? __pfx_hub_event+0x10/0x10 [ 566.146162][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 566.156793][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 566.162919][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 566.171747][ T30] ? process_scheduled_works+0x945/0x1830 [ 566.177607][ T30] process_scheduled_works+0xa2c/0x1830 [ 566.183227][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 566.189339][ T30] ? assign_work+0x364/0x3d0 [ 566.193978][ T30] worker_thread+0x86d/0xd40 [ 566.198681][ T30] ? __kthread_parkme+0x169/0x1d0 [ 566.203774][ T30] ? __pfx_worker_thread+0x10/0x10 [ 566.208972][ T30] kthread+0x2f0/0x390 [ 566.213173][ T30] ? __pfx_worker_thread+0x10/0x10 [ 566.218435][ T30] ? __pfx_kthread+0x10/0x10 [ 566.223161][ T30] ret_from_fork+0x4b/0x80 [ 566.233021][ T30] ? __pfx_kthread+0x10/0x10 [ 566.237734][ T30] ret_from_fork_asm+0x1a/0x30 [ 566.242565][ T30] [ 566.245695][ T30] INFO: task udevd:4545 blocked for more than 143 seconds. [ 566.257609][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 566.264945][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 566.281808][ T30] task:udevd state:D stack:21632 pid:4545 tgid:4545 ppid:1 flags:0x00000002 [ 566.293473][ T30] Call Trace: [ 566.296798][ T30] [ 566.304359][ T30] __schedule+0x17ae/0x4a10 [ 566.310324][ T30] ? __pfx___schedule+0x10/0x10 [ 566.315356][ T30] ? __pfx_lock_release+0x10/0x10 [ 566.320658][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 566.326606][ T30] ? __wait_on_freeing_inode+0x250/0x3f0 [ 566.338905][ T30] ? schedule+0x90/0x320 [ 566.343223][ T30] schedule+0x14b/0x320 [ 566.347425][ T30] ? __wait_on_freeing_inode+0x250/0x3f0 [ 566.357267][ T30] __wait_on_freeing_inode+0x2a4/0x3f0 [ 566.365256][ T30] ? __pfx___wait_on_freeing_inode+0x10/0x10 [ 566.376292][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 566.385081][ T30] find_inode_fast+0x2a0/0x460 [ 566.390346][ T30] ? find_inode_fast+0xcd/0x460 [ 566.395273][ T30] iget_locked+0xab/0x820 [ 566.400058][ T30] kernfs_get_inode+0x51/0x790 [ 566.404897][ T30] kernfs_iop_lookup+0x266/0x390 [ 566.409944][ T30] __lookup_slow+0x28c/0x3f0 [ 566.414594][ T30] ? __pfx___lookup_slow+0x10/0x10 [ 566.419811][ T30] ? __d_lookup+0x64/0x7b0 [ 566.424447][ T30] ? make_vfsuid+0x46/0x90 [ 566.428983][ T30] ? link_path_walk+0xc60/0xea0 [ 566.434327][ T30] lookup_slow+0x53/0x70 [ 566.438694][ T30] walk_component+0x2e1/0x410 [ 566.443431][ T30] path_lookupat+0x16f/0x450 [ 566.448109][ T30] filename_lookup+0x256/0x610 [ 566.452930][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 566.467699][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 566.477629][ T30] ? getname_flags+0x1e3/0x540 [ 566.486932][ T30] do_readlinkat+0xf0/0x3a0 [ 566.493554][ T30] ? __pfx_do_readlinkat+0x10/0x10 [ 566.499687][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 566.506383][ T30] ? do_syscall_64+0x100/0x230 [ 566.511646][ T30] __x64_sys_readlink+0x7f/0x90 [ 566.516706][ T30] do_syscall_64+0xf3/0x230 [ 566.534106][ T30] ? clear_bhb_loop+0x35/0x90 [ 566.539092][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.545271][ T30] RIP: 0033:0x7f7832517d47 [ 566.555712][ T30] RSP: 002b:00007ffe07854cf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000059 [ 566.564581][ T30] RAX: ffffffffffffffda RBX: 00007ffe07854d08 RCX: 00007f7832517d47 [ 566.579762][ T30] RDX: 0000000000000400 RSI: 00007ffe07854d08 RDI: 00007ffe078551e8 [ 566.591787][ T30] RBP: 0000000000000400 R08: 00005585821e2d54 R09: 0000000000000000 [ 566.601501][ T30] R10: 0000000000000812 R11: 0000000000000246 R12: 00007ffe078551e8 [ 566.609695][ T30] R13: 00007ffe07855158 R14: 00005585821bc910 R15: 0000000000000000 [ 566.617990][ T30] [ 566.623011][ T30] INFO: task modprobe:11571 blocked for more than 144 seconds. [ 566.630757][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 566.638783][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 566.653718][ T30] task:modprobe state:D stack:23680 pid:11571 tgid:11571 ppid:10921 flags:0x00000002 [ 566.664423][ T30] Call Trace: [ 566.667973][ T30] [ 566.671033][ T30] __schedule+0x17ae/0x4a10 [ 566.676259][ T30] ? __pfx___schedule+0x10/0x10 [ 566.682362][ T30] ? __pfx_lock_release+0x10/0x10 [ 566.687623][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 566.697639][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 566.704085][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 566.716339][ T30] ? schedule+0x90/0x320 [ 566.720741][ T30] schedule+0x14b/0x320 [ 566.724958][ T30] ? down_read+0x6a5/0xa40 [ 566.729787][ T30] schedule_preempt_disabled+0x13/0x30 [ 566.735419][ T30] down_read+0x705/0xa40 [ 566.747205][ T30] ? __pfx_down_read+0x10/0x10 [ 566.752190][ T30] ? __d_lookup+0x64/0x7b0 [ 566.756829][ T30] ? __d_lookup+0x706/0x7b0 [ 566.767238][ T30] kernfs_dop_revalidate+0xd4/0x560 [ 566.772617][ T30] lookup_fast+0x1f4/0x4a0 [ 566.777096][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 566.783445][ T30] ? security_inode_permission+0xb7/0x100 [ 566.791335][ T30] link_path_walk+0x672/0xea0 [ 566.796192][ T30] path_lookupat+0xa9/0x450 [ 566.800852][ T30] filename_lookup+0x256/0x610 [ 566.805674][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 566.811111][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 566.816288][ T30] ? getname_flags+0x1e3/0x540 [ 566.823193][ T30] user_path_at+0x3a/0x60 [ 566.827979][ T30] user_statfs+0xd6/0x460 [ 566.832406][ T30] ? vma_end_read+0x18/0x170 [ 566.837047][ T30] ? __pfx_user_statfs+0x10/0x10 [ 566.842113][ T30] __x64_sys_statfs+0xe8/0x1a0 [ 566.846934][ T30] ? __pfx___x64_sys_statfs+0x10/0x10 [ 566.854426][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 566.860560][ T30] ? exc_page_fault+0x590/0x8c0 [ 566.865479][ T30] ? do_syscall_64+0xb6/0x230 [ 566.870316][ T30] do_syscall_64+0xf3/0x230 [ 566.874879][ T30] ? clear_bhb_loop+0x35/0x90 [ 566.879689][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.886185][ T30] RIP: 0033:0x7f4febe4868a [ 566.890945][ T30] RSP: 002b:00007ffdc9492798 EFLAGS: 00000246 ORIG_RAX: 0000000000000089 [ 566.899768][ T30] RAX: ffffffffffffffda RBX: 00007f4febd6d4f8 RCX: 00007f4febe4868a [ 566.908945][ T30] RDX: 00007f4febd6f19c RSI: 00007ffdc9492810 RDI: 00007f4febd65723 [ 566.917010][ T30] RBP: 00007f4febd65723 R08: 0000000000000000 R09: 000000000000000d [ 566.925151][ T30] R10: 00007ffdc94925c0 R11: 0000000000000246 R12: 00007ffdc9492810 [ 566.934627][ T30] R13: 00007ffdc9492988 R14: 00007ffdc94929b0 R15: 0000000000000000 [ 566.942770][ T30] [ 566.945835][ T30] INFO: task syz.3.2149:11586 blocked for more than 144 seconds. [ 566.953667][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 566.962329][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 566.971346][ T30] task:syz.3.2149 state:D stack:27392 pid:11586 tgid:11579 ppid:5094 flags:0x00000004 [ 566.981820][ T30] Call Trace: [ 566.985629][ T30] [ 566.989047][ T30] __schedule+0x17ae/0x4a10 [ 566.994249][ T30] ? __pfx___schedule+0x10/0x10 [ 566.999252][ T30] ? __pfx_lock_release+0x10/0x10 [ 567.004538][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 567.010734][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 567.017139][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 567.022500][ T30] ? schedule+0x90/0x320 [ 567.026784][ T30] schedule+0x14b/0x320 [ 567.032167][ T30] ? down_read+0x6a5/0xa40 [ 567.036641][ T30] schedule_preempt_disabled+0x13/0x30 [ 567.044265][ T30] down_read+0x705/0xa40 [ 567.048667][ T30] ? __pfx_down_read+0x10/0x10 [ 567.053466][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 567.058754][ T30] ? __d_lookup+0x64/0x7b0 [ 567.063225][ T30] ? __d_lookup+0x64/0x7b0 [ 567.069779][ T30] ? __d_lookup+0x706/0x7b0 [ 567.074408][ T30] kernfs_dop_revalidate+0xd4/0x560 [ 567.079705][ T30] lookup_fast+0x1f4/0x4a0 [ 567.084198][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 567.090545][ T30] ? security_inode_permission+0xb7/0x100 [ 567.096405][ T30] link_path_walk+0x672/0xea0 [ 567.101327][ T30] path_openat+0x25d/0x3470 [ 567.105904][ T30] ? mark_lock+0x9a/0x350 [ 567.110351][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 567.115764][ T30] ? __lock_acquire+0x137a/0x2040 [ 567.120951][ T30] ? __pfx_path_openat+0x10/0x10 [ 567.125970][ T30] do_filp_open+0x235/0x490 [ 567.130586][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 567.135665][ T30] ? _raw_spin_unlock+0x28/0x50 [ 567.140983][ T30] ? alloc_fd+0x5a1/0x640 [ 567.145385][ T30] do_sys_openat2+0x13e/0x1d0 [ 567.150753][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 567.156046][ T30] __x64_sys_openat+0x247/0x2a0 [ 567.161055][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 567.166474][ T30] ? do_syscall_64+0x100/0x230 [ 567.171710][ T30] ? do_syscall_64+0xb6/0x230 [ 567.176480][ T30] do_syscall_64+0xf3/0x230 [ 567.181614][ T30] ? clear_bhb_loop+0x35/0x90 [ 567.186354][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.193926][ T30] RIP: 0033:0x7efd29975b59 [ 567.198490][ T30] RSP: 002b:00007efd2a68a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 567.206963][ T30] RAX: ffffffffffffffda RBX: 00007efd29b06038 RCX: 00007efd29975b59 [ 567.215138][ T30] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 567.223272][ T30] RBP: 00007efd299e4e5d R08: 0000000000000000 R09: 0000000000000000 [ 567.231919][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 567.240344][ T30] R13: 000000000000006e R14: 00007efd29b06038 R15: 00007ffe6691f438 [ 567.249740][ T30] [ 567.252881][ T30] INFO: task sed:11580 blocked for more than 144 seconds. [ 567.260290][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 567.269598][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 567.278491][ T30] task:sed state:D stack:23680 pid:11580 tgid:11580 ppid:11578 flags:0x00000002 [ 567.291550][ T30] Call Trace: [ 567.294965][ T30] [ 567.298157][ T30] __schedule+0x17ae/0x4a10 [ 567.302745][ T30] ? __pfx___schedule+0x10/0x10 [ 567.307707][ T30] ? __pfx_lock_release+0x10/0x10 [ 567.312782][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 567.318979][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 567.325363][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 567.330718][ T30] ? schedule+0x90/0x320 [ 567.335510][ T30] schedule+0x14b/0x320 [ 567.339834][ T30] ? down_read+0x6a5/0xa40 [ 567.344295][ T30] schedule_preempt_disabled+0x13/0x30 [ 567.349869][ T30] down_read+0x705/0xa40 [ 567.354190][ T30] ? __pfx_down_read+0x10/0x10 [ 567.359071][ T30] ? __d_lookup+0x64/0x7b0 [ 567.363538][ T30] ? __d_lookup+0x706/0x7b0 [ 567.368144][ T30] kernfs_dop_revalidate+0xd4/0x560 [ 567.373395][ T30] lookup_fast+0x1f4/0x4a0 [ 567.378034][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 567.383554][ T30] ? security_inode_permission+0xb7/0x100 [ 567.389628][ T30] link_path_walk+0x672/0xea0 [ 567.394958][ T30] path_lookupat+0xa9/0x450 [ 567.402292][ T30] filename_lookup+0x256/0x610 [ 567.407152][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 567.412579][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 567.417816][ T30] ? getname_flags+0x1e3/0x540 [ 567.422757][ T30] user_path_at+0x3a/0x60 [ 567.427151][ T30] user_statfs+0xd6/0x460 [ 567.431655][ T30] ? vma_end_read+0x18/0x170 [ 567.436544][ T30] ? __pfx_user_statfs+0x10/0x10 [ 567.441815][ T30] __x64_sys_statfs+0xe8/0x1a0 [ 567.446644][ T30] ? __pfx___x64_sys_statfs+0x10/0x10 [ 567.452170][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 567.458255][ T30] ? exc_page_fault+0x590/0x8c0 [ 567.463197][ T30] ? do_syscall_64+0xb6/0x230 [ 567.469415][ T30] do_syscall_64+0xf3/0x230 [ 567.474023][ T30] ? clear_bhb_loop+0x35/0x90 [ 567.478855][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.484973][ T30] RIP: 0033:0x7f40fc4c368a [ 567.489823][ T30] RSP: 002b:00007fffad337928 EFLAGS: 00000246 ORIG_RAX: 0000000000000089 [ 567.500223][ T30] RAX: ffffffffffffffda RBX: 00007f40fc3e84f8 RCX: 00007f40fc4c368a [ 567.508543][ T30] RDX: 00007f40fc3ea19c RSI: 00007fffad3379a0 RDI: 00007f40fc3e0723 [ 567.516575][ T30] RBP: 00007f40fc3e0723 R08: 0000000000000000 R09: 000000000000000d [ 567.524656][ T30] R10: 00007fffad337750 R11: 0000000000000246 R12: 00007fffad3379a0 [ 567.532732][ T30] R13: 00007fffad337b18 R14: 00007fffad337b40 R15: 0000000000000000 [ 567.540841][ T30] [ 567.543903][ T30] INFO: task modprobe:11582 blocked for more than 145 seconds. [ 567.551838][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 567.559264][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 567.568126][ T30] task:modprobe state:D stack:23680 pid:11582 tgid:11582 ppid:1110 flags:0x00000002 [ 567.578400][ T30] Call Trace: [ 567.581722][ T30] [ 567.584678][ T30] __schedule+0x17ae/0x4a10 [ 567.589334][ T30] ? __pfx___schedule+0x10/0x10 [ 567.594220][ T30] ? __pfx_lock_release+0x10/0x10 [ 567.600929][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 567.606976][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 567.613427][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 567.618656][ T30] ? schedule+0x90/0x320 [ 567.622976][ T30] schedule+0x14b/0x320 [ 567.627156][ T30] ? down_read+0x6a5/0xa40 [ 567.631696][ T30] schedule_preempt_disabled+0x13/0x30 [ 567.637199][ T30] down_read+0x705/0xa40 [ 567.641671][ T30] ? __pfx_down_read+0x10/0x10 [ 567.646476][ T30] ? __d_lookup+0x64/0x7b0 [ 567.651057][ T30] ? __d_lookup+0x706/0x7b0 [ 567.655685][ T30] kernfs_dop_revalidate+0xd4/0x560 [ 567.660983][ T30] lookup_fast+0x1f4/0x4a0 [ 567.665431][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 567.670995][ T30] ? security_inode_permission+0xb7/0x100 [ 567.676905][ T30] link_path_walk+0x672/0xea0 [ 567.681830][ T30] path_lookupat+0xa9/0x450 [ 567.686482][ T30] filename_lookup+0x256/0x610 [ 567.691798][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 567.697246][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 567.703823][ T30] ? getname_flags+0x1e3/0x540 [ 567.708857][ T30] user_path_at+0x3a/0x60 [ 567.713352][ T30] user_statfs+0xd6/0x460 [ 567.718251][ T30] ? vma_end_read+0x18/0x170 [ 567.723011][ T30] ? __pfx_user_statfs+0x10/0x10 [ 567.728060][ T30] __x64_sys_statfs+0xe8/0x1a0 [ 567.732919][ T30] ? __pfx___x64_sys_statfs+0x10/0x10 [ 567.738461][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 567.744613][ T30] ? exc_page_fault+0x590/0x8c0 [ 567.749551][ T30] ? do_syscall_64+0xb6/0x230 [ 567.754282][ T30] do_syscall_64+0xf3/0x230 [ 567.758991][ T30] ? clear_bhb_loop+0x35/0x90 [ 567.763707][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.769828][ T30] RIP: 0033:0x7f66d2e5e68a [ 567.774264][ T30] RSP: 002b:00007fffc142b518 EFLAGS: 00000246 ORIG_RAX: 0000000000000089 [ 567.783539][ T30] RAX: ffffffffffffffda RBX: 00007f66d2d834f8 RCX: 00007f66d2e5e68a [ 567.791777][ T30] RDX: 00007f66d2d8519c RSI: 00007fffc142b590 RDI: 00007f66d2d7b723 [ 567.800041][ T30] RBP: 00007f66d2d7b723 R08: 0000000000000000 R09: 000000000000000d [ 567.809285][ T30] R10: 00007fffc142b340 R11: 0000000000000246 R12: 00007fffc142b590 [ 567.817473][ T30] R13: 00007fffc142b708 R14: 00007fffc142b730 R15: 0000000000000000 [ 567.825564][ T30] [ 567.828654][ T30] INFO: task syz.4.2150:11585 blocked for more than 145 seconds. [ 567.836367][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 567.843754][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 567.852506][ T30] task:syz.4.2150 state:D stack:23800 pid:11585 tgid:11583 ppid:11022 flags:0x00000004 [ 567.862787][ T30] Call Trace: [ 567.866087][ T30] [ 567.869090][ T30] __schedule+0x17ae/0x4a10 [ 567.873731][ T30] ? __pfx___schedule+0x10/0x10 [ 567.878690][ T30] ? __pfx_lock_release+0x10/0x10 [ 567.883760][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 567.889907][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 567.896262][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 567.901498][ T30] ? schedule+0x90/0x320 [ 567.906926][ T30] schedule+0x14b/0x320 [ 567.911270][ T30] schedule_preempt_disabled+0x13/0x30 [ 567.916771][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 567.923164][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 567.929217][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 567.935521][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 567.940704][ T30] ? __kernfs_new_node+0x559/0x870 [ 567.945861][ T30] ? mark_lock+0x9a/0x350 [ 567.950363][ T30] down_write+0x1d7/0x220 [ 567.954744][ T30] ? __pfx_down_write+0x10/0x10 [ 567.959745][ T30] ? make_kgid+0x1f6/0x6f0 [ 567.964211][ T30] kernfs_add_one+0x9a/0x8b0 [ 567.969173][ T30] kernfs_create_dir_ns+0xd9/0x120 [ 567.974431][ T30] sysfs_create_dir_ns+0x189/0x3a0 [ 567.979659][ T30] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 567.985433][ T30] kobject_add_internal+0x435/0x8d0 [ 567.990882][ T30] kobject_add+0x152/0x220 [ 567.995365][ T30] ? kobject_put+0x43a/0x480 [ 568.000087][ T30] ? __pfx_kobject_add+0x10/0x10 [ 568.005069][ T30] ? kobject_put+0x443/0x480 [ 568.010993][ T30] ? get_device_parent+0x25d/0x410 [ 568.016193][ T30] ? device_add+0x318/0xbf0 [ 568.020868][ T30] device_add+0x4e5/0xbf0 [ 568.025284][ T30] ? device_initialize+0x266/0x460 [ 568.030505][ T30] netdev_register_kobject+0x17e/0x320 [ 568.035993][ T30] register_netdevice+0x12c5/0x1b00 [ 568.041341][ T30] ? __pfx_register_netdevice+0x10/0x10 [ 568.046933][ T30] ? tun_net_initialize+0x153/0x480 [ 568.052321][ T30] ? __pfx_tun_net_initialize+0x10/0x10 [ 568.058030][ T30] tun_set_iff+0x85f/0xe80 [ 568.062519][ T30] __tun_chr_ioctl+0x866/0x2400 [ 568.067421][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 568.072803][ T30] ? __fget_files+0x3f6/0x470 [ 568.077794][ T30] ? __fget_files+0x29/0x470 [ 568.082427][ T30] ? bpf_lsm_file_ioctl+0x9/0x10 [ 568.087371][ T30] ? security_file_ioctl+0x87/0xb0 [ 568.092546][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 568.097811][ T30] __se_sys_ioctl+0xfc/0x170 [ 568.102474][ T30] do_syscall_64+0xf3/0x230 [ 568.106988][ T30] ? clear_bhb_loop+0x35/0x90 [ 568.115428][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.121965][ T30] RIP: 0033:0x7f9ee0175b59 [ 568.126426][ T30] RSP: 002b:00007f9ee0f15048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 568.135058][ T30] RAX: ffffffffffffffda RBX: 00007f9ee0305f60 RCX: 00007f9ee0175b59 [ 568.143095][ T30] RDX: 0000000020000200 RSI: 00000000400454ca RDI: 0000000000000005 [ 568.151222][ T30] RBP: 00007f9ee01e4e5d R08: 0000000000000000 R09: 0000000000000000 [ 568.159284][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 568.167268][ T30] R13: 000000000000000b R14: 00007f9ee0305f60 R15: 00007ffeb6f01318 [ 568.175446][ T30] [ 568.178587][ T30] INFO: task syz.4.2150:11587 blocked for more than 145 seconds. [ 568.186347][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 568.194032][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 568.202923][ T30] task:syz.4.2150 state:D stack:27392 pid:11587 tgid:11583 ppid:11022 flags:0x00000004 [ 568.214745][ T30] Call Trace: [ 568.218356][ T30] [ 568.221346][ T30] __schedule+0x17ae/0x4a10 [ 568.225942][ T30] ? __pfx___schedule+0x10/0x10 [ 568.230910][ T30] ? __pfx_lock_release+0x10/0x10 [ 568.236056][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 568.241644][ T30] ? schedule+0x90/0x320 [ 568.245952][ T30] schedule+0x14b/0x320 [ 568.250250][ T30] schedule_preempt_disabled+0x13/0x30 [ 568.255742][ T30] __mutex_lock+0x6a4/0xd70 [ 568.260441][ T30] ? __mutex_lock+0x527/0xd70 [ 568.265170][ T30] ? __tun_chr_ioctl+0x41c/0x2400 [ 568.270439][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 568.275550][ T30] ? __might_fault+0xc6/0x120 [ 568.280368][ T30] __tun_chr_ioctl+0x41c/0x2400 [ 568.285288][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 568.290750][ T30] ? __fget_files+0x3f6/0x470 [ 568.295471][ T30] ? __fget_files+0x29/0x470 [ 568.300900][ T30] ? bpf_lsm_file_ioctl+0x9/0x10 [ 568.305887][ T30] ? security_file_ioctl+0x87/0xb0 [ 568.311091][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 568.317394][ T30] __se_sys_ioctl+0xfc/0x170 [ 568.322155][ T30] do_syscall_64+0xf3/0x230 [ 568.327139][ T30] ? clear_bhb_loop+0x35/0x90 [ 568.331998][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.338165][ T30] RIP: 0033:0x7f9ee0175b59 [ 568.342617][ T30] RSP: 002b:00007f9ee0ef4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 568.351490][ T30] RAX: ffffffffffffffda RBX: 00007f9ee0306038 RCX: 00007f9ee0175b59 [ 568.359564][ T30] RDX: 0000000020000000 RSI: 00000000400454d9 RDI: 0000000000000005 [ 568.368607][ T30] RBP: 00007f9ee01e4e5d R08: 0000000000000000 R09: 0000000000000000 [ 568.376845][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 568.384914][ T30] R13: 000000000000006e R14: 00007f9ee0306038 R15: 00007ffeb6f01318 [ 568.392984][ T30] [ 568.396108][ T30] INFO: task syz.2.2154:11598 blocked for more than 145 seconds. [ 568.403912][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 568.411365][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 568.421589][ T30] task:syz.2.2154 state:D stack:25984 pid:11598 tgid:11597 ppid:10971 flags:0x00000004 [ 568.432815][ T30] Call Trace: [ 568.436134][ T30] [ 568.439162][ T30] __schedule+0x17ae/0x4a10 [ 568.443746][ T30] ? __pfx___schedule+0x10/0x10 [ 568.448714][ T30] ? __pfx_lock_release+0x10/0x10 [ 568.453802][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 568.459378][ T30] ? schedule+0x90/0x320 [ 568.463741][ T30] schedule+0x14b/0x320 [ 568.468018][ T30] schedule_preempt_disabled+0x13/0x30 [ 568.473708][ T30] __mutex_lock+0x6a4/0xd70 [ 568.478315][ T30] ? __mutex_lock+0x527/0xd70 [ 568.483205][ T30] ? nl80211_pre_doit+0x5f/0x8b0 [ 568.488276][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 568.493343][ T30] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 568.499715][ T30] ? __nla_parse+0x40/0x60 [ 568.504177][ T30] nl80211_pre_doit+0x5f/0x8b0 [ 568.509161][ T30] genl_rcv_msg+0xaaa/0xec0 [ 568.513717][ T30] ? mark_lock+0x9a/0x350 [ 568.518201][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 568.526661][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 568.531787][ T30] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 568.537242][ T30] ? __pfx_nl80211_del_key+0x10/0x10 [ 568.542699][ T30] ? __pfx_nl80211_post_doit+0x10/0x10 [ 568.548325][ T30] ? __pfx___might_resched+0x10/0x10 [ 568.553674][ T30] netlink_rcv_skb+0x1e3/0x430 [ 568.558547][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 568.563616][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 568.569031][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 568.574550][ T30] genl_rcv+0x28/0x40 [ 568.578687][ T30] netlink_unicast+0x7f0/0x990 [ 568.583596][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 568.589104][ T30] ? __virt_addr_valid+0x183/0x530 [ 568.594284][ T30] ? __check_object_size+0x49c/0x900 [ 568.599680][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 568.604833][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 568.610125][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 568.615447][ T30] ? __import_iovec+0x536/0x820 [ 568.622033][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 568.627374][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 568.633130][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 568.638502][ T30] __sock_sendmsg+0x221/0x270 [ 568.643223][ T30] ____sys_sendmsg+0x525/0x7d0 [ 568.648098][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 568.653432][ T30] __sys_sendmsg+0x2b0/0x3a0 [ 568.658323][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 568.664120][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 568.670552][ T30] ? do_syscall_64+0x100/0x230 [ 568.675382][ T30] ? do_syscall_64+0xb6/0x230 [ 568.680176][ T30] do_syscall_64+0xf3/0x230 [ 568.684769][ T30] ? clear_bhb_loop+0x35/0x90 [ 568.689578][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.695529][ T30] RIP: 0033:0x7fd7f5f75b59 [ 568.700173][ T30] RSP: 002b:00007fd7f6c8c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 568.708773][ T30] RAX: ffffffffffffffda RBX: 00007fd7f6105f60 RCX: 00007fd7f5f75b59 [ 568.716788][ T30] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000004 [ 568.726262][ T30] RBP: 00007fd7f5fe4e5d R08: 0000000000000000 R09: 0000000000000000 [ 568.734350][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 568.742409][ T30] R13: 000000000000000b R14: 00007fd7f6105f60 R15: 00007ffe6adf83c8 [ 568.750909][ T30] [ 568.754321][ T30] INFO: task syz.2.2154:11603 blocked for more than 146 seconds. [ 568.762145][ T30] Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 568.769521][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 568.778270][ T30] task:syz.2.2154 state:D stack:25984 pid:11603 tgid:11597 ppid:10971 flags:0x00000004 [ 568.788686][ T30] Call Trace: [ 568.792005][ T30] [ 568.795006][ T30] __schedule+0x17ae/0x4a10 [ 568.799686][ T30] ? __pfx___schedule+0x10/0x10 [ 568.804601][ T30] ? __pfx_lock_release+0x10/0x10 [ 568.809750][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 568.815284][ T30] ? schedule+0x90/0x320 [ 568.819790][ T30] schedule+0x14b/0x320 [ 568.823981][ T30] schedule_preempt_disabled+0x13/0x30 [ 568.831161][ T30] __mutex_lock+0x6a4/0xd70 [ 568.835736][ T30] ? __mutex_lock+0x527/0xd70 [ 568.840500][ T30] ? tipc_nl_compat_doit+0x21e/0x610 [ 568.845814][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 568.850973][ T30] ? __pfx___alloc_skb+0x10/0x10 [ 568.856037][ T30] ? tipc_nl_compat_doit+0x1aa/0x610 [ 568.861391][ T30] ? tipc_nl_compat_doit+0x130/0x610 [ 568.866878][ T30] ? tipc_nl_compat_doit+0x1aa/0x610 [ 568.872339][ T30] ? __kmalloc_noprof+0x21a/0x400 [ 568.877435][ T30] tipc_nl_compat_doit+0x21e/0x610 [ 568.882739][ T30] ? __pfx_tipc_nl_compat_doit+0x10/0x10 [ 568.888541][ T30] ? cap_capable+0x1b4/0x250 [ 568.893268][ T30] ? bpf_lsm_capable+0x9/0x10 [ 568.898108][ T30] ? security_capable+0x90/0xb0 [ 568.903003][ T30] tipc_nl_compat_recv+0xe25/0x14c0 [ 568.908383][ T30] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 568.914143][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 568.920191][ T30] ? genl_rcv_msg+0x121/0xec0 [ 568.924900][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 568.932886][ T30] ? __pfx___tipc_nl_bearer_enable+0x10/0x10 [ 568.939195][ T30] ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10 [ 568.945685][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 568.950832][ T30] ? genl_get_cmd+0x71c/0xbe0 [ 568.955553][ T30] genl_rcv_msg+0xb14/0xec0 [ 568.960149][ T30] ? mark_lock+0x9a/0x350 [ 568.964608][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 568.969791][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 568.974852][ T30] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 568.980561][ T30] ? __pfx___might_resched+0x10/0x10 [ 568.985888][ T30] netlink_rcv_skb+0x1e3/0x430 [ 568.990782][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 568.995846][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 569.001278][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 569.006790][ T30] genl_rcv+0x28/0x40 [ 569.010896][ T30] netlink_unicast+0x7f0/0x990 [ 569.015896][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 569.021294][ T30] ? __virt_addr_valid+0x183/0x530 [ 569.026546][ T30] ? __check_object_size+0x49c/0x900 [ 569.033352][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 569.038588][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 569.043435][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 569.049139][ T30] ? __import_iovec+0x536/0x820 [ 569.054049][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 569.059450][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 569.064969][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 569.070372][ T30] __sock_sendmsg+0x221/0x270 [ 569.075128][ T30] ____sys_sendmsg+0x525/0x7d0 [ 569.080024][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 569.085461][ T30] __sys_sendmsg+0x2b0/0x3a0 [ 569.090195][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 569.095386][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 569.101800][ T30] ? do_syscall_64+0x100/0x230 [ 569.106591][ T30] ? do_syscall_64+0xb6/0x230 [ 569.111391][ T30] do_syscall_64+0xf3/0x230 [ 569.115944][ T30] ? clear_bhb_loop+0x35/0x90 [ 569.120706][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.126654][ T30] RIP: 0033:0x7fd7f5f75b59 [ 569.131258][ T30] RSP: 002b:00007fd7f59ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 569.140929][ T30] RAX: ffffffffffffffda RBX: 00007fd7f6106110 RCX: 00007fd7f5f75b59 [ 569.157493][ T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 000000000000000a [ 569.166372][ T30] RBP: 00007fd7f5fe4e5d R08: 0000000000000000 R09: 0000000000000000 [ 569.174713][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 569.184036][ T30] R13: 000000000000006e R14: 00007fd7f6106110 R15: 00007ffe6adf83c8 [ 569.192262][ T30] [ 569.195325][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 569.204610][ T30] [ 569.204610][ T30] Showing all locks held in the system: [ 569.212539][ T30] 2 locks held by kworker/0:0/8: [ 569.218238][ T30] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.232212][ T30] #1: ffffc900000d7d00 (autoload_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.244369][ T30] 4 locks held by kworker/0:1/9: [ 569.249503][ T30] #0: ffff88801ce89548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.261239][ T30] #1: ffffc900000e7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.273293][ T30] #2: ffff8880231e6190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 569.282277][ T30] #3: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0x9a/0x8b0 [ 569.292592][ T30] 1 lock held by khungtaskd/30: [ 569.297485][ T30] #0: ffffffff8e336e60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 569.308279][ T30] 2 locks held by kworker/u8:6/1110: [ 569.313622][ T30] #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.325665][ T30] #1: ffffc9000437fd00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.339323][ T30] 3 locks held by kworker/u8:7/1274: [ 569.344668][ T30] #0: ffff88802a46a148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.356675][ T30] #1: ffffc90004887d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.370646][ T30] #2: ffffffff8f5ef148 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 569.380489][ T30] 2 locks held by kworker/u8:9/2833: [ 569.385808][ T30] #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.397766][ T30] #1: ffffc900095dfd00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.409978][ T30] 2 locks held by udevd/4545: [ 569.414653][ T30] #0: ffff888064d06480 (&type->i_mutex_dir_key#4){++++}-{3:3}, at: lookup_slow+0x45/0x70 [ 569.424957][ T30] #1: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_lookup+0x93/0x390 [ 569.435219][ T30] 2 locks held by getty/4846: [ 569.441365][ T30] #0: ffff88802ad4e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 569.451235][ T30] #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 569.461782][ T30] 1 lock held by syz-executor/5094: [ 569.467099][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.478310][ T30] 5 locks held by kworker/u9:5/5103: [ 569.483662][ T30] #0: ffff88801f33e148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.494627][ T30] #1: ffffc90003727d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.507453][ T30] #2: ffff888063cbcd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 569.517828][ T30] #3: ffff888063cbc078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 569.527715][ T30] #4: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_find_and_get_ns+0x71/0x110 [ 569.538404][ T30] 5 locks held by kworker/u9:7/5107: [ 569.545145][ T30] #0: ffff88802e98f948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.556109][ T30] #1: ffffc90003757d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.568921][ T30] #2: ffff888052210d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 569.578863][ T30] #3: ffff888052210078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0 [ 569.588947][ T30] #4: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_find_and_get_ns+0x71/0x110 [ 569.599643][ T30] 3 locks held by kworker/0:4/5143: [ 569.604870][ T30] #0: ffff888015081948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.617404][ T30] #1: ffffc9000420fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.628602][ T30] #2: ffffffff8f5ef148 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 569.638327][ T30] 1 lock held by syz-executor/5890: [ 569.643556][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.655708][ T30] 2 locks held by kworker/u8:1/10921: [ 569.661194][ T30] #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 569.673124][ T30] #1: ffffc9000c43fd00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 569.685446][ T30] 1 lock held by syz-executor/10971: [ 569.690838][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.701450][ T30] 1 lock held by syz-executor/10981: [ 569.706769][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.717509][ T30] 1 lock held by syz-executor/11022: [ 569.723118][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.733738][ T30] 1 lock held by modprobe/11571: [ 569.738763][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.750754][ T30] 1 lock held by syz.3.2149/11586: [ 569.755984][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.766640][ T30] 1 lock held by sed/11580: [ 569.771261][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.782005][ T30] 1 lock held by modprobe/11582: [ 569.786974][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.798304][ T30] 2 locks held by syz.4.2150/11585: [ 569.803553][ T30] #0: ffffffff8f5ef148 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48f/0x2400 [ 569.813052][ T30] #1: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0x9a/0x8b0 [ 569.823050][ T30] 1 lock held by syz.4.2150/11587: [ 569.828248][ T30] #0: ffffffff8f5ef148 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x41c/0x2400 [ 569.838730][ T30] 2 locks held by syz.2.2154/11598: [ 569.843996][ T30] #0: ffffffff8f654850 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 569.853538][ T30] #1: ffffffff8f5ef148 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 569.863161][ T30] 3 locks held by syz.2.2154/11603: [ 569.868438][ T30] #0: ffffffff8f654850 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 569.876745][ T30] #1: ffffffff8f654708 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 569.886045][ T30] #2: ffffffff8f5ef148 (rtnl_mutex){+.+.}-{3:3}, at: tipc_nl_compat_doit+0x21e/0x610 [ 569.895787][ T30] 1 lock held by modprobe/11607: [ 569.900844][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.911432][ T30] 1 lock held by syz.1.2157/11609: [ 569.916566][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0x9a/0x8b0 [ 569.926539][ T30] 1 lock held by syz.0.2159/11616: [ 569.931751][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0x9a/0x8b0 [ 569.941749][ T30] 1 lock held by syz-executor/11617: [ 569.947063][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.959000][ T30] 1 lock held by syz-executor/11618: [ 569.964319][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.974903][ T30] 1 lock held by syz-executor/11619: [ 569.980275][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 569.991001][ T30] 1 lock held by syz-executor/11620: [ 569.996416][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 570.007149][ T30] 1 lock held by syz-executor/11621: [ 570.012809][ T30] #0: ffff888015edc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xd4/0x560 [ 570.023408][ T30] [ 570.025754][ T30] ============================================= [ 570.025754][ T30] [ 570.034318][ T30] NMI backtrace for cpu 1 [ 570.038763][ T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 570.048350][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 570.058446][ T30] Call Trace: [ 570.061763][ T30] [ 570.064719][ T30] dump_stack_lvl+0x241/0x360 [ 570.069553][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 570.074781][ T30] ? __pfx__printk+0x10/0x10 [ 570.079414][ T30] ? vprintk_emit+0x631/0x770 [ 570.084126][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 570.089170][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 570.094134][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 570.100700][ T30] ? _printk+0xd5/0x120 [ 570.104875][ T30] ? __pfx__printk+0x10/0x10 [ 570.109571][ T30] ? __wake_up_klogd+0xcc/0x110 [ 570.114437][ T30] ? __pfx__printk+0x10/0x10 [ 570.119043][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 570.124079][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 570.130158][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 570.136265][ T30] watchdog+0xfde/0x1020 [ 570.140522][ T30] ? watchdog+0x1ea/0x1020 [ 570.144978][ T30] ? __pfx_watchdog+0x10/0x10 [ 570.149689][ T30] kthread+0x2f0/0x390 [ 570.153787][ T30] ? __pfx_watchdog+0x10/0x10 [ 570.158486][ T30] ? __pfx_kthread+0x10/0x10 [ 570.163103][ T30] ret_from_fork+0x4b/0x80 [ 570.167543][ T30] ? __pfx_kthread+0x10/0x10 [ 570.172161][ T30] ret_from_fork_asm+0x1a/0x30 [ 570.176949][ T30] [ 570.181459][ T30] Sending NMI from CPU 1 to CPUs 0: [ 570.186741][ C0] NMI backtrace for cpu 0 [ 570.186755][ C0] CPU: 0 PID: 2932 Comm: kworker/u8:12 Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 570.186780][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 570.186791][ C0] Workqueue: bat_events batadv_nc_worker [ 570.186820][ C0] RIP: 0010:check_preemption_disabled+0x4/0x120 [ 570.186841][ C0] Code: 8c 48 c7 c6 e0 95 1f 8c eb 1c 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 <41> 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 65 [ 570.186856][ C0] RSP: 0018:ffffc90009acfab0 EFLAGS: 00000282 [ 570.186871][ C0] RAX: 0000000000000000 RBX: ffff888029828cc0 RCX: ffff88802bc43c00 [ 570.186885][ C0] RDX: ffff88802bc43c00 RSI: ffffffff8c1f95e0 RDI: ffffffff8c1f95a0 [ 570.186898][ C0] RBP: 0000000000000001 R08: ffffffff8b50ba41 R09: 1ffffffff25f82c0 [ 570.186911][ C0] R10: dffffc0000000000 R11: fffffbfff25f82c1 R12: ffff888029828cc0 [ 570.186924][ C0] R13: 1ffff110053052fc R14: ffff88806754d808 R15: ffffffff8b50bed0 [ 570.186938][ C0] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 570.186953][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 570.186965][ C0] CR2: 00007f79c54a70e8 CR3: 000000000e134000 CR4: 00000000003506f0 [ 570.186981][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 570.186992][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 570.187003][ C0] Call Trace: [ 570.187010][ C0] [ 570.187017][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 570.187038][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 570.187063][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 570.187082][ C0] ? nmi_handle+0x2a/0x5a0 [ 570.187107][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 570.187128][ C0] ? nmi_handle+0x14f/0x5a0 [ 570.187144][ C0] ? nmi_handle+0x2a/0x5a0 [ 570.187161][ C0] ? check_preemption_disabled+0x4/0x120 [ 570.187178][ C0] ? default_do_nmi+0x63/0x160 [ 570.187199][ C0] ? exc_nmi+0x123/0x1f0 [ 570.187219][ C0] ? end_repeat_nmi+0xf/0x53 [ 570.187236][ C0] ? __pfx_batadv_nc_sniffed_purge+0x10/0x10 [ 570.187264][ C0] ? batadv_nc_process_nc_paths+0x261/0x3a0 [ 570.187291][ C0] ? check_preemption_disabled+0x4/0x120 [ 570.187309][ C0] ? check_preemption_disabled+0x4/0x120 [ 570.187327][ C0] ? check_preemption_disabled+0x4/0x120 [ 570.187345][ C0] [ 570.187351][ C0] [ 570.187357][ C0] ? __pfx_batadv_nc_sniffed_purge+0x10/0x10 [ 570.187381][ C0] rcu_is_watching+0x15/0xb0 [ 570.187405][ C0] ? __pfx_batadv_nc_sniffed_purge+0x10/0x10 [ 570.187428][ C0] batadv_nc_process_nc_paths+0x26a/0x3a0 [ 570.187455][ C0] ? batadv_nc_process_nc_paths+0xb5/0x3a0 [ 570.187483][ C0] batadv_nc_worker+0x52c/0x610 [ 570.187509][ C0] ? process_scheduled_works+0x945/0x1830 [ 570.187535][ C0] process_scheduled_works+0xa2c/0x1830 [ 570.187573][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 570.187602][ C0] ? assign_work+0x364/0x3d0 [ 570.187625][ C0] worker_thread+0x86d/0xd40 [ 570.187651][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 570.187674][ C0] ? __kthread_parkme+0x169/0x1d0 [ 570.187699][ C0] ? __pfx_worker_thread+0x10/0x10 [ 570.187720][ C0] kthread+0x2f0/0x390 [ 570.187744][ C0] ? __pfx_worker_thread+0x10/0x10 [ 570.187766][ C0] ? __pfx_kthread+0x10/0x10 [ 570.187797][ C0] ret_from_fork+0x4b/0x80 [ 570.187821][ C0] ? __pfx_kthread+0x10/0x10 [ 570.187845][ C0] ret_from_fork_asm+0x1a/0x30 [ 570.187879][ C0] [ 570.188748][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 570.188766][ T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0 [ 570.188790][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 570.188804][ T30] Call Trace: [ 570.188815][ T30] [ 570.188825][ T30] dump_stack_lvl+0x241/0x360 [ 570.188868][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 570.188904][ T30] ? __pfx__printk+0x10/0x10 [ 570.188936][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 570.188975][ T30] ? vscnprintf+0x5d/0x90 [ 570.189004][ T30] panic+0x349/0x860 [ 570.189041][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 570.189071][ T30] ? __pfx_panic+0x10/0x10 [ 570.189101][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 570.189128][ T30] ? __irq_work_queue_local+0x137/0x410 [ 570.189161][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 570.189186][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 570.189213][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 570.189245][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 570.189277][ T30] watchdog+0x101d/0x1020 [ 570.189311][ T30] ? watchdog+0x1ea/0x1020 [ 570.189349][ T30] ? __pfx_watchdog+0x10/0x10 [ 570.189380][ T30] kthread+0x2f0/0x390 [ 570.189415][ T30] ? __pfx_watchdog+0x10/0x10 [ 570.189446][ T30] ? __pfx_kthread+0x10/0x10 [ 570.189480][ T30] ret_from_fork+0x4b/0x80 [ 570.189511][ T30] ? __pfx_kthread+0x10/0x10 [ 570.189551][ T30] ret_from_fork_asm+0x1a/0x30 [ 570.189599][ T30] [ 570.192608][ T30] Kernel Offset: disabled [ 570.687638][ T30] Rebooting in 86400 seconds..