last executing test programs: 4.155480924s ago: executing program 3 (id=6502): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014001900b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0) sendmsg$tipc(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0) sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f00000001c0), 0x4) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) 3.983556458s ago: executing program 3 (id=6506): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) creat(&(0x7f0000000200)='./file0\x00', 0x10a) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0) 3.925226105s ago: executing program 3 (id=6507): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f00000001c0)=@raw=[@call={0x85, 0x0, 0x0, 0xc8}, @exit], 0x0, 0x2, 0xe5, &(0x7f0000000000)=""/229, 0x0, 0x11}, 0x90) 3.65916211s ago: executing program 3 (id=6512): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18030000fffffffb000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000d000000b7020000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000001200)='signal_generate\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSSOFTCAR(r3, 0x5453, 0x0) 3.363653249s ago: executing program 3 (id=6516): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="180200000200ff0000000000000000008500000041000000850000000e0000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000040), &(0x7f0000000440)=""/183}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x22) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r1, 0x0, &(0x7f0000000280)=""/239}, 0x20) r4 = socket$inet_tcp(0x2, 0x1, 0x0) unlink(&(0x7f0000000100)='./file0\x00') bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = socket$key(0xf, 0x3, 0x2) socket$key(0xf, 0x3, 0x2) sendmsg$key(r6, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0x4e21, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, 0x3, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_CONFIG(r7, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={0x0}}, 0x0) sendto$inet(r4, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10) shutdown(r4, 0x1) recvmsg(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x2) 3.167016059s ago: executing program 4 (id=6518): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x80003, 0x6) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000140)=@broute={'broute\x00', 0x20, 0x2, 0x330, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x2, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000900000000000000001ec14b000000000000000000000000000000000002000000000000feffffff0100000019000000000000000000726f7365300000000000000000000000726f736530000000cc000000000000007465616d5f736c6176655f310000000064756d6d7930000000000000721400000180c2000000000000000000ffffffffffff0000000000000000d00000000801000038010000706b74747970650000000000000000000000000000000000000000000000000008000000000000000000000000000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000ddffffff000000007265645b7265637400000000396c27db39b2eedb0000000000000000000000000800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff01000000030000000000000080357665746831000000000000000000000074756e6c30000000000000000000000074756e6c300000000025000000000000006c616e300000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa0000000000000000000001000000010000380100006367726f757000000000000000000000000000000000000000000000000000000800000000000000000000000000000061727000000000000000000000000000000000000000000000000000000000003800000000000000000000000000000000000000000000007f0000010000000072ce35f34121000000000000000000000000000000000000eaffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000fdffffff00000000"]}, 0x3a8) 2.848600354s ago: executing program 4 (id=6520): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2.655058296s ago: executing program 1 (id=6525): getsockname(0xffffffffffffffff, 0x0, &(0x7f0000000040)) 2.514242367s ago: executing program 1 (id=6527): bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmsg$alg(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@assoc={0x18, 0x117, 0x4, 0xb4}], 0x18}, 0x8000) sendmmsg$alg(r0, &(0x7f0000001980)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000002c0)="81f6a308bb0b1bccb7b1d2a56bac0a60835f1be99ca24a8ad7b5ce8e80d4305e6265f1974c10fe6f368f82f29d152856a03cfff0cf5a3a3edef72911dcfb287f6339c1dba0c28be230508f36e635f8221f4ae8b2930cbc774379574e6a54a6c703137b4d993b883c053fb54f3339b9666b11c5876bae982cabdad32b1a14f3198084351522e8b34be97744394b195acc5e00b91b0dfc022e82968cb82aadcecb52cb0f9a34599b5d888a1d42613d450b7b6f7744c7a2c87dc1fa8283903f31046ec7af7c", 0xc4}], 0x1}], 0x1, 0x4000800) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002540)=[{&(0x7f0000000240)=""/117, 0x75}, {&(0x7f0000000100)=""/98, 0x62}], 0x2}, 0x0) 2.337776716s ago: executing program 0 (id=6530): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000014c0)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x10, 0x0}, @in6=@loopback, 0x1, 0x0, 0x0, 0x0, 0x2}, {@in, 0x4d2, 0xff}, @in6=@loopback, {}, {0x0, 0x2}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0xaf}}, 0xf0}}, 0x0) 2.326837407s ago: executing program 1 (id=6531): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r1, &(0x7f0000000200)=""/209, 0xd1) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @tick, 0x0, {0x0, 0xfe}, 0x0, 0x2, 0xfd}) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, 0x0) tkill(r0, 0x7) 2.135148732s ago: executing program 0 (id=6532): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') r3 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r3, r2, 0x0, 0x80000000) 2.019682527s ago: executing program 0 (id=6534): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) 1.8954381s ago: executing program 1 (id=6536): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r2, 0x20000005) r3 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c) 1.891185337s ago: executing program 4 (id=6537): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x103081, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) close(r0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r6}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x40) syz_emit_ethernet(0x5e, &(0x7f0000000340)=ANY=[], 0x0) 1.777085584s ago: executing program 2 (id=6538): getsockname(0xffffffffffffffff, 0x0, &(0x7f0000000040)) 1.726508634s ago: executing program 0 (id=6539): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0xffff, 0x2, 0x200, 0xef, 0x6, 0xf33, 0x5, 0x1ff}, &(0x7f0000000340)=0x20) 1.676702789s ago: executing program 1 (id=6540): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, 0x0, 0xffffffffffffffd4) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r6 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r6, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008000f0fffeffe809000000fff5dd0000001000010003030800418e00000004fcff", 0x58}], 0x1) 1.629299733s ago: executing program 4 (id=6541): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@assoc={0x18, 0x117, 0x4, 0xb4}], 0x18}, 0x8000) sendmmsg$alg(r1, &(0x7f0000001980)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000002c0)="81f6a308bb0b1bccb7b1d2a56bac0a60835f1be99ca24a8ad7b5ce8e80d4305e6265f1974c10fe6f368f82f29d152856a03cfff0cf5a3a3edef72911dcfb287f6339c1dba0c28be230508f36e635f8221f4ae8b2930cbc774379574e6a54a6c703137b4d993b883c053fb54f3339b9666b11c5876bae982cabdad32b1a14f3198084351522e8b34be97744394b195acc5e00b91b0dfc022e82968cb82aadcecb52cb0f9a34599b5d888a1d42613d450b7b6f7744c7a2c87dc1fa8283903f31046ec7af7c", 0xc4}], 0x1}], 0x1, 0x4000800) recvmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002540)=[{&(0x7f0000000240)=""/117, 0x75}, {&(0x7f0000000100)=""/98, 0x62}], 0x2}, 0x0) 1.531505285s ago: executing program 2 (id=6542): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = getpgrp(0x0) syz_pidfd_open(r1, 0x0) 1.531273396s ago: executing program 0 (id=6543): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0xe, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @sadb_address={0x3, 0x6}, @sadb_x_sec_ctx={0x1}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast2, @in=@empty}}]}, 0x88}}, 0x0) 1.406492495s ago: executing program 4 (id=6544): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002900)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x6}, @TCA_TBF_PARMS={0x28, 0x1, {{0x2, 0x2, 0x9, 0x7, 0x1, 0x7f}, {0x3, 0x0, 0x6, 0x7, 0x4, 0x8000}, 0x7, 0x9, 0x12f1}}]}}]}, 0x60}}, 0x0) 1.356963466s ago: executing program 2 (id=6545): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) request_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000180)='-\x00', 0xffffffffffffffff) 431.542895ms ago: executing program 2 (id=6546): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x44, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) fdatasync(0xffffffffffffffff) 431.184006ms ago: executing program 4 (id=6547): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x3}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f00000004c0)='X', 0x1, 0x20000080, 0x0, 0x0) write$binfmt_elf32(r2, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x2, 0x9, 0xf, 0x5, 0x3, 0x6, 0x3, 0x35a, 0x38, 0x1bb, 0x9, 0x1b, 0x20, 0x1, 0xbfaf, 0x8, 0xfff5}, [{0x70000000, 0x6, 0x6, 0x5, 0x4, 0x100, 0x1, 0x3}]}, 0x58) sendto$inet6(r2, &(0x7f0000000040)="93", 0x34000, 0x0, 0x0, 0x44) 298.477737ms ago: executing program 2 (id=6548): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f00000001c0)=@raw=[@call={0x85, 0x0, 0x0, 0xc8}, @exit], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x11}, 0x90) 244.979925ms ago: executing program 1 (id=6549): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000380)=@generic={&(0x7f0000000300)='./file0\x00', r1}, 0x18) 103.635156ms ago: executing program 0 (id=6550): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@struct={0x5, 0x0, 0x0, 0xf, 0x0, 0x1000000}]}, {0x0, [0x5f, 0x0, 0x0, 0x0]}}, 0x0, 0x2a, 0x0, 0xa}, 0x20) 35.765244ms ago: executing program 3 (id=6551): openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x3500000000000000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0200002000"}) 0s ago: executing program 2 (id=6552): r0 = socket$phonet(0x23, 0x2, 0x1) getsockname(r0, 0x0, 0x0) kernel console output (not intermixed with test programs): =0x7f01a057cef9 code=0x7ffc0000 [ 2895.776679][ T29] audit: type=1326 audit(1725515884.159:3448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2895.803850][T20264] usb 1-1: new high-speed USB device number 64 using dummy_hcd [ 2895.842779][ T29] audit: type=1326 audit(1725515884.189:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2895.916474][ T29] audit: type=1326 audit(1725515884.199:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2895.970370][ T29] audit: type=1326 audit(1725515884.199:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2895.992123][ C1] vkms_vblank_simulate: vblank timer overrun [ 2895.994236][T20264] usb 1-1: Using ep0 maxpacket: 8 [ 2896.053515][T20264] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2896.089057][ T29] audit: type=1326 audit(1725515884.199:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2896.117743][T20264] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2896.140567][T20264] usb 1-1: Product: syz [ 2896.152095][T20264] usb 1-1: Manufacturer: syz [ 2896.158207][T20264] usb 1-1: SerialNumber: syz [ 2896.177401][T20264] usb 1-1: config 0 descriptor?? [ 2896.189494][T20264] gspca_main: se401-2.14.0 probing 047d:5003 [ 2896.254237][ T29] audit: type=1326 audit(1725515884.199:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2896.364057][ T29] audit: type=1326 audit(1725515884.199:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2896.405591][ T29] audit: type=1326 audit(1725515884.199:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2896.473964][ T29] audit: type=1326 audit(1725515884.199:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26069 comm="syz.2.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2896.671809][T20264] gspca_se401: Wrong descriptor type [ 2897.281779][T26092] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2897.298830][T26068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2897.315904][T26068] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2897.387857][T20262] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 2897.419061][T26068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2897.432365][T26068] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2897.456010][T10531] usb 1-1: USB disconnect, device number 64 [ 2897.584445][T20262] usb 5-1: Using ep0 maxpacket: 8 [ 2897.615731][T20262] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2898.055970][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 2898.069205][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 2898.356326][T20262] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2898.384081][T20262] usb 5-1: Product: syz [ 2898.389069][T20262] usb 5-1: Manufacturer: syz [ 2898.394331][T20262] usb 5-1: SerialNumber: syz [ 2898.401867][T20262] usb 5-1: config 0 descriptor?? [ 2898.453370][T20262] gspca_main: se401-2.14.0 probing 047d:5003 [ 2898.587542][T26108] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6046'. [ 2898.598829][T26108] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6046'. [ 2898.762951][T26113] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6050'. [ 2899.021895][T20262] gspca_se401: Wrong descriptor type [ 2899.074045][T10531] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 2899.233288][T26077] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2899.244947][T26077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2899.255530][T26077] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2899.266988][T26077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2899.284102][T10531] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2899.305925][T10531] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2899.310941][T26077] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2899.336422][T10531] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2899.369260][T10531] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2899.418988][T10531] usb 4-1: config 0 descriptor?? [ 2899.453344][T20264] usb 5-1: USB disconnect, device number 94 [ 2900.690401][T10531] arvo 0003:1E7D:30D4.0057: unknown main item tag 0x0 [ 2900.702868][T10531] arvo 0003:1E7D:30D4.0057: unknown main item tag 0x0 [ 2900.713579][T10531] arvo 0003:1E7D:30D4.0057: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0 [ 2901.914062][T20247] usb 5-1: new high-speed USB device number 95 using dummy_hcd [ 2901.942760][T26154] fuse: Bad value for 'fd' [ 2902.234946][T20247] usb 5-1: Using ep0 maxpacket: 8 [ 2903.362266][T20247] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2903.377422][T20264] usb 4-1: USB disconnect, device number 110 [ 2903.386495][T20247] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2903.416836][T20247] usb 5-1: Product: syz [ 2903.421214][T20247] usb 5-1: Manufacturer: syz [ 2903.426702][T20247] usb 5-1: SerialNumber: syz [ 2903.455384][T20247] usb 5-1: config 0 descriptor?? [ 2903.466286][T20247] gspca_main: se401-2.14.0 probing 047d:5003 [ 2903.813286][T26164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6064'. [ 2903.874847][T26164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6064'. [ 2903.899501][T20247] gspca_se401: Wrong descriptor type [ 2904.025520][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 2904.025542][ T29] audit: type=1326 audit(1725515892.659:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.103445][T26149] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2904.122744][T26149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2904.143460][ T29] audit: type=1326 audit(1725515892.659:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.231978][T26149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2904.277590][T26149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2904.293728][ T29] audit: type=1326 audit(1725515892.659:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.390084][T26149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2904.403841][ T29] audit: type=1326 audit(1725515892.659:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.471890][T26171] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6066'. [ 2904.490040][ T58] usb 5-1: USB disconnect, device number 95 [ 2904.528704][ T29] audit: type=1326 audit(1725515892.659:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.596781][ T29] audit: type=1326 audit(1725515892.659:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.662276][ T29] audit: type=1326 audit(1725515892.659:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.767501][ T29] audit: type=1326 audit(1725515892.659:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2904.946992][ T29] audit: type=1326 audit(1725515892.659:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2905.020828][ T29] audit: type=1326 audit(1725515892.689:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26165 comm="syz.1.6065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2905.884370][ T58] usb 2-1: new high-speed USB device number 122 using dummy_hcd [ 2905.892360][T10531] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 2906.097399][T26200] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6076'. [ 2906.284105][T26200] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6076'. [ 2906.284959][ T58] usb 2-1: Using ep0 maxpacket: 8 [ 2906.311563][T10531] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2906.333457][T10531] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2906.390243][T10531] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2907.329647][T10531] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2907.353159][T10531] usb 1-1: config 0 descriptor?? [ 2907.366105][ T58] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2907.666243][ T58] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2907.960110][ T58] usb 2-1: Product: syz [ 2907.965546][ T58] usb 2-1: Manufacturer: syz [ 2907.970257][ T58] usb 2-1: SerialNumber: syz [ 2907.979618][ T58] usb 2-1: config 0 descriptor?? [ 2907.989601][ T58] gspca_main: se401-2.14.0 probing 047d:5003 [ 2909.091346][T10531] arvo 0003:1E7D:30D4.0058: unknown main item tag 0x0 [ 2909.111203][T10531] arvo 0003:1E7D:30D4.0058: unknown main item tag 0x0 [ 2909.127313][T10531] arvo 0003:1E7D:30D4.0058: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.0-1/input0 [ 2909.514288][T26224] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6082'. [ 2909.908450][T26231] fuse: Bad value for 'fd' [ 2910.120458][ T58] gspca_se401: read req failed req 0x06 error -19 [ 2915.416130][T10531] usb 1-1: USB disconnect, device number 65 [ 2915.430031][ T58] usb 2-1: USB disconnect, device number 122 [ 2915.902409][T26238] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6088'. [ 2915.926540][T26238] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6088'. [ 2916.246407][ T29] kauditd_printk_skb: 52 callbacks suppressed [ 2916.246428][ T29] audit: type=1326 audit(1725515904.879:3573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2916.317033][ T29] audit: type=1326 audit(1725515904.879:3574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2916.466287][ T29] audit: type=1326 audit(1725515904.909:3575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2916.566962][ T29] audit: type=1326 audit(1725515904.909:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2916.696000][T25161] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 2916.711160][T25161] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 2916.737137][T25161] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 2916.750777][ T29] audit: type=1326 audit(1725515904.909:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2916.814588][T25161] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 2916.827119][T25161] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 2916.841549][T25161] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 2917.047157][ T29] audit: type=1326 audit(1725515904.909:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2917.167309][ T29] audit: type=1326 audit(1725515904.939:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2917.214128][ T29] audit: type=1326 audit(1725515904.939:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2917.324964][ T29] audit: type=1326 audit(1725515904.939:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2917.421087][ T29] audit: type=1326 audit(1725515905.029:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26243 comm="syz.1.6091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2918.452240][ T5497] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2919.016989][T19040] Bluetooth: hci5: command tx timeout [ 2919.833399][T26275] fuse: Bad value for 'fd' [ 2920.755841][ T5497] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2921.006765][ T5497] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2921.095389][T19040] Bluetooth: hci5: command tx timeout [ 2921.202484][ T5497] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2921.500125][T26247] chnl_net:caif_netlink_parms(): no params data found [ 2921.607081][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 2921.607103][ T29] audit: type=1326 audit(1725515910.239:3604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2921.844035][ T29] audit: type=1326 audit(1725515910.239:3605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2926.695298][T26294] No such timeout policy "syz0" [ 2926.772964][ T29] audit: type=1326 audit(1725515910.279:3606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2926.813837][T19040] Bluetooth: hci5: command tx timeout [ 2926.855428][ T5497] bridge_slave_1: left allmulticast mode [ 2926.871715][ T29] audit: type=1326 audit(1725515910.279:3607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.023922][ T5497] bridge_slave_1: left promiscuous mode [ 2927.053176][ T5497] bridge0: port 2(bridge_slave_1) entered disabled state [ 2927.104267][ T29] audit: type=1326 audit(1725515910.279:3608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.126688][ T29] audit: type=1326 audit(1725515910.279:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.149575][ T29] audit: type=1326 audit(1725515910.279:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.171777][ T29] audit: type=1326 audit(1725515910.279:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.198805][ T29] audit: type=1326 audit(1725515910.279:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.225724][ T29] audit: type=1326 audit(1725515910.279:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.249619][ T5497] bridge_slave_0: left allmulticast mode [ 2927.264179][ T29] audit: type=1326 audit(1725515910.279:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.273258][ T5497] bridge_slave_0: left promiscuous mode [ 2927.296426][ T29] audit: type=1326 audit(1725515910.279:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26288 comm="syz.1.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7fc15797cef9 code=0x7ffc0000 [ 2927.330779][ T5497] bridge0: port 1(bridge_slave_0) entered disabled state [ 2927.625000][ T58] usb 2-1: new high-speed USB device number 123 using dummy_hcd [ 2927.787197][T26307] fuse: Bad value for 'fd' [ 2927.949985][ T58] usb 2-1: Using ep0 maxpacket: 8 [ 2928.844089][T19040] Bluetooth: hci5: command tx timeout [ 2930.874576][ T58] usb 2-1: device descriptor read/all, error -71 [ 2932.047998][T25161] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2932.080023][T25161] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2932.091022][T25161] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2932.114311][T25161] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2932.123867][T25161] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 2932.131328][T25161] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2932.425746][ T5497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2932.442801][ T5497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2932.464690][ T5497] bond0 (unregistering): Released all slaves [ 2932.884181][ T8] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 2932.956728][T26247] bridge0: port 1(bridge_slave_0) entered blocking state [ 2932.973741][T26247] bridge0: port 1(bridge_slave_0) entered disabled state [ 2932.981167][T26247] bridge_slave_0: entered allmulticast mode [ 2932.990121][T26247] bridge_slave_0: entered promiscuous mode [ 2933.064211][T26247] bridge0: port 2(bridge_slave_1) entered blocking state [ 2933.072325][T26247] bridge0: port 2(bridge_slave_1) entered disabled state [ 2933.080204][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 2933.086258][T26247] bridge_slave_1: entered allmulticast mode [ 2933.104092][T26247] bridge_slave_1: entered promiscuous mode [ 2933.112617][ T8] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2933.132360][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2933.145924][ T8] usb 4-1: Product: syz [ 2933.150212][ T8] usb 4-1: Manufacturer: syz [ 2933.157217][ T8] usb 4-1: SerialNumber: syz [ 2933.185322][ T8] usb 4-1: config 0 descriptor?? [ 2933.210618][ T8] gspca_main: se401-2.14.0 probing 047d:5003 [ 2933.311148][ T5497] hsr_slave_0: left promiscuous mode [ 2933.323341][ T5497] hsr_slave_1: left promiscuous mode [ 2933.332944][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2933.351925][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2933.363304][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2933.382490][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2933.431280][ T5497] veth1_macvtap: left promiscuous mode [ 2933.437445][ T5497] veth0_macvtap: left promiscuous mode [ 2933.451565][ T5497] veth1_vlan: left promiscuous mode [ 2933.457585][ T5497] veth0_vlan: left promiscuous mode [ 2933.636441][ T8] gspca_se401: Wrong descriptor type [ 2933.979866][T26319] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2934.017153][T26319] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2934.082218][T26319] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2934.165093][T26319] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2934.185935][T26319] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2934.232058][T25161] Bluetooth: hci2: command tx timeout [ 2934.277249][ T8] usb 4-1: USB disconnect, device number 111 [ 2935.193783][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 2935.193805][ T29] audit: type=1326 audit(1725515923.809:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.253010][ T29] audit: type=1326 audit(1725515923.809:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.311582][ T29] audit: type=1326 audit(1725515923.809:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.373211][ T29] audit: type=1326 audit(1725515923.819:3637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.431125][ T29] audit: type=1326 audit(1725515923.819:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.473835][ T29] audit: type=1326 audit(1725515923.819:3639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.496161][ T29] audit: type=1326 audit(1725515923.819:3640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.600842][ T5497] team0 (unregistering): Port device team_slave_1 removed [ 2935.677395][ T29] audit: type=1326 audit(1725515923.819:3641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.719664][ T29] audit: type=1326 audit(1725515923.819:3642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.848534][ T29] audit: type=1326 audit(1725515923.819:3643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26334 comm="syz.3.6115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2935.915984][ T5497] team0 (unregistering): Port device team_slave_0 removed [ 2936.363706][T25161] Bluetooth: hci2: command tx timeout [ 2936.806784][T26343] No such timeout policy "syz0" [ 2937.099403][ T5322] usb 4-1: new high-speed USB device number 112 using dummy_hcd [ 2937.408585][ T5322] usb 4-1: Using ep0 maxpacket: 8 [ 2937.420801][ T5322] usb 4-1: config index 0 descriptor too short (expected 6427, got 27) [ 2937.454131][ T5322] usb 4-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2937.462893][ T5322] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2937.524422][ T5322] usb 4-1: config 0 has no interface number 0 [ 2937.540911][ T5322] usb 4-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2937.598573][ T5322] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2937.628783][ T5322] usb 4-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2937.662869][ T5322] usb 4-1: Product: syz [ 2937.667375][ T5322] usb 4-1: Manufacturer: syz [ 2937.701147][ T5322] usb 4-1: config 0 descriptor?? [ 2938.015292][ T5322] usb 4-1: USB disconnect, device number 112 [ 2938.363075][T26247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2938.453996][T25161] Bluetooth: hci2: command tx timeout [ 2939.366187][T26247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2940.295086][T26354] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR [ 2940.330372][T26247] team0: Port device team_slave_0 added [ 2940.484883][T26247] team0: Port device team_slave_1 added [ 2940.523995][T25161] Bluetooth: hci2: command tx timeout [ 2940.598570][T26247] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2940.631792][T26247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2940.688429][T26247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2940.728271][T26247] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2940.750194][T26247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2940.801436][T26247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2941.207357][T26369] No such timeout policy "syz0" [ 2943.546177][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 2943.546199][ T29] audit: type=1326 audit(1725515931.989:3664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2944.174516][ T29] audit: type=1326 audit(1725515931.989:3665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2944.531903][ T29] audit: type=1326 audit(1725515931.989:3666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2944.563764][ T29] audit: type=1326 audit(1725515931.989:3667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2944.563765][ T58] usb 3-1: new high-speed USB device number 100 using dummy_hcd [ 2944.609396][T26247] hsr_slave_0: entered promiscuous mode [ 2944.809654][ T29] audit: type=1326 audit(1725515931.989:3668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2944.844235][T26247] hsr_slave_1: entered promiscuous mode [ 2944.850324][ T29] audit: type=1326 audit(1725515931.989:3669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2944.879811][T26247] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2944.982354][T26380] No such timeout policy "syz0" [ 2945.082745][T26247] Cannot create hsr debugfs directory [ 2945.490468][ T29] audit: type=1326 audit(1725515931.989:3670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2946.357917][ T29] audit: type=1326 audit(1725515931.989:3671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2946.920429][ T29] audit: type=1326 audit(1725515931.999:3672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2947.054703][ T29] audit: type=1326 audit(1725515931.999:3673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26371 comm="syz.3.6125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2947.156798][ T58] usb 3-1: device descriptor read/all, error -71 [ 2948.786127][T26391] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2948.791127][T26314] chnl_net:caif_netlink_parms(): no params data found [ 2948.849773][T26393] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2948.898933][T19040] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 2948.918438][T19040] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 2948.930110][T19040] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 2948.940462][T19040] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 2948.962310][T26388] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2948.975950][T19040] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 2948.985365][T19040] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 2949.143031][ T5497] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2949.337693][ T5497] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2949.478039][ T5497] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2949.862329][ T5497] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2951.053289][T26314] bridge0: port 1(bridge_slave_0) entered blocking state [ 2951.071403][T26314] bridge0: port 1(bridge_slave_0) entered disabled state [ 2951.082417][T26314] bridge_slave_0: entered allmulticast mode [ 2951.085460][T25161] Bluetooth: hci0: command tx timeout [ 2951.097409][T26314] bridge_slave_0: entered promiscuous mode [ 2951.205703][T26314] bridge0: port 2(bridge_slave_1) entered blocking state [ 2951.213186][T26314] bridge0: port 2(bridge_slave_1) entered disabled state [ 2951.226020][T26314] bridge_slave_1: entered allmulticast mode [ 2951.234109][T26314] bridge_slave_1: entered promiscuous mode [ 2951.334633][T20264] usb 3-1: new high-speed USB device number 102 using dummy_hcd [ 2951.371045][T26314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2951.388370][T26314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2951.408510][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 2951.408533][ T29] audit: type=1326 audit(1725515940.029:3693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.447311][ T29] audit: type=1326 audit(1725515940.029:3694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.473702][ T29] audit: type=1326 audit(1725515940.029:3695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.510460][ T29] audit: type=1326 audit(1725515940.039:3696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.541348][T20264] usb 3-1: Using ep0 maxpacket: 8 [ 2951.547323][ T29] audit: type=1326 audit(1725515940.039:3697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.608661][ T29] audit: type=1326 audit(1725515940.039:3698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.692391][ T29] audit: type=1326 audit(1725515940.039:3699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.720909][ T29] audit: type=1326 audit(1725515940.039:3700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.732859][T20264] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2951.749044][ T29] audit: type=1326 audit(1725515940.039:3701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2951.755540][T20264] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2951.782500][T20264] usb 3-1: Product: syz [ 2951.794234][T20264] usb 3-1: Manufacturer: syz [ 2951.798933][T20264] usb 3-1: SerialNumber: syz [ 2951.939931][ T29] audit: type=1326 audit(1725515940.049:3702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26414 comm="syz.3.6134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 2952.372141][T26314] team0: Port device team_slave_0 added [ 2952.465889][T26314] team0: Port device team_slave_1 added [ 2952.528166][T20264] usb 3-1: config 0 descriptor?? [ 2952.537910][T20264] gspca_main: se401-2.14.0 probing 047d:5003 [ 2952.551261][ T5497] bridge_slave_1: left allmulticast mode [ 2952.570592][ T5497] bridge_slave_1: left promiscuous mode [ 2952.582360][ T5497] bridge0: port 2(bridge_slave_1) entered disabled state [ 2952.594974][ T5497] bridge_slave_0: left allmulticast mode [ 2952.600668][ T5497] bridge_slave_0: left promiscuous mode [ 2952.608633][ T5497] bridge0: port 1(bridge_slave_0) entered disabled state [ 2952.834004][ T8] usb 4-1: new high-speed USB device number 113 using dummy_hcd [ 2952.944241][T20264] gspca_se401: Wrong descriptor type [ 2953.027555][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 2953.035500][ T8] usb 4-1: config index 0 descriptor too short (expected 6427, got 27) [ 2953.045734][ T8] usb 4-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2953.054835][ T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2953.064353][ T8] usb 4-1: config 0 has no interface number 0 [ 2953.070492][ T8] usb 4-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2953.092781][ T8] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2953.102461][ T8] usb 4-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2953.111438][ T8] usb 4-1: Product: syz [ 2953.115727][ T8] usb 4-1: Manufacturer: syz [ 2953.122903][ T8] usb 4-1: config 0 descriptor?? [ 2953.152734][T26410] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2953.163928][T25161] Bluetooth: hci0: command tx timeout [ 2953.164687][T26410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2953.189649][T26410] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2953.203052][T26410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2953.225260][T26410] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2953.236139][ T58] usb 3-1: USB disconnect, device number 102 [ 2953.288644][ T5497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2953.302533][ T5497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2953.317311][ T5497] bond0 (unregistering): Released all slaves [ 2953.335837][ T5497] bond1 (unregistering): Released all slaves [ 2953.356924][ T5497] bond2 (unregistering): Released all slaves [ 2953.403707][T26395] chnl_net:caif_netlink_parms(): no params data found [ 2953.417737][T26314] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2953.443097][T26314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2953.470657][T26314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2953.493032][T26314] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2953.500691][T26314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2953.530601][T26314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2953.724323][T26247] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2953.837672][T26247] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2953.861552][T26314] hsr_slave_0: entered promiscuous mode [ 2953.872301][T26314] hsr_slave_1: entered promiscuous mode [ 2953.880540][T26314] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2953.888575][T26314] Cannot create hsr debugfs directory [ 2953.895366][T26247] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2953.908852][T26247] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2954.004831][ T5497] hsr_slave_0: left promiscuous mode [ 2954.010914][ T5497] hsr_slave_1: left promiscuous mode [ 2954.018341][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2954.027040][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2954.036635][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2954.044779][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2954.072023][ T5497] veth1_macvtap: left promiscuous mode [ 2954.079231][ T5497] veth0_macvtap: left promiscuous mode [ 2954.085331][ T5497] veth1_vlan: left promiscuous mode [ 2954.090706][ T5497] veth0_vlan: left promiscuous mode [ 2954.095119][ T58] usb 3-1: new high-speed USB device number 103 using dummy_hcd [ 2954.291411][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2954.303275][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2954.315039][ T58] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2954.324283][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2954.336621][ T58] usb 3-1: config 0 descriptor?? [ 2955.254195][T25161] Bluetooth: hci0: command tx timeout [ 2955.767271][ T58] arvo 0003:1E7D:30D4.0059: unknown main item tag 0x0 [ 2955.774985][ T58] arvo 0003:1E7D:30D4.0059: unknown main item tag 0x0 [ 2955.785188][ T58] arvo 0003:1E7D:30D4.0059: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.2-1/input0 [ 2955.807523][T20262] usb 4-1: USB disconnect, device number 113 [ 2955.832378][ T5497] team0 (unregistering): Port device team_slave_1 removed [ 2955.939255][ T5497] team0 (unregistering): Port device team_slave_0 removed [ 2957.074401][T20262] usb 3-1: USB disconnect, device number 103 [ 2957.544401][T25161] Bluetooth: hci0: command tx timeout [ 2958.542339][T26447] No such timeout policy "syz0" [ 2959.490892][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 2959.498087][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 2959.782816][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 2959.782838][ T29] audit: type=1326 audit(1725515948.409:3722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2959.823728][ T29] audit: type=1326 audit(1725515948.409:3723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2959.874029][ T29] audit: type=1326 audit(1725515948.409:3724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2959.955397][T26395] bridge0: port 1(bridge_slave_0) entered blocking state [ 2959.989265][ T29] audit: type=1326 audit(1725515948.409:3725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2960.015714][T26395] bridge0: port 1(bridge_slave_0) entered disabled state [ 2960.045022][T26395] bridge_slave_0: entered allmulticast mode [ 2960.063344][ T29] audit: type=1326 audit(1725515948.409:3726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2960.070253][T26395] bridge_slave_0: entered promiscuous mode [ 2960.086151][ T29] audit: type=1326 audit(1725515948.409:3727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2960.115092][ T29] audit: type=1326 audit(1725515948.409:3728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2960.134378][T26395] bridge0: port 2(bridge_slave_1) entered blocking state [ 2960.143914][ T29] audit: type=1326 audit(1725515948.409:3729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2960.143975][ T29] audit: type=1326 audit(1725515948.409:3730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2960.144028][ T29] audit: type=1326 audit(1725515948.429:3731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26450 comm="syz.2.6142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2960.413123][T26395] bridge0: port 2(bridge_slave_1) entered disabled state [ 2960.489531][T26395] bridge_slave_1: entered allmulticast mode [ 2960.665145][T26395] bridge_slave_1: entered promiscuous mode [ 2961.098595][T26395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2961.173070][T26395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2961.305021][T26456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6143'. [ 2961.628035][T26395] team0: Port device team_slave_0 added [ 2961.645705][T26395] team0: Port device team_slave_1 added [ 2961.757557][T26462] No such timeout policy "syz0" [ 2964.058467][T26395] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2964.071157][T26395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2964.101592][T26395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2964.115242][T26395] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2964.122224][T26395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2964.197821][T26395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2964.445198][T26395] hsr_slave_0: entered promiscuous mode [ 2964.468375][T26395] hsr_slave_1: entered promiscuous mode [ 2965.405028][ T5497] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2965.949319][ T5497] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2966.119821][ T5497] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2966.149027][T26479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6149'. [ 2966.171363][T26480] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6149'. [ 2966.244335][ T5497] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2966.281404][T26247] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2966.290308][T26314] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2966.304348][T26314] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2966.341874][T26247] 8021q: adding VLAN 0 to HW filter on device team0 [ 2966.350261][T26314] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2966.384292][T26314] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2966.400710][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 2966.400731][ T29] audit: type=1326 audit(1725515955.029:3752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2966.428347][ T9972] bridge0: port 1(bridge_slave_0) entered blocking state [ 2966.436091][ T9972] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2966.506556][ T29] audit: type=1326 audit(1725515955.029:3753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2966.570304][ T9972] bridge0: port 2(bridge_slave_1) entered blocking state [ 2966.577617][ T9972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2966.600535][ T29] audit: type=1326 audit(1725515955.069:3754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2966.656111][ T29] audit: type=1326 audit(1725515955.069:3755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2966.704719][ T29] audit: type=1326 audit(1725515955.069:3756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2966.726980][ T29] audit: type=1326 audit(1725515955.069:3757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2966.751284][ T29] audit: type=1326 audit(1725515955.069:3758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2966.906975][ T29] audit: type=1326 audit(1725515955.069:3759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2967.190521][ T29] audit: type=1326 audit(1725515955.069:3760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2967.515150][ T29] audit: type=1326 audit(1725515955.079:3761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26481 comm="syz.2.6150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01a057cef9 code=0x7ffc0000 [ 2967.659328][ T5497] bridge_slave_1: left allmulticast mode [ 2967.666671][ T5497] bridge_slave_1: left promiscuous mode [ 2967.672756][ T5497] bridge0: port 2(bridge_slave_1) entered disabled state [ 2967.701761][ T5497] bridge_slave_0: left allmulticast mode [ 2967.714072][ T5497] bridge_slave_0: left promiscuous mode [ 2967.720074][ T5497] bridge0: port 1(bridge_slave_0) entered disabled state [ 2967.860367][T20262] usb 4-1: new high-speed USB device number 114 using dummy_hcd [ 2968.064184][T20262] usb 4-1: Using ep0 maxpacket: 8 [ 2968.075750][T20262] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2968.104217][T20262] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2968.113272][T20262] usb 4-1: Product: syz [ 2968.133546][T20262] usb 4-1: Manufacturer: syz [ 2968.143782][T20262] usb 4-1: SerialNumber: syz [ 2968.156350][T20262] usb 4-1: config 0 descriptor?? [ 2968.180350][T20262] gspca_main: se401-2.14.0 probing 047d:5003 [ 2968.514673][ T5497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2968.538447][ T5497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2968.551175][ T5497] bond0 (unregistering): Released all slaves [ 2968.570837][ T5497] bond1 (unregistering): Released all slaves [ 2968.581079][T20262] gspca_se401: Wrong descriptor type [ 2968.590345][ T5497] bond2 (unregistering): Released all slaves [ 2968.621510][ T5497] bond3 (unregistering): Released all slaves [ 2968.798098][T26487] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2968.826786][T26487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2968.868877][T26487] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2968.918542][T26487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2968.934542][T26487] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2968.967721][T23584] usb 4-1: USB disconnect, device number 114 [ 2969.223239][T26247] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2969.286146][T26497] No such timeout policy "syz0" [ 2969.811573][T26314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2970.892274][ T5497] hsr_slave_0: left promiscuous mode [ 2970.902116][ T5497] hsr_slave_1: left promiscuous mode [ 2970.909748][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2970.918256][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2970.930186][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2970.937805][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2970.964449][ T5497] veth1_macvtap: left promiscuous mode [ 2970.970025][ T5497] veth0_macvtap: left promiscuous mode [ 2970.975774][ T5497] veth1_vlan: left promiscuous mode [ 2970.981079][ T5497] veth0_vlan: left promiscuous mode [ 2971.141610][ T8] usb 3-1: new high-speed USB device number 104 using dummy_hcd [ 2971.353342][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 2971.375139][ T8] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 2971.383451][ T8] usb 3-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 2971.395275][ T8] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 2971.404733][ T8] usb 3-1: config 0 has no interface number 0 [ 2971.410890][ T8] usb 3-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2971.427405][ T8] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 2971.436714][ T8] usb 3-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 2971.445598][ T8] usb 3-1: Product: syz [ 2971.449808][ T8] usb 3-1: Manufacturer: syz [ 2971.465119][ T8] usb 3-1: config 0 descriptor?? [ 2971.759448][ T5497] team0 (unregistering): Port device team_slave_1 removed [ 2971.829700][ T5497] team0 (unregistering): Port device team_slave_0 removed [ 2972.652434][T26314] 8021q: adding VLAN 0 to HW filter on device team0 [ 2972.714577][ T9972] bridge0: port 1(bridge_slave_0) entered blocking state [ 2972.721777][ T9972] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2972.769653][T21215] bridge0: port 2(bridge_slave_1) entered blocking state [ 2972.776864][T21215] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2972.799755][T26395] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2972.897194][T26395] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2972.941385][T26247] veth0_vlan: entered promiscuous mode [ 2972.958780][T26395] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2972.981028][T26395] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2973.020593][T26247] veth1_vlan: entered promiscuous mode [ 2973.174704][T26247] veth0_macvtap: entered promiscuous mode [ 2973.211617][T26247] veth1_macvtap: entered promiscuous mode [ 2973.320004][T26247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2973.344112][T26247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2973.363698][T26247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2973.379201][T26247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2973.395505][T26247] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2973.430734][T26247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2973.454759][T26247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2973.472308][T26247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2973.483501][T26247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2973.507137][T26247] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2973.567601][T26247] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.578610][T26247] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.587677][T26247] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.597220][T26247] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2973.637065][T26395] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2973.665795][T26512] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6157'. [ 2973.677818][T26512] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6157'. [ 2973.762713][T26314] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2973.841765][T26395] 8021q: adding VLAN 0 to HW filter on device team0 [ 2973.931407][ T5322] usb 3-1: USB disconnect, device number 104 [ 2973.965338][ T1820] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2973.999287][ T5497] bridge0: port 1(bridge_slave_0) entered blocking state [ 2974.006566][ T5497] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2974.046265][ T1820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2974.087433][ T5497] bridge0: port 2(bridge_slave_1) entered blocking state [ 2974.094703][ T5497] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2974.459273][T26521] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2974.517574][ T9972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2974.622972][ T9972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2974.813082][T26523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2974.885511][T26519] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2975.211273][T26314] veth0_vlan: entered promiscuous mode [ 2975.433383][T26534] fuse: Bad value for 'fd' [ 2976.146562][T26314] veth1_vlan: entered promiscuous mode [ 2976.511426][T26314] veth0_macvtap: entered promiscuous mode [ 2976.595592][T26314] veth1_macvtap: entered promiscuous mode [ 2976.626257][T26395] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2976.738759][T26314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2977.707924][T26314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2977.750322][T26314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2977.772319][T26314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2977.787201][T26314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2977.802605][T26314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2977.815047][T26314] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2977.876299][T26314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2977.920175][T26314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2977.973955][T26314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2978.003869][T26314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2978.036856][T26314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2978.063660][T26314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2978.092039][T26314] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2978.110128][T26553] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6165'. [ 2978.128033][T26554] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6165'. [ 2978.191628][T26314] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2978.221648][T26314] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2978.241239][T26314] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2978.274888][T26314] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2978.365798][T26395] veth0_vlan: entered promiscuous mode [ 2978.438031][T26395] veth1_vlan: entered promiscuous mode [ 2979.662303][ T5497] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2979.709714][ T5497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2979.744570][T26395] veth0_macvtap: entered promiscuous mode [ 2979.809858][T26395] veth1_macvtap: entered promiscuous mode [ 2980.392890][ T9972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2980.588100][ T9972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2980.655746][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2980.688263][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2980.713659][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2980.730763][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2980.740738][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2980.752062][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2980.771848][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2980.785095][T26571] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2980.803642][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2980.836075][T26395] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2980.884379][T26570] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2980.894809][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2980.914267][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2980.941113][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2980.960562][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2980.971121][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2980.974445][T26570] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2980.989838][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2981.003524][T26395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2981.024741][T26395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2981.045109][T26395] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2981.255942][T26395] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2981.274052][T26395] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2981.296472][T26395] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2981.313251][T23557] usb 4-1: new high-speed USB device number 115 using dummy_hcd [ 2981.662968][T26395] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2982.713676][T23557] usb 4-1: Using ep0 maxpacket: 8 [ 2982.737821][T23557] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2982.770567][T23557] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2982.792191][ T1820] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2982.798691][T23557] usb 4-1: Product: syz [ 2982.977434][T23557] usb 4-1: Manufacturer: syz [ 2982.982225][T23557] usb 4-1: SerialNumber: syz [ 2982.989947][T23557] usb 4-1: config 0 descriptor?? [ 2982.998850][T23557] gspca_main: se401-2.14.0 probing 047d:5003 [ 2983.011044][ T1820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2983.929484][T14449] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2983.941903][T26583] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2983.954945][T14449] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2984.023332][T26583] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2984.101947][T26593] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6174'. [ 2984.113038][T26593] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6174'. [ 2985.655117][T23557] gspca_se401: read req failed req 0x06 error -19 [ 2985.676834][T23557] usb 4-1: USB disconnect, device number 115 [ 2986.299134][T26613] No such timeout policy "syz0" [ 2987.933710][T20264] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 2988.202107][T26618] fuse: Bad value for 'fd' [ 2994.953853][T20264] usb 1-1: device descriptor read/all, error -110 [ 2994.978936][T26616] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2995.114335][T20264] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 2995.339693][T26622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6186'. [ 2995.423721][T26625] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6186'. [ 2996.878603][T26634] 9pnet_fd: Insufficient options for proto=fd [ 2996.888221][T19040] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 2996.899946][T19040] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 2996.908513][T19040] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 2996.918404][T19040] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 2996.927242][T19040] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 2996.944513][T19040] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 2997.095050][T25161] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 2997.107695][T25161] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 2997.157521][T25161] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 2997.189416][T25161] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 2997.204308][T25161] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 2997.233107][T25161] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 2997.522440][ T5509] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2997.653915][ T5322] usb 5-1: new high-speed USB device number 96 using dummy_hcd [ 2998.128795][ T5322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2998.130857][ T5509] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2998.150284][ T5322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2998.184185][ T5322] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2998.232236][ T5322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2998.274654][ T5322] usb 5-1: config 0 descriptor?? [ 2998.392295][ T5509] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2998.650981][ T5509] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2999.004456][T26397] Bluetooth: hci0: command tx timeout [ 2999.082938][ T5322] arvo 0003:1E7D:30D4.005A: unknown main item tag 0x0 [ 2999.146305][ T5322] arvo 0003:1E7D:30D4.005A: unknown main item tag 0x0 [ 2999.323912][T26397] Bluetooth: hci3: command tx timeout [ 3000.724812][ T5322] arvo 0003:1E7D:30D4.005A: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0 [ 3000.737587][ T5322] arvo 0003:1E7D:30D4.005A: couldn't init struct arvo_device [ 3000.750109][ T5322] arvo 0003:1E7D:30D4.005A: couldn't install keyboard [ 3000.766558][ T5322] arvo 0003:1E7D:30D4.005A: probe with driver arvo failed with error -71 [ 3000.805681][ T5322] usb 5-1: USB disconnect, device number 96 [ 3001.117888][T26397] Bluetooth: hci0: command tx timeout [ 3001.827463][T25161] Bluetooth: hci3: command tx timeout [ 3002.080489][ T5509] bridge_slave_1: left allmulticast mode [ 3002.113433][ T5509] bridge_slave_1: left promiscuous mode [ 3002.143950][ T5509] bridge0: port 2(bridge_slave_1) entered disabled state [ 3002.214933][ T5509] bridge_slave_0: left allmulticast mode [ 3002.230899][ T5509] bridge_slave_0: left promiscuous mode [ 3002.241249][ T5509] bridge0: port 1(bridge_slave_0) entered disabled state [ 3003.073500][ T5509] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3003.089086][ T5509] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3003.108180][ T5509] bond0 (unregistering): Released all slaves [ 3003.156640][T26666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6195'. [ 3003.166404][T25161] Bluetooth: hci0: command tx timeout [ 3003.180657][T26667] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6195'. [ 3003.224838][T26635] chnl_net:caif_netlink_parms(): no params data found [ 3003.249839][T26637] chnl_net:caif_netlink_parms(): no params data found [ 3003.495916][T26674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3003.570613][T26674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3003.695350][T26672] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3003.800178][T26681] 9pnet_fd: Insufficient options for proto=fd [ 3003.884690][T25161] Bluetooth: hci3: command tx timeout [ 3004.043411][T26687] fuse: Bad value for 'fd' [ 3004.923366][T26637] bridge0: port 1(bridge_slave_0) entered blocking state [ 3004.932477][T26637] bridge0: port 1(bridge_slave_0) entered disabled state [ 3005.140224][T26637] bridge_slave_0: entered allmulticast mode [ 3005.161730][T26637] bridge_slave_0: entered promiscuous mode [ 3005.173738][T23584] usb 4-1: new high-speed USB device number 116 using dummy_hcd [ 3005.196102][T26637] bridge0: port 2(bridge_slave_1) entered blocking state [ 3005.295385][T26637] bridge0: port 2(bridge_slave_1) entered disabled state [ 3005.306982][T26637] bridge_slave_1: entered allmulticast mode [ 3005.357068][T26637] bridge_slave_1: entered promiscuous mode [ 3005.368564][T25161] Bluetooth: hci0: command tx timeout [ 3005.965441][T25161] Bluetooth: hci3: command tx timeout [ 3006.110650][ T5509] hsr_slave_0: left promiscuous mode [ 3006.123988][ T5509] hsr_slave_1: left promiscuous mode [ 3006.153488][ T5509] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3006.162091][ T5509] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3006.170716][T23584] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 3006.182443][T23584] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 3006.183360][ T5509] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3006.200483][T23584] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 3006.212598][T23584] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3006.224647][T23584] usb 4-1: config 0 descriptor?? [ 3006.253749][ T5509] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3006.317670][ T5509] veth1_macvtap: left promiscuous mode [ 3006.323282][ T5509] veth0_macvtap: left promiscuous mode [ 3006.344381][ T5509] veth1_vlan: left promiscuous mode [ 3006.350496][ T5509] veth0_vlan: left promiscuous mode [ 3007.084922][T23584] arvo 0003:1E7D:30D4.005B: unknown main item tag 0x0 [ 3007.092017][T23584] arvo 0003:1E7D:30D4.005B: unknown main item tag 0x0 [ 3008.056490][T23584] arvo 0003:1E7D:30D4.005B: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0 [ 3008.221360][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 3008.221382][ T29] audit: type=1326 audit(1725515996.849:3782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.252148][ T29] audit: type=1326 audit(1725515996.849:3783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.283006][ T29] audit: type=1326 audit(1725515996.849:3784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.306055][ T29] audit: type=1326 audit(1725515996.849:3785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.328881][ T29] audit: type=1326 audit(1725515996.849:3786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.351994][ T29] audit: type=1326 audit(1725515996.889:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.374690][ T29] audit: type=1326 audit(1725515996.889:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.400401][ T29] audit: type=1326 audit(1725515996.889:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.441396][ T29] audit: type=1326 audit(1725515996.889:3790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3008.543328][ T29] audit: type=1326 audit(1725515996.889:3791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26704 comm="syz.0.6204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c67d7cef9 code=0x7ffc0000 [ 3009.364474][T23557] usb 4-1: USB disconnect, device number 116 [ 3009.677314][T26713] fuse: Bad value for 'fd' [ 3010.844557][ T5509] team0 (unregistering): Port device team_slave_1 removed [ 3010.912936][ T5509] team0 (unregistering): Port device team_slave_0 removed [ 3011.760235][T26709] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6205'. [ 3011.770544][T26712] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6205'. [ 3011.849992][T26635] bridge0: port 1(bridge_slave_0) entered blocking state [ 3011.862026][T26635] bridge0: port 1(bridge_slave_0) entered disabled state [ 3011.869769][T26635] bridge_slave_0: entered allmulticast mode [ 3011.880137][T26635] bridge_slave_0: entered promiscuous mode [ 3011.897221][T26637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3011.920882][T26637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3011.960597][T26635] bridge0: port 2(bridge_slave_1) entered blocking state [ 3011.970297][T26635] bridge0: port 2(bridge_slave_1) entered disabled state [ 3011.986705][T26635] bridge_slave_1: entered allmulticast mode [ 3011.996133][T26635] bridge_slave_1: entered promiscuous mode [ 3012.087030][T26723] 9pnet_fd: Insufficient options for proto=fd [ 3012.318769][T26637] team0: Port device team_slave_0 added [ 3012.356266][T26635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3012.779320][T26637] team0: Port device team_slave_1 added [ 3012.974984][T20262] usb 4-1: new high-speed USB device number 117 using dummy_hcd [ 3012.999227][T26635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3013.088456][T26732] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3013.143545][T26637] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3013.153235][T26637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3013.178963][T26730] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3013.194517][T26637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3013.223692][T20262] usb 4-1: Using ep0 maxpacket: 8 [ 3013.233159][T20262] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 3013.274713][T26730] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3013.286325][T20262] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3013.300969][T20262] usb 4-1: Product: syz [ 3013.305502][T20262] usb 4-1: Manufacturer: syz [ 3013.311547][T20262] usb 4-1: SerialNumber: syz [ 3013.328158][T20262] usb 4-1: config 0 descriptor?? [ 3013.345056][T20262] gspca_main: se401-2.14.0 probing 047d:5003 [ 3013.363451][T26635] team0: Port device team_slave_0 added [ 3013.381532][T26637] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3013.401528][T26637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3013.428297][T26637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3013.461812][T26635] team0: Port device team_slave_1 added [ 3013.565662][T26635] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3013.572989][T26635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3013.603527][T26635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3013.704537][T26635] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3013.711661][T26635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3013.739520][T26635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3013.751473][T20262] gspca_se401: Wrong descriptor type [ 3013.778915][T26637] hsr_slave_0: entered promiscuous mode [ 3013.786164][T26637] hsr_slave_1: entered promiscuous mode [ 3013.947874][T26635] hsr_slave_0: entered promiscuous mode [ 3013.956622][T26727] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3013.969633][T26635] hsr_slave_1: entered promiscuous mode [ 3013.976941][T26727] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3013.994437][T26635] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 3014.002358][T26635] Cannot create hsr debugfs directory [ 3014.009175][T26727] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3014.244526][T26727] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3014.320442][ T29] kauditd_printk_skb: 45 callbacks suppressed [ 3014.320465][ T29] audit: type=1326 audit(1725516002.939:3837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.323896][T26727] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3014.327102][ T29] audit: type=1326 audit(1725516002.939:3838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.366787][T20262] usb 4-1: USB disconnect, device number 117 [ 3014.383989][ T29] audit: type=1326 audit(1725516003.019:3839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.412463][ T29] audit: type=1326 audit(1725516003.019:3840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.437369][ T29] audit: type=1326 audit(1725516003.019:3841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.460028][ T29] audit: type=1326 audit(1725516003.049:3842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.520444][ T29] audit: type=1326 audit(1725516003.049:3843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.593465][ T29] audit: type=1326 audit(1725516003.049:3844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.663709][ T29] audit: type=1326 audit(1725516003.049:3845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3014.692723][ T5509] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3014.704183][ T29] audit: type=1326 audit(1725516003.049:3846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26739 comm="syz.4.6214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f511bf7cef9 code=0x7ffc0000 [ 3015.734198][ T5509] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3015.877007][T26750] No such timeout policy "syz0" [ 3016.622655][ T5509] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3016.711687][T26756] 9pnet_fd: Insufficient options for proto=fd [ 3016.725933][T26752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6218'. [ 3016.760317][T26753] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6218'. [ 3016.831984][ T5509] batman_adv: batadv1: Interface deactivated: netdevsim0 [ 3016.933326][ T5509] batman_adv: batadv1: Removing interface: netdevsim0 [ 3016.953414][ T5509] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3016.976622][T26762] netlink: 'syz.0.6221': attribute type 2 has an invalid length. [ 3017.164106][ T8] usb 4-1: new high-speed USB device number 118 using dummy_hcd [ 3017.207517][ T5509] bridge_slave_1: left allmulticast mode [ 3017.214772][ T5509] bridge_slave_1: left promiscuous mode [ 3017.220676][ T5509] bridge0: port 2(bridge_slave_1) entered disabled state [ 3017.232844][ T5509] bridge_slave_0: left allmulticast mode [ 3017.239550][ T5509] bridge_slave_0: left promiscuous mode [ 3017.245853][ T5509] bridge0: port 1(bridge_slave_0) entered disabled state [ 3017.354174][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 3017.375145][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 3017.387814][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 3017.400536][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 3017.423459][ T8] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 3017.434475][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3017.481101][ T8] usb 4-1: config 0 descriptor?? [ 3017.919408][ T8] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.005C/input/input165 [ 3018.273840][ T8] microsoft 0003:045E:07DA.005C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 3018.319832][ T8] usb 4-1: USB disconnect, device number 118 [ 3018.969493][ T5509] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3018.986951][ T5509] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3019.011106][ T5509] bond0 (unregistering): Released all slaves [ 3019.045040][ T5509] bond1 (unregistering): Released all slaves [ 3019.062390][ T5509] bond2 (unregistering): Released all slaves [ 3019.089416][ T5509] bond3 (unregistering): Released all slaves [ 3019.108626][ T5509] bond4 (unregistering): Released all slaves [ 3019.128700][ T5509] bond5 (unregistering): Released all slaves [ 3019.195127][T26781] netlink: 'syz.4.6229': attribute type 4 has an invalid length. [ 3019.247497][T26783] netlink: 'syz.4.6229': attribute type 17 has an invalid length. [ 3019.361019][T26791] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.6232'. [ 3019.384844][T26791] openvswitch: netlink: Missing key (keys=400040, expected=200000) [ 3019.892917][ T5509] hsr_slave_0: left promiscuous mode [ 3019.909427][ T5509] hsr_slave_1: left promiscuous mode [ 3019.932324][ T5509] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3019.948464][ T5509] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3019.988099][ T5509] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3020.001968][ T5509] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3020.082313][ T5509] veth1_macvtap: left promiscuous mode [ 3020.105019][ T5509] veth0_macvtap: left promiscuous mode [ 3020.118319][ T5509] veth1_vlan: left promiscuous mode [ 3020.124207][ T5509] veth0_vlan: left promiscuous mode [ 3020.499868][T26809] Cannot find add_set index 0 as target [ 3020.927669][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 3020.934593][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 3022.229647][T26820] Cannot find add_set index 0 as target [ 3023.997698][ T5509] team0 (unregistering): Port device team_slave_1 removed [ 3024.210135][ T5509] team0 (unregistering): Port device team_slave_0 removed [ 3026.645622][T26637] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 3026.685257][T26637] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 3026.761085][T26637] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 3026.941240][T26637] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 3028.124283][T26875] xt_bpf: check failed: parse error [ 3028.824862][T26858] Cannot find add_set index 0 as target [ 3028.962041][T26637] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3029.063037][T26637] 8021q: adding VLAN 0 to HW filter on device team0 [ 3029.239091][T17575] bridge0: port 1(bridge_slave_0) entered blocking state [ 3029.246368][T17575] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3029.490349][T17575] bridge0: port 2(bridge_slave_1) entered blocking state [ 3029.497651][T17575] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3029.811573][T26635] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 3029.850286][T26888] binder: 26886:26888 ioctl 4018620d 0 returned -22 [ 3029.865883][T26635] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 3029.935717][T26635] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 3029.987356][T26635] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 3031.461214][T26635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3031.546877][T26635] 8021q: adding VLAN 0 to HW filter on device team0 [ 3031.568864][ T5509] bridge0: port 1(bridge_slave_0) entered blocking state [ 3031.576101][ T5509] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3031.630461][ T5509] bridge0: port 2(bridge_slave_1) entered blocking state [ 3031.638137][ T5509] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3031.842144][T26637] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3032.074801][T26637] veth0_vlan: entered promiscuous mode [ 3032.096676][T26637] veth1_vlan: entered promiscuous mode [ 3032.152035][T26637] veth0_macvtap: entered promiscuous mode [ 3032.196755][T26637] veth1_macvtap: entered promiscuous mode [ 3032.319106][T26637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3032.354646][T26637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3032.368638][T26637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3032.386645][T26637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3032.400118][T26637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3032.411473][T26637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3032.426198][T26637] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3032.467154][T26637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3032.480086][T26637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3032.495462][T26637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3032.517140][T26637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3032.532756][T26637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3032.551891][T26637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3032.566104][T26637] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3032.613240][T26637] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3032.641154][T26637] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3032.651087][T26637] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3032.666543][T26637] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3032.747978][T26635] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3032.999614][T26635] veth0_vlan: entered promiscuous mode [ 3033.076382][T25632] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3033.105501][T25632] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3033.158831][T26635] veth1_vlan: entered promiscuous mode [ 3033.210498][ T5509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3033.239260][ T5509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3033.299290][T26635] veth0_macvtap: entered promiscuous mode [ 3033.361282][T26635] veth1_macvtap: entered promiscuous mode [ 3033.438340][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3033.463366][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.485461][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3033.513611][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.535199][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3033.556242][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.577830][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3033.603908][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.627087][T26635] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3033.662747][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3033.693901][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.709267][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3033.727698][ T58] usb 3-1: new high-speed USB device number 105 using dummy_hcd [ 3033.743646][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.770021][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3033.784758][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.795387][T26635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3033.807217][T26635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3033.819935][T26635] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3033.840284][T26635] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3033.851005][T26635] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3033.860466][T26635] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3033.871975][T26635] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3033.973129][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 3034.007931][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 3034.043895][ T58] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 3034.077566][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3034.104712][ T58] usb 3-1: config 0 descriptor?? [ 3034.112267][ T1820] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3034.133739][ T1820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3034.186601][ T5509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3034.196153][ T5509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3034.918212][ T58] arvo 0003:1E7D:30D4.005D: unknown main item tag 0x0 [ 3034.986942][ T58] arvo 0003:1E7D:30D4.005D: unknown main item tag 0x0 [ 3035.361919][ T58] arvo 0003:1E7D:30D4.005D: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.2-1/input0 [ 3036.899702][T22664] usb 3-1: USB disconnect, device number 105 [ 3042.887569][T27048] input: syz1 as /devices/virtual/input/input166 [ 3043.488757][T25161] Bluetooth: hci5: command 0x0406 tx timeout [ 3044.618264][T27083] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.6325'. [ 3045.399321][T27097] workqueue: name exceeds WQ_NAME_LEN. Truncating to: †< )Ù2¼”›U7‘Åä‹¡ô¾ÐËÝ;&!éi‡¼ [ 3046.670027][T27141] xt_cgroup: path and classid specified [ 3046.686067][T27141] x_tables: ip_tables: osf match: only valid for protocol 6 [ 3048.397252][ T29] kauditd_printk_skb: 16 callbacks suppressed [ 3048.397275][ T29] audit: type=1326 audit(1725516037.019:3863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3048.850331][ T29] audit: type=1326 audit(1725516037.019:3864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3049.213721][ T29] audit: type=1326 audit(1725516037.399:3865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3049.344136][ T29] audit: type=1326 audit(1725516037.399:3866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3049.376694][T27173] capability: warning: `syz.4.6361' uses 32-bit capabilities (legacy support in use) [ 3049.463673][ T29] audit: type=1326 audit(1725516037.439:3867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3049.590109][T27175] ALSA: seq fatal error: cannot create timer (-22) [ 3049.599456][ T29] audit: type=1326 audit(1725516037.439:3868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3049.822922][ T29] audit: type=1326 audit(1725516037.469:3869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3049.998558][ T29] audit: type=1326 audit(1725516037.529:3870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3050.139054][ T29] audit: type=1326 audit(1725516037.529:3871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3050.205079][ T29] audit: type=1326 audit(1725516037.559:3872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27165 comm="syz.2.6360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f686eb18859 code=0x7ffc0000 [ 3050.765982][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3050.798100][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3050.826127][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3051.774985][T23557] vcan0 speed is unknown, defaulting to 1000 [ 3051.800892][T27181] infiniband syz1: set active [ 3051.816544][T27181] infiniband syz1: added vcan0 [ 3051.834500][T27181] syz1: rxe_create_cq: returned err = -12 [ 3051.841145][T27181] infiniband syz1: Couldn't create ib_mad CQ [ 3051.892273][T27181] infiniband syz1: Couldn't open port 1 [ 3052.125148][T27181] RDS/IB: syz1: added [ 3052.142661][T27181] smc: adding ib device syz1 with port count 1 [ 3052.150044][T27181] smc: ib device syz1 port 1 has pnetid [ 3052.169399][T22664] vcan0 speed is unknown, defaulting to 1000 [ 3052.191425][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3053.093935][T20264] usb 3-1: new high-speed USB device number 106 using dummy_hcd [ 3053.139473][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3053.293716][T20264] usb 3-1: Using ep0 maxpacket: 8 [ 3053.325431][T20264] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 3053.337594][T27221] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 3053.363927][T20264] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 3053.384042][T20264] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 3053.434210][T20264] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 3053.464608][T20264] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 3053.494024][T20264] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3053.732895][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3053.775407][T20264] usb 3-1: GET_CAPABILITIES returned 0 [ 3053.781003][T20264] usbtmc 3-1:16.0: can't read capabilities [ 3053.978609][T20264] usb 3-1: USB disconnect, device number 106 [ 3054.026557][T27232] syzkaller0: entered promiscuous mode [ 3054.040455][T27232] syzkaller0: entered allmulticast mode [ 3055.412749][T27248] input: syz0 as /devices/virtual/input/input167 [ 3058.846168][T19040] Bluetooth: hci2: command 0x0406 tx timeout [ 3059.586339][T22664] kernel write not supported for file bpf-prog (pid: 22664 comm: kworker/0:2) [ 3061.497266][T19040] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 3061.521840][T19040] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 3061.536238][T19040] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 3061.567213][T19040] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 3061.588098][T19040] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 3061.596853][T19040] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 3061.783785][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3061.795485][T27241] bridge0: port 3(vlan2) entered blocking state [ 3061.812177][T27241] bridge0: port 3(vlan2) entered disabled state [ 3061.822398][T27241] vlan2: entered allmulticast mode [ 3061.857322][T27241] vlan2: left allmulticast mode [ 3062.231437][T27181] vcan0 speed is unknown, defaulting to 1000 [ 3062.734379][T27271] vcan0 speed is unknown, defaulting to 1000 [ 3063.283736][T14511] usb 3-1: new high-speed USB device number 107 using dummy_hcd [ 3063.496811][T14511] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 3063.513940][T14511] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 3063.524064][T14511] usb 3-1: New USB device found, idVendor=056a, idProduct=01bb, bcdDevice= 0.00 [ 3063.537648][T14511] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3063.549253][T14511] usb 3-1: config 0 descriptor?? [ 3063.754243][T19040] Bluetooth: hci4: command tx timeout [ 3064.397148][T23557] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 3064.895448][ T5497] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3064.914107][T23557] usb 1-1: Using ep0 maxpacket: 16 [ 3064.936415][T14511] wacom 0003:056A:01BB.005E: unknown main item tag 0x0 [ 3064.940941][T23557] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 3064.943342][T14511] wacom 0003:056A:01BB.005E: unknown main item tag 0x0 [ 3064.977332][T14511] wacom 0003:056A:01BB.005E: unknown main item tag 0x0 [ 3064.986081][T14511] wacom 0003:056A:01BB.005E: unknown main item tag 0x0 [ 3064.993084][T14511] wacom 0003:056A:01BB.005E: unknown main item tag 0x0 [ 3065.000513][T14511] wacom 0003:056A:01BB.005E: unknown main item tag 0x0 [ 3065.003961][T23557] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 3065.007587][T14511] wacom 0003:056A:01BB.005E: unknown main item tag 0x0 [ 3065.040810][T14511] wacom 0003:056A:01BB.005E: Unknown device_type for 'HID 056a:01bb'. Ignoring. [ 3065.053353][T23557] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 3065.068462][T14511] usb 3-1: USB disconnect, device number 107 [ 3065.075491][T27271] chnl_net:caif_netlink_parms(): no params data found [ 3065.109651][T23557] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 3065.146640][T23557] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3065.190237][T23557] usb 1-1: config 0 descriptor?? [ 3065.206150][ T5497] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3065.338795][ T5497] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3065.637418][ T5497] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3065.830934][T19040] Bluetooth: hci4: command tx timeout [ 3065.907770][T23557] microsoft 0003:045E:07DA.005F: invalid report_size -1893628834 [ 3066.043160][T23557] microsoft 0003:045E:07DA.005F: item 0 4 1 7 parsing failed [ 3066.218186][T23557] microsoft 0003:045E:07DA.005F: parse failed [ 3066.236519][T23557] microsoft 0003:045E:07DA.005F: probe with driver microsoft failed with error -22 [ 3066.335090][T23557] usb 1-1: USB disconnect, device number 68 [ 3066.433037][T27271] bridge0: port 1(bridge_slave_0) entered blocking state [ 3066.463750][T27271] bridge0: port 1(bridge_slave_0) entered disabled state [ 3066.471067][T27271] bridge_slave_0: entered allmulticast mode [ 3066.513168][T27271] bridge_slave_0: entered promiscuous mode [ 3066.565733][T27271] bridge0: port 2(bridge_slave_1) entered blocking state [ 3066.590072][T27271] bridge0: port 2(bridge_slave_1) entered disabled state [ 3066.620401][T27271] bridge_slave_1: entered allmulticast mode [ 3066.646171][T27271] bridge_slave_1: entered promiscuous mode [ 3066.856509][T27271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3066.913943][T27271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3067.209202][T27271] team0: Port device team_slave_0 added [ 3067.933903][T19040] Bluetooth: hci4: command tx timeout [ 3067.966450][T27271] team0: Port device team_slave_1 added [ 3068.309033][ T5497] bridge_slave_1: left allmulticast mode [ 3068.327104][ T5497] bridge_slave_1: left promiscuous mode [ 3068.356229][ T5497] bridge0: port 2(bridge_slave_1) entered disabled state [ 3068.383926][ T5497] bridge_slave_0: left allmulticast mode [ 3068.393116][ T5497] bridge_slave_0: left promiscuous mode [ 3068.414969][ T5497] bridge0: port 1(bridge_slave_0) entered disabled state [ 3068.415333][T22664] usb 4-1: new high-speed USB device number 119 using dummy_hcd [ 3069.331238][T22664] usb 4-1: New USB device found, idVendor=0403, idProduct=a54a, bcdDevice= 3.8c [ 3069.348339][T22664] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3069.358111][T22664] usb 4-1: Product: syz [ 3069.362324][T22664] usb 4-1: Manufacturer: syz [ 3069.376587][T22664] usb 4-1: SerialNumber: syz [ 3069.388513][T22664] usb 4-1: config 0 descriptor?? [ 3069.400782][T22664] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 3069.464264][T22664] ftdi_sio ttyUSB0: unknown device type: 0x38c [ 3069.960315][ T58] usb 4-1: USB disconnect, device number 119 [ 3070.014353][T19040] Bluetooth: hci4: command tx timeout [ 3070.224962][ T58] ftdi_sio 4-1:0.0: device disconnected [ 3070.245000][T27364] syz.4.6429[27364] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 3070.245191][T27364] syz.4.6429[27364] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 3070.333741][T27371] sock: sock_set_timeout: `syz.2.6430' (pid 27371) tries to set negative timeout [ 3071.983888][ T5497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3072.020981][ T5497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3072.059956][ T5497] bond0 (unregistering): Released all slaves [ 3072.096091][T27271] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3072.111199][T27271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3072.143659][T27271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3072.302333][T27378] netlink: 'syz.4.6433': attribute type 4 has an invalid length. [ 3072.426939][T27271] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3072.463381][T27271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3072.586423][T27271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3073.005965][T27271] hsr_slave_0: entered promiscuous mode [ 3073.032841][T27271] hsr_slave_1: entered promiscuous mode [ 3073.044294][T27271] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 3073.092497][T27271] Cannot create hsr debugfs directory [ 3073.107685][T27399] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6439'. [ 3073.141976][T27399] bond1: entered promiscuous mode [ 3073.155279][T27402] lo: entered promiscuous mode [ 3073.186205][T27402] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 3073.290486][T27402] bond1: (slave lo): Enslaving as an active interface with an up link [ 3073.782774][T27409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6443'. [ 3073.841270][T27412] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6443'. [ 3074.017945][T27414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6444'. [ 3074.173772][T27416] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6444'. [ 3074.513609][ T5497] hsr_slave_0: left promiscuous mode [ 3074.548087][ T5497] hsr_slave_1: left promiscuous mode [ 3074.596158][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3074.615420][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3074.637301][ T5497] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3074.663133][ T5497] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3074.757631][ T5497] veth1_macvtap: left promiscuous mode [ 3074.778485][ T5497] veth0_macvtap: left promiscuous mode [ 3074.794245][ T5497] veth1_vlan: left promiscuous mode [ 3074.807570][ T5497] veth0_vlan: left promiscuous mode [ 3075.144339][ T5497] infiniband syz1: set down [ 3075.758536][T27443] ALSA: seq fatal error: cannot create timer (-22) [ 3075.776943][ T29] kauditd_printk_skb: 896 callbacks suppressed [ 3075.776966][ T29] audit: type=1326 audit(1725516320.418:4769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27442 comm="syz.2.6454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3075.840322][ T29] audit: type=1326 audit(1725516320.448:4770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27442 comm="syz.2.6454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3075.909022][ T29] audit: type=1326 audit(1725516320.448:4771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27442 comm="syz.2.6454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3076.003678][ T29] audit: type=1326 audit(1725516320.448:4772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27442 comm="syz.2.6454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3076.046628][ T29] audit: type=1326 audit(1725516320.448:4773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27442 comm="syz.2.6454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3076.440530][ T5497] team0 (unregistering): Port device team_slave_1 removed [ 3076.549752][ T5497] team0 (unregistering): Port device team_slave_0 removed [ 3077.422483][ T9972] smc: removing ib device syz1 [ 3077.543950][ T58] vcan0 speed is unknown, defaulting to 1000 [ 3078.069269][T27457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6460'. [ 3078.124267][T27456] bridge0: port 2(bridge_slave_1) entered disabled state [ 3078.131708][T27456] bridge0: port 1(bridge_slave_0) entered disabled state [ 3078.165002][T27456] bridge0: entered allmulticast mode [ 3078.547717][ T29] audit: type=1326 audit(1725516323.168:4774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27468 comm="syz.3.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 3078.604829][T27464] can0: slcan on ttyprintk. [ 3078.626400][ T29] audit: type=1326 audit(1725516323.168:4775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27468 comm="syz.3.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 3078.649197][ T29] audit: type=1326 audit(1725516323.188:4776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27468 comm="syz.3.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 3078.709912][ T29] audit: type=1326 audit(1725516323.188:4777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27468 comm="syz.3.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 3078.741776][ T29] audit: type=1326 audit(1725516323.188:4778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27468 comm="syz.3.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094237cef9 code=0x7ffc0000 [ 3079.002442][T27464] can0 (unregistered): slcan off ttyprintk. [ 3079.625969][T27271] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 3079.727252][T27271] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 3079.758358][T27271] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 3079.794579][T27271] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 3079.824557][T27486] netlink: 1320 bytes leftover after parsing attributes in process `syz.3.6470'. [ 3080.135959][T27271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3080.215072][T27271] 8021q: adding VLAN 0 to HW filter on device team0 [ 3080.250912][ T5497] bridge0: port 1(bridge_slave_0) entered blocking state [ 3080.258143][ T5497] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3080.275722][ T5497] bridge0: port 2(bridge_slave_1) entered blocking state [ 3080.282938][ T5497] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3080.720806][T27271] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3080.831804][ T29] kauditd_printk_skb: 60 callbacks suppressed [ 3080.831824][ T29] audit: type=1326 audit(1725516325.468:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3080.861868][T27271] veth0_vlan: entered promiscuous mode [ 3080.901209][ T29] audit: type=1326 audit(1725516325.508:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3080.925854][T27271] veth1_vlan: entered promiscuous mode [ 3080.969715][ T29] audit: type=1326 audit(1725516325.508:4841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3080.988454][T27271] veth0_macvtap: entered promiscuous mode [ 3081.010057][ T29] audit: type=1326 audit(1725516325.508:4842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3081.042054][T27271] veth1_macvtap: entered promiscuous mode [ 3081.076991][ T29] audit: type=1326 audit(1725516325.508:4843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3081.108245][ T29] audit: type=1326 audit(1725516325.518:4844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3081.134391][ T29] audit: type=1326 audit(1725516325.518:4845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3081.193085][ T29] audit: type=1326 audit(1725516325.518:4846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3081.218652][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3081.236191][ T29] audit: type=1326 audit(1725516325.518:4847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3081.258431][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.258465][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3081.258486][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.258504][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3081.258521][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.258543][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3081.258560][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.260539][T27271] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3081.323460][ T29] audit: type=1326 audit(1725516325.518:4848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27517 comm="syz.2.6485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3081.417501][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3081.417532][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.417549][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3081.417567][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.417583][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3081.417601][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.417617][T27271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3081.417634][T27271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3081.432660][T27271] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3081.457010][T27271] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3081.457056][T27271] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3081.457089][T27271] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3081.457123][T27271] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3081.465320][T27532] syz.0.6488: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 3081.465848][T27532] CPU: 1 UID: 0 PID: 27532 Comm: syz.0.6488 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 3081.465877][T27532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 3081.465893][T27532] Call Trace: [ 3081.465904][T27532] [ 3081.465915][T27532] dump_stack_lvl+0x241/0x360 [ 3081.465955][T27532] ? __pfx_dump_stack_lvl+0x10/0x10 [ 3081.465985][T27532] ? __pfx__printk+0x10/0x10 [ 3081.466019][T27532] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 3081.466048][T27532] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 3081.466082][T27532] warn_alloc+0x278/0x410 [ 3081.466104][T27532] ? stack_depot_save_flags+0x6e4/0x830 [ 3081.466124][T27532] ? __vmalloc_node_range_noprof+0x106/0x1400 [ 3081.466155][T27532] ? __pfx_warn_alloc+0x10/0x10 [ 3081.466176][T27532] ? kasan_save_track+0x3f/0x80 [ 3081.466198][T27532] ? __kasan_kmalloc+0x98/0xb0 [ 3081.466218][T27532] ? xsk_setsockopt+0x598/0x950 [ 3081.466243][T27532] ? do_sock_setsockopt+0x3af/0x720 [ 3081.466265][T27532] ? __sys_setsockopt+0x1ae/0x250 [ 3081.466285][T27532] ? __x64_sys_setsockopt+0xb5/0xd0 [ 3081.466306][T27532] ? do_syscall_64+0xf3/0x230 [ 3081.466324][T27532] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3081.466352][T27532] __vmalloc_node_range_noprof+0x126/0x1400 [ 3081.466399][T27532] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 3081.466427][T27532] ? __kasan_kmalloc+0x98/0xb0 [ 3081.466445][T27532] ? xskq_create+0x54/0x170 [ 3081.466465][T27532] vmalloc_user_noprof+0x74/0x80 [ 3081.466488][T27532] ? xskq_create+0xb6/0x170 [ 3081.466503][T27532] xskq_create+0xb6/0x170 [ 3081.466522][T27532] xsk_init_queue+0xa1/0x100 [ 3081.466551][T27532] xsk_setsockopt+0x598/0x950 [ 3081.466579][T27532] ? __pfx_xsk_setsockopt+0x10/0x10 [ 3081.466608][T27532] ? __pfx_lock_acquire+0x10/0x10 [ 3081.466632][T27532] ? __fget_files+0x29/0x470 [ 3081.466650][T27532] ? __pfx_lock_release+0x10/0x10 [ 3081.466671][T27532] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 3081.466720][T27532] ? security_socket_setsockopt+0x87/0xb0 [ 3081.466743][T27532] ? __pfx_xsk_setsockopt+0x10/0x10 [ 3081.466767][T27532] do_sock_setsockopt+0x3af/0x720 [ 3081.466794][T27532] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 3081.466816][T27532] ? __fget_files+0x29/0x470 [ 3081.466834][T27532] ? __fget_files+0x3f6/0x470 [ 3081.466861][T27532] __sys_setsockopt+0x1ae/0x250 [ 3081.466898][T27532] __x64_sys_setsockopt+0xb5/0xd0 [ 3081.466929][T27532] do_syscall_64+0xf3/0x230 [ 3081.466948][T27532] ? clear_bhb_loop+0x35/0x90 [ 3081.466972][T27532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3081.466993][T27532] RIP: 0033:0x7f5c67d7cef9 [ 3081.467010][T27532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 3081.467026][T27532] RSP: 002b:00007f5c68a9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 3081.467045][T27532] RAX: ffffffffffffffda RBX: 00007f5c67f36058 RCX: 00007f5c67d7cef9 [ 3081.467071][T27532] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000009 [ 3081.467082][T27532] RBP: 00007f5c67def01e R08: 0000000000000020 R09: 0000000000000000 [ 3081.467094][T27532] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 3081.467106][T27532] R13: 0000000000000000 R14: 00007f5c67f36058 R15: 00007ffd44898af8 [ 3081.467132][T27532] [ 3081.467167][T27532] Mem-Info: [ 3081.467182][T27532] active_anon:262 inactive_anon:3049 isolated_anon:0 [ 3081.467182][T27532] active_file:18392 inactive_file:36895 isolated_file:0 [ 3081.467182][T27532] unevictable:768 dirty:80 writeback:0 [ 3081.467182][T27532] slab_reclaimable:5280 slab_unreclaimable:96015 [ 3081.467182][T27532] mapped:21864 shmem:1263 pagetables:655 [ 3081.467182][T27532] sec_pagetables:0 bounce:0 [ 3081.467182][T27532] kernel_misc_reclaimable:0 [ 3081.467182][T27532] free:1350574 free_pcp:868 free_cma:0 [ 3081.467246][T27532] Node 0 active_anon:1048kB inactive_anon:12196kB active_file:73284kB inactive_file:147580kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:87248kB dirty:252kB writeback:0kB shmem:3516kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9808kB pagetables:2620kB sec_pagetables:0kB all_unreclaimable? no [ 3081.467308][T27532] Node 1 active_anon:0kB inactive_anon:0kB active_file:284kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:208kB dirty:68kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 3081.467351][T27532] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3081.467399][T27532] lowmem_reserve[]: 0 2469 2470 0 0 [ 3081.467439][T27532] Node 0 DMA32 free:1437360kB boost:0kB min:34244kB low:42804kB high:51364kB reserved_highatomic:0KB active_anon:1044kB inactive_anon:12152kB active_file:72288kB inactive_file:147516kB unevictable:1536kB writepending:248kB present:3129332kB managed:2557028kB mlocked:0kB bounce:0kB free_pcp:3464kB local_pcp:512kB free_cma:0kB [ 3081.467489][T27532] lowmem_reserve[]: 0 0 1 0 0 [ 3081.467524][T27532] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:996kB inactive_file:64kB unevictable:0kB writepending:4kB present:1048576kB managed:1128kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 3081.467572][T27532] lowmem_reserve[]: 0 0 0 0 0 [ 3081.467606][T27532] Node 1 Normal free:3949564kB boost:0kB min:55644kB low:69552kB high:83460kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:284kB inactive_file:0kB unevictable:1536kB writepending:68kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3081.467654][T27532] lowmem_reserve[]: 0 0 0 0 0 [ 3081.467695][T27532] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 3081.467863][T27532] Node 0 DMA32: 3218*4kB (UME) 2161*8kB (UME) 856*16kB (UME) 1056*32kB (UME) 349*64kB (UME) 100*128kB (UME) 150*256kB (UME) 76*512kB (UME) 38*1024kB (UME) 12*2048kB (UM) 289*4096kB (UM) = 1437328kB [ 3081.468023][T27532] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 3081.468130][T27532] Node 1 Normal: 17*4kB (UM) 9*8kB (UM) 19*16kB (UM) 12*32kB (UM) 11*64kB (UM) 4*128kB (UM) 8*256kB (UM) 2*512kB (M) 2*1024kB (M) 3*2048kB (UM) 961*4096kB (M) = 3949564kB [ 3081.468286][T27532] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 3081.468303][T27532] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 3081.468327][T27532] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 3081.468348][T27532] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 3081.468369][T27532] 56513 total pagecache pages [ 3081.468382][T27532] 0 pages in swap cache [ 3081.468394][T27532] Free swap = 124672kB [ 3081.468406][T27532] Total swap = 124996kB [ 3081.468418][T27532] 2097051 pages RAM [ 3081.468425][T27532] 0 pages HighMem/MovableOnly [ 3081.468435][T27532] 426392 pages reserved [ 3081.468442][T27532] 0 pages cma reserved [ 3081.656060][T27540] sch_tbf: burst 4 is lower than device lo mtu (65550) ! [ 3081.795161][T17575] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3081.795191][T17575] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3081.897160][T25632] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3081.897189][T25632] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3082.378761][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 3082.378904][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 3085.434036][T27688] sch_tbf: burst 4 is lower than device lo mtu (18) ! [ 3086.404798][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 3086.404825][ T29] audit: type=1326 audit(1725516330.948:4903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27694 comm="syz.2.6546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3086.614025][ T29] audit: type=1326 audit(1725516330.968:4904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27694 comm="syz.2.6546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3086.724208][T27715] ================================================================== [ 3086.732346][T27715] BUG: KASAN: slab-out-of-bounds in btf_datasec_check_meta+0x2c9/0x9a0 [ 3086.740726][T27715] Read of size 1 at addr ffff8880321f31aa by task syz.0.6550/27715 [ 3086.748655][T27715] [ 3086.751164][T27715] CPU: 1 UID: 0 PID: 27715 Comm: syz.0.6550 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 3086.761972][T27715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 3086.772069][T27715] Call Trace: [ 3086.775389][T27715] [ 3086.778355][T27715] dump_stack_lvl+0x241/0x360 [ 3086.783080][T27715] ? __pfx_dump_stack_lvl+0x10/0x10 [ 3086.788337][T27715] ? __pfx__printk+0x10/0x10 [ 3086.792962][T27715] ? _printk+0xd5/0x120 [ 3086.797135][T27715] ? __virt_addr_valid+0x183/0x530 [ 3086.802263][T27715] ? __virt_addr_valid+0x183/0x530 [ 3086.807388][T27715] print_report+0x169/0x550 [ 3086.811990][T27715] ? __virt_addr_valid+0x183/0x530 [ 3086.817114][T27715] ? __virt_addr_valid+0x183/0x530 [ 3086.822289][T27715] ? __virt_addr_valid+0x45f/0x530 [ 3086.827506][T27715] ? __phys_addr+0xba/0x170 [ 3086.832110][T27715] ? btf_datasec_check_meta+0x2c9/0x9a0 [ 3086.837671][T27715] kasan_report+0x143/0x180 [ 3086.842189][T27715] ? btf_datasec_check_meta+0x2c9/0x9a0 [ 3086.847760][T27715] btf_datasec_check_meta+0x2c9/0x9a0 [ 3086.853162][T27715] btf_parse_type_sec+0x4d5/0x2620 [ 3086.858301][T27715] ? bpf_verifier_vlog+0x42a/0x860 [ 3086.863444][T27715] ? btf_check_sec_info+0x379/0x4f0 [ 3086.868751][T27715] ? __pfx_btf_parse_type_sec+0x10/0x10 [ 3086.874341][T27715] ? btf_parse_str_sec+0x21f/0x2b0 [ 3086.879831][T27715] btf_new_fd+0x43f/0xd30 [ 3086.884179][T27715] ? safesetid_security_capable+0xb2/0x1d0 [ 3086.890145][T27715] ? __pfx_btf_new_fd+0x10/0x10 [ 3086.895019][T27715] ? bpf_btf_load+0xcf/0x1a0 [ 3086.899640][T27715] __sys_bpf+0x6ef/0x810 [ 3086.903898][T27715] ? __pfx___sys_bpf+0x10/0x10 [ 3086.908785][T27715] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 3086.914810][T27715] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 3086.921544][T27715] ? exc_page_fault+0x590/0x8c0 [ 3086.926420][T27715] __x64_sys_bpf+0x7c/0x90 [ 3086.930857][T27715] do_syscall_64+0xf3/0x230 [ 3086.935482][T27715] ? clear_bhb_loop+0x35/0x90 [ 3086.940197][T27715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3086.946215][T27715] RIP: 0033:0x7f5c67d7cef9 [ 3086.950687][T27715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 3086.971132][T27715] RSP: 002b:00007f5c68abc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 3086.980309][T27715] RAX: ffffffffffffffda RBX: 00007f5c67f35f80 RCX: 00007f5c67d7cef9 [ 3086.988327][T27715] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 0000000000000012 [ 3086.996668][T27715] RBP: 00007f5c67def01e R08: 0000000000000000 R09: 0000000000000000 [ 3087.004867][T27715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3087.012884][T27715] R13: 0000000000000001 R14: 00007f5c67f35f80 R15: 00007ffd44898af8 [ 3087.020886][T27715] [ 3087.024007][T27715] [ 3087.026418][T27715] Allocated by task 27715: [ 3087.030964][T27715] kasan_save_track+0x3f/0x80 [ 3087.035670][T27715] __kasan_kmalloc+0x98/0xb0 [ 3087.040288][T27715] __kmalloc_node_noprof+0x22a/0x440 [ 3087.045634][T27715] __kvmalloc_node_noprof+0x72/0x190 [ 3087.050966][T27715] btf_new_fd+0x265/0xd30 [ 3087.055326][T27715] __sys_bpf+0x6ef/0x810 [ 3087.059621][T27715] __x64_sys_bpf+0x7c/0x90 [ 3087.064071][T27715] do_syscall_64+0xf3/0x230 [ 3087.068780][T27715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3087.074795][T27715] [ 3087.077189][T27715] The buggy address belongs to the object at ffff8880321f3180 [ 3087.077189][T27715] which belongs to the cache kmalloc-64 of size 64 [ 3087.091634][T27715] The buggy address is located 0 bytes to the right of [ 3087.091634][T27715] allocated 42-byte region [ffff8880321f3180, ffff8880321f31aa) [ 3087.106775][T27715] [ 3087.109113][T27715] The buggy address belongs to the physical page: [ 3087.115640][T27715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x321f3 [ 3087.124455][T27715] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 3087.131960][T27715] page_type: 0xfdffffff(slab) [ 3087.136682][T27715] raw: 00fff00000000000 ffff88801a8418c0 ffffea0000a880c0 dead000000000003 [ 3087.145369][T27715] raw: 0000000000000000 0000000080200020 00000001fdffffff 0000000000000000 [ 3087.153979][T27715] page dumped because: kasan: bad access detected [ 3087.160490][T27715] page_owner tracks the page as allocated [ 3087.166563][T27715] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5231, tgid 5231 (syz-executor), ts 82663888289, free_ts 82510577320 [ 3087.186125][T27715] post_alloc_hook+0x1f3/0x230 [ 3087.190913][T27715] get_page_from_freelist+0x2e4c/0x2f10 [ 3087.196471][T27715] __alloc_pages_noprof+0x256/0x6c0 [ 3087.201679][T27715] alloc_slab_page+0x5f/0x120 [ 3087.206385][T27715] allocate_slab+0x5a/0x2f0 [ 3087.210895][T27715] ___slab_alloc+0xcd1/0x14b0 [ 3087.215672][T27715] __slab_alloc+0x58/0xa0 [ 3087.220014][T27715] __kmalloc_noprof+0x25a/0x400 [ 3087.224876][T27715] kobject_get_path+0xb8/0x230 [ 3087.229649][T27715] kobject_uevent_env+0x2a5/0x8e0 [ 3087.234681][T27715] __kobject_del+0xd3/0x310 [ 3087.239362][T27715] kobject_put+0x245/0x480 [ 3087.243789][T27715] netdev_queue_update_kobjects+0x556/0x5f0 [ 3087.249709][T27715] netif_set_real_num_tx_queues+0x18a/0x900 [ 3087.255623][T27715] veth_init_queues+0x82/0x180 [ 3087.260406][T27715] veth_newlink+0xa2e/0xce0 [ 3087.265095][T27715] page last free pid 5223 tgid 5223 stack trace: [ 3087.271447][T27715] free_unref_page+0xd19/0xea0 [ 3087.276250][T27715] __put_partials+0xeb/0x130 [ 3087.280862][T27715] put_cpu_partial+0x17c/0x250 [ 3087.285745][T27715] __slab_free+0x2ea/0x3d0 [ 3087.290179][T27715] qlist_free_all+0x9e/0x140 [ 3087.294979][T27715] kasan_quarantine_reduce+0x14f/0x170 [ 3087.300453][T27715] __kasan_slab_alloc+0x23/0x80 [ 3087.305313][T27715] __kmalloc_cache_noprof+0x132/0x2c0 [ 3087.310697][T27715] ref_tracker_alloc+0x14b/0x490 [ 3087.315639][T27715] netdev_queue_update_kobjects+0x186/0x5f0 [ 3087.321548][T27715] netdev_register_kobject+0x265/0x320 [ 3087.327011][T27715] register_netdevice+0x12c5/0x1b00 [ 3087.332221][T27715] veth_newlink+0x62b/0xce0 [ 3087.336740][T27715] rtnl_newlink+0x1591/0x20a0 [ 3087.341433][T27715] rtnetlink_rcv_msg+0x73f/0xcf0 [ 3087.346377][T27715] netlink_rcv_skb+0x1e3/0x430 [ 3087.351154][T27715] [ 3087.353489][T27715] Memory state around the buggy address: [ 3087.359122][T27715] ffff8880321f3080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 3087.367193][T27715] ffff8880321f3100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 3087.375433][T27715] >ffff8880321f3180: 00 00 00 00 00 02 fc fc fc fc fc fc fc fc fc fc [ 3087.383495][T27715] ^ [ 3087.388871][T27715] ffff8880321f3200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 3087.397027][T27715] ffff8880321f3280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 3087.405184][T27715] ================================================================== [ 3087.432529][ T29] audit: type=1326 audit(1725516330.968:4905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27694 comm="syz.2.6546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3087.480313][ T29] audit: type=1326 audit(1725516330.968:4906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27694 comm="syz.2.6546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 3087.521016][ T29] audit: type=1326 audit(1725516330.968:4907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27694 comm="syz.2.6546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3087.586440][ T29] audit: type=1326 audit(1725516330.968:4908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27694 comm="syz.2.6546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3087.703750][ T29] audit: type=1326 audit(1725516330.968:4909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27694 comm="syz.2.6546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686eb7cef9 code=0x7ffc0000 [ 3087.719086][T27715] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 3087.719118][T27715] CPU: 0 UID: 0 PID: 27715 Comm: syz.0.6550 Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0 [ 3087.719152][T27715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 3087.719177][T27715] Call Trace: [ 3087.719188][T27715] [ 3087.719200][T27715] dump_stack_lvl+0x241/0x360 [ 3087.719244][T27715] ? __pfx_dump_stack_lvl+0x10/0x10 [ 3087.719273][T27715] ? __pfx__printk+0x10/0x10 [ 3087.719299][T27715] ? preempt_schedule+0xe1/0xf0 [ 3087.719339][T27715] ? vscnprintf+0x5d/0x90 [ 3087.719372][T27715] panic+0x349/0x860 [ 3087.719399][T27715] ? check_panic_on_warn+0x21/0xb0 [ 3087.719425][T27715] ? __pfx_panic+0x10/0x10 [ 3087.719455][T27715] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 3087.719493][T27715] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 3087.719535][T27715] ? print_report+0x502/0x550 [ 3087.719573][T27715] check_panic_on_warn+0x86/0xb0 [ 3087.719599][T27715] ? btf_datasec_check_meta+0x2c9/0x9a0 [ 3087.719630][T27715] end_report+0x77/0x160 [ 3087.719663][T27715] kasan_report+0x154/0x180 [ 3087.719695][T27715] ? btf_datasec_check_meta+0x2c9/0x9a0 [ 3087.719731][T27715] btf_datasec_check_meta+0x2c9/0x9a0 [ 3087.719772][T27715] btf_parse_type_sec+0x4d5/0x2620 [ 3087.719809][T27715] ? bpf_verifier_vlog+0x42a/0x860 [ 3087.719850][T27715] ? btf_check_sec_info+0x379/0x4f0 [ 3087.719884][T27715] ? __pfx_btf_parse_type_sec+0x10/0x10 [ 3087.719920][T27715] ? btf_parse_str_sec+0x21f/0x2b0 [ 3087.719953][T27715] btf_new_fd+0x43f/0xd30 [ 3087.719986][T27715] ? safesetid_security_capable+0xb2/0x1d0 [ 3087.720023][T27715] ? __pfx_btf_new_fd+0x10/0x10 [ 3087.720065][T27715] ? bpf_btf_load+0xcf/0x1a0 [ 3087.720098][T27715] __sys_bpf+0x6ef/0x810 [ 3087.720136][T27715] ? __pfx___sys_bpf+0x10/0x10 [ 3087.720175][T27715] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 3087.720212][T27715] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 3087.720247][T27715] ? exc_page_fault+0x590/0x8c0 [ 3087.720274][T27715] __x64_sys_bpf+0x7c/0x90 [ 3087.720302][T27715] do_syscall_64+0xf3/0x230 [ 3087.720329][T27715] ? clear_bhb_loop+0x35/0x90 [ 3087.720363][T27715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 3087.720394][T27715] RIP: 0033:0x7f5c67d7cef9 [ 3087.720417][T27715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 3087.720439][T27715] RSP: 002b:00007f5c68abc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 3087.720467][T27715] RAX: ffffffffffffffda RBX: 00007f5c67f35f80 RCX: 00007f5c67d7cef9 [ 3087.720487][T27715] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 0000000000000012 [ 3087.720505][T27715] RBP: 00007f5c67def01e R08: 0000000000000000 R09: 0000000000000000 [ 3087.720521][T27715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3087.720537][T27715] R13: 0000000000000001 R14: 00007f5c67f35f80 R15: 00007ffd44898af8 [ 3087.720567][T27715] [ 3087.725643][T27715] Kernel Offset: disabled