last executing test programs: 17.864080238s ago: executing program 1 (id=1323): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000e80)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'K'}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "d3"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x0, 0x0, 0x0, {0x7}, @NFT_OBJECT_SECMARK=@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}}, @NFT_MSG_DELCHAIN={0x38, 0x5, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWCHAIN={0x1c, 0x3, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_POLICY={0x8}]}, @NFT_MSG_NEWTABLE={0x18c, 0x0, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_HANDLE={0xc}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xbb, 0x6, "9e110a48135e5398167ff2b17e3f6e6355e91da5e8b9d1d359084a56fdc301972e683ef821ec0f834f1db035f82a49db7b749759941d0797d9d535bd1de4f8caccdab6a093d1416a579767a12980b8af3c30d1276a69ed446d8ffa361c5b07e3ee586bb28a40a4ebf4d733f8e930990f50da8df39bfa8126569185686f38d5c6b86f40185f187d5dc93d72fbcfdc60458c4bfa38c06ca14f0dee98d7b22c92edcedc10b2f0332316abf18827d6e4a596da092eba3d6713"}, @NFTA_TABLE_USERDATA={0x4a, 0x6, "a1c1f3fde7b0f62eea743025abf5a7894f280232f8d53073a223fa2e5f046e6205dff2db4387a857db7c379718fec869ca503ad4dd670d08971780791ac27933a6c1281ad2f9"}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0x26, 0x6, "e88a05553cf28465c13f67d1b9f94396f16f2885552e1de9b97d3e41ed3b37d31993"}]}, @NFT_MSG_DELOBJ={0x78, 0x14, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_HANDLE={0xc}]}], {0x14}}, 0x30c}}, 0x0) 17.752212919s ago: executing program 1 (id=1325): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) keyctl$setperm(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) r3 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x6d) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, 0x0, 0x0) 15.175605791s ago: executing program 0 (id=1332): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) 11.613731912s ago: executing program 0 (id=1334): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0) r4 = socket$kcm(0x2, 0x3, 0x2) fsetxattr$security_ima(r4, &(0x7f0000000080), &(0x7f00000000c0)=@ng={0x4, 0x16, "4a1a3c7d37"}, 0x7, 0x1) 9.852764522s ago: executing program 1 (id=1343): syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea0009058703"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) 9.842963021s ago: executing program 0 (id=1344): syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x5, [@enum={0x0, 0x1, 0x0, 0xf, 0x4, [{}]}, @struct]}, {0x0, [0x0, 0x0, 0x61]}}, 0x0, 0x3d}, 0x20) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x0, 0x0) sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{}], 0x1, 0x0, 0x0, 0x2c}, 0x4) syz_socket_connect_nvme_tcp() ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000180)={0x2, 0x0, 0xd1, &(0x7f0000000340)=""/209}) mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil) r3 = io_uring_setup(0x77b, &(0x7f0000000080)={0x0, 0x10000, 0x1, 0x1000}) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) 8.787828558s ago: executing program 2 (id=1348): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f00000001c0)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd) 8.38605757s ago: executing program 2 (id=1349): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x122, 0x0) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[], 0x2000011a) 7.874963532s ago: executing program 3 (id=1350): prlimit64(0x0, 0x2, &(0x7f0000000000), 0x0) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffe000/0x2000)=nil) 7.637246536s ago: executing program 3 (id=1351): io_uring_setup(0x2a0c, &(0x7f00000002c0)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x88, &(0x7f0000000580)={[{@mode={'mode', 0x3d, 0x1ff}}, {}, {}, {@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0x9}}, {}, {@mode={'mode', 0x3d, 0x5}}, {@mode={'mode', 0x3d, 0x1c14}}], [{@flag='rw'}, {@hash}, {@smackfstransmute={'smackfstransmute', 0x3d, '.]\'*]'}}]}) 6.499293208s ago: executing program 3 (id=1353): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) keyctl$setperm(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) r3 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x6d) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, 0x0, 0x0) 6.188567326s ago: executing program 4 (id=1354): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 6.140388326s ago: executing program 0 (id=1355): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) socket(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10) 5.99159547s ago: executing program 2 (id=1356): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000ac0)={0x2, &(0x7f0000000a80)=[{0x48}, {0x16}]}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000005c00)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000001c0)='>;', 0x2}], 0x1}}], 0x1, 0x0) 5.892046947s ago: executing program 4 (id=1357): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000e80)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'K'}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "d3"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x0, 0x0, 0x0, {0x7}, @NFT_OBJECT_SECMARK=@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}}, @NFT_MSG_DELCHAIN={0x38, 0x5, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWCHAIN={0x1c, 0x3, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_POLICY={0x8}]}, @NFT_MSG_NEWTABLE={0x18c, 0x0, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_HANDLE={0xc}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xbb, 0x6, "9e110a48135e5398167ff2b17e3f6e6355e91da5e8b9d1d359084a56fdc301972e683ef821ec0f834f1db035f82a49db7b749759941d0797d9d535bd1de4f8caccdab6a093d1416a579767a12980b8af3c30d1276a69ed446d8ffa361c5b07e3ee586bb28a40a4ebf4d733f8e930990f50da8df39bfa8126569185686f38d5c6b86f40185f187d5dc93d72fbcfdc60458c4bfa38c06ca14f0dee98d7b22c92edcedc10b2f0332316abf18827d6e4a596da092eba3d6713"}, @NFTA_TABLE_USERDATA={0x4a, 0x6, "a1c1f3fde7b0f62eea743025abf5a7894f280232f8d53073a223fa2e5f046e6205dff2db4387a857db7c379718fec869ca503ad4dd670d08971780791ac27933a6c1281ad2f9"}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0x26, 0x6, "e88a05553cf28465c13f67d1b9f94396f16f2885552e1de9b97d3e41ed3b37d31993"}]}, @NFT_MSG_DELOBJ={0x78, 0x14, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_HANDLE={0xc}]}], {0x14}}, 0x30c}}, 0x0) 5.888505018s ago: executing program 2 (id=1358): io_uring_setup(0x2a0c, &(0x7f00000002c0)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x1e, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) pipe2$9p(0x0, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r4}}) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) clock_nanosleep(0x0, 0x0, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x88, &(0x7f0000000580)={[{@mode={'mode', 0x3d, 0x1ff}}, {}, {}, {@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0x9}}, {}, {@mode={'mode', 0x3d, 0x5}}, {@mode={'mode', 0x3d, 0x1c14}}], [{@flag='rw'}, {@hash}, {@smackfstransmute={'smackfstransmute', 0x3d, '.]\'*]'}}]}) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) 5.784847131s ago: executing program 1 (id=1359): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) 5.691012652s ago: executing program 4 (id=1360): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) pipe2$9p(0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) io_uring_setup(0x0, &(0x7f0000000080)) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0) preadv2(r5, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0) 1.781402821s ago: executing program 2 (id=1361): io_uring_setup(0x2a0c, &(0x7f00000002c0)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d00000004"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r4 = socket(0x1e, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) pipe2$9p(0x0, 0x0) r5 = dup(r4) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r5}}) 1.780627014s ago: executing program 4 (id=1362): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x0, 0x0, 0x0, 0x4, 0x1}]}, {0x0, [0x0, 0x0, 0x61]}}, 0x0, 0x29, 0x0, 0x8}, 0x20) 1.650084147s ago: executing program 1 (id=1363): io_uring_setup(0x2a0c, &(0x7f00000002c0)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x88, &(0x7f0000000580)={[{@mode={'mode', 0x3d, 0x1ff}}, {}, {}, {@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0x9}}, {}, {@mode={'mode', 0x3d, 0x5}}, {@mode={'mode', 0x3d, 0x1c14}}], [{@flag='rw'}, {@hash}, {@smackfstransmute={'smackfstransmute', 0x3d, '.]\'*]'}}]}) 1.576425513s ago: executing program 4 (id=1364): prlimit64(0x0, 0x0, 0x0, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) r1 = socket(0x18, 0x0, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) sendfile(0xffffffffffffffff, r0, 0x0, 0x80006) 1.504513525s ago: executing program 0 (id=1365): timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979e29857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37ceff9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734f87da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bbf8ab9c691841ab0931d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f080091c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efde0142cf90ff668b9757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c2f56855b18f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e0cbed29faef19c0082e26fb867bf0ff0099d71bb0d2f443e77a44e8c4b0455d95b19c73ef4c98f775aad9e1b317b3cc48f7ad1d82ea6ad6c3c7d943fb0157c250e2ba56301e25c19a7e37ce880bed8a8e1538560f2be7d4cca6539277505826bd61bad2bcd4914344d4a27b29d2eb89bdc7a702e485d68c04e8f6b05336bf8d8e116605eaf375a592fe2382763c3cba76a0e4029dad5d37dd77abb1b7d2e2de23a4131e45ed81123ad6fa4f8b92c47e00000000000000774c"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xdf, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0050000000100008877fbac141416e000030a89079f03b18000440c0511e0845013f2325f004408050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc2", 0x0, 0xfe, 0x60000000, 0x0, 0x35, &(0x7f0000000000), &(0x7f0000000f00)="a6fcfb0e4409703168b9f61ad7aa06398a26ef4a3ea20affdbea1483db342e3edfff39496fc32bc7da02db4659a3fef41492f4ddf8"}, 0x50) 1.243464727s ago: executing program 3 (id=1366): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1f87, &(0x7f0000000080), 0x0, 0x0) r3 = syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x410, 0x130, 0x240, 0x130, 0x328, 0x328, 0x328, 0x4, 0x0, {[{{@uncond, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "739099bb7a71934a50e4c624293f7933d7f910dff92760eba300ad659579b1a29cfdbada64b32cfb15a7d6f1a648903f7df6922e5758889ac20afa74edb874c6"}}}, {{@arp={@empty, @private, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gretap0\x00', 'ip6_vti0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @mac=@link_local, @multicast2, @multicast1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x460) write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 1.164209797s ago: executing program 4 (id=1367): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000300)=0x9) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0) splice(r3, 0x0, r1, 0x0, 0x7f, 0x0) 1.160010519s ago: executing program 1 (id=1368): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) rename(&(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00') socket$nl_generic(0x10, 0x3, 0x10) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r9 = socket(0x10, 0x80002, 0x0) write$P9_RLERRORu(r8, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r9, @ANYRESDEC], 0x52) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@version_u}]}}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r3, 0x4068aea3, &(0x7f0000000280)={0xc0, 0x0, 0xb000}) ioctl$KVM_GET_XSAVE(r1, 0x9000aea4, &(0x7f0000000840)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) 1.019588279s ago: executing program 0 (id=1369): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(0xffffffffffffffff, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000027c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000002740)=[{0x0}], 0x1}}], 0x2, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000200)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='veno\x00', 0x5) shutdown(r0, 0x2) 761.384298ms ago: executing program 3 (id=1370): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000e80)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'K'}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "d3"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x0, 0x0, 0x0, {0x7}, @NFT_OBJECT_SECMARK=@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}}, @NFT_MSG_DELCHAIN={0x38, 0x5, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWCHAIN={0x1c, 0x3, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_POLICY={0x8}]}, @NFT_MSG_NEWTABLE={0x18c, 0x0, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_HANDLE={0xc}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xbb, 0x6, "9e110a48135e5398167ff2b17e3f6e6355e91da5e8b9d1d359084a56fdc301972e683ef821ec0f834f1db035f82a49db7b749759941d0797d9d535bd1de4f8caccdab6a093d1416a579767a12980b8af3c30d1276a69ed446d8ffa361c5b07e3ee586bb28a40a4ebf4d733f8e930990f50da8df39bfa8126569185686f38d5c6b86f40185f187d5dc93d72fbcfdc60458c4bfa38c06ca14f0dee98d7b22c92edcedc10b2f0332316abf18827d6e4a596da092eba3d6713"}, @NFTA_TABLE_USERDATA={0x4a, 0x6, "a1c1f3fde7b0f62eea743025abf5a7894f280232f8d53073a223fa2e5f046e6205dff2db4387a857db7c379718fec869ca503ad4dd670d08971780791ac27933a6c1281ad2f9"}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0x26, 0x6, "e88a05553cf28465c13f67d1b9f94396f16f2885552e1de9b97d3e41ed3b37d31993"}]}, @NFT_MSG_DELOBJ={0x78, 0x14, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_HANDLE={0xc}]}], {0x14}}, 0x30c}}, 0x0) 278.851789ms ago: executing program 2 (id=1371): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000800)=@mangle={'mangle\x00', 0x44, 0x6, 0x3b8, 0x158, 0x288, 0x158, 0x288, 0x1f0, 0x320, 0x320, 0x320, 0x320, 0x320, 0x6, 0x0, {[{{@ip={@remote, @multicast2, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipvlan1\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @TTL={0x28}}, {{@ip={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'pim6reg1\x00', 'macvtap0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@dev, @private, 0x0, 0x0, 'hsr0\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'ip6erspan0\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x38}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x418) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) unshare(0x8040080) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYRES16], &(0x7f0000000100)='syzkaller\x00', 0x6}, 0x90) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000001d80), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') read$FUSE(r2, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x4e, &(0x7f0000000f80)=ANY=[], 0x0) io_setup(0x20, &(0x7f0000001140)=0x0) io_submit(r3, 0x0, 0x0) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="680000000714010025bd7000ffdbdf25080001000100000008000100000000000900020073797a32000000000900020073797a3000000000050042000100000008000100010000000900020073797a30000000000900020073797a3000000000080001"], 0x68}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x16) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) 0s ago: executing program 3 (id=1372): r0 = syz_open_procfs(0x0, 0x0) r1 = fanotify_init(0x8, 0x0) fanotify_mark(r1, 0x1, 0x40000011, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000010c0)='task\x00') getdents(r2, &(0x7f0000000040)=""/104, 0x68) kernel console output (not intermixed with test programs): ckets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 117.921538][ T5743] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 117.949683][ T5899] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 118.034635][ T5905] pimreg: entered allmulticast mode [ 118.050784][ T5905] pimreg: left allmulticast mode [ 118.281301][ T5743] hsr_slave_0: entered promiscuous mode [ 118.339979][ T5743] hsr_slave_1: entered promiscuous mode [ 119.882125][ T5939] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.068089][ T5939] netlink: 16 bytes leftover after parsing attributes in process `syz.1.203'. [ 120.262646][ T5945] netlink: 'syz.1.203': attribute type 32 has an invalid length. [ 120.291114][ T5954] overlayfs: failed to resolve './file0': -2 [ 120.555855][ T5961] netlink: 4 bytes leftover after parsing attributes in process `syz.1.203'. [ 122.192315][ T5966] netlink: 460 bytes leftover after parsing attributes in process `syz.0.208'. [ 123.817530][ T5972] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.057735][ T5743] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 124.107448][ T5743] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 124.158858][ T5743] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 124.181260][ T6008] netlink: 16 bytes leftover after parsing attributes in process `syz.1.219'. [ 124.227360][ T5743] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 124.228604][ T6012] netlink: 16 bytes leftover after parsing attributes in process `syz.2.220'. [ 124.330553][ T6013] netlink: 'syz.1.219': attribute type 32 has an invalid length. [ 132.421052][ T5743] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.482970][ T5743] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.513540][ T1850] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.521464][ T1850] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.539148][ T5228] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 132.569696][ T1850] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.576850][ T1850] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.738352][ T5228] usb 1-1: Using ep0 maxpacket: 32 [ 132.759332][ T5228] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 132.790306][ T5228] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 132.803805][ T5228] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.843634][ T5228] usb 1-1: Product: syz [ 132.847855][ T5228] usb 1-1: Manufacturer: syz [ 132.877829][ T5228] usb 1-1: SerialNumber: syz [ 132.914948][ T5228] usb 1-1: config 0 descriptor?? [ 132.962207][ T5228] pvrusb2: Hardware description: Terratec Grabster AV400 [ 132.992541][ T5228] pvrusb2: ********** [ 132.996691][ T5228] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 133.032145][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.044958][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.051774][ T5228] pvrusb2: Important functionality might not be entirely working. [ 133.365083][ T5228] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 133.385309][ T5228] pvrusb2: ********** [ 133.993087][ T6083] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 134.479809][ T5743] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.720415][ T6100] netlink: 16 bytes leftover after parsing attributes in process `syz.2.235'. [ 135.688315][ T2037] pvrusb2: Invalid write control endpoint [ 135.745893][ T5228] usb 1-1: USB disconnect, device number 3 [ 135.965280][ T2037] pvrusb2: Invalid write control endpoint [ 135.993967][ T2037] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 136.038232][ T2037] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 136.076352][ T2037] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 136.114801][ T2037] pvrusb2: Device being rendered inoperable [ 136.145372][ T2037] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 136.180516][ T2037] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 136.202759][ T2037] pvrusb2: Attached sub-driver cx25840 [ 136.221024][ T2037] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 136.263582][ T2037] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 136.275398][ T6128] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.283150][ T6128] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.953516][ T5743] veth0_vlan: entered promiscuous mode [ 136.967756][ T5743] veth1_vlan: entered promiscuous mode [ 137.030768][ T5743] veth0_macvtap: entered promiscuous mode [ 137.073366][ T6145] 9pnet_fd: Insufficient options for proto=fd [ 137.380249][ T5743] veth1_macvtap: entered promiscuous mode [ 137.797371][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 137.868187][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.878046][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 137.921533][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.957624][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 137.986484][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.997502][ T6156] netlink: 16 bytes leftover after parsing attributes in process `syz.3.248'. [ 138.027657][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 138.041160][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.060624][ T5743] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 138.403535][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.417705][ T5266] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 138.432207][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.442891][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.456551][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.467954][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.571127][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.698932][ T5266] usb 1-1: Using ep0 maxpacket: 32 [ 138.711359][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.773937][ T5266] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 138.917160][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.056332][ T5266] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 139.080809][ T5743] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 139.110475][ T5266] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.168798][ T5266] usb 1-1: Product: syz [ 139.208250][ T5266] usb 1-1: Manufacturer: syz [ 139.266911][ T5266] usb 1-1: SerialNumber: syz [ 139.277933][ T5743] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.328911][ T5266] usb 1-1: config 0 descriptor?? [ 139.344100][ T5266] pvrusb2: Hardware description: Terratec Grabster AV400 [ 139.368490][ T5743] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.401303][ T5743] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.410195][ T5266] pvrusb2: ********** [ 139.414210][ T5266] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 139.435474][ T5743] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.458719][ T5266] pvrusb2: Important functionality might not be entirely working. [ 139.467583][ T5266] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 139.586791][ T5266] pvrusb2: ********** [ 139.834263][ T961] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.877487][ T961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.897848][ T2037] pvrusb2: Invalid write control endpoint [ 139.912340][ T5266] usb 1-1: USB disconnect, device number 4 [ 140.032791][ T2981] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.068153][ T2981] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.120497][ T2037] pvrusb2: Invalid write control endpoint [ 140.157092][ T2037] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 140.202191][ T2037] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 140.250561][ T2037] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 140.297671][ T2037] pvrusb2: Device being rendered inoperable [ 140.337081][ T2037] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 140.362847][ T2037] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 140.383177][ T2037] pvrusb2: Attached sub-driver cx25840 [ 140.391588][ T2037] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 140.419071][ T2037] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 140.808735][ T6202] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.816580][ T6202] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.363120][ T6218] 9pnet_fd: Insufficient options for proto=fd [ 143.157369][ T6244] program syz.4.267 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 143.185199][ T6244] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 143.241352][ T1850] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 143.337103][ T6249] ax25_connect(): syz.0.271 uses autobind, please contact jreuter@yaina.de [ 143.809894][ T1850] usb 3-1: Using ep0 maxpacket: 32 [ 144.052566][ T1850] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 144.083847][ T1850] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 144.126888][ T1850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.168793][ T1850] usb 3-1: Product: syz [ 144.190071][ T1850] usb 3-1: Manufacturer: syz [ 144.205397][ T1850] usb 3-1: SerialNumber: syz [ 144.664291][ T1850] usb 3-1: config 0 descriptor?? [ 145.318499][ T6260] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 145.554182][ T6257] tty tty27: ldisc open failed (-12), clearing slot 26 [ 147.100976][ T1850] pvrusb2: Hardware description: Terratec Grabster AV400 [ 147.288197][ T1850] pvrusb2: ********** [ 147.292247][ T1850] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 147.349794][ T1850] pvrusb2: Important functionality might not be entirely working. [ 147.360343][ T1850] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 147.372126][ T1850] pvrusb2: ********** [ 147.389824][ T1850] usb 3-1: USB disconnect, device number 3 [ 147.398411][ T2037] pvrusb2: Invalid write control endpoint [ 147.531554][ T2037] pvrusb2: Invalid write control endpoint [ 147.575803][ T2037] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 147.622248][ T2037] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 147.656910][ T2037] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 147.691348][ T2037] pvrusb2: Device being rendered inoperable [ 147.938662][ T2037] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 147.945823][ T2037] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 148.107988][ T6284] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 148.797515][ T2037] pvrusb2: Attached sub-driver cx25840 [ 148.803349][ T2037] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 148.813667][ T2037] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 150.248177][ T6305] workqueue: Failed to create a rescuer kthread for wq "reiserfs/nullb0": -EINTR [ 150.248702][ T6305] REISERFS warning (device nullb0): reiserfs_fill_super: Cannot allocate commit workqueue [ 152.104055][ T6338] 9pnet_fd: Insufficient options for proto=fd [ 153.538716][ T6350] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 154.137742][ T6358] fuse: Unknown parameter '18446744073709551615' [ 155.651632][ T6370] 9pnet_fd: Insufficient options for proto=fd [ 160.287221][ T6399] 9pnet_fd: Insufficient options for proto=fd [ 160.568872][ T6410] fuse: Unknown parameter '18446744073709551615' [ 163.617715][ T6430] netlink: 12 bytes leftover after parsing attributes in process `syz.4.324'. [ 164.624660][ T6453] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 167.849819][ T6487] netlink: 'syz.1.343': attribute type 7 has an invalid length. [ 167.867818][ T6487] netlink: 'syz.1.343': attribute type 39 has an invalid length. [ 167.929234][ T5226] Bluetooth: hci3: ISO packet too small [ 169.653975][ T5217] Bluetooth: Unexpected start frame (len 16) [ 169.661211][ T5217] Bluetooth: Frame is too long (len 16, expected len 4) [ 175.879169][ T6581] 9pnet_fd: Insufficient options for proto=fd [ 176.358110][ C0] sched: RT throttling activated [ 180.211464][ T6641] 9pnet_fd: Insufficient options for proto=fd [ 181.072951][ T6645] program syz.2.376 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 181.301453][ T6645] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 185.967726][ T6705] ax25_connect(): syz.0.392 uses autobind, please contact jreuter@yaina.de [ 187.724216][ T6710] 9pnet_fd: Insufficient options for proto=fd [ 189.126062][ T6719] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.134032][ T6719] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.189091][ T6726] program syz.1.397 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 189.222838][ T6726] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 190.751315][ T6738] tty tty25: ldisc open failed (-12), clearing slot 24 [ 190.897965][ T6742] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 191.454680][ T6752] ax25_connect(): syz.2.406 uses autobind, please contact jreuter@yaina.de [ 192.881435][ T6766] 9pnet_fd: Insufficient options for proto=fd [ 196.655006][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 196.668320][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.817454][ T6789] program syz.4.417 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 196.838332][ T6789] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 197.002150][ T6796] ax25_connect(): syz.0.419 uses autobind, please contact jreuter@yaina.de [ 197.819311][ T5226] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 197.829275][ T5226] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 197.837882][ T5226] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 197.847916][ T5226] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 197.856029][ T5226] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 197.863799][ T5226] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 199.014057][ T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.246546][ T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.654048][ T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.990037][ T55] Bluetooth: hci5: command tx timeout [ 200.687593][ T6835] ax25_connect(): syz.4.430 uses autobind, please contact jreuter@yaina.de [ 201.328824][ T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 201.508723][ T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.641060][ T8] usb 2-1: config 252 has an invalid interface number: 181 but max is 0 [ 201.665866][ T8] usb 2-1: config 252 has no interface number 0 [ 201.672285][ T55] Bluetooth: hci0: command 0x0406 tx timeout [ 201.683749][ T5217] Bluetooth: hci2: command 0x0406 tx timeout [ 201.690040][ T5217] Bluetooth: hci3: command 0x0406 tx timeout [ 201.783678][ T6797] chnl_net:caif_netlink_parms(): no params data found [ 201.794781][ T8] usb 2-1: config 252 interface 181 has no altsetting 0 [ 201.844074][ T8] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 201.909125][ T6840] program syz.4.431 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 201.924819][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.956932][ T6840] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 201.979273][ T35] bridge_slave_1: left allmulticast mode [ 201.985028][ T35] bridge_slave_1: left promiscuous mode [ 202.039310][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.069364][ T5226] Bluetooth: hci5: command tx timeout [ 202.103504][ T35] bridge_slave_0: left allmulticast mode [ 202.115893][ T35] bridge_slave_0: left promiscuous mode [ 202.121867][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.238536][ T5268] usb 2-1: USB disconnect, device number 2 [ 202.462542][ T6833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 204.168208][ T5226] Bluetooth: hci5: command tx timeout [ 204.955238][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 205.125686][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 205.162415][ T35] bond0 (unregistering): Released all slaves [ 205.163422][ T6887] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 205.410637][ T6868] netlink: 16 bytes leftover after parsing attributes in process `syz.1.440'. [ 205.437685][ T6875] netlink: 'syz.1.440': attribute type 32 has an invalid length. [ 205.450296][ T6882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.440'. [ 205.530526][ T6894] program syz.0.444 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 205.548647][ T6894] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 206.182465][ T6797] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.208451][ T6797] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.490520][ T5226] Bluetooth: hci5: command tx timeout [ 207.021447][ T6797] bridge_slave_0: entered allmulticast mode [ 207.079147][ T6797] bridge_slave_0: entered promiscuous mode [ 207.116494][ T6797] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.155388][ T6797] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.319034][ T6797] bridge_slave_1: entered allmulticast mode [ 207.356746][ T6797] bridge_slave_1: entered promiscuous mode [ 207.598418][ T52] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 207.836429][ T52] usb 3-1: config 252 has an invalid interface number: 181 but max is 0 [ 207.900444][ T52] usb 3-1: config 252 has no interface number 0 [ 207.930787][ T52] usb 3-1: config 252 interface 181 has no altsetting 0 [ 207.975648][ T52] usb 3-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 208.006030][ T52] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.223420][ T35] hsr_slave_0: left promiscuous mode [ 208.235156][ T35] hsr_slave_1: left promiscuous mode [ 208.247158][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.295989][ T5265] usb 3-1: USB disconnect, device number 4 [ 208.312510][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 208.505096][ T6918] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 209.183355][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.242982][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.312168][ T35] veth1_macvtap: left promiscuous mode [ 209.329045][ T35] veth0_macvtap: left promiscuous mode [ 209.356974][ T35] veth1_vlan: left promiscuous mode [ 209.556280][ T35] veth0_vlan: left promiscuous mode [ 211.871519][ T6968] program syz.2.459 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 211.893492][ T6968] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 212.026492][ T35] team0 (unregistering): Port device team_slave_1 removed [ 212.096521][ T35] team0 (unregistering): Port device team_slave_0 removed [ 213.341294][ T6797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 213.435305][ T6797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.842468][ T6797] team0: Port device team_slave_0 added [ 213.889769][ T6797] team0: Port device team_slave_1 added [ 214.210934][ T6797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 214.248165][ T6797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.320361][ T6797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.356600][ T6797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.395954][ T6797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.424948][ T5228] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 214.478130][ T6797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 214.630431][ T5228] usb 3-1: config 252 has an invalid interface number: 181 but max is 0 [ 214.648178][ T5228] usb 3-1: config 252 has no interface number 0 [ 214.673742][ T5221] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 214.683237][ T5221] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 214.691368][ T5228] usb 3-1: config 252 interface 181 has no altsetting 0 [ 214.698908][ T5228] usb 3-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 214.708849][ T5221] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 214.716274][ T5228] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.726853][ T5221] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 214.738784][ T5221] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 214.747183][ T5221] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 214.844521][ T6797] hsr_slave_0: entered promiscuous mode [ 214.851574][ T6797] hsr_slave_1: entered promiscuous mode [ 214.859127][ T6797] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 214.874346][ T6797] Cannot create hsr debugfs directory [ 214.986726][ T5228] usb 3-1: USB disconnect, device number 5 [ 215.195985][ T6996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 215.225983][ T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.514026][ T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.811292][ T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.160692][ T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.798651][ T5221] Bluetooth: hci1: command tx timeout [ 218.287395][ T35] bridge_slave_1: left allmulticast mode [ 218.297522][ T35] bridge_slave_1: left promiscuous mode [ 218.340790][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.378974][ T35] bridge_slave_0: left allmulticast mode [ 218.384676][ T35] bridge_slave_0: left promiscuous mode [ 218.394338][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.878395][ T5221] Bluetooth: hci1: command tx timeout [ 218.970227][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 219.017587][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 219.049084][ T35] bond0 (unregistering): Released all slaves [ 219.161268][ T7011] chnl_net:caif_netlink_parms(): no params data found [ 219.868483][ T7011] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.892530][ T7011] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.901109][ T7011] bridge_slave_0: entered allmulticast mode [ 219.939503][ T7011] bridge_slave_0: entered promiscuous mode [ 219.964692][ T7011] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.988437][ T7011] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.007069][ T7011] bridge_slave_1: entered allmulticast mode [ 220.024446][ T7011] bridge_slave_1: entered promiscuous mode [ 220.049079][ T5268] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 220.077825][ T35] hsr_slave_0: left promiscuous mode [ 220.101649][ T35] hsr_slave_1: left promiscuous mode [ 220.124755][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 220.133132][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 220.146569][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 220.176372][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 220.239553][ T5268] usb 1-1: config 252 has an invalid interface number: 181 but max is 0 [ 220.263639][ T35] veth1_macvtap: left promiscuous mode [ 220.269288][ T5268] usb 1-1: config 252 has no interface number 0 [ 220.275727][ T35] veth0_macvtap: left promiscuous mode [ 220.293070][ T5268] usb 1-1: config 252 interface 181 has no altsetting 0 [ 220.314363][ T35] veth1_vlan: left promiscuous mode [ 220.324707][ T5268] usb 1-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 220.339210][ T35] veth0_vlan: left promiscuous mode [ 220.356865][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.626632][ T5268] usb 1-1: USB disconnect, device number 5 [ 220.826946][ T7086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 220.958449][ T5221] Bluetooth: hci1: command tx timeout [ 222.143426][ T35] team0 (unregistering): Port device team_slave_1 removed [ 222.281494][ T35] team0 (unregistering): Port device team_slave_0 removed [ 223.047483][ T5221] Bluetooth: hci1: command tx timeout [ 223.392121][ T6797] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 223.418264][ T7105] netlink: 12 bytes leftover after parsing attributes in process `syz.1.494'. [ 223.670130][ T7011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 223.709201][ T7011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 223.752218][ T6797] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 223.815024][ T6797] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 223.878948][ T6797] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 223.973624][ T7011] team0: Port device team_slave_0 added [ 224.092276][ T7011] team0: Port device team_slave_1 added [ 224.304999][ T7011] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 224.324211][ T7011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.407859][ T7011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 224.502509][ T7011] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 224.534010][ T7011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.586205][ T7011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 224.890659][ T7150] netlink: 14601 bytes leftover after parsing attributes in process `syz.2.503'. [ 225.111182][ T7011] hsr_slave_0: entered promiscuous mode [ 225.153678][ T7011] hsr_slave_1: entered promiscuous mode [ 225.169127][ T5228] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 225.390770][ T5228] usb 2-1: config 252 has an invalid interface number: 181 but max is 0 [ 225.425330][ T5228] usb 2-1: config 252 has no interface number 0 [ 225.448810][ T5228] usb 2-1: config 252 interface 181 has no altsetting 0 [ 225.478250][ T5228] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 225.529358][ T5228] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.746780][ T6797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.769667][ T5228] usb 2-1: USB disconnect, device number 3 [ 225.878810][ T6797] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.075158][ T5228] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.082410][ T5228] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.188985][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.196172][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.706876][ T7183] netlink: 12 bytes leftover after parsing attributes in process `syz.2.510'. [ 226.803543][ T7011] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 226.896777][ T7011] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 226.969994][ T7011] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 227.022278][ T7011] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 227.874537][ T6797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.140042][ T7011] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.152878][ T5270] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 228.314169][ T6797] veth0_vlan: entered promiscuous mode [ 228.343229][ T7011] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.359849][ T5270] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.397220][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.404452][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.413802][ T5270] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 42925, setting to 1024 [ 228.428741][ T5270] usb 1-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00 [ 228.437815][ T5270] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.460339][ T5266] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.467540][ T5266] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.495054][ T5270] usb 1-1: config 0 descriptor?? [ 228.512480][ T6797] veth1_vlan: entered promiscuous mode [ 228.521701][ T7207] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 228.646633][ T6797] veth0_macvtap: entered promiscuous mode [ 228.702437][ T6797] veth1_macvtap: entered promiscuous mode [ 228.771454][ T6797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.818424][ T6797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.838316][ T6797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.852943][ T6797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.871679][ T6797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.890506][ T6797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.922161][ T6797] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.975686][ T6797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.991828][ T6797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.005809][ T6797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.023445][ T6797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.035836][ T5270] appletouch 1-1:0.0: Geyser mode initialized. [ 229.037457][ T6797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.056448][ T5270] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 229.077767][ T6797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.116026][ T6797] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 229.176117][ T6797] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.219448][ T6797] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.258200][ T6797] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.266959][ T6797] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.314513][ T5270] usb 1-1: USB disconnect, device number 6 [ 229.452263][ T6302] udevd[6302]: Error opening device "/dev/input/event4": No such device [ 229.501224][ T5270] appletouch 1-1:0.0: input: appletouch disconnected [ 229.503123][ T6302] udevd[6302]: Unable to EVIOCGABS device "/dev/input/event4" [ 229.560051][ T7011] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.569242][ T6302] udevd[6302]: Unable to EVIOCGABS device "/dev/input/event4" [ 229.717652][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.740431][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.817024][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.851400][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.311271][ T1850] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 232.477362][ T7011] veth0_vlan: entered promiscuous mode [ 232.506946][ T7011] veth1_vlan: entered promiscuous mode [ 232.521213][ T1850] usb 1-1: config 252 has an invalid interface number: 181 but max is 0 [ 232.560489][ T1850] usb 1-1: config 252 has no interface number 0 [ 232.584103][ T1850] usb 1-1: config 252 interface 181 has no altsetting 0 [ 232.614787][ T1850] usb 1-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 232.664053][ T1850] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.672496][ T7011] veth0_macvtap: entered promiscuous mode [ 232.696664][ T7011] veth1_macvtap: entered promiscuous mode [ 232.799284][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.829630][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.862146][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.902569][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.938182][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 232.942871][ T5265] usb 1-1: USB disconnect, device number 7 [ 232.975775][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.008114][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.032107][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.059824][ T7011] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.080518][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.108129][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.140293][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.168133][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.194462][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.222996][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.246005][ T7011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 233.280524][ T7011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.304210][ T7011] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.346462][ T7011] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.408264][ T7011] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.417026][ T7011] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.456690][ T7011] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.008726][ T5228] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 234.748512][ T5228] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.783906][ T5228] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 42925, setting to 1024 [ 234.836366][ T5228] usb 2-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00 [ 234.872515][ T5228] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.129218][ T5228] usb 2-1: config 0 descriptor?? [ 235.135052][ T7302] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 236.044650][ T5228] appletouch 2-1:0.0: Geyser mode initialized. [ 236.057683][ T5228] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input6 [ 236.114690][ C0] appletouch 2-1:0.0: atp_complete: usb_submit_urb failed with result -1 [ 236.208664][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.240244][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.348781][ T8] usb 2-1: USB disconnect, device number 4 [ 236.348844][ C0] appletouch 2-1:0.0: atp_complete: usb_submit_urb failed with result -19 [ 236.381767][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.408779][ T8] appletouch 2-1:0.0: input: appletouch disconnected [ 236.434066][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.132774][ T7368] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 239.848543][ T5266] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 240.132121][ T5266] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 240.172680][ T5266] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 240.204816][ T5266] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 240.237798][ T5266] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 240.277018][ T5266] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 240.313555][ T5266] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.353953][ T5266] usb 5-1: config 0 descriptor?? [ 243.138239][ T5266] usbhid 5-1:0.0: can't add hid device: -71 [ 243.168200][ T5266] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 243.252502][ T5266] usb 5-1: USB disconnect, device number 3 [ 243.853802][ T7453] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 244.279068][ T7469] program syz.3.573 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 244.310313][ T7469] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 247.712130][ T29] audit: type=1326 audit(1722196851.306:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7486 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 251.480740][ T7520] program syz.3.590 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 251.495355][ T7520] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 251.623595][ T7524] netlink: 16 bytes leftover after parsing attributes in process `syz.4.593'. [ 251.793575][ T7529] netlink: 'syz.4.593': attribute type 32 has an invalid length. [ 251.962427][ T7540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.593'. [ 252.878236][ T29] audit: type=1326 audit(1722196856.466:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7543 comm="syz.1.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 253.181370][ T1850] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 253.661976][ T1850] usb 3-1: config 252 has an invalid interface number: 181 but max is 0 [ 253.762674][ T1850] usb 3-1: config 252 has no interface number 0 [ 253.875104][ T1850] usb 3-1: config 252 interface 181 has no altsetting 0 [ 254.014990][ T1850] usb 3-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 254.338151][ T1850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.109502][ T5270] usb 3-1: USB disconnect, device number 6 [ 255.403352][ T7539] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 255.480168][ T7589] program syz.1.611 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 255.507352][ T7589] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 255.524130][ T7590] netlink: 16 bytes leftover after parsing attributes in process `syz.0.613'. [ 255.653368][ T7596] netlink: 'syz.0.613': attribute type 32 has an invalid length. [ 255.857754][ T7600] netlink: 4 bytes leftover after parsing attributes in process `syz.0.613'. [ 255.911816][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.918615][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.310213][ T29] audit: type=1326 audit(1722196860.906:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7619 comm="syz.2.623" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe66dd77299 code=0x0 [ 257.723385][ T7632] overlayfs: failed to resolve './file0': -2 [ 258.608861][ T8] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 258.788516][ T5270] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 258.821364][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 258.831836][ T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 258.866409][ T8] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 258.904879][ T8] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 258.927591][ T8] usb 5-1: Product: syz [ 258.936180][ T8] usb 5-1: Manufacturer: syz [ 258.941891][ T8] usb 5-1: SerialNumber: syz [ 258.948317][ T5270] usb 3-1: device descriptor read/64, error -71 [ 258.956393][ T8] usb 5-1: config 0 descriptor?? [ 258.969591][ T7638] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 259.032118][ T7663] usb usb8: usbfs: process 7663 (syz.1.637) did not claim interface 0 before use [ 259.200495][ T8] usb 5-1: USB disconnect, device number 4 [ 259.238362][ T5270] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 259.379645][ T29] audit: type=1326 audit(1722196862.976:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7669 comm="syz.3.640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcac9f77299 code=0x0 [ 259.418213][ T5270] usb 3-1: device descriptor read/64, error -71 [ 259.562366][ T5270] usb usb3-port1: attempt power cycle [ 259.988181][ T5270] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 260.048910][ T5270] usb 3-1: device descriptor read/8, error -71 [ 260.093502][ T7680] netlink: 12 bytes leftover after parsing attributes in process `syz.4.643'. [ 260.331438][ T5270] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 260.391588][ T5270] usb 3-1: device descriptor read/8, error -71 [ 260.528719][ T5270] usb usb3-port1: unable to enumerate USB device [ 260.708476][ T5265] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 260.928214][ T5265] usb 2-1: Using ep0 maxpacket: 32 [ 260.957184][ T5265] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 260.984280][ T5265] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 261.017300][ T5265] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.038131][ T5265] usb 2-1: Product: syz [ 261.051250][ T5265] usb 2-1: Manufacturer: syz [ 261.063042][ T5265] usb 2-1: SerialNumber: syz [ 261.074504][ T5265] usb 2-1: config 0 descriptor?? [ 261.083100][ T5265] pvrusb2: Hardware description: Terratec Grabster AV400 [ 261.098339][ T5265] pvrusb2: ********** [ 261.103688][ T5265] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 261.121465][ T5265] pvrusb2: Important functionality might not be entirely working. [ 261.131816][ T5265] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 261.147704][ T5265] pvrusb2: ********** [ 261.214023][ T7701] overlayfs: failed to resolve './file0': -2 [ 261.306688][ T2037] pvrusb2: Invalid write control endpoint [ 261.335810][ T5265] usb 2-1: USB disconnect, device number 5 [ 261.442228][ T2037] pvrusb2: Invalid write control endpoint [ 262.093325][ T2037] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 262.106243][ T2037] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 262.116124][ T2037] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 262.179742][ T2037] pvrusb2: Device being rendered inoperable [ 262.215698][ T2037] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 262.248252][ T2037] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_c) [ 262.266911][ T2037] pvrusb2: Attached sub-driver cx25840 [ 262.272978][ T2037] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 262.288909][ T29] audit: type=1326 audit(1722196865.866:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7709 comm="syz.0.654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc1c1777299 code=0x0 [ 262.329353][ T2037] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 263.185721][ T7735] overlayfs: failed to resolve './file0': -2 [ 263.355449][ T7741] ax25_connect(): syz.0.665 uses autobind, please contact jreuter@yaina.de [ 264.758475][ T29] audit: type=1326 audit(1722196868.356:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7762 comm="syz.1.675" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x0 [ 264.856431][ T7766] overlayfs: overlapping lowerdir path [ 265.443661][ T7778] ax25_connect(): syz.4.678 uses autobind, please contact jreuter@yaina.de [ 266.795083][ T7802] ax25_connect(): syz.4.690 uses autobind, please contact jreuter@yaina.de [ 267.865904][ T5268] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 268.042132][ T29] audit: type=1326 audit(1722196871.636:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7816 comm="syz.4.694" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1051d77299 code=0x0 [ 268.073675][ T5268] usb 1-1: Using ep0 maxpacket: 32 [ 268.097072][ T5268] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 268.126685][ T5268] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 268.145020][ T5268] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 268.169224][ T5268] usb 1-1: Product: syz [ 268.182435][ T5268] usb 1-1: Manufacturer: syz [ 268.200616][ T5268] usb 1-1: SerialNumber: syz [ 268.237325][ T5268] usb 1-1: config 0 descriptor?? [ 268.245200][ T7793] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 268.622770][ T5268] usb 1-1: USB disconnect, device number 8 [ 271.007229][ T7856] 9pnet_fd: Insufficient options for proto=fd [ 271.264157][ T5265] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 271.938221][ T5265] usb 5-1: Using ep0 maxpacket: 32 [ 271.946137][ T5265] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 271.972019][ T5265] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 271.999325][ T5265] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 272.011751][ T5265] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 272.026136][ T5265] usb 5-1: config 0 interface 0 has no altsetting 0 [ 272.036175][ T5265] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 272.047377][ T5265] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 272.072336][ T5265] usb 5-1: Product: syz [ 272.078470][ T5265] usb 5-1: Manufacturer: syz [ 272.086822][ T5265] usb 5-1: SerialNumber: syz [ 272.101987][ T5265] usb 5-1: config 0 descriptor?? [ 272.366135][ T5265] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 272.381911][ T5265] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 273.129539][ T5265] usb 5-1: USB disconnect, device number 5 [ 273.181164][ T5265] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 273.320613][ T29] audit: type=1326 audit(1722196876.916:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7850 comm="syz.4.706" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1051d77299 code=0x0 [ 273.480719][ T7869] syz.2.709 (7869) used greatest stack depth: 18768 bytes left [ 278.462154][ T5214] syz-executor (5214) used greatest stack depth: 18392 bytes left [ 279.943609][ T5226] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 279.955730][ T5226] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 279.965449][ T5226] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 280.002043][ T5226] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 280.020343][ T5226] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 280.021311][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.038405][ T5226] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 280.078456][ T52] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 280.213569][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.293224][ T52] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 280.333486][ T52] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 280.365441][ T52] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 280.382960][ T52] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 280.429468][ T52] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 280.440859][ T52] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.457260][ T52] usb 2-1: Product: syz [ 280.469073][ T52] usb 2-1: Manufacturer: syz [ 280.473981][ T52] usb 2-1: SerialNumber: syz [ 280.478418][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.609034][ T5270] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 280.697984][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.808249][ T5270] usb 3-1: Using ep0 maxpacket: 32 [ 280.815652][ T5270] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 280.824524][ T5270] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 280.848803][ T5270] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 280.863368][ T5270] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 280.876990][ T5270] usb 3-1: config 0 interface 0 has no altsetting 0 [ 280.887221][ T5270] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 280.896562][ T5270] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 280.915358][ T5270] usb 3-1: Product: syz [ 280.919698][ T5270] usb 3-1: Manufacturer: syz [ 280.924325][ T5270] usb 3-1: SerialNumber: syz [ 280.936933][ T52] usb 2-1: USB disconnect, device number 6 [ 280.945558][ T5270] usb 3-1: config 0 descriptor?? [ 280.960938][ T5270] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 280.978475][ T5270] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 281.224845][ T8] usb 3-1: USB disconnect, device number 11 [ 281.230819][ C0] ldusb 3-1:0.0: usb_submit_urb failed (-19) [ 281.781875][ T29] audit: type=1326 audit(1722196885.376:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7936 comm="syz.2.733" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe66dd77299 code=0x0 [ 282.071146][ T8] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 282.135335][ T7930] chnl_net:caif_netlink_parms(): no params data found [ 282.160177][ T5226] Bluetooth: hci0: command tx timeout [ 282.477878][ T11] bridge_slave_1: left allmulticast mode [ 282.501565][ T11] bridge_slave_1: left promiscuous mode [ 282.512444][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 282.599974][ T7953] 9pnet_fd: Insufficient options for proto=fd [ 282.992364][ T11] bridge_slave_0: left allmulticast mode [ 283.236341][ T11] bridge_slave_0: left promiscuous mode [ 283.252370][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.132543][ T7965] 9pnet_fd: Insufficient options for proto=fd [ 284.347855][ T5226] Bluetooth: hci0: command tx timeout [ 285.379010][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 285.391381][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 285.416611][ T11] bond0 (unregistering): Released all slaves [ 285.866357][ T7930] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.895054][ T7930] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.905699][ T7930] bridge_slave_0: entered allmulticast mode [ 285.917786][ T7930] bridge_slave_0: entered promiscuous mode [ 286.026134][ T7930] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.063994][ T7930] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.100986][ T7930] bridge_slave_1: entered allmulticast mode [ 286.135381][ T7930] bridge_slave_1: entered promiscuous mode [ 286.158526][ T5266] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 286.344645][ T7930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 286.372344][ T5266] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 286.399841][ T5226] Bluetooth: hci0: command tx timeout [ 286.416388][ T5266] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 286.431916][ T5266] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 286.444151][ T5266] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 286.463777][ T5266] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 286.473873][ T5266] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 286.497978][ T5266] usb 3-1: Product: syz [ 286.502385][ T5266] usb 3-1: Manufacturer: syz [ 286.507014][ T5266] usb 3-1: SerialNumber: syz [ 286.773407][ T7930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 286.832400][ T5266] usb 3-1: USB disconnect, device number 12 [ 286.899873][ T5270] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 287.047631][ T11] hsr_slave_0: left promiscuous mode [ 287.089545][ T11] hsr_slave_1: left promiscuous mode [ 287.096563][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 287.108300][ T5270] usb 5-1: Using ep0 maxpacket: 32 [ 287.185808][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 287.245334][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 287.281747][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 287.438215][ T11] veth1_macvtap: left promiscuous mode [ 287.469688][ T11] veth0_macvtap: left promiscuous mode [ 287.505950][ T11] veth1_vlan: left promiscuous mode [ 287.538414][ T11] veth0_vlan: left promiscuous mode [ 287.572486][ T5270] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 287.581235][ T5270] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 287.592488][ T5270] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 287.603718][ T5270] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 287.617128][ T5270] usb 5-1: config 0 interface 0 has no altsetting 0 [ 287.625530][ T7521] udevd[7521]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 287.654065][ T5270] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 287.663610][ T5270] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 287.702501][ T5270] usb 5-1: Product: syz [ 287.723430][ T5270] usb 5-1: Manufacturer: syz [ 287.758409][ T5270] usb 5-1: SerialNumber: syz [ 287.806683][ T5270] usb 5-1: config 0 descriptor?? [ 287.857979][ T5270] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 287.956715][ T5270] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 288.075308][ T5270] usb 5-1: USB disconnect, device number 6 [ 288.107151][ T5270] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 288.273506][ T29] audit: type=1326 audit(1722196891.866:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.748" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1051d77299 code=0x0 [ 288.294325][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.505318][ T5226] Bluetooth: hci0: command tx timeout [ 288.878458][ T5228] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 288.928476][ T11] team0 (unregistering): Port device team_slave_1 removed [ 288.983319][ T11] team0 (unregistering): Port device team_slave_0 removed [ 289.078171][ T5228] usb 3-1: Using ep0 maxpacket: 32 [ 289.090099][ T5228] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 289.123168][ T5228] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 289.138093][ T5228] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.146498][ T5228] usb 3-1: Product: syz [ 289.168115][ T5228] usb 3-1: Manufacturer: syz [ 289.173299][ T5228] usb 3-1: SerialNumber: syz [ 289.185042][ T5228] usb 3-1: config 0 descriptor?? [ 289.210312][ T5228] pvrusb2: Hardware description: Terratec Grabster AV400 [ 289.221438][ T5228] pvrusb2: ********** [ 289.230724][ T5228] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 289.256144][ T5228] pvrusb2: Important functionality might not be entirely working. [ 289.278143][ T5228] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 289.298090][ T5228] pvrusb2: ********** [ 289.417208][ T2037] pvrusb2: Invalid write control endpoint [ 289.435192][ T5228] usb 3-1: USB disconnect, device number 13 [ 289.526175][ T2037] pvrusb2: Invalid write control endpoint [ 289.547036][ T2037] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 289.590343][ T2037] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 289.612183][ T2037] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 289.652642][ T2037] pvrusb2: Device being rendered inoperable [ 289.679057][ T2037] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 289.691237][ T2037] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_d) [ 289.719613][ T2037] pvrusb2: Attached sub-driver cx25840 [ 289.725155][ T2037] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 289.774861][ T2037] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 290.047398][ T7930] team0: Port device team_slave_0 added [ 290.099482][ T7930] team0: Port device team_slave_1 added [ 291.181806][ T7930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 291.228945][ T7930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.280118][ T7930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 291.294864][ T7930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 291.307242][ T7930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.368270][ T7930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 291.725978][ T5221] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 291.740311][ T5221] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 291.751889][ T5221] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 291.762029][ T5221] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 291.770112][ T5221] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 291.778660][ T5221] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 291.818756][ T5266] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 291.907247][ T7930] hsr_slave_0: entered promiscuous mode [ 292.030929][ T8061] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 292.076331][ T7930] hsr_slave_1: entered promiscuous mode [ 292.097652][ T7930] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 292.122877][ T7930] Cannot create hsr debugfs directory [ 292.529444][ T5266] usb 2-1: Using ep0 maxpacket: 32 [ 292.599622][ T5266] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 292.607863][ T5266] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 292.673793][ T5266] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 292.707158][ T5266] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 292.742350][ T5266] usb 2-1: config 0 interface 0 has no altsetting 0 [ 292.769956][ T5266] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 292.791416][ T5266] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 292.820355][ T5266] usb 2-1: Product: syz [ 292.825363][ T5266] usb 2-1: Manufacturer: syz [ 292.856795][ T5266] usb 2-1: SerialNumber: syz [ 292.894339][ T5266] usb 2-1: config 0 descriptor?? [ 292.919226][ T5266] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 292.955040][ T8081] program syz.4.765 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 292.955308][ T5266] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 292.988687][ T8081] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 293.137438][ T5228] usb 2-1: USB disconnect, device number 7 [ 293.137510][ C1] ldusb 2-1:0.0: usb_submit_urb failed (-19) [ 293.177079][ T5228] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 293.351685][ T29] audit: type=1326 audit(1722196896.946:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8050 comm="syz.1.763" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x0 [ 293.829225][ T5221] Bluetooth: hci4: command tx timeout [ 294.320283][ T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.552083][ T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.693066][ T8051] chnl_net:caif_netlink_parms(): no params data found [ 294.828370][ T8117] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 294.905702][ T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.035580][ T29] audit: type=1326 audit(1722196898.606:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8118 comm="syz.2.776" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe66dd77299 code=0x0 [ 295.069871][ T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.353777][ T8051] bridge0: port 1(bridge_slave_0) entered blocking state [ 295.361278][ T8051] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.369606][ T8051] bridge_slave_0: entered allmulticast mode [ 295.377570][ T8051] bridge_slave_0: entered promiscuous mode [ 295.397050][ T8051] bridge0: port 2(bridge_slave_1) entered blocking state [ 295.414397][ T8051] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.426213][ T8051] bridge_slave_1: entered allmulticast mode [ 295.454613][ T8051] bridge_slave_1: entered promiscuous mode [ 295.462464][ T7930] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 295.492353][ T7930] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 295.746583][ T8051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 295.772685][ T7930] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 295.798802][ T8051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 295.908885][ T5221] Bluetooth: hci4: command tx timeout [ 296.545929][ T7930] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 296.713248][ T8135] pimreg: entered allmulticast mode [ 296.737235][ T35] bridge_slave_1: left allmulticast mode [ 296.743211][ T35] bridge_slave_1: left promiscuous mode [ 296.751172][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.798691][ T35] bridge_slave_0: left allmulticast mode [ 296.823462][ T35] bridge_slave_0: left promiscuous mode [ 296.839014][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.846006][ T8137] program syz.2.780 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 296.867690][ T8137] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 297.715400][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 297.730520][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 297.742240][ T35] bond0 (unregistering): Released all slaves [ 297.784227][ T8051] team0: Port device team_slave_0 added [ 297.791542][ T8135] pimreg: left allmulticast mode [ 297.811228][ T8] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 297.914708][ T8051] team0: Port device team_slave_1 added [ 297.988960][ T5221] Bluetooth: hci4: command tx timeout [ 298.018211][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 298.029860][ T5221] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 298.047879][ T8] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 298.056883][ T8] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 298.070785][ T8] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 298.082461][ T8] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 298.107994][ T8] usb 3-1: config 0 interface 0 has no altsetting 0 [ 298.136078][ T8] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 298.164493][ T8] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 298.202342][ T8] usb 3-1: Product: syz [ 298.206652][ T8] usb 3-1: Manufacturer: syz [ 298.229627][ T8] usb 3-1: SerialNumber: syz [ 298.249357][ T8] usb 3-1: config 0 descriptor?? [ 298.276310][ T8] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 298.308710][ T8051] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 298.312725][ T8] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 298.336077][ T8051] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 298.362042][ C1] vkms_vblank_simulate: vblank timer overrun [ 298.376527][ T8051] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 298.449613][ T8051] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 298.475436][ T8051] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 298.554607][ T8051] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 298.580984][ T8] usb 3-1: USB disconnect, device number 14 [ 298.592346][ T8] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 299.090351][ T29] audit: type=1326 audit(1722196902.676:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8142 comm="syz.2.783" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe66dd77299 code=0x0 [ 299.424296][ T35] hsr_slave_0: left promiscuous mode [ 299.447373][ T35] hsr_slave_1: left promiscuous mode [ 299.467703][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 299.487053][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 299.521286][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 299.526919][ T8166] netlink: 'syz.4.788': attribute type 1 has an invalid length. [ 299.535777][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 299.544521][ T8166] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.788'. [ 299.620646][ T35] veth1_macvtap: left promiscuous mode [ 299.633300][ T35] veth0_macvtap: left promiscuous mode [ 299.648784][ T35] veth1_vlan: left promiscuous mode [ 299.667935][ T35] veth0_vlan: left promiscuous mode [ 300.078432][ T5221] Bluetooth: hci4: command tx timeout [ 301.153376][ T8191] program syz.4.791 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 301.170916][ T8191] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 301.204742][ T8192] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 302.092249][ T35] team0 (unregistering): Port device team_slave_1 removed [ 302.181380][ T35] team0 (unregistering): Port device team_slave_0 removed [ 302.884077][ T5226] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 303.084824][ T8051] hsr_slave_0: entered promiscuous mode [ 303.110223][ T8051] hsr_slave_1: entered promiscuous mode [ 303.122899][ T8051] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 303.144947][ T8051] Cannot create hsr debugfs directory [ 303.203157][ T8214] pimreg: entered allmulticast mode [ 303.208981][ T8215] pimreg: left allmulticast mode [ 303.227238][ T8223] netlink: 'syz.4.797': attribute type 1 has an invalid length. [ 303.244474][ T8223] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.797'. [ 303.453780][ T7930] 8021q: adding VLAN 0 to HW filter on device bond0 [ 303.488343][ T7930] 8021q: adding VLAN 0 to HW filter on device team0 [ 303.582479][ T5228] bridge0: port 1(bridge_slave_0) entered blocking state [ 303.590002][ T5228] bridge0: port 1(bridge_slave_0) entered forwarding state [ 303.656363][ T5228] bridge0: port 2(bridge_slave_1) entered blocking state [ 303.663707][ T5228] bridge0: port 2(bridge_slave_1) entered forwarding state [ 304.488509][ T8235] program syz.1.800 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 304.500537][ T25] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 304.511036][ T8235] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 304.848354][ T25] usb 5-1: Using ep0 maxpacket: 32 [ 304.884608][ T25] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 304.902381][ T25] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 304.927103][ T25] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 304.965574][ T25] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 304.991644][ T25] usb 5-1: config 0 interface 0 has no altsetting 0 [ 305.020985][ T25] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 305.044155][ T25] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 305.077201][ T25] usb 5-1: Product: syz [ 305.090783][ T8244] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 305.112781][ T25] usb 5-1: Manufacturer: syz [ 305.117470][ T25] usb 5-1: SerialNumber: syz [ 305.164262][ T25] usb 5-1: config 0 descriptor?? [ 305.204563][ T25] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 305.256165][ T25] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 305.416284][ T25] usb 5-1: USB disconnect, device number 7 [ 305.422216][ C1] ldusb 5-1:0.0: usb_submit_urb failed (-19) [ 305.472473][ T25] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 305.631757][ T29] audit: type=1326 audit(1722196909.226:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8224 comm="syz.4.798" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1051d77299 code=0x0 [ 305.676900][ T8051] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 305.715747][ T8051] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 305.743394][ T7930] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 305.764221][ T8051] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 305.791085][ T8051] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 306.043736][ T7930] veth0_vlan: entered promiscuous mode [ 306.119848][ T5226] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 306.129828][ T7930] veth1_vlan: entered promiscuous mode [ 306.223531][ T8051] 8021q: adding VLAN 0 to HW filter on device bond0 [ 306.313860][ T8051] 8021q: adding VLAN 0 to HW filter on device team0 [ 306.360877][ T5270] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.368123][ T5270] bridge0: port 1(bridge_slave_0) entered forwarding state [ 306.415555][ T7930] veth0_macvtap: entered promiscuous mode [ 306.463822][ T5270] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.471030][ T5270] bridge0: port 2(bridge_slave_1) entered forwarding state [ 306.490526][ T8268] netlink: 'syz.1.806': attribute type 1 has an invalid length. [ 306.507636][ T7930] veth1_macvtap: entered promiscuous mode [ 306.514038][ T8268] netlink: 157116 bytes leftover after parsing attributes in process `syz.1.806'. [ 306.624355][ T7930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.650144][ T7930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.687295][ T7930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.710382][ T7930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.740496][ T7930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.788556][ T7930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.822591][ T7930] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 306.953478][ T7930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.020407][ T7930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.031291][ T7930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.042675][ T7930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.052614][ T7930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.063158][ T7930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.074890][ T7930] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 307.115748][ T7930] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.215579][ T7930] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.268009][ T7930] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.465286][ T7930] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.805644][ T8279] pimreg: entered allmulticast mode [ 307.812317][ T8281] pimreg: left allmulticast mode [ 308.241719][ T961] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 308.281233][ T961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 308.420101][ T2935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 308.440165][ T2935] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 308.732261][ T8051] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 308.781660][ T8307] binder: 8306:8307 ioctl 4018620d 0 returned -22 [ 308.957904][ T8051] veth0_vlan: entered promiscuous mode [ 308.996569][ T8051] veth1_vlan: entered promiscuous mode [ 309.002795][ T8311] netlink: 'syz.4.815': attribute type 1 has an invalid length. [ 309.022190][ T8311] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.815'. [ 309.088934][ T5267] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 309.090983][ T8051] veth0_macvtap: entered promiscuous mode [ 309.112136][ T8051] veth1_macvtap: entered promiscuous mode [ 309.135670][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.173832][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.208545][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.243383][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.272070][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.300783][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.315952][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.328324][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.357409][ T8051] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.382927][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.396915][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.427745][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.439799][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.471801][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.492456][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.502389][ T8322] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 309.514229][ T5265] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 309.531827][ T8051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.543451][ T8051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.554018][ T5267] usb 3-1: Using ep0 maxpacket: 8 [ 309.561923][ T5267] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 309.572230][ T8051] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.579808][ T5267] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 309.600015][ T8051] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.609580][ T5267] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 309.621244][ T8051] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.630879][ T5267] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 309.644172][ T8051] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.654018][ T5267] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 309.675695][ T8051] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.685163][ T5267] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 309.717632][ T5267] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.729841][ T5265] usb 1-1: Using ep0 maxpacket: 32 [ 309.744528][ T5265] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 309.765431][ T5265] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 309.781103][ T5265] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 309.852175][ T5265] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 309.929527][ T5265] usb 1-1: config 0 interface 0 has no altsetting 0 [ 309.939863][ T5265] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 309.949110][ T5265] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 309.975241][ T5265] usb 1-1: Product: syz [ 309.982473][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.987734][ T5265] usb 1-1: Manufacturer: syz [ 309.997150][ T5265] usb 1-1: SerialNumber: syz [ 310.009308][ T5267] usb 3-1: usb_control_msg returned -32 [ 310.014942][ T5267] usbtmc 3-1:16.0: can't read capabilities [ 310.027863][ T5265] usb 1-1: config 0 descriptor?? [ 310.036656][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.059703][ T5265] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 310.105346][ T5265] ldusb 1-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 310.156627][ T2935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.179834][ T2935] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.285176][ T5270] usb 1-1: USB disconnect, device number 9 [ 310.324745][ T5270] ldusb 1-1:0.0: LD USB Device #1 now disconnected [ 310.397223][ T8324] usbtmc 3-1:16.0: INDICATOR_PULSE returned 0 [ 310.520192][ T29] audit: type=1326 audit(1722196914.116:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8312 comm="syz.0.816" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd058177299 code=0x0 [ 310.674715][ T5270] usb 3-1: USB disconnect, device number 15 [ 311.707970][ T29] audit: type=1326 audit(1722196915.296:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8337 comm="syz.2.821" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe66dd77299 code=0x0 [ 312.246554][ T8353] netlink: 'syz.1.827': attribute type 1 has an invalid length. [ 312.254794][ T8353] netlink: 157116 bytes leftover after parsing attributes in process `syz.1.827'. [ 312.708857][ T8369] binder: 8367:8369 ioctl 4018620d 0 returned -22 [ 312.998253][ T25] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 313.898272][ T25] usb 3-1: Using ep0 maxpacket: 8 [ 314.144505][ T25] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 314.328524][ T25] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 314.348342][ T25] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 314.368767][ T25] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 315.082865][ T25] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 315.096077][ T25] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 315.108129][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.278345][ T8392] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 315.469455][ T25] usb 3-1: usb_control_msg returned -32 [ 315.475191][ T25] usbtmc 3-1:16.0: can't read capabilities [ 315.748344][ T5270] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 315.870073][ T8399] usbtmc 3-1:16.0: INDICATOR_PULSE returned 0 [ 315.889981][ T8400] netlink: 'syz.4.838': attribute type 1 has an invalid length. [ 315.897767][ T8400] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.838'. [ 315.958184][ T5270] usb 4-1: Using ep0 maxpacket: 32 [ 315.989592][ T5270] usb 4-1: config index 0 descriptor too short (expected 156, got 27) [ 316.006349][ T5270] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 316.018307][ T5270] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 316.049885][ T5270] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 316.074066][ T5270] usb 4-1: config 0 interface 0 has no altsetting 0 [ 316.080563][ T8404] pimreg: entered allmulticast mode [ 316.093587][ T5270] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 316.106581][ T8404] pimreg: left allmulticast mode [ 316.108455][ T5270] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 316.129680][ T5270] usb 4-1: Product: syz [ 316.137436][ T5270] usb 4-1: Manufacturer: syz [ 316.144682][ T5270] usb 4-1: SerialNumber: syz [ 316.173592][ T5270] usb 4-1: config 0 descriptor?? [ 316.201228][ T5270] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 316.214267][ T8407] netlink: 16 bytes leftover after parsing attributes in process `syz.4.840'. [ 316.224329][ T5270] ldusb 4-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 316.226949][ T8407] netlink: 'syz.4.840': attribute type 32 has an invalid length. [ 316.363224][ T29] audit: type=1326 audit(1722196919.956:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8409 comm="syz.0.841" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd058177299 code=0x0 [ 316.414267][ T5270] usb 4-1: USB disconnect, device number 3 [ 316.426787][ T8412] netlink: 4 bytes leftover after parsing attributes in process `syz.4.840'. [ 316.428895][ T5270] ldusb 4-1:0.0: LD USB Device #1 now disconnected [ 316.454950][ T5269] usb 3-1: USB disconnect, device number 16 [ 316.644757][ T29] audit: type=1326 audit(1722196920.236:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8393 comm="syz.3.836" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fab7ed77299 code=0x0 [ 316.801879][ T8417] ax25_connect(): syz.1.842 uses autobind, please contact jreuter@yaina.de [ 317.353699][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.360346][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.696724][ T8421] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 319.812271][ T8444] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 319.972634][ T8450] netlink: 'syz.3.850': attribute type 1 has an invalid length. [ 320.003571][ T8450] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.850'. [ 321.315192][ T8460] binder: 8459:8460 ioctl 4018620d 0 returned -22 [ 321.506737][ T29] audit: type=1326 audit(1722196925.096:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8461 comm="syz.2.854" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe66dd77299 code=0x0 [ 321.651815][ T5269] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 321.838710][ T5269] usb 4-1: Using ep0 maxpacket: 8 [ 321.846201][ T5269] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 321.856864][ T5269] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 321.877138][ T8469] netlink: 16 bytes leftover after parsing attributes in process `syz.0.856'. [ 321.895643][ T5269] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 321.913377][ T5269] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 321.934695][ T5269] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 321.954569][ T5269] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 321.966415][ T5269] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.984013][ T8469] netlink: 'syz.0.856': attribute type 32 has an invalid length. [ 322.184025][ T8472] netlink: 4 bytes leftover after parsing attributes in process `syz.0.856'. [ 322.285615][ T5269] usb 4-1: usb_control_msg returned -32 [ 322.301766][ T5269] usbtmc 4-1:16.0: can't read capabilities [ 322.643084][ T8488] usbtmc 4-1:16.0: INDICATOR_PULSE returned 0 [ 322.727250][ T5269] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 322.868975][ T8494] ax25_connect(): syz.4.861 uses autobind, please contact jreuter@yaina.de [ 323.630658][ T5266] usb 4-1: USB disconnect, device number 4 [ 323.638164][ T5269] usb 3-1: Using ep0 maxpacket: 32 [ 323.663945][ T5269] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 323.682698][ T5269] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 323.714208][ T5269] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 323.920949][ T5269] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 323.935966][ T5269] usb 3-1: config 0 interface 0 has no altsetting 0 [ 323.954093][ T5269] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 323.973705][ T5269] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 323.984992][ T5269] usb 3-1: Product: syz [ 323.990442][ T5269] usb 3-1: Manufacturer: syz [ 324.060751][ T8498] netlink: 'syz.1.863': attribute type 1 has an invalid length. [ 324.068924][ T5269] usb 3-1: SerialNumber: syz [ 324.104199][ T8498] netlink: 157116 bytes leftover after parsing attributes in process `syz.1.863'. [ 324.109056][ T5269] usb 3-1: config 0 descriptor?? [ 324.146564][ T5269] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 324.171626][ T5269] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 324.389677][ T5266] usb 3-1: USB disconnect, device number 17 [ 324.389732][ C0] ldusb 3-1:0.0: usb_submit_urb failed (-19) [ 324.406232][ T8506] fuse: Bad value for 'fd' [ 324.449316][ T5266] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 324.616895][ T29] audit: type=1326 audit(1722196928.206:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8477 comm="syz.2.858" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe66dd77299 code=0x0 [ 324.721948][ T8517] ax25_connect(): syz.1.869 uses autobind, please contact jreuter@yaina.de [ 325.653479][ T8524] overlay: Unknown parameter '/' [ 326.470924][ T8542] 9pnet_fd: Insufficient options for proto=fd [ 327.445433][ T8552] fuse: Bad value for 'fd' [ 327.460858][ T8554] binder: 8551:8554 ioctl 4018620d 0 returned -22 [ 327.541075][ T8548] netlink: 'syz.0.877': attribute type 1 has an invalid length. [ 327.561993][ T8548] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.877'. [ 327.754722][ T5269] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 327.978128][ T5269] usb 5-1: Using ep0 maxpacket: 8 [ 328.018150][ T5269] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 328.034951][ T5269] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 328.045483][ T5269] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 328.820374][ T5269] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 328.835361][ T5269] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 328.858360][ T5269] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 328.869846][ T5269] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.198999][ T5269] usb 5-1: usb_control_msg returned -32 [ 329.217739][ T5269] usbtmc 5-1:16.0: can't read capabilities [ 329.789712][ T8588] netlink: 4 bytes leftover after parsing attributes in process `syz.1.888'. [ 329.951029][ T8588] hsr_slave_1 (unregistering): left promiscuous mode [ 330.248297][ T5265] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 330.564029][ T8597] 9pnet_fd: Insufficient options for proto=fd [ 332.558277][ T5265] usb 1-1: Using ep0 maxpacket: 32 [ 332.578252][ T5265] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 332.614300][ T5265] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 332.660741][ T52] usb 5-1: USB disconnect, device number 8 [ 332.665840][ T5265] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 332.715735][ T5265] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 332.760479][ T8610] netlink: 'syz.2.894': attribute type 1 has an invalid length. [ 332.789223][ T5265] usb 1-1: config 0 interface 0 has no altsetting 0 [ 332.808247][ T8610] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.894'. [ 332.842865][ T5265] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 332.858861][ T5265] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 332.886382][ T5265] usb 1-1: Product: syz [ 332.898402][ T5265] usb 1-1: Manufacturer: syz [ 332.908185][ T5265] usb 1-1: SerialNumber: syz [ 332.960535][ T5265] usb 1-1: config 0 descriptor?? [ 333.106990][ T5265] usb 1-1: can't set config #0, error -71 [ 333.145457][ T5265] usb 1-1: USB disconnect, device number 10 [ 333.816841][ T8625] overlay: Unknown parameter '/' [ 335.345935][ T8641] hfs: can't find a HFS filesystem on dev nullb0 [ 337.586285][ T8653] binder: 8649:8653 ioctl 4018620d 0 returned -22 [ 337.681153][ T8659] input: syz0 as /devices/virtual/input/input7 [ 337.718785][ T8658] netlink: 'syz.0.907': attribute type 1 has an invalid length. [ 337.749770][ T8658] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.907'. [ 337.928146][ T5313] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 338.044745][ T8672] overlayfs: failed to resolve './file1': -2 [ 338.051311][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 338.118184][ T5313] usb 5-1: Using ep0 maxpacket: 8 [ 338.140772][ T5313] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 338.164638][ T5313] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 338.185147][ T5313] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 338.218971][ T5313] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 338.238389][ T5313] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 338.265511][ T9] usb 4-1: config 252 interface 0 has no altsetting 0 [ 338.267728][ T5313] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 338.288277][ T9] usb 4-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 338.297596][ T5313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.317026][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.600153][ T5313] usb 5-1: usb_control_msg returned -32 [ 338.605890][ T5313] usbtmc 5-1:16.0: can't read capabilities [ 338.616459][ T9] usb 4-1: USB disconnect, device number 5 [ 338.841381][ T8663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 338.957764][ T8690] usbtmc 5-1:16.0: INDICATOR_PULSE returned 0 [ 339.128266][ T5313] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 339.329990][ T5313] usb 3-1: Using ep0 maxpacket: 32 [ 339.408567][ T5313] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 339.422287][ T5313] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 339.431757][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 339.444763][ T5313] usb 3-1: Product: syz [ 339.455897][ T5313] usb 3-1: Manufacturer: syz [ 339.467506][ T5313] usb 3-1: SerialNumber: syz [ 339.523139][ T5313] usb 3-1: config 0 descriptor?? [ 339.579062][ T8686] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 339.580661][ T9] usb 5-1: USB disconnect, device number 9 [ 339.924326][ T5226] Bluetooth: hci1: command 0x0406 tx timeout [ 340.913891][ T1850] usb 3-1: USB disconnect, device number 18 [ 341.523912][ T8710] netlink: 'syz.3.920': attribute type 1 has an invalid length. [ 341.552826][ T8710] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.920'. [ 341.745290][ T8717] overlayfs: failed to resolve './file1': -2 [ 342.173938][ T8727] hfs: can't find a HFS filesystem on dev nullb0 [ 343.022749][ T8733] binder: 8732:8733 ioctl 4018620d 0 returned -22 [ 343.438413][ T52] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 345.368212][ T52] usb 3-1: Using ep0 maxpacket: 8 [ 345.406581][ T52] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 345.448250][ T52] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 345.484640][ T52] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 345.558163][ T52] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 345.623374][ T52] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 345.675728][ T52] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 345.721516][ T52] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.722613][ T8750] netlink: 'syz.4.934': attribute type 1 has an invalid length. [ 345.758454][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 345.766257][ T8750] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.934'. [ 345.930015][ T8754] overlayfs: failed to resolve './file1': -2 [ 345.986559][ T9] usb 2-1: config 252 interface 0 has no altsetting 0 [ 346.001006][ T9] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 346.007775][ T52] usb 3-1: usb_control_msg returned -32 [ 346.016926][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.043618][ T52] usbtmc 3-1:16.0: can't read capabilities [ 346.295333][ T5313] usb 2-1: USB disconnect, device number 8 [ 346.402670][ T8767] usbtmc 3-1:16.0: INDICATOR_PULSE returned 0 [ 346.713188][ T8740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 347.099057][ T9] usb 3-1: USB disconnect, device number 19 [ 347.667024][ T52] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 347.841815][ T52] usb 1-1: device descriptor read/64, error -71 [ 347.855375][ T8784] netlink: 12 bytes leftover after parsing attributes in process `syz.2.944'. [ 348.169807][ T52] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 348.392634][ T8784] bond1: entered promiscuous mode [ 348.397842][ T52] usb 1-1: device descriptor read/64, error -71 [ 348.428332][ T8785] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 348.447149][ T8785] bond1: (slave ip6gre1): Error -95 calling set_mac_address [ 348.528780][ T52] usb usb1-port1: attempt power cycle [ 348.822215][ T8794] netlink: 'syz.2.948': attribute type 1 has an invalid length. [ 348.869785][ T8794] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.948'. [ 348.948284][ T52] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 349.018396][ T52] usb 1-1: device descriptor read/8, error -71 [ 349.058522][ T8805] binder: 8804:8805 ioctl 4018620d 0 returned -22 [ 349.292292][ T52] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 349.338196][ T5313] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 350.101381][ T52] usb 1-1: device descriptor read/8, error -71 [ 350.268912][ T52] usb usb1-port1: unable to enumerate USB device [ 350.338541][ T5313] usb 3-1: Using ep0 maxpacket: 8 [ 350.604666][ T5313] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 350.613347][ T5313] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 350.624440][ T5313] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 350.634653][ T5313] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 350.650446][ T5313] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 350.705842][ T5313] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 350.786978][ T5313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.924901][ T8844] overlayfs: failed to resolve './file1': -2 [ 352.484730][ T8841] netlink: 'syz.0.964': attribute type 1 has an invalid length. [ 352.533901][ T8841] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.964'. [ 352.685712][ T5313] usb 3-1: usb_control_msg returned -32 [ 352.698135][ T5313] usbtmc 3-1:16.0: can't read capabilities [ 354.118419][ T5228] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 354.152045][ T25] usb 3-1: USB disconnect, device number 20 [ 354.278359][ T5228] usb 5-1: device descriptor read/64, error -71 [ 356.052249][ T8885] netlink: 'syz.1.978': attribute type 1 has an invalid length. [ 356.085497][ T8885] netlink: 157116 bytes leftover after parsing attributes in process `syz.1.978'. [ 356.469434][ T5228] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 356.628312][ T5228] usb 5-1: device descriptor read/64, error -71 [ 356.748752][ T5228] usb usb5-port1: attempt power cycle [ 356.916694][ T8905] netlink: 16 bytes leftover after parsing attributes in process `syz.0.986'. [ 357.013212][ T8905] netlink: 'syz.0.986': attribute type 32 has an invalid length. [ 357.291079][ T8910] netlink: 4 bytes leftover after parsing attributes in process `syz.0.986'. [ 362.442950][ T8969] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1002'. [ 363.212862][ T8969] fuse: Bad value for 'fd' [ 363.219430][ T8969] netlink: 'syz.2.1002': attribute type 32 has an invalid length. [ 363.413714][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1002'. [ 363.682987][ T8979] usb usb8: usbfs: process 8979 (syz.3.1006) did not claim interface 0 before use [ 369.626606][ T9024] overlayfs: failed to resolve './file1': -2 [ 372.179612][ T9045] usb usb8: usbfs: process 9045 (syz.2.1020) did not claim interface 0 before use [ 373.931847][ T9070] overlayfs: failed to resolve './file1': -2 [ 374.599585][ T5265] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 376.814791][ T5265] usb 4-1: Using ep0 maxpacket: 32 [ 376.827554][ T5265] usb 4-1: device descriptor read/all, error -71 [ 378.826012][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.832574][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.737161][ T9142] overlayfs: failed to resolve './file1': -2 [ 385.699756][ T9177] fuse: Bad value for 'group_id' [ 385.717716][ T9177] fuse: Bad value for 'group_id' [ 388.581872][ T9207] ip6erspan0: entered allmulticast mode [ 392.027066][ T9240] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1073'. [ 392.096483][ T9244] overlayfs: missing 'lowerdir' [ 393.241389][ T29] audit: type=1326 audit(1722196996.826:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9255 comm="syz.1.1080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 393.922307][ T29] audit: type=1326 audit(1722196996.826:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9255 comm="syz.1.1080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 394.035680][ T29] audit: type=1326 audit(1722196997.306:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9255 comm="syz.1.1080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 395.616295][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 395.898364][ T9] usb 4-1: config 252 has an invalid interface number: 181 but max is 0 [ 395.929791][ T9] usb 4-1: config 252 has no interface number 0 [ 395.936165][ T9] usb 4-1: config 252 interface 181 has no altsetting 0 [ 396.006569][ T9] usb 4-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 396.064819][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.344154][ T9] usb 4-1: USB disconnect, device number 8 [ 396.545726][ T9273] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 396.599198][ T9295] overlayfs: missing 'lowerdir' [ 398.500947][ T29] audit: type=1326 audit(1722197001.686:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9299 comm="syz.1.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 398.848147][ T29] audit: type=1326 audit(1722197002.096:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9299 comm="syz.1.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 399.003067][ T29] audit: type=1326 audit(1722197002.326:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9299 comm="syz.1.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 400.689401][ T9340] overlayfs: missing 'workdir' [ 401.858474][ T29] audit: type=1326 audit(1722197005.456:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9350 comm="syz.1.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 402.065064][ T29] audit: type=1326 audit(1722197005.456:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9350 comm="syz.1.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 402.203031][ T29] audit: type=1326 audit(1722197005.746:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9350 comm="syz.1.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581c177299 code=0x7fc00000 [ 402.878215][ T5228] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 403.074243][ T5228] usb 2-1: config 252 has an invalid interface number: 181 but max is 0 [ 403.101720][ T5228] usb 2-1: config 252 has no interface number 0 [ 403.136464][ T5228] usb 2-1: config 252 interface 181 has no altsetting 0 [ 403.157722][ T5228] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 403.202350][ T5228] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.550893][ T5267] usb 2-1: USB disconnect, device number 9 [ 404.341986][ T9376] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 404.996881][ T9387] overlayfs: missing 'workdir' [ 406.478487][ T5226] Bluetooth: hci0: command 0x0406 tx timeout [ 406.624293][ T9402] ip6erspan0: entered allmulticast mode [ 407.189605][ T9419] overlayfs: missing 'workdir' [ 409.598174][ T5228] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 409.790490][ T5228] usb 5-1: config 252 has an invalid interface number: 181 but max is 0 [ 409.838301][ T5228] usb 5-1: config 252 has no interface number 0 [ 409.844916][ T5228] usb 5-1: config 252 interface 181 has no altsetting 0 [ 409.855634][ T5228] usb 5-1: New USB device found, idVendor=0bb4, idProduct=0a84, bcdDevice=65.87 [ 409.865735][ T5228] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.094765][ T5228] usb 5-1: USB disconnect, device number 13 [ 410.294252][ T9443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 410.980259][ T25] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 411.208359][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 411.318046][ T25] usb 2-1: config 0 has an invalid interface number: 7 but max is 0 [ 411.508424][ T25] usb 2-1: config 0 has no interface number 0 [ 411.523530][ T25] usb 2-1: config 0 interface 7 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 411.597127][ T25] usb 2-1: config 0 interface 7 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 411.639680][ T25] usb 2-1: config 0 interface 7 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 411.711767][ T25] usb 2-1: New USB device found, idVendor=0f3d, idProduct=68a3, bcdDevice=14.f8 [ 411.763262][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.802111][ T25] usb 2-1: Product: syz [ 411.830497][ T25] usb 2-1: Manufacturer: syz [ 411.835254][ T25] usb 2-1: SerialNumber: syz [ 411.877660][ T25] usb 2-1: config 0 descriptor?? [ 411.901494][ T25] usb 2-1: Expected 3 endpoints, found: 2 [ 412.143379][ T25] usb 2-1: USB disconnect, device number 10 [ 412.332616][ T9470] overlayfs: missing 'lowerdir' [ 415.489947][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 416.708360][ T5226] Bluetooth: hci4: command 0x0406 tx timeout [ 419.855237][ T9511] ip6erspan0: entered allmulticast mode [ 420.069146][ T9518] overlayfs: missing 'lowerdir' [ 422.229038][ T25] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 422.465454][ T25] usb 5-1: config 1 has an invalid interface descriptor of length 2, skipping [ 422.488116][ T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 422.524579][ T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 422.591216][ T25] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 422.601725][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.614991][ T25] usb 5-1: Product: syz [ 422.620853][ T25] usb 5-1: Manufacturer: syz [ 422.626530][ T25] usb 5-1: SerialNumber: syz [ 423.049685][ T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 423.255473][ T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 423.295494][ T25] usb 5-1: 0:2 : does not exist [ 423.312578][ T25] usb 5-1: USB disconnect, device number 14 [ 423.320029][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 423.353025][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 424.036303][ T9507] udevd[9507]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 424.201275][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 424.218625][ T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 424.228515][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.240234][ T9] usb 1-1: config 0 descriptor?? [ 424.269134][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 424.337175][ T25] kernel write not supported for file /snd/seq (pid: 25 comm: kworker/1:0) [ 424.691079][ T9] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 424.757467][ T9] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 424.771061][ T9568] overlayfs: missing 'lowerdir' [ 425.129722][ T9] usb 1-1: USB disconnect, device number 15 [ 428.027487][ T9597] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1176'. [ 428.409181][ T5268] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 428.423631][ T9604] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 428.463775][ T9604] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 428.839855][ T5268] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 428.850735][ T5268] usb 5-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 428.901144][ T5268] usb 5-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41 [ 428.917305][ T5268] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 428.946125][ T5268] usb 5-1: Product: syz [ 428.995564][ T5268] usb 5-1: Manufacturer: syz [ 429.001936][ T5268] usb 5-1: SerialNumber: syz [ 429.042745][ T5268] usb 5-1: ucan: probing device on interface #0 [ 429.058107][ T5268] usb 5-1: ucan: invalid EP count (0) [ 429.075050][ T5268] usb 5-1: ucan: probe failed; try to update the device firmware [ 430.194461][ T5268] usb 5-1: USB disconnect, device number 15 [ 432.697222][ T9638] netlink: 'syz.4.1188': attribute type 1 has an invalid length. [ 432.736831][ T9638] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.1188'. [ 432.951712][ T9643] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 432.978833][ T9643] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 433.108186][ T5268] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 433.559943][ T9655] hfs: can't find a HFS filesystem on dev nullb0 [ 434.708077][ T5268] usb 3-1: Using ep0 maxpacket: 32 [ 434.722978][ T5268] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 434.733396][ T5268] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0 [ 434.745968][ T5268] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 434.755135][ T5268] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 434.769319][ T5268] usb 3-1: Product: syz [ 434.773556][ T5268] usb 3-1: Manufacturer: syz [ 434.795482][ T5268] usb 3-1: SerialNumber: syz [ 434.821097][ T5268] usb 3-1: config 0 descriptor?? [ 434.869698][ T9666] pimreg: entered allmulticast mode [ 434.880936][ T9666] pimreg: left allmulticast mode [ 435.036548][ T9671] netlink: 'syz.0.1202': attribute type 1 has an invalid length. [ 435.057255][ T5270] usb 3-1: USB disconnect, device number 21 [ 435.059230][ T9671] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.1202'. [ 435.298869][ T9677] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 435.331339][ T9677] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 435.587174][ T9685] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1206'. [ 436.800530][ T9705] netlink: 'syz.0.1214': attribute type 1 has an invalid length. [ 436.856341][ T9705] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.1214'. [ 437.448629][ T5270] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 437.648225][ T5270] usb 1-1: Using ep0 maxpacket: 32 [ 437.710033][ T5270] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 437.757181][ T5270] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0 [ 437.826588][ T5270] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 437.860855][ T5270] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 437.893848][ T9734] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1223'. [ 437.940844][ T9735] 9pnet_fd: Insufficient options for proto=fd [ 438.720119][ T5270] usb 1-1: Product: syz [ 438.724802][ T5270] usb 1-1: Manufacturer: syz [ 438.729742][ T5270] usb 1-1: SerialNumber: syz [ 438.737310][ T5270] usb 1-1: config 0 descriptor?? [ 438.977139][ T5267] usb 1-1: USB disconnect, device number 16 [ 440.054226][ T5270] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 440.466908][ T5270] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 440.652991][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.682888][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.065452][ T5270] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 441.078548][ T5270] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 441.094292][ T5270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 441.103590][ T5270] usb 3-1: Product: syz [ 441.107807][ T5270] usb 3-1: Manufacturer: syz [ 441.119829][ T5270] usb 3-1: SerialNumber: syz [ 441.153417][ T9759] netlink: 'syz.0.1229': attribute type 1 has an invalid length. [ 441.204644][ T9759] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.1229'. [ 441.365617][ T5270] usb 3-1: 0:2 : does not exist [ 442.503183][ T5270] usb 3-1: USB disconnect, device number 22 [ 443.039496][ T9507] udevd[9507]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 443.838153][ T25] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 444.028090][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 444.041865][ T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 444.064166][ T25] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 444.075168][ T25] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 444.105725][ T25] usb 1-1: Product: syz [ 444.119628][ T25] usb 1-1: Manufacturer: syz [ 444.124982][ T25] usb 1-1: SerialNumber: syz [ 444.177181][ T25] usb 1-1: config 0 descriptor?? [ 444.191264][ T9782] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 444.489047][ T5267] usb 1-1: USB disconnect, device number 17 [ 445.895561][ T9814] 9pnet_fd: Insufficient options for proto=fd [ 446.263854][ T9811] netlink: 'syz.3.1245': attribute type 1 has an invalid length. [ 446.504066][ T9811] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.1245'. [ 448.544401][ T9837] 9pnet_fd: Insufficient options for proto=fd [ 450.111907][ T25] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 450.568115][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 450.581086][ T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 450.623937][ T25] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 450.641175][ T25] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 450.652717][ T25] usb 1-1: Product: syz [ 450.657010][ T25] usb 1-1: Manufacturer: syz [ 450.664804][ T25] usb 1-1: SerialNumber: syz [ 450.674694][ T25] usb 1-1: config 0 descriptor?? [ 450.688438][ T9833] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 450.719298][ T9856] netlink: 'syz.2.1259': attribute type 1 has an invalid length. [ 450.727102][ T9856] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.1259'. [ 450.922308][ T25] usb 1-1: USB disconnect, device number 18 [ 451.001425][ T9858] pimreg: entered allmulticast mode [ 451.043292][ T9858] pimreg: left allmulticast mode [ 453.620896][ T9877] 9pnet_fd: Insufficient options for proto=fd [ 455.277451][ T9890] netlink: 'syz.3.1271': attribute type 1 has an invalid length. [ 455.296135][ T9890] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.1271'. [ 455.768372][ T5270] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 456.021316][ T5270] usb 5-1: Using ep0 maxpacket: 32 [ 456.029273][ T5270] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 456.853116][ T5270] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 456.868360][ T5270] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 456.876594][ T5270] usb 5-1: Product: syz [ 456.888147][ T5270] usb 5-1: Manufacturer: syz [ 456.900301][ T5270] usb 5-1: SerialNumber: syz [ 456.958755][ T5270] usb 5-1: config 0 descriptor?? [ 456.985123][ T9898] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 457.568355][ T9916] dummy0: entered promiscuous mode [ 457.664962][ T5268] usb 5-1: USB disconnect, device number 16 [ 457.894867][ T9931] netlink: 'syz.2.1286': attribute type 1 has an invalid length. [ 457.907342][ T9931] netlink: 157116 bytes leftover after parsing attributes in process `syz.2.1286'. [ 457.926684][ T9932] netlink: 'syz.3.1285': attribute type 10 has an invalid length. [ 458.165878][ T9932] team0: Port device geneve1 added [ 460.693745][ T9960] fuse: Bad value for 'fd' [ 461.760071][ T9968] netlink: 'syz.1.1298': attribute type 1 has an invalid length. [ 461.797948][ T9968] netlink: 157116 bytes leftover after parsing attributes in process `syz.1.1298'. [ 463.741674][ T9988] 9pnet_fd: Insufficient options for proto=fd [ 465.804624][T10007] fuse: Bad value for 'fd' [ 465.946544][T10012] netlink: 'syz.3.1312': attribute type 1 has an invalid length. [ 465.955015][T10012] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.1312'. [ 466.485492][T10022] 9pnet_fd: Insufficient options for proto=fd [ 467.738401][T10034] 9pnet_fd: Insufficient options for proto=fd [ 471.230672][T10056] fuse: Bad value for 'fd' [ 471.265834][T10055] netlink: 'syz.3.1324': attribute type 1 has an invalid length. [ 471.302031][T10055] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.1324'. [ 472.195454][T10064] netlink: 'syz.3.1327': attribute type 10 has an invalid length. [ 472.619038][T10071] netlink: 'syz.4.1328': attribute type 10 has an invalid length. [ 472.756123][T10071] team0: Port device geneve1 added [ 472.863251][T10075] 9pnet_fd: Insufficient options for proto=fd [ 478.798486][T10112] 9pnet: Could not find request transport: fd0x0000000000000005 [ 479.205667][T10122] 9pnet_fd: Insufficient options for proto=fd [ 479.371982][ T5228] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 479.798279][ T5228] usb 2-1: Using ep0 maxpacket: 32 [ 479.903993][ T5228] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 480.286695][ T5228] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 480.301459][ T5228] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 480.312698][ T5228] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 480.333702][ T5228] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 480.960954][ T5228] usb 2-1: config 0 interface 0 has no altsetting 0 [ 480.974798][ T5228] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 480.984819][ T5228] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 480.998057][ T5228] usb 2-1: Product: syz [ 481.019364][ T5228] usb 2-1: Manufacturer: syz [ 481.024045][ T5228] usb 2-1: SerialNumber: syz [ 481.076448][ T5228] usb 2-1: config 0 descriptor?? [ 481.094612][ T5228] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 481.138513][ T5228] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 481.593241][T10120] ldusb 2-1:0.0: Couldn't submit interrupt_in_urb -90 [ 481.805619][T10156] ldusb 2-1:0.0: Couldn't submit interrupt_in_urb -90 [ 481.883702][ T9] usb 2-1: USB disconnect, device number 11 [ 481.915232][T10159] 9pnet_fd: Insufficient options for proto=fd [ 482.630404][ T9] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 485.006009][T10184] 9pnet_fd: Insufficient options for proto=fd [ 487.770628][T10205] 9pnet_fd: Insufficient options for proto=fd [ 596.847972][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 596.855010][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P8051/1:b..l P10218/1:b..l P10219/3:b..l P10211/3:b..l [ 596.867279][ C0] rcu: (detected by 0, t=10502 jiffies, g=38845, q=237 ncpus=2) [ 596.875034][ C0] task:syz.1.1368 state:R running task stack:24048 pid:10211 tgid:10208 ppid:5227 flags:0x00004002 [ 596.888063][ C0] Call Trace: [ 596.891376][ C0] [ 596.894340][ C0] __schedule+0x17ae/0x4a10 [ 596.898928][ C0] ? __pfx___schedule+0x10/0x10 [ 596.903844][ C0] ? preempt_schedule+0xe1/0xf0 [ 596.908734][ C0] preempt_schedule_common+0x84/0xd0 [ 596.914072][ C0] preempt_schedule+0xe1/0xf0 [ 596.918877][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 596.924302][ C0] preempt_schedule_thunk+0x1a/0x30 [ 596.929552][ C0] _raw_spin_unlock+0x3e/0x50 [ 596.934262][ C0] filemap_map_pages+0x1707/0x1e70 [ 596.939450][ C0] ? filemap_map_pages+0x24f/0x1e70 [ 596.944741][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 596.950248][ C0] ? handle_pte_fault+0x32e/0x6eb0 [ 596.955425][ C0] ? __pfx_lock_release+0x10/0x10 [ 596.960522][ C0] ? pte_offset_map_nolock+0x137/0x1f0 [ 596.966041][ C0] ? handle_pte_fault+0x21d9/0x6eb0 [ 596.971282][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 596.976783][ C0] ? handle_pte_fault+0x21d9/0x6eb0 [ 596.982033][ C0] handle_pte_fault+0x399e/0x6eb0 [ 596.987117][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 596.992281][ C0] ? __pfx_handle_pte_fault+0x10/0x10 [ 596.997715][ C0] ? follow_page_pte+0x29a/0x1ee0 [ 597.002780][ C0] ? follow_page_pte+0x83f/0x1ee0 [ 597.007863][ C0] ? __pfx_lock_release+0x10/0x10 [ 597.012938][ C0] ? count_memcg_event_mm+0x3c2/0x420 [ 597.018434][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 597.023672][ C0] ? folio_mark_accessed+0x6f6/0x11b0 [ 597.029101][ C0] handle_mm_fault+0xf70/0x1880 [ 597.034365][ C0] ? __pfx_handle_mm_fault+0x10/0x10 [ 597.039704][ C0] ? __pfx_find_vma+0x10/0x10 [ 597.044420][ C0] ? vma_is_secretmem+0xd/0x50 [ 597.049234][ C0] ? check_vma_flags+0x500/0x5a0 [ 597.054222][ C0] __get_user_pages+0x6ec/0x16a0 [ 597.059228][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 597.064660][ C0] populate_vma_page_range+0x264/0x330 [ 597.070164][ C0] ? __pfx_populate_vma_page_range+0x10/0x10 [ 597.076278][ C0] ? userfaultfd_unmap_complete+0x30c/0x360 [ 597.082218][ C0] ? do_mmap+0x961/0x1010 [ 597.086592][ C0] __mm_populate+0x27a/0x460 [ 597.091233][ C0] ? __pfx___mm_populate+0x10/0x10 [ 597.096394][ C0] vm_mmap_pgoff+0x2c3/0x3d0 [ 597.101031][ C0] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 597.106192][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 597.112574][ C0] ? do_syscall_64+0x100/0x230 [ 597.117383][ C0] ? ksys_mmap_pgoff+0xdf/0x720 [ 597.122275][ C0] ? __x64_sys_mmap+0x7f/0x140 [ 597.127098][ C0] do_syscall_64+0xf3/0x230 [ 597.131683][ C0] ? clear_bhb_loop+0x35/0x90 [ 597.136496][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.142465][ C0] RIP: 0033:0x7f581c177299 [ 597.146931][ C0] RSP: 002b:00007f581cee7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 597.155397][ C0] RAX: ffffffffffffffda RBX: 00007f581c306058 RCX: 00007f581c177299 [ 597.163414][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 597.171420][ C0] RBP: 00007f581c1e48e6 R08: ffffffffffffffff R09: 0000000000000000 [ 597.179427][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 597.187434][ C0] R13: 000000000000006e R14: 00007f581c306058 R15: 00007ffd528262c8 [ 597.195467][ C0] [ 597.198515][ C0] task:modprobe state:R running task stack:23680 pid:10219 tgid:10219 ppid:53 flags:0x00000002 [ 597.210303][ C0] Call Trace: [ 597.213608][ C0] [ 597.216571][ C0] __schedule+0x17ae/0x4a10 [ 597.221145][ C0] ? __pfx___schedule+0x10/0x10 [ 597.226051][ C0] ? preempt_schedule+0xe1/0xf0 [ 597.230941][ C0] preempt_schedule_common+0x84/0xd0 [ 597.236359][ C0] preempt_schedule+0xe1/0xf0 [ 597.241074][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 597.246501][ C0] preempt_schedule_thunk+0x1a/0x30 [ 597.251750][ C0] _raw_spin_unlock+0x3e/0x50 [ 597.256474][ C0] filemap_map_pages+0x1707/0x1e70 [ 597.261644][ C0] ? filemap_map_pages+0x24f/0x1e70 [ 597.266909][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 597.272413][ C0] ? handle_pte_fault+0x32e/0x6eb0 [ 597.277572][ C0] ? __pfx_lock_release+0x10/0x10 [ 597.282642][ C0] ? pte_offset_map_nolock+0x137/0x1f0 [ 597.288154][ C0] ? handle_pte_fault+0x21d9/0x6eb0 [ 597.293392][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 597.298897][ C0] ? handle_pte_fault+0x21d9/0x6eb0 [ 597.304150][ C0] handle_pte_fault+0x399e/0x6eb0 [ 597.309238][ C0] ? mark_lock+0x9a/0x350 [ 597.313624][ C0] ? __pfx_handle_pte_fault+0x10/0x10 [ 597.319057][ C0] ? reacquire_held_locks+0x3eb/0x690 [ 597.324465][ C0] ? lock_vma_under_rcu+0x2f9/0x6e0 [ 597.329720][ C0] ? __pfx_reacquire_held_locks+0x10/0x10 [ 597.335492][ C0] handle_mm_fault+0xf70/0x1880 [ 597.340419][ C0] ? __pfx_handle_mm_fault+0x10/0x10 [ 597.345748][ C0] ? lock_vma_under_rcu+0x592/0x6e0 [ 597.351015][ C0] ? exc_page_fault+0x113/0x8c0 [ 597.355912][ C0] exc_page_fault+0x459/0x8c0 [ 597.360642][ C0] asm_exc_page_fault+0x26/0x30 [ 597.365536][ C0] RIP: 0033:0x7f280c906321 [ 597.369979][ C0] RSP: 002b:00007ffcbb2d2688 EFLAGS: 00010206 [ 597.376084][ C0] RAX: 0000000000000000 RBX: 00007f280c8b84f8 RCX: 00007f280c99368a [ 597.384086][ C0] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 00007f280ca752f8 [ 597.392088][ C0] RBP: 00007f280c8b84f0 R08: 0000000000000000 R09: 000000000000000d [ 597.400090][ C0] R10: 00007ffcbb2d2470 R11: 0000000000000246 R12: 00007f280c8b0707 [ 597.408102][ C0] R13: 00000000000001d8 R14: 0000000000000001 R15: 0000000000000000 [ 597.416122][ C0] [ 597.419165][ C0] task:udevd state:R running task stack:24256 pid:10218 tgid:10218 ppid:4668 flags:0x00000002 [ 597.430944][ C0] Call Trace: [ 597.434251][ C0] [ 597.437214][ C0] __schedule+0x17ae/0x4a10 [ 597.441782][ C0] ? __pfx_validate_chain+0x10/0x10 [ 597.447058][ C0] ? __pfx___schedule+0x10/0x10 [ 597.451947][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 597.458070][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 597.463396][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 597.468543][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 597.474316][ C0] irqentry_exit+0x5e/0x90 [ 597.478779][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 597.484800][ C0] RIP: 0010:lock_acquire+0x264/0x550 [ 597.490124][ C0] Code: 2b 00 74 08 4c 89 f7 e8 aa e9 87 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 597.509870][ C0] RSP: 0018:ffffc90002e47400 EFLAGS: 00000206 [ 597.515982][ C0] RAX: 0000000000000001 RBX: 1ffff920005c8e8c RCX: 5701e51059ec2600 [ 597.524014][ C0] RDX: dffffc0000000000 RSI: ffffffff8beae6a0 RDI: ffffffff8c3f97c0 [ 597.532027][ C0] RBP: ffffc90002e47548 R08: ffffffff934eb807 R09: 1ffffffff269d700 [ 597.540038][ C0] R10: dffffc0000000000 R11: fffffbfff269d701 R12: 1ffff920005c8e88 [ 597.548039][ C0] R13: dffffc0000000000 R14: ffffc90002e47460 R15: 0000000000000246 [ 597.556071][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 597.561140][ C0] ? deref_stack_reg+0x1c7/0x260 [ 597.566130][ C0] ? __read_once_word_nocheck+0x9/0x20 [ 597.571630][ C0] ? deref_stack_reg+0x1c7/0x260 [ 597.576617][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 597.582808][ C0] is_bpf_text_address+0x46/0x2a0 [ 597.587874][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 597.593118][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 597.598366][ C0] ? is_module_text_address+0x128/0x190 [ 597.604057][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 597.610257][ C0] kernel_text_address+0xa7/0xe0 [ 597.615236][ C0] __kernel_text_address+0xd/0x40 [ 597.620297][ C0] unwind_get_return_address+0x5d/0xc0 [ 597.625806][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.631925][ C0] arch_stack_walk+0x125/0x1b0 [ 597.636743][ C0] stack_trace_save+0x118/0x1d0 [ 597.641645][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 597.647068][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 597.653094][ C0] kasan_save_track+0x3f/0x80 [ 597.657818][ C0] ? kasan_save_track+0x3f/0x80 [ 597.662721][ C0] ? kasan_save_free_info+0x40/0x50 [ 597.668412][ C0] ? poison_slab_object+0xe0/0x150 [ 597.673567][ C0] ? __kasan_slab_free+0x37/0x60 [ 597.678544][ C0] ? kmem_cache_free+0x145/0x350 [ 597.683531][ C0] ? __vm_area_free+0xe0/0x110 [ 597.688338][ C0] ? exit_mmap+0x645/0xc80 [ 597.692793][ C0] ? __mmput+0x115/0x380 [ 597.697074][ C0] ? exit_mm+0x220/0x310 [ 597.701352][ C0] ? do_exit+0x9b2/0x27f0 [ 597.705719][ C0] ? do_group_exit+0x207/0x2c0 [ 597.710518][ C0] ? __x64_sys_exit_group+0x3f/0x40 [ 597.715755][ C0] ? x64_sys_call+0x26c3/0x26d0 [ 597.720646][ C0] ? do_syscall_64+0xf3/0x230 [ 597.725380][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.731552][ C0] ? __vm_area_free+0xe0/0x110 [ 597.736351][ C0] kasan_save_free_info+0x40/0x50 [ 597.741420][ C0] poison_slab_object+0xe0/0x150 [ 597.746414][ C0] ? __vm_area_free+0xe0/0x110 [ 597.751237][ C0] __kasan_slab_free+0x37/0x60 [ 597.756051][ C0] kmem_cache_free+0x145/0x350 [ 597.760872][ C0] __vm_area_free+0xe0/0x110 [ 597.765507][ C0] exit_mmap+0x645/0xc80 [ 597.769803][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 597.774610][ C0] ? __asan_memset+0x23/0x50 [ 597.779260][ C0] ? uprobe_clear_state+0x277/0x290 [ 597.784501][ C0] ? mm_update_next_owner+0xa2/0x8a0 [ 597.789821][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 597.795065][ C0] __mmput+0x115/0x380 [ 597.799178][ C0] exit_mm+0x220/0x310 [ 597.803287][ C0] ? __pfx_exit_mm+0x10/0x10 [ 597.807908][ C0] ? taskstats_exit+0x326/0xa60 [ 597.812805][ C0] do_exit+0x9b2/0x27f0 [ 597.817009][ C0] ? __pfx_do_exit+0x10/0x10 [ 597.821646][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 597.827765][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 597.834142][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 597.839381][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 597.844627][ C0] do_group_exit+0x207/0x2c0 [ 597.849261][ C0] __x64_sys_exit_group+0x3f/0x40 [ 597.854322][ C0] x64_sys_call+0x26c3/0x26d0 [ 597.859044][ C0] do_syscall_64+0xf3/0x230 [ 597.863592][ C0] ? clear_bhb_loop+0x35/0x90 [ 597.868323][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.874260][ C0] RIP: 0033:0x7f153c8fca90 [ 597.878707][ C0] RSP: 002b:00007ffc9116a738 EFLAGS: 00000202 ORIG_RAX: 00000000000000e7 [ 597.887250][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f153c8fca90 [ 597.895253][ C0] RDX: 00000000000000e7 RSI: 000000000000003c RDI: 0000000000000000 [ 597.903259][ C0] RBP: 0000000000000000 R08: 0000000000000007 R09: e3c3218e7edb2291 [ 597.911263][ C0] R10: 00000000ffffffff R11: 0000000000000202 R12: 000055bf77712a80 [ 597.919268][ C0] R13: 00007ffc9116a778 R14: 0000000000000001 R15: 000055bf77708910 [ 597.927289][ C0] [ 597.930338][ C0] task:syz-executor state:R running task stack:20560 pid:8051 tgid:8051 ppid:8028 flags:0x00000000 [ 597.942119][ C0] Call Trace: [ 597.945449][ C0] [ 597.948416][ C0] __schedule+0x17ae/0x4a10 [ 597.952976][ C0] ? validate_chain+0x51/0x5900 [ 597.957875][ C0] ? __pfx___schedule+0x10/0x10 [ 597.962771][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 597.968806][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 597.974139][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 597.979292][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 597.985080][ C0] irqentry_exit+0x5e/0x90 [ 597.989542][ C0] asm_common_interrupt+0x26/0x40 [ 597.994614][ C0] RIP: 0010:lock_release+0x5/0xa30 [ 597.999767][ C0] Code: 8f e8 df c4 87 00 e9 f1 f5 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec 00 01 00 [ 598.019410][ C0] RSP: 0018:ffffc90008d2f3b0 EFLAGS: 00000246 [ 598.025525][ C0] RAX: ffffffff81a22c00 RBX: 0000000000000000 RCX: ffff8880667b5a00 [ 598.033530][ C0] RDX: 0000000000000000 RSI: ffffffff81a22ab6 RDI: ffffffff8e737660 [ 598.041537][ C0] RBP: 0000000000000000 R08: ffffffff81a22c84 R09: 1ffffffff269d700 [ 598.049541][ C0] R10: dffffc0000000000 R11: fffffbfff269d701 R12: ffffffffa0001ae0 [ 598.057750][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 00007fab7ed76b91 [ 598.065760][ C0] ? 0xffffffffa0001ae0 [ 598.069971][ C0] ? is_bpf_text_address+0x1f4/0x2a0 [ 598.075313][ C0] ? is_bpf_text_address+0x170/0x2a0 [ 598.080652][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 598.085904][ C0] is_bpf_text_address+0x280/0x2a0 [ 598.091064][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 598.096307][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 598.102506][ C0] kernel_text_address+0xa7/0xe0 [ 598.107494][ C0] __kernel_text_address+0xd/0x40 [ 598.112566][ C0] unwind_get_return_address+0x5d/0xc0 [ 598.118074][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.124189][ C0] arch_stack_walk+0x125/0x1b0 [ 598.129008][ C0] stack_trace_save+0x118/0x1d0 [ 598.133978][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 598.139406][ C0] kasan_save_track+0x3f/0x80 [ 598.144119][ C0] ? kasan_save_track+0x3f/0x80 [ 598.149011][ C0] ? __kasan_slab_alloc+0x66/0x80 [ 598.154077][ C0] ? kmem_cache_alloc_noprof+0x135/0x2a0 [ 598.159755][ C0] ? security_file_alloc+0x28/0x130 [ 598.165086][ C0] ? init_file+0x99/0x200 [ 598.169457][ C0] ? alloc_empty_file+0xb8/0x1d0 [ 598.174437][ C0] ? path_openat+0x105/0x3470 [ 598.179148][ C0] ? do_filp_open+0x235/0x490 [ 598.184117][ C0] ? do_sys_openat2+0x13e/0x1d0 [ 598.189010][ C0] ? __x64_sys_openat+0x247/0x2a0 [ 598.194074][ C0] ? do_syscall_64+0xf3/0x230 [ 598.198801][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.205139][ C0] __kasan_slab_alloc+0x66/0x80 [ 598.210034][ C0] ? security_file_alloc+0x28/0x130 [ 598.215278][ C0] kmem_cache_alloc_noprof+0x135/0x2a0 [ 598.220797][ C0] security_file_alloc+0x28/0x130 [ 598.225868][ C0] init_file+0x99/0x200 [ 598.230094][ C0] alloc_empty_file+0xb8/0x1d0 [ 598.234944][ C0] path_openat+0x105/0x3470 [ 598.239505][ C0] ? mark_lock+0x9a/0x350 [ 598.243892][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 598.249321][ C0] ? __lock_acquire+0x137a/0x2040 [ 598.254415][ C0] ? __lock_acquire+0x137a/0x2040 [ 598.259502][ C0] ? __pfx_path_openat+0x10/0x10 [ 598.264522][ C0] do_filp_open+0x235/0x490 [ 598.269073][ C0] ? __pfx_do_filp_open+0x10/0x10 [ 598.274169][ C0] ? _raw_spin_unlock+0x28/0x50 [ 598.279065][ C0] ? alloc_fd+0x5a1/0x640 [ 598.283446][ C0] do_sys_openat2+0x13e/0x1d0 [ 598.288179][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 598.293415][ C0] ? kasan_quarantine_put+0xdc/0x230 [ 598.298795][ C0] ? __pfx_path_umount+0x10/0x10 [ 598.303772][ C0] __x64_sys_openat+0x247/0x2a0 [ 598.308675][ C0] ? __pfx___x64_sys_openat+0x10/0x10 [ 598.314098][ C0] ? do_syscall_64+0x100/0x230 [ 598.318912][ C0] ? do_syscall_64+0xb6/0x230 [ 598.323635][ C0] do_syscall_64+0xf3/0x230 [ 598.328185][ C0] ? clear_bhb_loop+0x35/0x90 [ 598.332911][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.338852][ C0] RIP: 0033:0x7fab7ed76b91 [ 598.343303][ C0] RSP: 002b:00007fffd6c39500 EFLAGS: 00000287 ORIG_RAX: 0000000000000101 [ 598.351756][ C0] RAX: ffffffffffffffda RBX: 00007fab7ede4784 RCX: 00007fab7ed76b91 [ 598.359758][ C0] RDX: 0000000000090800 RSI: 00007fffd6c3a6a0 RDI: 00000000ffffff9c [ 598.367765][ C0] RBP: 00007fffd6c3a68c R08: 0000000000000000 R09: 7fffffffffffffff [ 598.375770][ C0] R10: 0000000000000000 R11: 0000000000000287 R12: 00007fffd6c3a6a0 [ 598.384207][ C0] R13: 00007fab7ede4784 R14: 000000000007744e R15: 00007fffd6c3a6e0 [ 598.392316][ C0] [ 598.395378][ C0] rcu: rcu_preempt kthread starved for 10653 jiffies! g38845 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 598.406608][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 598.416619][ C0] rcu: RCU grace-period kthread stack dump: [ 598.422533][ C0] task:rcu_preempt state:R running task stack:26448 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 598.434332][ C0] Call Trace: [ 598.437640][ C0] [ 598.440605][ C0] __schedule+0x17ae/0x4a10 [ 598.445172][ C0] ? __pfx___schedule+0x10/0x10 [ 598.450064][ C0] ? __pfx_lock_release+0x10/0x10 [ 598.455124][ C0] ? __asan_memset+0x23/0x50 [ 598.459750][ C0] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 598.465604][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 598.472097][ C0] ? schedule+0x90/0x320 [ 598.476375][ C0] schedule+0x14b/0x320 [ 598.480569][ C0] schedule_timeout+0x1be/0x310 [ 598.485455][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 598.490868][ C0] ? __pfx_process_timeout+0x10/0x10 [ 598.496208][ C0] ? prepare_to_swait_event+0x32e/0x350 [ 598.501824][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 598.506718][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 598.512047][ C0] ? rcu_gp_init+0x1256/0x1630 [ 598.516857][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 598.521830][ C0] ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10 [ 598.527943][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 598.533281][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 598.539239][ C0] ? finish_swait+0xd4/0x1e0 [ 598.543883][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 598.548523][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 598.553878][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 598.559826][ C0] ? __kthread_parkme+0x169/0x1d0 [ 598.564905][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 598.570150][ C0] kthread+0x2f0/0x390 [ 598.574260][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 598.579497][ C0] ? __pfx_kthread+0x10/0x10 [ 598.584123][ C0] ret_from_fork+0x4b/0x80 [ 598.588584][ C0] ? __pfx_kthread+0x10/0x10 [ 598.593241][ C0] ret_from_fork_asm+0x1a/0x30 [ 598.598070][ C0] [ 598.601113][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 598.607489][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 598.617504][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 598.627605][ C0] RIP: 0010:acpi_safe_halt+0x21/0x30 [ 598.632951][ C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 00 d7 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d e5 3e 9c 00 f3 0f 1e fa fb f4 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 [ 598.652690][ C0] RSP: 0018:ffffffff8e407ca8 EFLAGS: 00000246 [ 598.658797][ C0] RAX: ffffffff8e494680 RBX: ffff88801b2ff064 RCX: 0000000000438749 [ 598.666889][ C0] RDX: 0000000000000001 RSI: ffff88801b2ff000 RDI: ffff88801b2ff064 [ 598.674893][ C0] RBP: 000000000003a678 R08: ffff8880b9237c7b R09: 1ffff11017246f8f [ 598.682898][ C0] R10: dffffc0000000000 R11: ffffffff8bad0790 R12: ffff88801cbbb000 [ 598.690903][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8eec8ee0 [ 598.698915][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 598.707877][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 598.714489][ C0] CR2: 00007f280c906321 CR3: 000000006bd4a000 CR4: 00000000003526f0 [ 598.722495][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 598.730495][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 598.738582][ C0] Call Trace: [ 598.741886][ C0] [ 598.744756][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 598.751139][ C0] ? print_other_cpu_stall+0x1470/0x15a0 [ 598.756828][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 598.762680][ C0] ? seqcount_lockdep_reader_access+0x1c6/0x220 [ 598.768976][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 598.775263][ C0] ? rcu_sched_clock_irq+0xa2c/0x10d0 [ 598.780697][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 598.786375][ C0] ? hrtimer_run_queues+0x16c/0x460 [ 598.791615][ C0] ? update_process_times+0x1ce/0x230 [ 598.797038][ C0] ? tick_nohz_handler+0x37c/0x500 [ 598.802187][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 598.807681][ C0] ? __hrtimer_run_queues+0x551/0xd50 [ 598.813087][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 598.819126][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 598.824880][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 598.830998][ C0] ? hrtimer_interrupt+0x396/0x990 [ 598.836171][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 598.842374][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 598.848221][ C0] [ 598.851179][ C0] [ 598.854155][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 598.860368][ C0] ? __pfx_acpi_idle_enter+0x10/0x10 [ 598.865716][ C0] ? acpi_safe_halt+0x21/0x30 [ 598.870445][ C0] acpi_idle_enter+0xe4/0x140 [ 598.875174][ C0] cpuidle_enter_state+0x112/0x480 [ 598.880337][ C0] ? __pfx_menu_select+0x10/0x10 [ 598.885314][ C0] cpuidle_enter+0x5d/0xa0 [ 598.889803][ C0] do_idle+0x375/0x5d0 [ 598.893919][ C0] ? __pfx_do_idle+0x10/0x10 [ 598.898542][ C0] ? default_enter_idle+0x20/0x2b [ 598.903625][ C0] ? rest_init+0x31/0x300 [ 598.908001][ C0] cpu_startup_entry+0x42/0x60 [ 598.912802][ C0] rest_init+0x2dc/0x300 [ 598.917088][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 598.922671][ C0] start_kernel+0x47a/0x500 [ 598.927221][ C0] x86_64_start_reservations+0x2a/0x30 [ 598.932799][ C0] x86_64_start_kernel+0x9f/0xa0 [ 598.937771][ C0] common_startup_64+0x13e/0x147 [ 598.942850][ C0]