last executing test programs: 2m34.850019978s ago: executing program 4 (id=3486): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340"], 0xf0}, 0x1, 0x0, 0x0, 0x4c004}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280ff0414800c"], 0x528}}, 0xc000) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c000180060006006558000004050280ff0411"], 0x528}}, 0xc000) 2m34.62453446s ago: executing program 4 (id=3489): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x42b82, 0x100, 0x4}, 0x18) 2m33.701359158s ago: executing program 4 (id=3502): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, 0x600}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x2}, 0x0) 2m33.550588075s ago: executing program 4 (id=3505): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x40, 0x0, 0x0, 0x80000001}, {0x6, 0x0, 0x1}]}) write$ppp(r0, &(0x7f0000000480)='\x00\x00', 0x2) 2m33.383049591s ago: executing program 4 (id=3508): r0 = socket$unix(0x1, 0x2, 0x0) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 2m33.285893066s ago: executing program 4 (id=3511): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYRES8=r0, @ANYRES16=r0, @ANYRES32], 0xffdd) 2m18.110563984s ago: executing program 32 (id=3511): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYRES8=r0, @ANYRES16=r0, @ANYRES32], 0xffdd) 2.82220618s ago: executing program 2 (id=5902): socket$alg(0x26, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SYS_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000000614010029bd7000ffdbdf250800", @ANYRES32=r0], 0x40}}, 0x0) 2.699693253s ago: executing program 2 (id=5904): r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) 2.440713777s ago: executing program 2 (id=5910): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) 1.644881513s ago: executing program 2 (id=5919): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0xc0) connect$netrom(r0, &(0x7f0000000080)={{0x6, @null}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48) connect$netrom(r0, 0x0, 0x0) 1.61328242s ago: executing program 2 (id=5921): mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0/file3\x00', 0x0) 1.526535207s ago: executing program 2 (id=5924): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="03010000ac0fce405d0500904431000000010902120001000080040904"], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000011c0)=ANY=[], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) 1.389531231s ago: executing program 0 (id=5927): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 1.389087503s ago: executing program 1 (id=5928): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x9, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000004850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000b00)={r2, 0x2, 0x0}, 0x10) 1.295408372s ago: executing program 0 (id=5931): r0 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x800000edd2, 0x4) 1.243329984s ago: executing program 5 (id=5932): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 1.242710183s ago: executing program 1 (id=5933): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[], 0xff2e) write$binfmt_script(r0, 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 1.173923302s ago: executing program 5 (id=5934): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x86, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0xfffffffd, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0) 1.038102728s ago: executing program 5 (id=5936): bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x0, 0x0}) io_uring_enter(r0, 0x54, 0x0, 0xf, 0x0, 0x18) 979.71244ms ago: executing program 1 (id=5938): write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b098b9b711b5d52101b080d29308f0e1ac6e7049b3468959b189a242a9b64f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) r0 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x180) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045731, &(0x7f0000000000)) 898.915144ms ago: executing program 5 (id=5940): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mlockall(0x2) 857.34949ms ago: executing program 1 (id=5941): socket(0x11, 0xa, 0x0) r0 = socket$kcm(0x10, 0x2, 0x4) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000800)="39000000140081ae00003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0) 702.039156ms ago: executing program 1 (id=5943): set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9) r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x1, 0x6576, 0x9}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x100000000) 688.526371ms ago: executing program 3 (id=5944): r0 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) mount_setattr(r1, &(0x7f0000001540)='./cgroup.cpu/cgroup.procs\x00', 0x8000, &(0x7f0000000300)={0x0, 0x0, 0x40000}, 0x20) 552.61876ms ago: executing program 3 (id=5945): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x54, 0x24, 0xf0b, 0x0, 0x1000000, {0x0, 0x0, 0x12, r1, {0x0, 0x300}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x9, 0x8, 0x3, 0x0, 0x9, 0x9}}, {0x4}}]}]}, 0x54}, 0x1, 0x7a00}, 0x0) 424.268438ms ago: executing program 3 (id=5946): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x0, 0x0) 383.295302ms ago: executing program 0 (id=5947): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080)={r2, 0x401, 0x20}, &(0x7f0000000100)=0xc) 340.808361ms ago: executing program 1 (id=5948): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7fdfffffffffffff, 0x8080) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000001000), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}}) 279.373674ms ago: executing program 5 (id=5949): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08009f0000000000080026006c0900000800a100068000000a0018"], 0x40}}, 0x0) 207.704784ms ago: executing program 0 (id=5950): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e) ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, 0x0) 207.513059ms ago: executing program 3 (id=5951): writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000340)="8a226ff432407a7f5fd09590d734f795e12e57ce9fed3f0300eb6368ed559a85603b0080", 0x24}], 0x2) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x1}, 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b36, &(0x7f0000000000)={'wlan0\x00'}) 151.727894ms ago: executing program 3 (id=5952): r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a7, 0x8000000}) ioctl$TFD_IOC_SET_TICKS(r0, 0x40085400, &(0x7f0000000380)=0x2) 148.261575ms ago: executing program 0 (id=5953): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @empty}, r1}}, 0x30) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @mcast2}, @ib={0x1b, 0x0, 0x0, {"007008000074ff00"}}}}, 0x118) 131.009453ms ago: executing program 5 (id=5954): syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x18, 0x3a, 0x0, @private2, @loopback, {[], @mld={0x82, 0x0, 0x0, 0x9, 0xc236, @remote}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 19.376773ms ago: executing program 0 (id=5955): r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) dup3(r0, r1, 0x0) ioctl$sock_TIOCINQ(r1, 0x541b, 0x0) 0s ago: executing program 3 (id=5956): socket$inet6(0xa, 0x3, 0x7) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1, 0x0, 0xffffffffffffffff}, &(0x7f0000000000)={0x18, 0x7, 0x6, 0x0, 0x7, 0x101, 0x1000000000}, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): N 0 to HW filter on device team0 [ 323.749189][ T5883] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.756427][ T5883] bridge0: port 1(bridge_slave_0) entered forwarding state [ 323.770636][ T939] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 323.789307][ T939] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 323.799463][ T5883] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.806620][ T5883] bridge0: port 2(bridge_slave_1) entered forwarding state [ 323.852268][ T939] usb 1-1: config 0 has no interface number 0 [ 323.858432][ T939] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 323.873472][ T939] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 323.895997][ T939] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 323.939469][ T939] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 323.967195][ T939] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.992190][ T939] usb 1-1: config 0 descriptor?? [ 323.997880][T14350] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 324.201497][T14173] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 324.618756][T14173] veth0_vlan: entered promiscuous mode [ 324.645964][ T939] input: USB Keyspan Remote 06cd:0202 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input39 [ 324.669830][T14173] veth1_vlan: entered promiscuous mode [ 324.728154][T14173] veth0_macvtap: entered promiscuous mode [ 324.847933][T14397] team0 (unregistering): Port device team_slave_0 removed [ 324.888201][T14397] team0 (unregistering): Port device team_slave_1 removed [ 324.904936][T14397] syz_tun: left allmulticast mode [ 324.904991][T14397] syz_tun: left promiscuous mode [ 324.908939][T14397] team0 (unregistering): Port device vlan3 removed [ 324.915506][ T939] usb 1-1: USB disconnect, device number 32 [ 324.915596][ C1] keyspan_remote 1-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 324.931223][T14403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3720'. [ 324.968581][T14173] veth1_macvtap: entered promiscuous mode [ 324.980911][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.980937][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.980950][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.980965][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.983997][T14173] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 325.001048][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.096225][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.108421][ T54] Bluetooth: hci0: command tx timeout [ 325.118195][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.118220][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.119285][T14173] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 325.129642][T14173] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.129683][T14173] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.129711][T14173] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.129739][T14173] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.312033][ T5883] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.312057][ T5883] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 325.333520][ T3018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.333548][ T3018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 326.256256][T14457] random: crng reseeded on system resumption [ 326.262834][ T5876] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 326.460196][ T5876] usb 1-1: Using ep0 maxpacket: 8 [ 326.469226][ T5876] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 326.478639][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.486912][ T5876] usb 1-1: Product: syz [ 326.497023][ T5876] usb 1-1: Manufacturer: syz [ 326.515679][ T5876] usb 1-1: SerialNumber: syz [ 326.535147][ T5876] usb 1-1: config 0 descriptor?? [ 326.778139][ T5876] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 326.947194][T14474] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3751'. [ 326.963544][T14474] gretap0: entered promiscuous mode [ 326.971757][T14474] batman_adv: batadv0: Adding interface: macvlan3 [ 326.978276][T14474] batman_adv: batadv0: The MTU of interface macvlan3 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.004395][T14474] batman_adv: batadv0: Interface activated: macvlan3 [ 327.150449][ T939] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 327.188412][ T5876] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 327.202867][ T5876] usb 1-1: USB disconnect, device number 33 [ 327.330519][ T939] usb 2-1: Using ep0 maxpacket: 32 [ 327.337600][ T939] usb 2-1: config 0 interface 0 has no altsetting 0 [ 327.346725][ T939] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 327.360938][ T939] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.369230][ T939] usb 2-1: Product: syz [ 327.374630][ T939] usb 2-1: Manufacturer: syz [ 327.380052][ T939] usb 2-1: SerialNumber: syz [ 327.387035][ T939] usb 2-1: config 0 descriptor?? [ 327.816476][ T939] gs_usb 2-1:0.0: Configuring for 1 interfaces [ 328.012445][ T939] gs_usb 2-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 328.045300][ T939] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22 [ 328.230162][ T8] usb 2-1: USB disconnect, device number 20 [ 328.346278][T14531] netlink: 47 bytes leftover after parsing attributes in process `syz.5.3776'. [ 328.475306][ T29] kauditd_printk_skb: 70 callbacks suppressed [ 328.475324][ T29] audit: type=1326 audit(1735434758.512:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14538 comm="syz.5.3779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 328.535731][ T29] audit: type=1326 audit(1735434758.512:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14538 comm="syz.5.3779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 328.594605][ T29] audit: type=1326 audit(1735434758.512:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14538 comm="syz.5.3779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 328.659511][ T29] audit: type=1326 audit(1735434758.512:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14538 comm="syz.5.3779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 328.681174][ C0] vkms_vblank_simulate: vblank timer overrun [ 328.704449][ T29] audit: type=1326 audit(1735434758.512:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14538 comm="syz.5.3779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 329.100860][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 329.223314][T14577] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3797'. [ 329.372825][T14585] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3800'. [ 329.654627][T14598] trusted_key: syz.3.3806 sent an empty control message without MSG_MORE. [ 329.732441][T14599] input: syz0 as /devices/virtual/input/input40 [ 329.879565][T14604] overlayfs: missing 'workdir' [ 330.091022][ T29] audit: type=1400 audit(1735434760.122:1155): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=14613 comm="syz.3.3812" name="702" dev="tmpfs" ino=3589 [ 330.109913][ C0] vkms_vblank_simulate: vblank timer overrun [ 330.142293][T14616] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3815'. [ 330.160481][T14616] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3815'. [ 330.190279][T14616] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3815'. [ 330.219575][T14616] vlan2: entered allmulticast mode [ 330.444467][T14632] lo speed is unknown, defaulting to 1000 [ 330.469397][T14632] lo speed is unknown, defaulting to 1000 [ 330.483620][T14632] lo speed is unknown, defaulting to 1000 [ 330.529115][T14632] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 330.573136][T14632] lo speed is unknown, defaulting to 1000 [ 330.591535][T14632] lo speed is unknown, defaulting to 1000 [ 330.598447][T14632] lo speed is unknown, defaulting to 1000 [ 330.614332][T14632] lo speed is unknown, defaulting to 1000 [ 330.630062][ T9] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 330.641342][T14632] lo speed is unknown, defaulting to 1000 [ 330.757998][T14650] netlink: 'syz.2.3829': attribute type 1 has an invalid length. [ 330.766050][ T5876] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 330.774316][T14650] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3829'. [ 330.804066][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 330.811699][ T9] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 330.821476][T14654] netem: incorrect gi model size [ 330.830034][ T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 330.843271][T14654] netem: change failed [ 330.847702][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 330.859042][ T9] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 330.872512][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.880986][ T9] usb 4-1: Product: syz [ 330.885308][ T9] usb 4-1: Manufacturer: syz [ 330.894473][ T9] usb 4-1: SerialNumber: syz [ 330.930059][ T5876] usb 1-1: Using ep0 maxpacket: 16 [ 330.948589][ T5876] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 330.970009][ T5876] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 330.979808][ T5876] usb 1-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 331.010676][ T5876] usb 1-1: config 0 interface 0 has no altsetting 0 [ 331.020223][ T5876] usb 1-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 331.034492][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.063779][ T5876] usb 1-1: config 0 descriptor?? [ 331.325160][ T9] usb 4-1: 0:2 : does not exist [ 331.533343][ T5876] input: HID 0458:5010 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5010.0013/input/input41 [ 331.609230][ T5876] kye 0003:0458:5010.0013: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.0-1/input0 [ 331.738410][ T9] usb 4-1: 1:0: cannot get min/max values for control 4 (id 1) [ 331.744123][ T5876] usb 1-1: USB disconnect, device number 34 [ 331.762914][ T9] usb 4-1: USB disconnect, device number 36 [ 331.798985][T14683] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 331.808687][T14683] batadv_slave_1: entered promiscuous mode [ 331.817995][T14683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3844'. [ 332.423642][ T5827] Bluetooth: hci5: sending frame failed (-49) [ 332.436043][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 332.504328][T14720] syz.3.3860[14720] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.504425][T14720] syz.3.3860[14720] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.530020][T14720] syz.3.3860[14720] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.646549][T14722] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3863'. [ 332.693281][T14722] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3863'. [ 333.100690][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 333.286491][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 333.303818][ T9] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 333.313107][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.327683][ T9] usb 6-1: Product: syz [ 333.335033][ T9] usb 6-1: Manufacturer: syz [ 333.340318][ T9] usb 6-1: SerialNumber: syz [ 333.347126][ T9] usb 6-1: config 0 descriptor?? [ 333.356367][ T9] gspca_main: se401-2.14.0 probing 047d:5003 [ 333.502596][ T29] audit: type=1326 audit(1735434763.542:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.533545][ T29] audit: type=1326 audit(1735434763.572:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.569334][ T29] audit: type=1326 audit(1735434763.572:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.597507][ T29] audit: type=1326 audit(1735434763.572:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.620111][ T29] audit: type=1326 audit(1735434763.572:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.642742][ T29] audit: type=1326 audit(1735434763.572:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.664375][ C0] vkms_vblank_simulate: vblank timer overrun [ 333.676919][ T29] audit: type=1326 audit(1735434763.572:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.711355][ T29] audit: type=1326 audit(1735434763.572:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.744668][ T29] audit: type=1326 audit(1735434763.572:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.769068][ T29] audit: type=1326 audit(1735434763.572:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14757 comm="syz.2.3875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x7ffc0000 [ 333.769260][ T9] gspca_se401: ExtraFeatures: 16 [ 333.796957][ T9] gspca_se401: Too many frame sizes [ 333.918632][T14776] input: syz0 as /devices/virtual/input/input42 [ 333.979601][ T5876] usb 6-1: USB disconnect, device number 2 [ 334.330128][ T5867] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 334.512072][ T5867] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 334.542331][ T5867] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 334.563913][ T5867] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 334.590272][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.610348][ T5867] usb 4-1: config 0 descriptor?? [ 334.841011][ T5867] usb 4-1: USB disconnect, device number 37 [ 335.229212][T14836] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3906'. [ 335.241516][T14836] macsec0: entered promiscuous mode [ 335.280106][ T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 335.437029][ T9] usb 3-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 335.450406][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.488345][ T9] usb 3-1: config 0 descriptor?? [ 335.500560][ T54] Bluetooth: hci0: command tx timeout [ 335.509013][ T9] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 335.558456][T14848] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 335.794108][T14856] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3916'. [ 336.321663][ T9] gspca_sunplus: reg_w_riv err -71 [ 336.327059][ T9] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 336.342305][ T9] usb 3-1: USB disconnect, device number 19 [ 336.408074][T14884] input: syz0 as /devices/virtual/input/input43 [ 336.759417][T14905] netlink: 'syz.0.3936': attribute type 1 has an invalid length. [ 337.050471][ T939] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 337.240856][ T939] usb 6-1: config 0 has an invalid interface number: 117 but max is 0 [ 337.249373][ T939] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 337.274219][ T939] usb 6-1: config 0 has no interface number 0 [ 337.290898][ T939] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 337.318923][ T939] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 337.341209][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 337.355791][ T939] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 337.365298][ T939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.374093][ T939] usb 6-1: Product: syz [ 337.380728][ T939] usb 6-1: Manufacturer: syz [ 337.391206][ T939] usb 6-1: SerialNumber: syz [ 337.403259][ T939] usb 6-1: config 0 descriptor?? [ 337.872465][ T5876] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 337.941365][T14941] sg_write: process 1753 (syz.1.3952) changed security contexts after opening file descriptor, this is not allowed. [ 337.986235][T14944] program syz.1.3952 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 338.044418][ T939] usb 6-1: USB disconnect, device number 3 [ 338.050858][ T5876] usb 4-1: Using ep0 maxpacket: 16 [ 338.062075][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 338.075680][ T5876] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 338.090483][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.110189][ T5876] usb 4-1: config 0 descriptor?? [ 338.534155][ T5876] mcp2221 0003:04D8:00DD.0014: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 338.830529][T14980] netlink: 'syz.5.3970': attribute type 29 has an invalid length. [ 338.845476][T14980] netlink: 'syz.5.3970': attribute type 29 has an invalid length. [ 338.863797][T14980] netlink: 'syz.5.3970': attribute type 29 has an invalid length. [ 338.969510][ T9] usb 4-1: USB disconnect, device number 38 [ 339.009384][T14985] hsr0: entered promiscuous mode [ 339.033437][T14987] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3973'. [ 339.036523][T14985] macvlan5: entered allmulticast mode [ 339.074904][T14985] hsr0: entered allmulticast mode [ 339.090385][T14985] hsr_slave_0: entered allmulticast mode [ 339.106598][T14985] hsr_slave_1: entered allmulticast mode [ 339.129357][T14985] hsr0: left allmulticast mode [ 339.147155][T14985] hsr_slave_0: left allmulticast mode [ 339.160620][T14985] hsr_slave_1: left allmulticast mode [ 339.243349][T14987] netlink: 172 bytes leftover after parsing attributes in process `syz.5.3973'. [ 339.257306][T14987] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3973'. [ 339.563332][T14994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3977'. [ 340.372642][T15026] Â: renamed from pim6reg1 (while UP) [ 340.734955][ T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 340.949370][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 341.010516][ T9] usb 2-1: config 0 has an invalid interface number: 223 but max is 0 [ 341.018810][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 341.029427][ T9] usb 2-1: config 0 has no interface number 0 [ 341.036309][ T9] usb 2-1: config 0 interface 223 altsetting 252 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 341.050081][ T9] usb 2-1: config 0 interface 223 has no altsetting 0 [ 341.070781][ T5867] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 341.108662][ T9] usb 2-1: New USB device found, idVendor=a5ea, idProduct=bc0f, bcdDevice=be.94 [ 341.118504][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.127143][ T9] usb 2-1: Product: syz [ 341.131943][ T9] usb 2-1: Manufacturer: syz [ 341.136574][ T9] usb 2-1: SerialNumber: syz [ 341.150468][ T9] usb 2-1: config 0 descriptor?? [ 341.161550][ T9] usb-storage 2-1:0.223: USB Mass Storage device detected [ 341.231820][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 341.258961][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 341.281081][ T5867] usb 1-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00 [ 341.314484][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.334101][ T5867] usb 1-1: config 0 descriptor?? [ 341.351960][T15050] netlink: 'syz.3.4000': attribute type 39 has an invalid length. [ 341.423549][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 341.497842][ T9] usb 2-1: USB disconnect, device number 21 [ 341.577610][ T29] audit: type=1326 audit(1735434771.612:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15056 comm="syz.2.4003" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac3f185d29 code=0x0 [ 341.759431][ T5867] hid-generic 0003:05AC:4262.0015: unbalanced delimiter at end of report description [ 341.773323][ T5867] hid-generic 0003:05AC:4262.0015: probe with driver hid-generic failed with error -22 [ 341.991937][ T5871] usb 1-1: USB disconnect, device number 35 [ 342.028267][T15063] sctp: [Deprecated]: syz.3.4005 (pid 15063) Use of int in maxseg socket option. [ 342.028267][T15063] Use struct sctp_assoc_value instead [ 343.523117][T15112] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4025'. [ 343.538345][T15112] netlink: 'syz.2.4025': attribute type 2 has an invalid length. [ 343.632111][T15117] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4030'. [ 343.867107][T15131] block device autoloading is deprecated and will be removed. [ 344.038785][T15138] syz.0.4039: attempt to access beyond end of device [ 344.038785][T15138] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 344.687680][ T29] audit: type=1326 audit(1735434774.712:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15183 comm="syz.3.4056" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0114b85d29 code=0x0 [ 345.555008][T15221] program syz.5.4071 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 345.580443][ T9] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 345.699292][T15230] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4076'. [ 345.745332][ T9] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 345.761932][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 345.820442][ T9] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 345.829959][ T9] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 345.838090][ T9] usb 3-1: Manufacturer: syz [ 345.861230][ T9] usb 3-1: config 0 descriptor?? [ 346.035655][ T9] rc_core: IR keymap rc-hauppauge not found [ 346.039845][T15247] @: renamed from vlan0 (while UP) [ 346.042082][ T9] Registered IR keymap rc-empty [ 346.052791][ T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 346.064646][ T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input45 [ 346.139257][ T5876] usb 3-1: USB disconnect, device number 20 [ 346.460659][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 347.015756][T15299] mkiss: ax0: crc mode is auto. [ 347.500318][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 347.667595][T15338] use of bytesused == 0 is deprecated and will be removed in the future, [ 347.686689][T15338] use the actual size instead. [ 347.746243][T15345] syz.3.4125: attempt to access beyond end of device [ 347.746243][T15345] nbd3: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 347.762489][T15345] SQUASHFS error: Failed to read block 0x0: -5 [ 347.768771][T15345] unable to read squashfs_super_block [ 347.840456][ T8] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 348.004409][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 348.026185][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 348.050433][ T8] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 348.069666][ T8] usb 6-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 348.079726][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.094454][ T8] usb 6-1: config 0 descriptor?? [ 348.200038][ T5876] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 348.371184][ T5876] usb 3-1: Using ep0 maxpacket: 32 [ 348.378006][ T5876] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 348.416676][ T5876] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 348.426009][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.438614][ T5876] usb 3-1: Product: syz [ 348.443304][ T5876] usb 3-1: Manufacturer: syz [ 348.447951][ T5876] usb 3-1: SerialNumber: syz [ 348.455753][ T5876] usb 3-1: config 0 descriptor?? [ 348.465110][ T5876] cdc_ether 3-1:0.0: skipping garbage [ 348.471038][ T5876] usb 3-1: bad CDC descriptors [ 348.476942][ T5876] usb 3-1: unsupported MDLM descriptors [ 348.522388][ T8] prodikeys 0003:041E:2801.0016: unknown main item tag 0x0 [ 348.540262][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 348.541281][ T8] prodikeys 0003:041E:2801.0016: unknown main item tag 0x0 [ 348.560795][ T8] prodikeys 0003:041E:2801.0016: item fetching failed at offset 2/5 [ 348.569288][ T8] prodikeys 0003:041E:2801.0016: hid parse failed [ 348.577446][ T8] prodikeys 0003:041E:2801.0016: probe with driver prodikeys failed with error -22 [ 348.690507][ T5876] usb 3-1: USB disconnect, device number 21 [ 348.807706][ T5867] usb 6-1: USB disconnect, device number 4 [ 349.371949][ T29] audit: type=1326 audit(1735434779.402:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15382 comm="syz.1.4141" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f22ba185d29 code=0x0 [ 350.166108][ T29] audit: type=1326 audit(1735434780.202:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15428 comm="syz.3.4163" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x0 [ 350.227565][T15431] netlink: 'syz.1.4162': attribute type 10 has an invalid length. [ 350.236169][T15431] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 350.346397][T15431] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 350.404499][T15431] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 350.537743][T15439] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4166'. [ 350.547698][T15439] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4166'. [ 350.580641][ T8] kernel write not supported for file /snd/seq (pid: 8 comm: kworker/0:0) [ 350.706282][T15445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4170'. [ 351.062880][ T8] usb 1-1: new full-speed USB device number 36 using dummy_hcd [ 351.275786][ T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 351.287168][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 351.312647][ T8] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 351.322321][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.334027][ T8] usb 1-1: config 0 descriptor?? [ 351.353868][ T8] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 351.362808][ T8] dvb-usb: bulk message failed: -22 (3/0) [ 351.373226][ T8] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 351.384057][ T8] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 351.394141][ T8] usb 1-1: media controller created [ 351.401846][ T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 351.415384][ T8] dvb-usb: bulk message failed: -22 (6/0) [ 351.422697][ T8] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 351.431914][ T8] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input46 [ 351.449419][ T8] dvb-usb: schedule remote query interval to 150 msecs. [ 351.460871][ T8] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 351.560011][ T5876] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 351.594737][ T8] usb 1-1: USB disconnect, device number 36 [ 351.620665][ T8] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 351.721770][ T5876] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 351.738774][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.762053][ T5876] usb 3-1: config 0 descriptor?? [ 351.769749][ T5876] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 352.382294][ T5876] gspca_cpia1: usb_control_msg 01, error -71 [ 352.388453][ T5876] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0) [ 352.420517][ T8] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 352.422141][ T5876] usb 3-1: USB disconnect, device number 22 [ 352.572094][ T8] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 352.590374][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 352.625556][ T8] usb 4-1: config 0 descriptor?? [ 352.635505][ T8] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 352.701652][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 353.000088][ T939] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 353.045304][ T8] cpia1 4-1:0.0: unexpected state after lo power cmd: 00 [ 353.210633][ T939] usb 2-1: Using ep0 maxpacket: 8 [ 353.221207][ T939] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 15 [ 353.238710][ T939] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 353.254513][ T939] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 353.265642][ T939] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 353.283446][ T939] usb 2-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8 [ 353.295928][ T939] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.305264][ T939] usb 2-1: Product: syz [ 353.309605][ T939] usb 2-1: Manufacturer: syz [ 353.317762][ T939] usb 2-1: SerialNumber: syz [ 353.326192][ T939] usb 2-1: config 0 descriptor?? [ 353.335594][T15514] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 353.358682][T15533] netlink: 'syz.0.4208': attribute type 2 has an invalid length. [ 353.453998][ T8] gspca_cpia1: usb_control_msg 02, error -71 [ 353.462581][ T8] gspca_cpia1: usb_control_msg 05, error -71 [ 353.478822][ T8] cpia1 4-1:0.0: unexpected systemstate: 00 [ 353.495830][ T8] usb 4-1: USB disconnect, device number 39 [ 353.586722][ T939] powermate: Expected payload of 3--6 bytes, found 1024 bytes! [ 353.604235][ T939] input: Griffin SoundKnob as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input47 [ 353.904581][ C1] powermate: config urb returned -71 [ 353.913804][ C1] powermate: config urb returned -71 [ 353.919410][ C1] powermate: config urb returned -71 [ 353.925477][ C1] powermate: config urb returned -71 [ 353.931146][ T939] usb 2-1: USB disconnect, device number 22 [ 353.937108][ C1] powermate 2-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 354.770541][ T8] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 354.930585][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 354.943410][ T8] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 354.960397][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.975360][ T8] usb 4-1: Product: syz [ 354.984844][ T8] usb 4-1: Manufacturer: syz [ 354.989591][ T8] usb 4-1: SerialNumber: syz [ 355.008101][ T8] usb 4-1: config 0 descriptor?? [ 355.022322][ T8] gspca_main: sq930x-2.14.0 probing 2770:930c [ 355.623465][T15604] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 355.659520][T15604] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check. [ 355.686610][T15606] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4239'. [ 355.873040][ T8] gspca_sq930x: ucbus_write failed -71 [ 355.878624][ T8] sq930x 4-1:0.0: probe with driver sq930x failed with error -71 [ 355.892393][ T8] usb 4-1: USB disconnect, device number 40 [ 356.340257][ T5876] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 356.348503][T15632] veth0_to_bridge: entered promiscuous mode [ 356.356358][T15631] veth0_to_bridge: left promiscuous mode [ 356.500165][ T5876] usb 2-1: Using ep0 maxpacket: 16 [ 356.513370][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 356.537024][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 356.566475][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11 [ 356.584572][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024 [ 356.608838][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 356.628202][ T5876] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 356.649219][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 356.659712][ T5876] usb 2-1: Product: syz [ 356.669597][ T5876] usb 2-1: Manufacturer: syz [ 356.674489][ T5876] usb 2-1: SerialNumber: syz [ 356.695826][ T5876] usb 2-1: config 0 descriptor?? [ 356.980807][ T5876] appledisplay 2-1:0.0: Error while getting initial brightness: -110 [ 356.983624][ T5876] appledisplay 2-1:0.0: probe with driver appledisplay failed with error -110 [ 357.043477][ T5876] usb 2-1: USB disconnect, device number 23 [ 357.076448][T15664] tipc: Started in network mode [ 357.084458][T15664] tipc: Node identity ac14140f, cluster identity 4711 [ 357.094745][T15664] tipc: New replicast peer: 255.255.255.255 [ 357.102520][T15664] tipc: Enabled bearer , priority 10 [ 357.334815][T15680] sch_tbf: burst 65535 is lower than device lo mtu (65550) ! [ 357.584944][T15694] netlink: 148 bytes leftover after parsing attributes in process `syz.3.4276'. [ 357.881997][T15707] veth1_to_bond: entered promiscuous mode [ 357.925303][T15707] veth1_to_bond: left promiscuous mode [ 358.020613][ T9] syz_tun: tun_net_xmit 90 [ 358.220729][ T9] tipc: Node number set to 2886997007 [ 358.680488][ T5876] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 358.781540][ T5867] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 358.854077][ T5876] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 358.878065][ T5876] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 358.893702][ T5876] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 358.908890][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.927118][T15733] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 358.940240][ T5876] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 358.952939][ T5867] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 358.985092][ T5867] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 359.017932][ T5867] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 359.020745][ T8] syz_tun: tun_net_xmit 90 [ 359.036125][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 359.054498][ T5867] usb 3-1: SerialNumber: syz [ 359.106027][T15765] tap0: tun_chr_ioctl cmd 1074025677 [ 359.123009][T15765] tap0: linktype set to 773 [ 359.218369][ T9] usb 6-1: USB disconnect, device number 5 [ 359.277134][ T5867] usb 3-1: 0:2 : does not exist [ 359.304414][ T5867] usb 3-1: USB disconnect, device number 23 [ 359.330451][ T8] usb 1-1: new full-speed USB device number 37 using dummy_hcd [ 359.476821][T15783] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4310'. [ 359.490149][T15783] bond0: option ad_select: unable to set because the bond device is up [ 359.502851][ T8] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 359.520377][ T8] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 359.541948][ T8] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 359.551759][ T8] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 359.563284][ T8] usb 1-1: Product: syz [ 359.567503][ T8] usb 1-1: Manufacturer: syz [ 359.576409][ T8] hub 1-1:4.0: USB hub found [ 359.786566][ T8] hub 1-1:4.0: 2 ports detected [ 359.900392][ T5827] Bluetooth: hci0: command 0x0405 tx timeout [ 360.205155][ T8] hub 1-1:4.0: set hub depth failed [ 360.226916][ T8] usb 1-1: USB disconnect, device number 37 [ 360.370689][ T5871] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 360.533202][ T5871] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.554960][ T5871] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 360.575782][ T5871] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 360.600655][ T5871] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.621671][ T5871] usb 6-1: config 0 descriptor?? [ 361.072350][ T5871] hid (null): bogus close delimiter [ 361.291586][ T5871] usb 6-1: language id specifier not provided by device, defaulting to English [ 361.489655][ T5871] uclogic 0003:256C:006D.0017: failed retrieving Huion firmware version: -71 [ 361.511058][ T5871] uclogic 0003:256C:006D.0017: failed probing parameters: -71 [ 361.518843][ T5871] uclogic 0003:256C:006D.0017: probe with driver uclogic failed with error -71 [ 361.532662][ T5871] usb 6-1: USB disconnect, device number 6 [ 361.791966][T15883] sch_tbf: peakrate 7 is lower than or equals to rate 62733 ! [ 362.940440][ T5876] usb 3-1: new full-speed USB device number 24 using dummy_hcd [ 362.986823][ T29] audit: type=1326 audit(1735434793.022:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15927 comm="syz.5.4375" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44fdf85d29 code=0x0 [ 363.092551][ T5876] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 363.103374][ T5876] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 363.126758][ T5876] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 363.139555][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.160246][ T5876] usb 3-1: Product: syz [ 363.164469][ T5876] usb 3-1: Manufacturer: syz [ 363.169088][ T5876] usb 3-1: SerialNumber: syz [ 363.198233][ T5876] usb 3-1: config 0 descriptor?? [ 363.507009][ T9] usb 3-1: USB disconnect, device number 24 [ 363.522741][T15960] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4390'. [ 363.870291][ T5876] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 364.020351][ T5876] usb 4-1: Using ep0 maxpacket: 16 [ 364.028659][ T5876] usb 4-1: config 2 interface 0 has no altsetting 0 [ 364.044078][ T5876] usb 4-1: New USB device found, idVendor=2040, idProduct=b767, bcdDevice=8a.1b [ 364.060333][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 364.078722][ T5876] usb 4-1: Product: syz [ 364.083679][ T5876] usb 4-1: Manufacturer: syz [ 364.088568][ T5876] usb 4-1: SerialNumber: syz [ 364.194015][T15984] IPVS: length: 15 != 8 [ 364.310458][ T54] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 364.314536][ T5876] usb 4-1: dvb_usb_v2: found a 'Hauppauge 117xxx ATSC+' in warm state [ 364.359706][ T5876] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 364.370933][ T5876] dvbdev: DVB: registering new adapter (Hauppauge 117xxx ATSC+) [ 364.378655][ T5876] usb 4-1: media controller created [ 364.396151][ T5876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 364.432742][ T5876] usb 4-1: selecting invalid altsetting 1 [ 364.438645][ T5876] set interface failed [ 364.439156][ T5876] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 364.450999][ T5876] error writing reg: 0xff, val: 0x00 [ 364.499623][ T5876] dvb_usb_mxl111sf 4-1:2.0: probe with driver dvb_usb_mxl111sf failed with error -22 [ 364.522558][ T5876] usb 4-1: USB disconnect, device number 41 [ 364.858097][T16013] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 364.864119][T16013] pim6reg0: linktype set to 804 [ 365.015810][T16023] netlink: 'syz.5.4421': attribute type 19 has an invalid length. [ 365.326961][T16045] netlink: 'syz.3.4429': attribute type 2 has an invalid length. [ 366.153134][T16096] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4449'. [ 367.646869][T16168] netlink: 'syz.0.4477': attribute type 21 has an invalid length. [ 367.665232][T16168] netlink: 'syz.0.4477': attribute type 6 has an invalid length. [ 367.682432][T16168] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4477'. [ 367.705174][T16168] netlink: 'syz.0.4477': attribute type 21 has an invalid length. [ 367.714849][T16168] netlink: 'syz.0.4477': attribute type 6 has an invalid length. [ 367.737130][T16168] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4477'. [ 368.385028][T16199] netlink: 'syz.5.4490': attribute type 12 has an invalid length. [ 368.757914][T16218] tmpfs: Cannot disable swap on remount [ 369.122766][T16238] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 369.523540][T16255] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4515'. [ 369.950746][T16279] program syz.2.4524 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 369.976512][T16281] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4525'. [ 370.155503][ C1] sd 0:0:1:0: [sda] tag#1773 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 370.166029][ C1] sd 0:0:1:0: [sda] tag#1773 CDB: Read(6) 08 05 00 00 00 00 [ 370.316866][ T29] audit: type=1326 audit(1735434800.352:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ba185d29 code=0x7ffc0000 [ 370.330192][ T9] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 370.367223][ T29] audit: type=1326 audit(1735434800.352:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ba185d29 code=0x7ffc0000 [ 370.407031][ T29] audit: type=1326 audit(1735434800.392:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22ba185d29 code=0x7ffc0000 [ 370.457921][ T29] audit: type=1326 audit(1735434800.392:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ba185d29 code=0x7ffc0000 [ 370.490576][ T29] audit: type=1326 audit(1735434800.392:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ba185d29 code=0x7ffc0000 [ 370.500770][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 370.525599][ T9] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 370.534479][ T29] audit: type=1326 audit(1735434800.392:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22ba185d29 code=0x7ffc0000 [ 370.548588][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 370.576200][ T9] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 370.588657][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 370.590656][ T29] audit: type=1326 audit(1735434800.392:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ba185d29 code=0x7ffc0000 [ 370.627038][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 370.644022][ T9] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 370.651861][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 370.687253][ T9] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 370.709632][ T29] audit: type=1326 audit(1735434800.392:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f22ba17cce7 code=0x7ffc0000 [ 370.716179][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 370.764093][T16313] netem: incorrect ge model size [ 370.789618][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 370.789698][T16313] netem: change failed [ 370.806340][ T9] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 370.809077][ T29] audit: type=1326 audit(1735434800.392:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f22ba121f29 code=0x7ffc0000 [ 370.815575][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 370.847713][ T29] audit: type=1326 audit(1735434800.392:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16296 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f22ba17cce7 code=0x7ffc0000 [ 370.854075][ T9] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 370.885771][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 370.898033][ T9] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 370.943460][ T9] usb 4-1: string descriptor 0 read error: -22 [ 370.949847][ T9] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 370.965240][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.983833][ T9] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 371.067722][T16327] i2c i2c-0: Invalid block write size 252 [ 371.295016][ T5867] usb 4-1: USB disconnect, device number 42 [ 371.520406][ T9] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 371.624068][T16319] syz.2.4540 (16319) used greatest stack depth: 18296 bytes left [ 371.692105][ T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 371.710461][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.728409][ T9] usb 1-1: config 0 descriptor?? [ 371.752290][ T9] cp210x 1-1:0.0: cp210x converter detected [ 372.006202][T16359] netlink: 'syz.5.4558': attribute type 21 has an invalid length. [ 372.030504][T16359] netlink: 14577 bytes leftover after parsing attributes in process `syz.5.4558'. [ 372.168357][ T9] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 372.178560][T16366] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4562'. [ 372.195161][ T9] usb 1-1: cp210x converter now attached to ttyUSB0 [ 372.405184][ T5876] usb 1-1: USB disconnect, device number 38 [ 372.414010][ T5876] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 372.455946][ T5876] cp210x 1-1:0.0: device disconnected [ 373.537451][T16416] netlink: 'syz.5.4585': attribute type 2 has an invalid length. [ 374.100944][ T5876] syz_tun: tun_net_xmit 110 [ 374.111059][ T8] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 374.294010][ T8] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 374.303936][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 374.315601][ T8] usb 3-1: config 0 descriptor?? [ 374.332647][ T8] cp210x 3-1:0.0: cp210x converter detected [ 374.676991][ T9] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 374.730562][ T5867] syz_tun: tun_net_xmit 110 [ 374.863782][T16474] 8021q: adding VLAN 0 to HW filter on device bond1 [ 374.874260][T16474] bond0: (slave bond1): Enslaving as an active interface with an up link [ 374.981657][ T8] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 374.989472][ T8] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 375.008682][ T8] usb 3-1: cp210x converter now attached to ttyUSB0 [ 375.019241][T16480] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4612'. [ 375.032379][ T8] usb 3-1: USB disconnect, device number 25 [ 375.040637][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 375.051934][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 375.062344][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 375.075948][ T9] usb 2-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00 [ 375.085737][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 375.123044][ T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 375.131745][ T8] cp210x 3-1:0.0: device disconnected [ 375.141208][ T9] usb 2-1: config 0 descriptor?? [ 375.568983][ T9] hid-udraw 0003:20D6:CB17.0018: unknown main item tag 0x0 [ 375.579071][ T9] input: THQ uDraw Game Tablet for PS3 Joypad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0018/input/input48 [ 375.635436][ T9] input: THQ uDraw Game Tablet for PS3 Touchpad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0018/input/input49 [ 375.684347][ T9] input: THQ uDraw Game Tablet for PS3 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0018/input/input50 [ 375.721835][ T9] input: THQ uDraw Game Tablet for PS3 Accelerometer as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0018/input/input51 [ 375.798929][ T9] hid-udraw 0003:20D6:CB17.0018: hidraw0: USB HID v0.00 Device [HID 20d6:cb17] on usb-dummy_hcd.1-1/input0 [ 375.836791][ T8] usb 2-1: USB disconnect, device number 24 [ 376.061122][ T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 376.242321][ T9] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 376.252182][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.272128][ T9] usb 6-1: config 0 descriptor?? [ 376.287025][ T9] gspca_main: spca508-2.14.0 probing 8086:0110 [ 376.496500][ T9] gspca_spca508: reg_read err -32 [ 376.504372][ T9] gspca_spca508: reg_read err -32 [ 376.704656][T16547] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 376.712090][ T9] gspca_spca508: reg_read err -71 [ 376.730928][ T9] gspca_spca508: reg_read err -71 [ 376.738887][ T9] gspca_spca508: reg write: error -71 [ 376.757889][ T9] spca508 6-1:0.0: probe with driver spca508 failed with error -71 [ 376.768723][ T9] usb 6-1: USB disconnect, device number 7 [ 377.532015][T16581] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4653'. [ 377.801042][ T5876] usb 1-1: new full-speed USB device number 39 using dummy_hcd [ 377.887582][T16593] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4659'. [ 377.969167][ T5876] usb 1-1: unable to get BOS descriptor or descriptor too short [ 377.997478][ T5876] usb 1-1: no configurations [ 378.010690][ T5876] usb 1-1: can't read configurations, error -22 [ 378.780410][ T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 378.943501][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.943953][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 378.950345][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.983426][ T9] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 378.992481][ T9] usb 6-1: config 179 has no interface number 0 [ 378.998871][ T9] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 379.010599][ T9] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 379.022942][ T9] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 379.034875][ T9] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 379.046818][ T9] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 379.060623][ T9] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 379.069700][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.100500][T16605] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 379.564763][T16639] serio: Serial port ptm0 [ 379.790595][ T5869] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 379.839045][ T939] usb 6-1: USB disconnect, device number 8 [ 379.839086][ C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 379.855368][ C0] dummy_hcd dummy_hcd.5: timer fired with no URBs pending? [ 379.940470][ T5869] usb 3-1: Using ep0 maxpacket: 16 [ 379.947422][ T5869] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 379.963464][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 379.978986][ T5869] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 379.993448][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.002166][ T5869] usb 3-1: Product: syz [ 380.006479][ T5869] usb 3-1: Manufacturer: syz [ 380.015123][ T5869] usb 3-1: SerialNumber: syz [ 380.022436][ T5869] usb 3-1: config 0 descriptor?? [ 380.035422][ T5869] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 380.045087][ T5869] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 380.201476][T16656] overlayfs: workdir and upperdir must be separate subtrees [ 380.500681][ T9] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 380.643074][ T5869] em28xx 3-1:0.0: chip ID is em2750 [ 380.660202][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 380.708626][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 380.720166][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 380.730626][ T9] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 380.739960][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.752093][ T9] usb 1-1: config 0 descriptor?? [ 380.848243][T16681] bond0: option lp_interval: invalid value (0) [ 380.848323][ T5869] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 380.855079][T16681] bond0: option lp_interval: allowed values 1 - 2147483647 [ 380.872130][ T5869] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 380.879414][ T5869] em28xx 3-1:0.0: No AC97 audio processor [ 380.892368][ T5869] usb 3-1: USB disconnect, device number 26 [ 380.899744][ T5869] em28xx 3-1:0.0: Disconnecting em28xx [ 380.910745][ T5869] em28xx 3-1:0.0: Freeing device [ 381.170975][ T9] ft260 0003:0403:6030.0019: item fetching failed at offset 0/2 [ 381.179239][ T9] ft260 0003:0403:6030.0019: failed to parse HID [ 381.188712][ T9] ft260 0003:0403:6030.0019: probe with driver ft260 failed with error -22 [ 381.396373][ T939] usb 1-1: USB disconnect, device number 41 [ 381.677342][T16716] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4708'. [ 382.000193][ T5867] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 382.206839][ T5867] usb 4-1: Using ep0 maxpacket: 32 [ 382.216423][ T5867] usb 4-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice=64.02 [ 382.226134][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.234666][ T5867] usb 4-1: Product: syz [ 382.239023][ T5867] usb 4-1: Manufacturer: syz [ 382.243984][ T5867] usb 4-1: SerialNumber: syz [ 382.252588][ T5867] usb 4-1: config 0 descriptor?? [ 382.252898][T16740] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 382.399684][T16749] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4724'. [ 382.465224][ T5867] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -71 [ 382.481539][ T5867] usb 4-1: USB disconnect, device number 43 [ 382.781934][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 382.930413][ T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 383.090827][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 383.102923][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 383.115702][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 383.134400][ T9] usb 2-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 383.148857][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.161929][ T9] usb 2-1: Product: syz [ 383.168537][ T9] usb 2-1: Manufacturer: syz [ 383.174993][ T9] usb 2-1: SerialNumber: syz [ 383.185567][ T9] usb 2-1: config 0 descriptor?? [ 383.421880][ T5869] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 383.580594][ T5869] usb 4-1: Using ep0 maxpacket: 16 [ 383.609534][ T5869] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 383.627480][ T5869] usb 4-1: config 0 has no interface number 0 [ 383.634874][ T9] usb 2-1: USB disconnect, device number 25 [ 383.641379][ T5869] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 383.650083][ T939] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 383.654447][ T5869] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 383.672369][ T5869] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 383.682070][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.693660][ T5869] usb 4-1: config 0 descriptor?? [ 383.820147][ T939] usb 3-1: Using ep0 maxpacket: 8 [ 383.828286][ T939] usb 3-1: config 1 has an invalid interface number: 128 but max is 1 [ 383.843422][ T939] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 383.862293][ T939] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 383.872476][ T939] usb 3-1: config 1 has no interface number 0 [ 383.878846][ T939] usb 3-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 383.895197][ T939] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 383.910828][ T939] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.918998][ T939] usb 3-1: Product: syz [ 383.923290][ T939] usb 3-1: Manufacturer: syz [ 383.928042][ T939] usb 3-1: SerialNumber: syz [ 383.936543][ T939] cdc_wdm 3-1:1.128: skipping garbage [ 383.942127][ T939] cdc_wdm 3-1:1.128: probe with driver cdc_wdm failed with error -22 [ 384.177803][ T9] usb 3-1: USB disconnect, device number 27 [ 384.352612][ T5869] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0071.001A/input/input52 [ 384.462817][ T5869] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0071.001A/input/input53 [ 384.482352][ T5869] uclogic 0003:28BD:0071.001A: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.3-1/input1 [ 384.504407][ T939] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 384.563155][ T5867] usb 4-1: USB disconnect, device number 44 [ 384.630254][ T9] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 384.672175][ T939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 384.684101][ T939] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 384.700464][ T939] usb 6-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00 [ 384.709831][ T939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.721075][ T939] usb 6-1: config 0 descriptor?? [ 384.783605][ T9] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 384.800485][ T9] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 384.820435][ T9] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 384.829561][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.853156][T16804] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 384.868234][ T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 384.938477][ T939] usbhid 6-1:0.0: can't add hid device: -71 [ 384.945613][ T939] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 384.964586][ T939] usb 6-1: USB disconnect, device number 9 [ 385.154418][ T9] usb 2-1: USB disconnect, device number 26 [ 385.561376][T16840] program syz.0.4764 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 385.656533][T16846] program syz.0.4768 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 385.957198][T16857] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 386.316147][T16873] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4781'. [ 386.499004][T16886] bridge0: port 3(vlan2) entered disabled state [ 386.507379][T16886] bridge0: port 1(4Â) entered disabled state [ 386.718058][T16895] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4791'. [ 386.737711][T16895] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4791'. [ 386.888936][T16897] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 387.063772][ T939] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 387.230300][ T939] usb 3-1: Using ep0 maxpacket: 32 [ 387.237292][ T939] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 387.246739][ T939] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.263301][ T939] usb 3-1: config 0 descriptor?? [ 387.294009][ T939] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 387.502561][T16942] dvmrp5: entered allmulticast mode [ 387.515295][T16940] dvmrp5: left allmulticast mode [ 387.550549][ T5869] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 387.702547][ T5869] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 387.720406][ T5869] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 387.753870][ T5869] usb 2-1: config 0 has no interface number 0 [ 387.771128][ T5869] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 387.788994][ T5869] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 387.812085][ T5869] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 387.822575][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.846640][ T5869] usb 2-1: Product: syz [ 387.856515][ T5869] usb 2-1: Manufacturer: syz [ 387.873975][ T5869] usb 2-1: SerialNumber: syz [ 387.886095][ T5869] usb 2-1: config 0 descriptor?? [ 388.034916][T16963] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4820'. [ 388.107446][ T939] gspca_vc032x: reg_w err -71 [ 388.112425][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.117741][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.124457][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.129793][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.135256][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.140880][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.146195][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.151577][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.157102][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.162616][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.167942][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.173338][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.178649][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.184056][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.189392][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.195177][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.200785][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.207097][ T939] gspca_vc032x: I2c Bus Busy Wait 00 [ 388.212529][ T939] gspca_vc032x: Unknown sensor... [ 388.217628][ T939] vc032x 3-1:0.0: probe with driver vc032x failed with error -22 [ 388.250321][ T939] usb 3-1: USB disconnect, device number 28 [ 388.511499][ T5869] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.117/input/input54 [ 388.520718][T16976] syzkaller0: tun_chr_ioctl cmd 35108 [ 388.726678][ T939] usb 2-1: USB disconnect, device number 27 [ 389.668437][T17033] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4853'. [ 390.626225][T17080] program syz.3.4875 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 391.414006][ T939] hid-generic 0000:0003:0000.001B: unknown main item tag 0x0 [ 391.424573][ T939] hid-generic 0000:0003:0000.001B: unknown main item tag 0x0 [ 391.433689][ T939] hid-generic 0000:0003:0000.001B: hidraw0: HID v0.00 Device [syz0] on syz1 [ 391.610690][ T9] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 391.792033][T17144] netlink: 236 bytes leftover after parsing attributes in process `syz.0.4900'. [ 391.793799][ T9] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 391.820471][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.828520][ T9] usb 4-1: Product: syz [ 391.833230][ T9] usb 4-1: Manufacturer: syz [ 391.837886][ T9] usb 4-1: SerialNumber: syz [ 391.854850][ T9] usb 4-1: config 0 descriptor?? [ 392.116591][ T9] usb 4-1: USB disconnect, device number 45 [ 392.148003][T17155] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 392.830415][ T939] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 393.003082][ T939] usb 1-1: Using ep0 maxpacket: 16 [ 393.030850][ T939] usb 1-1: config 0 has an invalid interface number: 49 but max is 0 [ 393.039009][ T939] usb 1-1: config 0 has no interface number 0 [ 393.064258][ T939] usb 1-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7 [ 393.075123][ T939] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.090007][ T939] usb 1-1: Product: syz [ 393.094226][ T939] usb 1-1: Manufacturer: syz [ 393.101225][ T939] usb 1-1: SerialNumber: syz [ 393.111499][ T939] usb 1-1: config 0 descriptor?? [ 393.310593][T17222] sctp: [Deprecated]: syz.1.4932 (pid 17222) Use of struct sctp_assoc_value in delayed_ack socket option. [ 393.310593][T17222] Use struct sctp_sack_info instead [ 393.341752][ T939] qmi_wwan 1-1:0.49: probe with driver qmi_wwan failed with error -22 [ 393.361101][ T939] usb 1-1: USB disconnect, device number 42 [ 393.380522][ T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 393.532143][ T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 393.542640][ T9] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 393.556575][ T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 393.579232][ T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 393.591376][ T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 393.605153][ T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 393.615096][ T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 393.628825][ T9] usb 6-1: Product: syz [ 393.633723][ T9] usb 6-1: Manufacturer: syz [ 393.645681][ T9] cdc_wdm 6-1:1.0: skipping garbage [ 393.651276][ T9] cdc_wdm 6-1:1.0: skipping garbage [ 393.658181][ T9] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 393.666579][ T9] cdc_wdm 6-1:1.0: Unknown control protocol [ 393.884116][ T939] usb 6-1: USB disconnect, device number 10 [ 394.605310][T17277] could not allocate digest TFM handle ùüiŸ¯f¢H¹—Ï»|Ó}Ù›’–8¬¬Ð°`ŠÆ·Æ8±÷îïÐ ‹>Ë”?(HQ?]™Â 8öc [ 394.605310][T17277] ëWk·*¯ÂlBî`ú$óÜ_÷þõ/”Ñí_·­ô2ñ$Ù´M [ 394.734379][T17287] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 394.807273][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 394.807293][ T29] audit: type=1400 audit(1735434824.842:1200): lsm=SMACK fn=smack_inode_remove_acl action=denied subject="N" object="_" requested=w pid=17289 comm="syz.2.4963" name="vcsa" dev="devtmpfs" ino=16 [ 395.351266][T17310] netlink: 'syz.2.4969': attribute type 1 has an invalid length. [ 395.359387][T17310] netlink: 'syz.2.4969': attribute type 4 has an invalid length. [ 395.371794][T17310] netlink: 188 bytes leftover after parsing attributes in process `syz.2.4969'. [ 395.384405][T17310] NCSI netlink: No device for ifindex 458760 [ 395.868397][T17328] 8021q: adding VLAN 0 to HW filter on device bond0 [ 395.898919][T17328] bond0: (slave rose0): Enslaving as an active interface with an up link [ 396.321183][T17352] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4984'. [ 396.427972][T17359] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4985'. [ 396.678109][T17374] tap0: tun_chr_ioctl cmd 1074025672 [ 396.685581][T17374] tap0: ignored: set checksum disabled [ 397.256001][T17408] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5000'. [ 397.368220][T17418] loop9: detected capacity change from 0 to 8 [ 397.436494][T17418] Dev loop9: unable to read RDB block 8 [ 397.480983][T17418] loop9: unable to read partition table [ 397.508781][T17418] loop9: partition table beyond EOD, truncated [ 397.538372][T17418] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 397.992763][T17446] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 398.290518][ T5869] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 398.464949][ T5869] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 398.486827][ T5869] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 398.517635][ T5869] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 398.537015][ T5869] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 398.546243][ T5869] usb 6-1: SerialNumber: syz [ 398.763916][ T5869] usb 6-1: 0:2 : does not exist [ 398.811730][ T5869] usb 6-1: USB disconnect, device number 11 [ 399.855415][T17533] mkiss: ax0: crc mode is auto. [ 401.444791][T17550] syz.2.5054 (17550): drop_caches: 2 [ 401.550090][ T5876] usb 6-1: new low-speed USB device number 12 using dummy_hcd [ 401.583789][T17592] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5072'. [ 401.760289][ T5876] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 401.772069][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 401.784851][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 401.794856][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 401.806328][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 401.846303][ T5876] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 401.853967][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 401.864514][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 401.868311][T17607] netlink: 'syz.2.5081': attribute type 2 has an invalid length. [ 401.875028][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 401.903219][ T5869] kernel write not supported for file /media2 (pid: 5869 comm: kworker/0:4) [ 401.909942][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 401.930755][T17607] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5081'. [ 401.944689][ T5876] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 401.971461][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 401.987781][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 402.004619][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 402.016151][T17611] bond_slave_1: invalid flags given to default FDB implementation [ 402.028777][ T5876] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 402.063572][ T5876] usb 6-1: string descriptor 0 read error: -22 [ 402.076811][ T5876] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 402.100006][ T5876] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 402.126905][ T5876] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 402.220427][ T5827] Bluetooth: hci0: command 0x0405 tx timeout [ 402.400417][ T5869] usb 6-1: USB disconnect, device number 12 [ 403.360379][ T5869] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 403.384389][T17673] netlink: 'syz.1.5110': attribute type 7 has an invalid length. [ 403.512434][ T5869] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 403.523817][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.544433][ T5869] usb 4-1: config 0 descriptor?? [ 403.558338][ T5869] cp210x 4-1:0.0: cp210x converter detected [ 403.780121][T17691] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5117'. [ 403.789129][T17691] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5117'. [ 404.147952][T17703] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 404.163300][ T5869] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 404.180489][ T5869] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 404.204988][ T5869] usb 4-1: cp210x converter now attached to ttyUSB0 [ 404.223107][ T5869] usb 4-1: USB disconnect, device number 46 [ 404.240993][ T5869] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 404.270494][ T5869] cp210x 4-1:0.0: device disconnected [ 404.486464][T17730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5130'. [ 405.020942][ T5869] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 405.181056][ T5869] usb 2-1: Using ep0 maxpacket: 32 [ 405.189699][ T5869] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 405.203571][ T5869] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 405.220690][ T5871] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 405.255679][ T5869] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 405.286411][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.320835][ T5869] usb 2-1: Product: syz [ 405.325066][ T5869] usb 2-1: Manufacturer: syz [ 405.361098][ T5869] usb 2-1: SerialNumber: syz [ 405.383477][ T5871] usb 4-1: Using ep0 maxpacket: 16 [ 405.417325][ T5871] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 405.447776][ T5871] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 405.465885][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.495702][ T9] hid-generic 0000:0003:0000.001C: unknown main item tag 0x0 [ 405.513397][ T5871] usb 4-1: Product: syz [ 405.517860][ T9] hid-generic 0000:0003:0000.001C: unknown main item tag 0x0 [ 405.530165][ T5871] usb 4-1: Manufacturer: syz [ 405.534912][ T5871] usb 4-1: SerialNumber: syz [ 405.544403][ T9] hid-generic 0000:0003:0000.001C: hidraw0: HID v0.00 Device [syz0] on syz1 [ 405.558138][ T5871] usb 4-1: config 0 descriptor?? [ 405.568068][ T5871] hub 4-1:0.0: bad descriptor, ignoring hub [ 405.574719][ T5871] hub 4-1:0.0: probe with driver hub failed with error -5 [ 405.587593][ T5871] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input55 [ 405.699850][ T5869] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 28 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 405.921101][ T5876] usb 2-1: USB disconnect, device number 28 [ 405.929008][ T5876] usblp0: removed [ 406.840281][T17808] Invalid/unusable pipe [ 406.904219][T17812] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5154'. [ 407.122600][ T5177] usb 4-1: reset high-speed USB device number 47 using dummy_hcd [ 407.292508][ T5177] usb 4-1: device firmware changed [ 407.307358][ T939] usb 4-1: USB disconnect, device number 47 [ 407.443312][T17830] gfs2: gfs2 mount does not exist [ 407.490820][ T939] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 407.630243][ T5867] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 407.660791][ T939] usb 4-1: Using ep0 maxpacket: 16 [ 407.690530][ T939] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 407.710699][ T939] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.724627][ T939] usb 4-1: config 0 descriptor?? [ 407.737636][ T939] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 407.790153][ T5867] usb 1-1: Using ep0 maxpacket: 8 [ 407.801475][ T5867] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 407.810120][ T5867] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 407.830048][ T5867] usb 1-1: config 0 has no interface number 0 [ 407.840160][ T5867] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 407.860223][ T5867] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 407.882739][ T5867] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 407.910244][ T5867] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 407.924844][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0 [ 407.933147][ T5867] usb 1-1: Product: syz [ 407.939893][ T5867] usb 1-1: config 0 descriptor?? [ 407.946300][T17828] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 408.554057][ T939] gspca_sonixj: reg_r err -71 [ 408.562925][ T939] sonixj 4-1:0.0: probe with driver sonixj failed with error -71 [ 408.581178][ T939] usb 4-1: USB disconnect, device number 48 [ 408.589548][ T5867] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input56 [ 408.800460][T17869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5178'. [ 408.838281][ T939] usb 1-1: USB disconnect, device number 43 [ 408.844449][ C1] keyspan_remote 1-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 409.046970][ T5869] kernel write not supported for file /amidi2 (pid: 5869 comm: kworker/0:4) [ 409.275530][ T939] hid-generic 0005:0B57:07FF.001D: hidraw0: BLUETOOTH HID v0.8b Device [syz1] on aa:aa:aa:aa:aa:aa [ 409.554458][T17903] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 409.704712][T17916] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5192'. [ 409.714305][T17916] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5192'. [ 410.164836][T17940] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5200'. [ 410.448533][T17951] netlink: 'syz.5.5204': attribute type 2 has an invalid length. [ 410.460592][T17951] netlink: 212912 bytes leftover after parsing attributes in process `syz.5.5204'. [ 410.616893][T17961] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5208'. [ 410.635015][T17963] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5211'. [ 410.745759][T17966] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5212'. [ 411.453454][T17997] UBIFS error (pid: 17997): cannot open "/dev/loop5", error -22 [ 413.314771][T18062] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5254'. [ 414.110114][ T5867] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 414.146431][ T29] audit: type=1326 audit(1735434844.182:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.182913][ T29] audit: type=1326 audit(1735434844.192:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.239338][ T29] audit: type=1326 audit(1735434844.192:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.290140][ T29] audit: type=1326 audit(1735434844.192:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.290185][ T29] audit: type=1326 audit(1735434844.192:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.290444][ T29] audit: type=1326 audit(1735434844.212:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.290482][ T29] audit: type=1326 audit(1735434844.222:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.290511][ T29] audit: type=1326 audit(1735434844.222:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.290844][ T29] audit: type=1326 audit(1735434844.262:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18108 comm="syz.5.5275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 414.291548][ T5867] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 414.291584][ T5867] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 414.291618][ T5867] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 414.291642][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.294175][T18097] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 414.296945][ T5867] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 414.559045][ T5867] usb 1-1: USB disconnect, device number 44 [ 415.500644][ T5869] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 415.651097][ T5869] usb 3-1: Using ep0 maxpacket: 16 [ 415.657788][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.674290][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.685851][ T5869] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 415.695472][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.709262][ T5869] usb 3-1: config 0 descriptor?? [ 415.760455][ T9] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 415.915436][ T9] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 415.936591][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.950675][ T9] usb 4-1: Product: syz [ 415.954917][ T9] usb 4-1: Manufacturer: syz [ 415.970516][ T9] usb 4-1: SerialNumber: syz [ 415.976974][ T9] usb 4-1: config 0 descriptor?? [ 416.138602][ T5869] elan 0003:04F3:0755.001E: unknown main item tag 0x1 [ 416.146631][ T5869] elan 0003:04F3:0755.001E: failed to start in urb: -90 [ 416.158103][ T5869] elan 0003:04F3:0755.001E: hidraw1: USB HID v0.00 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0 [ 416.198734][ T5867] usb 4-1: USB disconnect, device number 49 [ 416.370229][ T939] usb 3-1: USB disconnect, device number 29 [ 416.697904][T18187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5310'. [ 416.710731][T18187] veth1_macvtap: left promiscuous mode [ 416.933847][ T9] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 417.138695][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 417.170334][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 417.184554][T18211] netlink: 165 bytes leftover after parsing attributes in process `syz.3.5322'. [ 417.206589][ T9] usb 2-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00 [ 417.226631][ T9] usb 2-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0 [ 417.250630][ T9] usb 2-1: Product: syz [ 417.262420][ T9] usb 2-1: config 0 descriptor?? [ 417.690401][ T5867] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 417.720362][ T939] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 417.722924][ T9] samsung 0003:0419:0600.001F: hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 417.842958][T18246] lo speed is unknown, defaulting to 1000 [ 417.852491][ T5867] usb 1-1: Using ep0 maxpacket: 16 [ 417.864247][ T5867] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 417.881795][ T5867] usb 1-1: config 0 has no interface number 0 [ 417.890007][ T939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 417.904521][ T5867] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 417.915636][ T939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 417.930551][ T5867] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 417.949952][ T939] usb 6-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 417.959382][ T939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.959436][ T5869] usb 2-1: USB disconnect, device number 29 [ 417.972763][ T5867] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 417.986242][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 417.996014][ T5867] usb 1-1: Product: syz [ 418.001454][ T939] usb 6-1: config 0 descriptor?? [ 418.007025][ T5867] usb 1-1: SerialNumber: syz [ 418.014810][ T5867] usb 1-1: config 0 descriptor?? [ 418.023040][ T5867] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 418.031100][ T5867] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input57 [ 418.110661][ T9] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 418.190342][ T5871] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 418.263101][ T9] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 418.263135][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.265158][ T9] usb 3-1: config 0 descriptor?? [ 418.340483][ T5871] usb 4-1: Using ep0 maxpacket: 32 [ 418.347852][ T5871] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 418.347896][ T5871] usb 4-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=db.8b [ 418.347949][ T5871] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.361260][ T5871] usb 4-1: config 0 descriptor?? [ 418.425025][ T939] uclogic 0003:5543:0042.0020: unbalanced collection at end of report description [ 418.436138][ T939] uclogic 0003:5543:0042.0020: parse failed [ 418.444193][ T939] uclogic 0003:5543:0042.0020: probe with driver uclogic failed with error -22 [ 418.444980][ T5871] usb 1-1: USB disconnect, device number 45 [ 418.453628][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 418.453679][ C1] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 418.484486][ T5871] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 418.525486][ T9] ath6kl: Failed to submit usb control message: -71 [ 418.533673][ T9] ath6kl: unable to send the bmi data to the device: -71 [ 418.542537][ T9] ath6kl: Unable to send get target info: -71 [ 418.549474][ T9] ath6kl: Failed to init ath6kl core: -71 [ 418.584112][ T5869] usb 4-1: USB disconnect, device number 50 [ 418.596273][ T9] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 418.610144][ T9] usb 3-1: USB disconnect, device number 30 [ 418.657960][T18253] usb 6-1: USB disconnect, device number 13 [ 418.692381][T18258] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5340'. [ 419.240622][T18284] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5352'. [ 419.522347][ T29] audit: type=1326 audit(1735434849.562:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.582700][ T29] audit: type=1326 audit(1735434849.582:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.653520][ T29] audit: type=1326 audit(1735434849.592:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.727418][ T29] audit: type=1326 audit(1735434849.592:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.783119][ T29] audit: type=1326 audit(1735434849.592:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.825672][ T29] audit: type=1326 audit(1735434849.592:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.865946][ T29] audit: type=1326 audit(1735434849.592:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.900749][ T29] audit: type=1326 audit(1735434849.592:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.923538][ T29] audit: type=1326 audit(1735434849.592:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 419.945760][ T29] audit: type=1326 audit(1735434849.592:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18300 comm="syz.5.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44fdf85d29 code=0x7ffc0000 [ 420.221716][T18325] program syz.2.5370 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 420.282228][ T939] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 420.463843][ T939] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 420.476887][ T939] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.495357][ T939] usb 1-1: Product: syz [ 420.503886][T18337] bond0: entered promiscuous mode [ 420.507068][ T939] usb 1-1: Manufacturer: syz [ 420.508986][T18337] bond_slave_0: entered promiscuous mode [ 420.521161][ T939] usb 1-1: SerialNumber: syz [ 420.537911][ T939] usb 1-1: config 0 descriptor?? [ 420.541845][T18337] bond_slave_1: entered promiscuous mode [ 420.557289][ T939] i2c-tiny-usb 1-1:0.0: version 6d.cc found at bus 001 address 046 [ 420.565783][T18337] batadv_slave_0: entered promiscuous mode [ 420.576920][T18337] bond0: left promiscuous mode [ 420.582355][T18337] bond_slave_0: left promiscuous mode [ 420.592206][T18337] bond_slave_1: left promiscuous mode [ 420.597909][T18337] batadv_slave_0: left promiscuous mode [ 420.957343][ T939] (null): failure setting delay to 10us [ 420.963351][ T939] i2c-tiny-usb 1-1:0.0: probe with driver i2c-tiny-usb failed with error -5 [ 420.974893][ T939] usb 1-1: USB disconnect, device number 46 [ 421.210411][T18253] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 421.373680][T18253] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 421.384126][T18253] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.404130][T18253] usb 4-1: Product: syz [ 421.418598][T18253] usb 4-1: Manufacturer: syz [ 421.426049][T18253] usb 4-1: SerialNumber: syz [ 421.444236][T18253] usb 4-1: config 0 descriptor?? [ 422.101678][ T5869] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 422.267141][T18253] usb 4-1: Firmware version (0.0) predates our first public release. [ 422.279473][T18253] usb 4-1: Please update to version 0.2 or newer [ 422.290941][ T5869] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 422.307980][ T5869] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 422.330536][ T5869] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 422.355895][ T5869] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 422.372205][T18253] usb 4-1: USB disconnect, device number 51 [ 422.380583][ T5869] usb 6-1: SerialNumber: syz [ 422.611069][ T5869] usb 6-1: 0:2 : does not exist [ 422.638005][ T5869] usb 6-1: USB disconnect, device number 14 [ 422.758108][T18402] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5404'. [ 423.251345][T18431] netlink: 'syz.1.5417': attribute type 29 has an invalid length. [ 423.300182][T18431] netlink: 'syz.1.5417': attribute type 29 has an invalid length. [ 423.326076][T18431] netlink: 'syz.1.5417': attribute type 29 has an invalid length. [ 424.200705][T18465] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5432'. [ 424.292718][T18469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5436'. [ 425.780421][ T5869] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 425.789680][T18540] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5468'. [ 425.950651][ T5869] usb 2-1: Using ep0 maxpacket: 16 [ 425.965571][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 425.990403][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 426.010635][ T5869] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 426.040295][ T5869] usb 2-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 426.049370][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.080845][ T5869] usb 2-1: config 0 descriptor?? [ 426.340730][ T939] usb 6-1: new full-speed USB device number 15 using dummy_hcd [ 426.397358][T18564] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5479'. [ 426.506100][ T939] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 426.527213][ T5869] hid-u2fzero 0003:10C4:8ACF.0021: unknown main item tag 0x0 [ 426.530015][ T939] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 426.543777][ T5827] Bluetooth: hci5: command 0x1003 tx timeout [ 426.547120][ T5869] hid-u2fzero 0003:10C4:8ACF.0021: unknown main item tag 0x0 [ 426.550571][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 426.588599][ T939] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 426.609979][ T939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 426.618063][ T939] usb 6-1: Product: syz [ 426.622227][ T5869] hid-u2fzero 0003:10C4:8ACF.0021: item fetching failed at offset 2/5 [ 426.629998][ T939] usb 6-1: Manufacturer: syz [ 426.635118][ T939] usb 6-1: SerialNumber: syz [ 426.671304][ T5869] hid-u2fzero 0003:10C4:8ACF.0021: probe with driver hid-u2fzero failed with error -22 [ 426.690934][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 426.690952][ T29] audit: type=1326 audit(1735434856.732:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 426.718701][ C1] vkms_vblank_simulate: vblank timer overrun [ 426.742725][ T29] audit: type=1326 audit(1735434856.772:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 426.777149][ T5867] usb 2-1: USB disconnect, device number 30 [ 426.810484][ T29] audit: type=1326 audit(1735434856.782:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 426.855235][ T29] audit: type=1326 audit(1735434856.782:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 426.910475][ T29] audit: type=1326 audit(1735434856.782:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 426.950736][ T29] audit: type=1326 audit(1735434856.782:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 427.000957][ T29] audit: type=1326 audit(1735434856.782:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 427.057403][ T29] audit: type=1326 audit(1735434856.782:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 427.061596][ T939] usb 6-1: 0:2 : does not exist [ 427.117671][ T29] audit: type=1326 audit(1735434856.782:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 427.143602][ T29] audit: type=1326 audit(1735434856.782:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18567 comm="syz.3.5481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 427.554162][ T5867] usb 6-1: USB disconnect, device number 15 [ 427.661162][ T939] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 427.824226][ T939] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 427.837990][ T939] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.846649][ T939] usb 1-1: Product: syz [ 427.854981][ T939] usb 1-1: Manufacturer: syz [ 427.865150][ T939] usb 1-1: SerialNumber: syz [ 427.881186][ T939] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 427.903334][ T5867] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 427.957007][T18620] usb usb7: usbfs: process 18620 (syz.3.5504) did not claim interface 0 before use [ 428.593200][ T939] usb 1-1: USB disconnect, device number 47 [ 429.181005][ T5867] usb 1-1: Service connection timeout for: 256 [ 429.201167][ T5867] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services [ 429.224936][ T5867] ath9k_htc: Failed to initialize the device [ 429.231190][ T5876] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 429.263900][ T939] usb 1-1: ath9k_htc: USB layer deinitialized [ 429.339060][T18689] sp0: Synchronizing with TNC [ 429.410036][ T5876] usb 6-1: Using ep0 maxpacket: 32 [ 429.422320][ T5876] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 429.438576][ T5876] usb 6-1: config 0 has no interface number 0 [ 429.447753][ T5876] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.461340][ T5876] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 429.472865][ T5876] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 429.482389][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.492717][ T5876] usb 6-1: config 0 descriptor?? [ 429.501188][ T9] usb 4-1: new full-speed USB device number 52 using dummy_hcd [ 429.615943][T18707] ip6erspan0: tun_chr_ioctl cmd 1074025675 [ 429.622083][T18707] ip6erspan0: persist disabled [ 429.660909][ T5869] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 429.676074][ T9] usb 4-1: config 246 has an invalid interface number: 166 but max is 0 [ 429.685303][ T9] usb 4-1: config 246 has no interface number 0 [ 429.695620][ T9] usb 4-1: config 246 interface 166 altsetting 118 has an endpoint descriptor with address 0xAA, changing to 0x8A [ 429.708195][ T9] usb 4-1: config 246 interface 166 altsetting 118 endpoint 0x8A has invalid wMaxPacketSize 0 [ 429.719071][ T9] usb 4-1: config 246 interface 166 has no altsetting 0 [ 429.733029][ T9] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 9.63 [ 429.745656][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 429.756188][ T9] usb 4-1: Product: syz [ 429.763020][ T9] usb 4-1: Manufacturer: syz [ 429.767811][ T9] usb 4-1: SerialNumber: syz [ 429.822297][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.834008][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 429.844539][ T5869] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 429.854275][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.872526][ T5869] usb 3-1: config 0 descriptor?? [ 430.108632][ T5876] uclogic 0003:28BD:0094.0022: pen parameters not found [ 430.120117][ T5876] uclogic 0003:28BD:0094.0022: interface is invalid, ignoring [ 430.140714][ T5876] usb 6-1: USB disconnect, device number 16 [ 430.302946][ T5869] pyra 0003:1E7D:2CF6.0023: hidraw1: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0 [ 430.398267][ T9] usb 4-1: Limiting number of CPorts to U8_MAX [ 430.416364][ T9] usb 4-1: Unknown endpoint type found, address 0x0b [ 430.425385][ T9] usb 4-1: Unknown endpoint type found, address 0x8a [ 430.433105][ T9] usb 4-1: Not enough endpoints found in device, aborting! [ 430.519582][ T9] usb 3-1: USB disconnect, device number 31 [ 430.631529][ T5869] usb 4-1: USB disconnect, device number 52 [ 431.510041][ T5876] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 431.684108][ T5876] usb 2-1: Using ep0 maxpacket: 16 [ 431.691385][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 431.740462][ T5876] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 431.760012][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.768118][ T5876] usb 2-1: Product: syz [ 431.772399][ T5876] usb 2-1: Manufacturer: syz [ 431.777115][ T5876] usb 2-1: SerialNumber: syz [ 431.785167][ T5876] usb 2-1: config 0 descriptor?? [ 431.795212][ T5876] hub 2-1:0.0: bad descriptor, ignoring hub [ 431.801338][ T5876] hub 2-1:0.0: probe with driver hub failed with error -5 [ 431.814129][ T5876] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input58 [ 432.383863][ T5869] usb 2-1: USB disconnect, device number 31 [ 432.498487][T18801] ipvlan3: entered promiscuous mode [ 432.506190][T18801] bridge0: port 5(ipvlan3) entered blocking state [ 432.513404][T18801] bridge0: port 5(ipvlan3) entered disabled state [ 432.520395][ T5876] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 432.528749][T18801] ipvlan3: entered allmulticast mode [ 432.534687][ C1] sd 0:0:1:0: [sda] tag#1743 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 432.534701][T18801] bridge0: entered allmulticast mode [ 432.535943][T18801] ipvlan3: left allmulticast mode [ 432.545171][ C1] sd 0:0:1:0: [sda] tag#1743 CDB: Read(6) 08 00 00 00 00 00 00 00 00 00 00 00 [ 432.565778][T18801] bridge0: left allmulticast mode [ 432.681394][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 432.696332][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 432.715089][T18809] hpfs: Bad magic ... probably not HPFS [ 432.715804][ T5876] usb 6-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00 [ 432.733881][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.745037][ T5876] usb 6-1: config 0 descriptor?? [ 432.807914][T18811] Cannot find add_set index 0 as target [ 433.138915][T18826] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 433.176430][ T5876] cypress 0003:04B4:DE61.0024: ignoring exceeding usage max [ 433.181975][T18826] Non-string source [ 433.200395][ T5876] cypress 0003:04B4:DE61.0024: item fetching failed at offset 4/7 [ 433.230558][ T5876] cypress 0003:04B4:DE61.0024: parse failed [ 433.247158][ T5876] cypress 0003:04B4:DE61.0024: probe with driver cypress failed with error -22 [ 433.418057][ T5876] usb 6-1: USB disconnect, device number 17 [ 433.474843][T18836] ipvlan2: entered promiscuous mode [ 433.853619][ T5869] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 434.025306][ T5869] usb 3-1: Using ep0 maxpacket: 16 [ 434.041313][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 434.072605][ T5869] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 434.082680][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 434.105358][ T5869] usb 3-1: Product: syz [ 434.109698][ T5869] usb 3-1: Manufacturer: syz [ 434.115106][ T5869] usb 3-1: SerialNumber: syz [ 434.122412][ T5869] usb 3-1: config 0 descriptor?? [ 434.129566][ T5869] hub 3-1:0.0: bad descriptor, ignoring hub [ 434.136451][ T5869] hub 3-1:0.0: probe with driver hub failed with error -5 [ 434.145906][T18873] Failed to get privilege flags for destination (handle=0x2:0x0) [ 434.147535][ T5869] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input59 [ 434.280056][ T5876] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 434.352625][T18878] netlink: 'syz.3.5621': attribute type 4 has an invalid length. [ 434.431766][ T5876] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 434.450384][ T5876] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 434.471318][ T5876] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 434.490049][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.511200][T18867] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 434.526516][ T5876] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 434.550751][ T5869] usb 3-1: USB disconnect, device number 32 [ 434.701250][T18889] program syz.3.5625 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 434.851773][ T5869] usb 6-1: USB disconnect, device number 18 [ 434.929406][T18896] Bluetooth: MGMT ver 1.23 [ 434.934275][T18896] Bluetooth: hci0: load_link_keys: too big key_count value 5888 [ 435.590046][ T5868] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 435.771601][ T5868] usb 4-1: Using ep0 maxpacket: 16 [ 435.784097][ T5868] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 435.796221][ T5868] usb 4-1: config 0 has no interface number 0 [ 435.809647][ T5868] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 435.854548][ T5868] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 435.876175][ T5868] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 435.890115][ T5868] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 435.908519][ T5868] usb 4-1: Product: syz [ 435.931080][ T5868] usb 4-1: SerialNumber: syz [ 435.951365][ T5868] usb 4-1: config 0 descriptor?? [ 435.965875][ T5868] cm109 4-1:0.8: invalid payload size 0, expected 4 [ 435.981191][ T5868] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input61 [ 436.169303][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 436.391199][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.402137][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.409327][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.416616][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.423858][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.431015][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.438458][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.445590][ T5876] usb 4-1: USB disconnect, device number 53 [ 436.445906][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.458767][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 436.484402][ T5876] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 436.670475][T18944] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 0, id = 0 [ 437.048479][T18953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5652'. [ 437.328333][T18967] lo speed is unknown, defaulting to 1000 [ 437.650845][ T5876] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 437.705236][T18991] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5668'. [ 437.829817][ T5876] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 437.842406][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.876542][ T5876] usb 1-1: config 0 descriptor?? [ 437.888531][T18997] netlink: 'syz.3.5671': attribute type 12 has an invalid length. [ 437.907564][T18997] netlink: 'syz.3.5671': attribute type 29 has an invalid length. [ 437.935884][T18997] netlink: 'syz.3.5671': attribute type 2 has an invalid length. [ 437.943902][T18997] netlink: 'syz.3.5671': attribute type 2 has an invalid length. [ 437.952067][T18997] netlink: 'syz.3.5671': attribute type 1 has an invalid length. [ 437.960092][T18997] netlink: 'syz.3.5671': attribute type 37 has an invalid length. [ 438.148919][ T5876] ath6kl: Failed to submit usb control message: -71 [ 438.155668][ T5876] ath6kl: unable to send the bmi data to the device: -71 [ 438.163442][ T5876] ath6kl: Unable to send get target info: -71 [ 438.182349][ T5876] ath6kl: Failed to init ath6kl core: -71 [ 438.188495][ T5876] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 438.210038][ T5876] usb 1-1: USB disconnect, device number 48 [ 438.336101][T19018] syz.2.5680: attempt to access beyond end of device [ 438.336101][T19018] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 438.370375][T19018] FAT-fs (nbd2): unable to read boot sector [ 438.458998][T19026] vxcan1: tx address claim with dlc 1 [ 438.730052][ T5876] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 438.891401][ T5876] usb 3-1: Using ep0 maxpacket: 32 [ 438.898754][ T5876] usb 3-1: config 0 interface 0 has no altsetting 0 [ 438.927079][ T5876] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 438.940287][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.956285][ T5876] usb 3-1: Product: syz [ 438.983855][ T5876] usb 3-1: Manufacturer: syz [ 438.988518][ T5876] usb 3-1: SerialNumber: syz [ 439.001427][ T5876] usb 3-1: config 0 descriptor?? [ 439.055347][T19054] xt_hashlimit: size too large, truncated to 1048576 [ 439.455361][ T5876] gs_usb 3-1:0.0: Configuring for 1 interfaces [ 439.808159][T19077] random: crng reseeded on system resumption [ 439.869175][ T9] usb 3-1: USB disconnect, device number 33 [ 440.383285][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.396384][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.576973][T19119] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5723'. [ 442.031689][T19132] netlink: 'syz.1.5730': attribute type 11 has an invalid length. [ 442.907811][T19154] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 443.898350][T19210] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5763'. [ 443.923023][T19206] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5763'. [ 443.936560][T19210] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5763'. [ 444.286711][T19229] IPv6: sit1: Disabled Multicast RS [ 444.690753][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 444.690772][ T29] audit: type=1326 audit(1735434874.722:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 444.718912][ T29] audit: type=1326 audit(1735434874.722:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 444.807387][ T29] audit: type=1326 audit(1735434874.812:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 444.880494][ T29] audit: type=1326 audit(1735434874.822:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 444.940521][ T29] audit: type=1326 audit(1735434874.822:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 445.003060][ T29] audit: type=1326 audit(1735434874.822:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 445.033456][ T29] audit: type=1326 audit(1735434874.822:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 445.055963][ T29] audit: type=1326 audit(1735434874.822:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 445.078240][ T29] audit: type=1326 audit(1735434874.822:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19241 comm="syz.3.5781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0114b85d29 code=0x7ffc0000 [ 445.146312][T19257] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5786'. [ 445.284437][T19265] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 445.503102][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 445.983900][T19280] tap0: tun_chr_ioctl cmd 1074025677 [ 446.002569][T19280] tap0: linktype set to 769 [ 446.710285][ T5876] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 446.880091][ T5876] usb 2-1: Using ep0 maxpacket: 8 [ 446.895614][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 446.910983][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 446.931272][ T5876] usb 2-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 446.952255][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.975920][ T5876] usb 2-1: config 0 descriptor?? [ 447.254702][T19327] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5816'. [ 447.417540][ T5876] saitek 0003:06A3:0CCD.0025: unknown main item tag 0x0 [ 447.436473][ T5876] saitek 0003:06A3:0CCD.0025: unknown main item tag 0x0 [ 447.460217][ T5876] saitek 0003:06A3:0CCD.0025: item fetching failed at offset 2/11 [ 447.478790][ T5876] saitek 0003:06A3:0CCD.0025: parse failed [ 447.510840][ T5876] saitek 0003:06A3:0CCD.0025: probe with driver saitek failed with error -22 [ 447.571641][T19340] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5821'. [ 447.657393][ T5876] usb 2-1: USB disconnect, device number 32 [ 447.978478][T19362] Sensor A: ================= START STATUS ================= [ 447.987927][T19362] Sensor A: Test Pattern: 75% Colorbar [ 448.012199][T19362] Sensor A: Show Information: All [ 448.022081][T19362] Sensor A: Vertical Flip: false [ 448.030946][T19362] Sensor A: Horizontal Flip: false [ 448.036092][T19362] Sensor A: Brightness: 128 [ 448.051665][T19362] Sensor A: Contrast: 128 [ 448.056072][T19362] Sensor A: Hue: 0 [ 448.059824][T19362] Sensor A: Saturation: 128 [ 448.077825][T19362] Sensor A: ================== END STATUS ================== [ 448.401015][T19386] program syz.0.5843 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 448.575829][T19402] netlink: 104 bytes leftover after parsing attributes in process `syz.2.5850'. [ 449.058008][T18253] kernel read not supported for file /dsp (pid: 18253 comm: kworker/0:3) [ 449.140425][ T9] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 449.181429][T19440] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5862'. [ 449.290402][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 449.304178][ T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 449.328825][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 449.348258][ T9] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 449.359029][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.367599][ T9] usb 6-1: Product: syz [ 449.372870][ T9] usb 6-1: Manufacturer: syz [ 449.377502][ T9] usb 6-1: SerialNumber: syz [ 449.385041][ T9] usb 6-1: config 0 descriptor?? [ 449.395043][ T9] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 449.405530][ T9] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 449.672722][ T5876] usb 4-1: new full-speed USB device number 54 using dummy_hcd [ 449.831140][T19468] netlink: 'syz.1.5875': attribute type 1 has an invalid length. [ 449.851893][ T5876] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 449.861182][ T5876] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 449.869925][ T5876] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 449.878953][ T5876] usb 4-1: config 1 has no interface number 0 [ 449.890756][ T5876] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 449.917329][ T5876] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 449.935946][ T5876] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 449.945494][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.960237][ T5876] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 450.004289][ T9] em28xx 6-1:0.0: unknown em28xx chip ID (214) [ 450.220516][ T9] em28xx 6-1:0.0: Config register raw data: 0xfffffffb [ 450.237857][ T9] em28xx 6-1:0.0: AC97 chip type couldn't be determined [ 450.258088][ T9] em28xx 6-1:0.0: No AC97 audio processor [ 450.282114][ T9] usb 6-1: USB disconnect, device number 19 [ 450.288843][ T9] em28xx 6-1:0.0: Disconnecting em28xx [ 450.295827][ T9] em28xx 6-1:0.0: Freeing device [ 450.542478][ T5876] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached [ 450.771523][ T5869] usb 4-1: USB disconnect, device number 54 [ 450.781943][ T5869] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 451.926493][T19549] ceph: missing cluster fsid [ 451.945135][T19549] ceph: separator ':' missing in source [ 452.850668][ T5869] usb 3-1: new full-speed USB device number 34 using dummy_hcd [ 452.900581][T19596] sock: sock_timestamping_bind_phc: sock not bind to device [ 453.036380][ T5869] usb 3-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44 [ 453.046410][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.077571][ T5869] usb 3-1: config 0 descriptor?? [ 453.085863][ T5869] pwc: Samsung MPC-C10 USB webcam detected. [ 453.350386][ T5869] pwc: send_video_command error -71 [ 453.355650][ T5869] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 453.370410][ T5869] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 453.430398][ T5869] usb 3-1: USB disconnect, device number 34 [ 453.864631][T19633] loop5: detected capacity change from 0 to 7 [ 453.871650][ T5869] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 453.910959][T19633] Buffer I/O error on dev loop5, logical block 0, async page read [ 453.941766][T19633] Buffer I/O error on dev loop5, logical block 0, async page read [ 453.954058][T19633] Buffer I/O error on dev loop5, logical block 0, async page read [ 453.965158][T19633] Buffer I/O error on dev loop5, logical block 0, async page read [ 559.039900][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 559.039933][ C0] rcu: 1-...!: (1 GPs behind) idle=ee44/1/0x4000000000000000 softirq=65689/65690 fqs=0 [ 559.040815][ C0] rcu: (detected by 0, t=10502 jiffies, g=76301, q=488 ncpus=2) [ 559.040851][ C0] Sending NMI from CPU 0 to CPUs 1: [ 559.040894][ C1] NMI backtrace for cpu 1 [ 559.040918][ C1] CPU: 1 UID: 0 PID: 19633 Comm: syz.1.5948 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 559.040937][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 559.040949][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xb3/0x140 [ 559.040987][ C1] Code: 05 e8 31 a3 e3 f5 4c 89 f3 48 c1 eb 03 42 80 3c 23 00 74 08 4c 89 f7 e8 8b c6 3f f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 <42> 80 3c 23 00 74 08 4c 89 f7 e8 7e c5 3f f6 f6 44 24 21 02 75 52 [ 559.041001][ C1] RSP: 0018:ffffc90000a18b40 EFLAGS: 00000046 [ 559.041017][ C1] RAX: 0000000000000001 RBX: 1ffff9200014316c RCX: 0000000000000001 [ 559.041038][ C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff9a5e85a8 [ 559.041049][ C1] RBP: ffffc90000a18bd0 R08: ffffffff9a5e85ab R09: 1ffffffff34bd0b5 [ 559.041062][ C1] R10: dffffc0000000000 R11: fffffbfff34bd0b6 R12: dffffc0000000000 [ 559.041081][ C1] R13: 1ffff92000143168 R14: ffffc90000a18b60 R15: 0000000000000046 [ 559.041094][ C1] FS: 00007f22bafde6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 559.041109][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 559.041121][ C1] CR2: 00007f0115a26f98 CR3: 0000000028578000 CR4: 00000000003526f0 [ 559.041136][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 559.041146][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 559.041157][ C1] Call Trace: [ 559.041163][ C1] [ 559.041178][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 559.041217][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 559.041257][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 559.041296][ C1] ? nmi_handle+0x2a/0x5a0 [ 559.041333][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 559.041356][ C1] ? nmi_handle+0x14f/0x5a0 [ 559.041373][ C1] ? nmi_handle+0x2a/0x5a0 [ 559.041391][ C1] ? _raw_spin_unlock_irqrestore+0xb3/0x140 [ 559.041411][ C1] ? default_do_nmi+0x63/0x160 [ 559.041429][ C1] ? exc_nmi+0x123/0x1f0 [ 559.041446][ C1] ? end_repeat_nmi+0xf/0x53 [ 559.041468][ C1] ? _raw_spin_unlock_irqrestore+0xb3/0x140 [ 559.041489][ C1] ? _raw_spin_unlock_irqrestore+0xb3/0x140 [ 559.041510][ C1] ? _raw_spin_unlock_irqrestore+0xb3/0x140 [ 559.041531][ C1] [ 559.041536][ C1] [ 559.041542][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 559.041568][ C1] debug_object_activate+0x3f7/0x580 [ 559.041595][ C1] ? __pfx_debug_object_activate+0x10/0x10 [ 559.041618][ C1] ? advance_sched+0xa02/0xca0 [ 559.041639][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 559.041658][ C1] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 559.041680][ C1] enqueue_hrtimer+0x30/0x3c0 [ 559.041704][ C1] __hrtimer_run_queues+0x6cb/0xd30 [ 559.041733][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 559.041753][ C1] ? sched_clock+0x4a/0x70 [ 559.041775][ C1] ? read_tsc+0x9/0x20 [ 559.041795][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 559.041816][ C1] hrtimer_interrupt+0x403/0xa40 [ 559.041848][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 559.041868][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 559.041889][ C1] [ 559.041894][ C1] [ 559.041901][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 559.041925][ C1] RIP: 0010:console_flush_all+0x996/0xeb0 [ 559.041948][ C1] Code: 48 21 c3 0f 85 16 02 00 00 e8 f6 ad 20 00 4c 8b 7c 24 10 4d 85 f6 75 07 e8 e7 ad 20 00 eb 06 e8 e0 ad 20 00 fb 48 8b 5c 24 18 <48> 8b 44 24 30 42 80 3c 28 00 74 08 48 89 df e8 86 8a 84 00 4c 8b [ 559.041962][ C1] RSP: 0018:ffffc9000f726400 EFLAGS: 00000283 [ 559.041977][ C1] RAX: ffffffff817ec600 RBX: ffffffff8f162c98 RCX: 0000000000080000 [ 559.041989][ C1] RDX: ffffc90005192000 RSI: 000000000000e1e4 RDI: 000000000000e1e5 [ 559.042000][ C1] RBP: ffffc9000f7265b0 R08: ffffffff817ec5d7 R09: 1ffffffff284e110 [ 559.042013][ C1] R10: dffffc0000000000 R11: fffffbfff284e111 R12: ffffffff8f162c40 [ 559.042025][ C1] R13: dffffc0000000000 R14: 0000000000000200 R15: ffffc9000f726600 [ 559.042041][ C1] ? console_flush_all+0x967/0xeb0 [ 559.042063][ C1] ? console_flush_all+0x990/0xeb0 [ 559.042097][ C1] ? console_flush_all+0x1a3/0xeb0 [ 559.042123][ C1] ? __pfx_console_flush_all+0x10/0x10 [ 559.042147][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 559.042168][ C1] ? this_cpu_in_panic+0x4f/0x80 [ 559.042186][ C1] ? is_printk_legacy_deferred+0x43/0x50 [ 559.042204][ C1] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 559.042227][ C1] console_unlock+0x14f/0x3b0 [ 559.042249][ C1] ? __pfx_console_unlock+0x10/0x10 [ 559.042271][ C1] ? this_cpu_in_panic+0x4f/0x80 [ 559.042290][ C1] ? is_printk_legacy_deferred+0x43/0x50 [ 559.042306][ C1] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 559.042330][ C1] vprintk_emit+0x730/0xa10 [ 559.042352][ C1] ? __pfx_vprintk_emit+0x10/0x10 [ 559.042372][ C1] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 559.042391][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 559.042413][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 559.042433][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 559.042458][ C1] _printk+0xd5/0x120 [ 559.042478][ C1] ? end_buffer_async_read+0x152/0x390 [ 559.042495][ C1] ? __pfx__printk+0x10/0x10 [ 559.042514][ C1] ? __submit_bio+0x2c6/0x560 [ 559.042536][ C1] end_buffer_async_read+0x379/0x390 [ 559.042551][ C1] ? bio_endio+0x7e4/0x890 [ 559.042573][ C1] ? end_buffer_async_read_io+0x2e6/0x3f0 [ 559.042592][ C1] ? __pfx_end_buffer_async_read_io+0x10/0x10 [ 559.042609][ C1] end_bio_bh_io_sync+0xbf/0x120 [ 559.042628][ C1] blk_mq_submit_bio+0x1ac8/0x2390 [ 559.042650][ C1] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 559.042668][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 559.042686][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 559.042708][ C1] __submit_bio+0x2c6/0x560 [ 559.042726][ C1] ? __pfx___submit_bio+0x10/0x10 [ 559.042753][ C1] submit_bio_noacct_nocheck+0x4d3/0xe30 [ 559.042769][ C1] ? bio_associate_blkg_from_css+0xb0c/0xc70 [ 559.042797][ C1] ? __pfx___might_resched+0x10/0x10 [ 559.042822][ C1] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 559.042838][ C1] ? bio_truncate+0x62b/0x720 [ 559.042871][ C1] block_read_full_folio+0x9b3/0xae0 [ 559.042892][ C1] ? __pfx_blkdev_get_block+0x10/0x10 [ 559.042911][ C1] ? __pfx_block_read_full_folio+0x10/0x10 [ 559.042931][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 559.042958][ C1] filemap_read_folio+0x148/0x3b0 [ 559.042973][ C1] ? __pfx_blkdev_read_folio+0x10/0x10 [ 559.042992][ C1] ? __pfx_filemap_read_folio+0x10/0x10 [ 559.043008][ C1] ? __filemap_get_folio+0x64c/0x940 [ 559.043034][ C1] do_read_cache_folio+0x373/0x5b0 [ 559.043051][ C1] ? __pfx_blkdev_read_folio+0x10/0x10 [ 559.043079][ C1] read_part_sector+0xb3/0x260 [ 559.043103][ C1] adfspart_check_ADFS+0xaa/0x5d0 [ 559.043129][ C1] ? __pfx_adfspart_check_ADFS+0x10/0x10 [ 559.043157][ C1] bdev_disk_changed+0x72c/0x13f0 [ 559.043189][ C1] ? __pfx_bdev_disk_changed+0x10/0x10 [ 559.043210][ C1] ? __pfx_set_disk_ro+0x10/0x10 [ 559.043228][ C1] ? kobject_uevent_env+0x1cf/0x8e0 [ 559.043248][ C1] loop_reread_partitions+0x61/0x100 [ 559.043267][ C1] loop_configure+0xbc0/0xeb0 [ 559.043292][ C1] lo_ioctl+0x846/0x1f50 [ 559.043308][ C1] ? __pfx_validate_chain+0x10/0x10 [ 559.043331][ C1] ? validate_chain+0x11e/0x5920 [ 559.043350][ C1] ? __pfx_lo_ioctl+0x10/0x10 [ 559.043367][ C1] ? mark_lock+0x9a/0x360 [ 559.043386][ C1] ? __lock_acquire+0x1397/0x2100 [ 559.043417][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 559.043433][ C1] ? is_bpf_text_address+0x26/0x2a0 [ 559.043452][ C1] ? __pfx_lock_release+0x10/0x10 [ 559.043469][ C1] ? unwind_next_frame+0x18e6/0x22d0 [ 559.043489][ C1] ? preempt_count_add+0x93/0x190 [ 559.043512][ C1] ? 0xffffffffa00007c8 [ 559.043529][ C1] ? 0xffffffffa00007c8 [ 559.043541][ C1] ? is_bpf_text_address+0x285/0x2a0 [ 559.043558][ C1] ? is_bpf_text_address+0x26/0x2a0 [ 559.043575][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 559.043600][ C1] ? kernel_text_address+0xa7/0xe0 [ 559.043620][ C1] ? __kernel_text_address+0xd/0x40 [ 559.043640][ C1] ? unwind_get_return_address+0x4d/0x90 [ 559.043657][ C1] ? arch_stack_walk+0xfd/0x150 [ 559.043681][ C1] ? stack_trace_save+0x118/0x1d0 [ 559.043705][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 559.043729][ C1] ? stack_depot_save_flags+0x37/0x940 [ 559.043750][ C1] ? kasan_save_track+0x51/0x80 [ 559.043770][ C1] ? kasan_save_track+0x3f/0x80 [ 559.043788][ C1] ? kasan_save_free_info+0x40/0x50 [ 559.043806][ C1] ? __kasan_slab_free+0x59/0x70 [ 559.043836][ C1] ? kfree+0x196/0x430 [ 559.043858][ C1] ? tomoyo_path_number_perm+0x679/0x860 [ 559.043874][ C1] ? security_file_ioctl+0xc6/0x2a0 [ 559.043891][ C1] ? __se_sys_ioctl+0x46/0x170 [ 559.043909][ C1] ? do_syscall_64+0xf3/0x230 [ 559.043931][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.043955][ C1] ? do_vfs_ioctl+0xf07/0x2e40 [ 559.043977][ C1] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 559.043998][ C1] ? mark_lock+0x9a/0x360 [ 559.044024][ C1] ? tomoyo_path_number_perm+0x206/0x860 [ 559.044040][ C1] ? __pfx_lock_release+0x10/0x10 [ 559.044059][ C1] ? tomoyo_path_number_perm+0x679/0x860 [ 559.044081][ C1] ? tomoyo_path_number_perm+0x679/0x860 [ 559.044098][ C1] ? blkdev_common_ioctl+0xfb2/0x2460 [ 559.044115][ C1] ? __lock_acquire+0x1397/0x2100 [ 559.044133][ C1] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 559.044148][ C1] ? tomoyo_path_number_perm+0x206/0x860 [ 559.044182][ C1] ? __pfx_smack_file_ioctl+0x10/0x10 [ 559.044207][ C1] ? file_to_blk_mode+0xcc/0x140 [ 559.044225][ C1] ? __pfx_lo_ioctl+0x10/0x10 [ 559.044241][ C1] blkdev_ioctl+0x57d/0x6a0 [ 559.044258][ C1] ? __pfx_blkdev_ioctl+0x10/0x10 [ 559.044276][ C1] ? __pfx_blkdev_ioctl+0x10/0x10 [ 559.044292][ C1] __se_sys_ioctl+0xf5/0x170 [ 559.044313][ C1] do_syscall_64+0xf3/0x230 [ 559.044335][ C1] ? clear_bhb_loop+0x35/0x90 [ 559.044351][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.044374][ C1] RIP: 0033:0x7f22ba185d29 [ 559.044388][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 559.044402][ C1] RSP: 002b:00007f22bafde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 559.044418][ C1] RAX: ffffffffffffffda RBX: 00007f22ba375fa0 RCX: 00007f22ba185d29 [ 559.044431][ C1] RDX: 00000000200002c0 RSI: 0000000000004c0a RDI: 0000000000000003 [ 559.044442][ C1] RBP: 00007f22ba201b08 R08: 0000000000000000 R09: 0000000000000000 [ 559.044453][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 559.044463][ C1] R13: 0000000000000000 R14: 00007f22ba375fa0 R15: 00007fff26fe7698 [ 559.044482][ C1] [ 559.044882][ C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g76301 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 559.044907][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 559.044918][ C0] rcu: RCU grace-period kthread stack dump: [ 559.044927][ C0] task:rcu_preempt state:R running task stack:26064 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 559.044985][ C0] Call Trace: [ 559.044992][ C0] [ 559.045005][ C0] __schedule+0x17fb/0x4be0 [ 559.045054][ C0] ? __pfx___schedule+0x10/0x10 [ 559.045082][ C0] ? __pfx_lock_release+0x10/0x10 [ 559.045113][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 559.045138][ C0] ? schedule+0x90/0x320 [ 559.045161][ C0] schedule+0x14b/0x320 [ 559.045187][ C0] schedule_timeout+0x15a/0x290 [ 559.045209][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 559.045233][ C0] ? __pfx_process_timeout+0x10/0x10 [ 559.045266][ C0] ? prepare_to_swait_event+0x330/0x350 [ 559.045293][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 559.045325][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 559.045354][ C0] ? rcu_gp_init+0x1256/0x1630 [ 559.045382][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 559.045403][ C0] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 559.045427][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 559.045449][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 559.045480][ C0] ? finish_swait+0xd4/0x1e0 [ 559.045503][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 559.045528][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 559.045550][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 559.045578][ C0] ? __kthread_parkme+0x169/0x1d0 [ 559.045602][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 559.045625][ C0] kthread+0x2f0/0x390 [ 559.045647][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 559.045668][ C0] ? __pfx_kthread+0x10/0x10 [ 559.045691][ C0] ret_from_fork+0x4b/0x80 [ 559.045709][ C0] ? __pfx_kthread+0x10/0x10 [ 559.045730][ C0] ret_from_fork_asm+0x1a/0x30 [ 559.045772][ C0] [ 559.045780][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 559.045790][ C0] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 559.045812][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 559.045825][ C0] Workqueue: events_unbound toggle_allocation_gate [ 559.045854][ C0] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2c60 [ 559.045881][ C0] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 56 e9 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 01 e5 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 e5 e4 [ 559.045898][ C0] RSP: 0018:ffffc900001076e0 EFLAGS: 00000293 [ 559.045916][ C0] RAX: ffffffff81938efb RBX: 1ffff110170e88b9 RCX: ffff88801bee3c00 [ 559.045932][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 559.045945][ C0] RBP: ffffc900001078e0 R08: ffffffff81938eca R09: 1ffffffff284e110 [ 559.045960][ C0] R10: dffffc0000000000 R11: fffffbfff284e111 R12: dffffc0000000000 [ 559.045975][ C0] R13: ffff8880b87445c8 R14: ffff8880b863f940 R15: 0000000000000001 [ 559.045990][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 559.046007][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 559.046022][ C0] CR2: 00007f0114d452d8 CR3: 000000000e736000 CR4: 00000000003526f0 [ 559.046040][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 559.046053][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 559.046065][ C0] Call Trace: [ 559.046072][ C0] [ 559.046077][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 559.046099][ C0] ? print_other_cpu_stall+0x1481/0x15c0 [ 559.046128][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 559.046164][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 559.046194][ C0] ? rcu_sched_clock_irq+0xa26/0x10e0 [ 559.046226][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 559.046261][ C0] ? update_process_times+0x242/0x2f0 [ 559.046284][ C0] ? tick_nohz_handler+0x37c/0x500 [ 559.046326][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 559.046355][ C0] ? __hrtimer_run_queues+0x551/0xd30 [ 559.046397][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 559.046421][ C0] ? handle_softirqs+0x7e0/0x9b0 [ 559.046450][ C0] ? read_tsc+0x9/0x20 [ 559.046474][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 559.046502][ C0] ? hrtimer_interrupt+0x403/0xa40 [ 559.046550][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 559.046576][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 559.046600][ C0] [ 559.046608][ C0] [ 559.046617][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 559.046651][ C0] ? smp_call_function_many_cond+0x19da/0x2c60 [ 559.046675][ C0] ? smp_call_function_many_cond+0x1a0b/0x2c60 [ 559.046703][ C0] ? smp_call_function_many_cond+0x19f3/0x2c60 [ 559.046741][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 559.046774][ C0] ? __pfx___text_poke+0x10/0x10 [ 559.046796][ C0] ? process_scheduled_works+0x976/0x1840 [ 559.046831][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 559.046857][ C0] ? __pfx___might_resched+0x10/0x10 [ 559.046886][ C0] ? __pfx___mutex_trylock_common+0x10/0x10 [ 559.046916][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 559.046942][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 559.046970][ C0] text_poke_bp_batch+0x352/0xb30 [ 559.046998][ C0] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 559.047026][ C0] ? arch_jump_label_transform_apply+0x17/0x30 [ 559.047057][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 559.047089][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 559.047121][ C0] ? process_scheduled_works+0x976/0x1840 [ 559.047150][ C0] text_poke_finish+0x30/0x50 [ 559.047173][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 559.047200][ C0] static_key_enable_cpuslocked+0x136/0x260 [ 559.047228][ C0] static_key_enable+0x1a/0x20 [ 559.047252][ C0] toggle_allocation_gate+0xbc/0x260 [ 559.047279][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 559.047307][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 559.047352][ C0] process_scheduled_works+0xa66/0x1840 [ 559.047406][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 559.047443][ C0] ? assign_work+0x364/0x3d0 [ 559.047476][ C0] worker_thread+0x870/0xd30 [ 559.047509][ C0] ? __kthread_parkme+0x169/0x1d0 [ 559.047533][ C0] ? __pfx_worker_thread+0x10/0x10 [ 559.047553][ C0] kthread+0x2f0/0x390 [ 559.047574][ C0] ? __pfx_worker_thread+0x10/0x10 [ 559.047592][ C0] ? __pfx_kthread+0x10/0x10 [ 559.047615][ C0] ret_from_fork+0x4b/0x80 [ 559.047632][ C0] ? __pfx_kthread+0x10/0x10 [ 559.047654][ C0] ret_from_fork_asm+0x1a/0x30 [ 559.047695][ C0] [ 568.390685][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 706.690384][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [kworker/u8:0:11] [ 706.690418][ C0] Modules linked in: [ 706.690433][ C0] irq event stamp: 9842366 [ 706.690442][ C0] hardirqs last enabled at (9842365): [] irqentry_exit+0x63/0x90 [ 706.690481][ C0] hardirqs last disabled at (9842366): [] sysvec_apic_timer_interrupt+0xe/0xc0 [ 706.690511][ C0] softirqs last enabled at (9842364): [] __irq_exit_rcu+0xf7/0x220 [ 706.690542][ C0] softirqs last disabled at (9842317): [] __irq_exit_rcu+0xf7/0x220 [ 706.690575][ C0] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 706.690598][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 706.690614][ C0] Workqueue: events_unbound toggle_allocation_gate [ 706.690644][ C0] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2c60 [ 706.690672][ C0] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 56 e9 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 01 e5 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 e5 e4 [ 706.690689][ C0] RSP: 0018:ffffc900001076e0 EFLAGS: 00000293 [ 706.690708][ C0] RAX: ffffffff81938efb RBX: 1ffff110170e88b9 RCX: ffff88801bee3c00 [ 706.690724][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 706.690737][ C0] RBP: ffffc900001078e0 R08: ffffffff81938eca R09: 1ffffffff284e110 [ 706.690753][ C0] R10: dffffc0000000000 R11: fffffbfff284e111 R12: dffffc0000000000 [ 706.690768][ C0] R13: ffff8880b87445c8 R14: ffff8880b863f940 R15: 0000000000000001 [ 706.690783][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 706.690800][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 706.690814][ C0] CR2: 00007f0114d452d8 CR3: 000000000e736000 CR4: 00000000003526f0 [ 706.690838][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 706.690850][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 706.690864][ C0] Call Trace: [ 706.690874][ C0] [ 706.690885][ C0] ? watchdog_timer_fn+0x75b/0x960 [ 706.690912][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 706.690937][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 706.690961][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 706.690993][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 706.691017][ C0] ? __hrtimer_run_queues+0x551/0xd30 [ 706.691060][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 706.691082][ C0] ? handle_softirqs+0x7e0/0x9b0 [ 706.691110][ C0] ? read_tsc+0x9/0x20 [ 706.691134][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 706.691162][ C0] ? hrtimer_interrupt+0x403/0xa40 [ 706.691210][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 706.691235][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 706.691259][ C0] [ 706.691267][ C0] [ 706.691276][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 706.691311][ C0] ? smp_call_function_many_cond+0x19da/0x2c60 [ 706.691335][ C0] ? smp_call_function_many_cond+0x1a0b/0x2c60 [ 706.691363][ C0] ? smp_call_function_many_cond+0x19f3/0x2c60 [ 706.691401][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 706.691435][ C0] ? __pfx___text_poke+0x10/0x10 [ 706.691456][ C0] ? process_scheduled_works+0x976/0x1840 [ 706.691490][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 706.691516][ C0] ? __pfx___might_resched+0x10/0x10 [ 706.691545][ C0] ? __pfx___mutex_trylock_common+0x10/0x10 [ 706.691576][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 706.691601][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 706.691645][ C0] text_poke_bp_batch+0x352/0xb30 [ 706.691673][ C0] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 706.691702][ C0] ? arch_jump_label_transform_apply+0x17/0x30 [ 706.691733][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 706.691766][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 706.691799][ C0] ? process_scheduled_works+0x976/0x1840 [ 706.691833][ C0] text_poke_finish+0x30/0x50 [ 706.691857][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 706.691884][ C0] static_key_enable_cpuslocked+0x136/0x260 [ 706.691912][ C0] static_key_enable+0x1a/0x20 [ 706.691936][ C0] toggle_allocation_gate+0xbc/0x260 [ 706.691964][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 706.691992][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 706.692027][ C0] process_scheduled_works+0xa66/0x1840 [ 706.692082][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 706.692119][ C0] ? assign_work+0x364/0x3d0 [ 706.692152][ C0] worker_thread+0x870/0xd30 [ 706.692185][ C0] ? __kthread_parkme+0x169/0x1d0 [ 706.692209][ C0] ? __pfx_worker_thread+0x10/0x10 [ 706.692228][ C0] kthread+0x2f0/0x390 [ 706.692250][ C0] ? __pfx_worker_thread+0x10/0x10 [ 706.692268][ C0] ? __pfx_kthread+0x10/0x10 [ 706.692291][ C0] ret_from_fork+0x4b/0x80 [ 706.692308][ C0] ? __pfx_kthread+0x10/0x10 [ 706.692330][ C0] ret_from_fork_asm+0x1a/0x30 [ 706.692371][ C0] [ 706.692381][ C0] Sending NMI from CPU 0 to CPUs 1: [ 706.692411][ C1] NMI backtrace for cpu 1 [ 706.692421][ C1] CPU: 1 UID: 0 PID: 19633 Comm: syz.1.5948 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 706.692440][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 706.692449][ C1] RIP: 0010:lock_acquire+0x233/0x550 [ 706.692468][ C1] Code: 7e 83 f8 01 0f 85 a3 01 00 00 49 89 de 48 c1 eb 03 42 80 3c 2b 00 74 08 4c 89 f7 e8 37 a1 88 00 48 c7 44 24 60 00 00 00 00 9c <8f> 44 24 60 42 80 3c 2b 00 74 08 4c 89 f7 e8 2a a0 88 00 f6 44 24 [ 706.692483][ C1] RSP: 0018:ffffc90000a189d8 EFLAGS: 00000046 [ 706.692497][ C1] RAX: 0000000000000001 RBX: 1ffff92000143148 RCX: ffff888029a228d8 [ 706.692509][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0aaae0 RDI: ffffffff8c5edd20 [ 706.692521][ C1] RBP: ffffc90000a18b28 R08: ffffffff94270887 R09: 1ffffffff284e110 [ 706.692534][ C1] R10: dffffc0000000000 R11: fffffbfff284e111 R12: 1ffff92000143144 [ 706.692547][ C1] R13: dffffc0000000000 R14: ffffc90000a18a40 R15: 0000000000000046 [ 706.692559][ C1] FS: 00007f22bafde6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 706.692574][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 706.692586][ C1] CR2: 00007f0115a26f98 CR3: 0000000028578000 CR4: 00000000003526f0 [ 706.692601][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 706.692611][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 706.692621][ C1] Call Trace: [ 706.692628][ C1] [ 706.692635][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 706.692655][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 706.692674][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 706.692692][ C1] ? nmi_handle+0x2a/0x5a0 [ 706.692717][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 706.692739][ C1] ? nmi_handle+0x14f/0x5a0 [ 706.692756][ C1] ? nmi_handle+0x2a/0x5a0 [ 706.692775][ C1] ? lock_acquire+0x233/0x550 [ 706.692790][ C1] ? _raw_spin_unlock_irqrestore+0xb3/0x140 [ 706.692809][ C1] ? default_do_nmi+0x63/0x160 [ 706.692833][ C1] ? exc_nmi+0x123/0x1f0 [ 706.692850][ C1] ? end_repeat_nmi+0xf/0x53 [ 706.692870][ C1] ? lock_acquire+0x233/0x550 [ 706.692887][ C1] ? lock_acquire+0x233/0x550 [ 706.692904][ C1] ? lock_acquire+0x233/0x550 [ 706.692921][ C1] [ 706.692926][ C1] [ 706.692936][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 706.692952][ C1] ? __lock_acquire+0x1397/0x2100 [ 706.692979][ C1] _raw_spin_lock_irqsave+0xd5/0x120 [ 706.692998][ C1] ? debug_object_activate+0x17f/0x580 [ 706.693023][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 706.693047][ C1] debug_object_activate+0x17f/0x580 [ 706.693077][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 706.693101][ C1] ? __pfx_debug_object_activate+0x10/0x10 [ 706.693124][ C1] ? advance_sched+0xa02/0xca0 [ 706.693146][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 706.693164][ C1] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 706.693186][ C1] enqueue_hrtimer+0x30/0x3c0 [ 706.693209][ C1] __hrtimer_run_queues+0x6cb/0xd30 [ 706.693239][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 706.693259][ C1] ? sched_clock+0x4a/0x70 [ 706.693281][ C1] ? read_tsc+0x9/0x20 [ 706.693301][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 706.693322][ C1] hrtimer_interrupt+0x403/0xa40 [ 706.693354][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 706.693374][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 706.693396][ C1] [ 706.693401][ C1] [ 706.693408][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 706.693431][ C1] RIP: 0010:console_flush_all+0x996/0xeb0 [ 706.693455][ C1] Code: 48 21 c3 0f 85 16 02 00 00 e8 f6 ad 20 00 4c 8b 7c 24 10 4d 85 f6 75 07 e8 e7 ad 20 00 eb 06 e8 e0 ad 20 00 fb 48 8b 5c 24 18 <48> 8b 44 24 30 42 80 3c 28 00 74 08 48 89 df e8 86 8a 84 00 4c 8b [ 706.693469][ C1] RSP: 0018:ffffc9000f726400 EFLAGS: 00000283 [ 706.693482][ C1] RAX: ffffffff817ec600 RBX: ffffffff8f162c98 RCX: 0000000000080000 [ 706.693495][ C1] RDX: ffffc90005192000 RSI: 000000000000e1e4 RDI: 000000000000e1e5 [ 706.693506][ C1] RBP: ffffc9000f7265b0 R08: ffffffff817ec5d7 R09: 1ffffffff284e110 [ 706.693518][ C1] R10: dffffc0000000000 R11: fffffbfff284e111 R12: ffffffff8f162c40 [ 706.693531][ C1] R13: dffffc0000000000 R14: 0000000000000200 R15: ffffc9000f726600 [ 706.693546][ C1] ? console_flush_all+0x967/0xeb0 [ 706.693568][ C1] ? console_flush_all+0x990/0xeb0 [ 706.693596][ C1] ? console_flush_all+0x1a3/0xeb0 [ 706.693623][ C1] ? __pfx_console_flush_all+0x10/0x10 [ 706.693648][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 706.693668][ C1] ? this_cpu_in_panic+0x4f/0x80 [ 706.693687][ C1] ? is_printk_legacy_deferred+0x43/0x50 [ 706.693705][ C1] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 706.693729][ C1] console_unlock+0x14f/0x3b0 [ 706.693751][ C1] ? __pfx_console_unlock+0x10/0x10 [ 706.693774][ C1] ? this_cpu_in_panic+0x4f/0x80 [ 706.693792][ C1] ? is_printk_legacy_deferred+0x43/0x50 [ 706.693809][ C1] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 706.693832][ C1] vprintk_emit+0x730/0xa10 [ 706.693854][ C1] ? __pfx_vprintk_emit+0x10/0x10 [ 706.693874][ C1] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 706.693894][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 706.693915][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 706.693935][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 706.693961][ C1] _printk+0xd5/0x120 [ 706.693981][ C1] ? end_buffer_async_read+0x152/0x390 [ 706.693998][ C1] ? __pfx__printk+0x10/0x10 [ 706.694017][ C1] ? __submit_bio+0x2c6/0x560 [ 706.694039][ C1] end_buffer_async_read+0x379/0x390 [ 706.694054][ C1] ? bio_endio+0x7e4/0x890 [ 706.694081][ C1] ? end_buffer_async_read_io+0x2e6/0x3f0 [ 706.694100][ C1] ? __pfx_end_buffer_async_read_io+0x10/0x10 [ 706.694117][ C1] end_bio_bh_io_sync+0xbf/0x120 [ 706.694136][ C1] blk_mq_submit_bio+0x1ac8/0x2390 [ 706.694157][ C1] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 706.694176][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 706.694195][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 706.694216][ C1] __submit_bio+0x2c6/0x560 [ 706.694234][ C1] ? __pfx___submit_bio+0x10/0x10 [ 706.694262][ C1] submit_bio_noacct_nocheck+0x4d3/0xe30 [ 706.694278][ C1] ? bio_associate_blkg_from_css+0xb0c/0xc70 [ 706.694306][ C1] ? __pfx___might_resched+0x10/0x10 [ 706.694330][ C1] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 706.694347][ C1] ? bio_truncate+0x62b/0x720 [ 706.694379][ C1] block_read_full_folio+0x9b3/0xae0 [ 706.694400][ C1] ? __pfx_blkdev_get_block+0x10/0x10 [ 706.694420][ C1] ? __pfx_block_read_full_folio+0x10/0x10 [ 706.694439][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 706.694466][ C1] filemap_read_folio+0x148/0x3b0 [ 706.694482][ C1] ? __pfx_blkdev_read_folio+0x10/0x10 [ 706.694501][ C1] ? __pfx_filemap_read_folio+0x10/0x10 [ 706.694517][ C1] ? __filemap_get_folio+0x64c/0x940 [ 706.694543][ C1] do_read_cache_folio+0x373/0x5b0 [ 706.694560][ C1] ? __pfx_blkdev_read_folio+0x10/0x10 [ 706.694582][ C1] read_part_sector+0xb3/0x260 [ 706.694606][ C1] adfspart_check_ADFS+0xaa/0x5d0 [ 706.694632][ C1] ? __pfx_adfspart_check_ADFS+0x10/0x10 [ 706.694660][ C1] bdev_disk_changed+0x72c/0x13f0 [ 706.694691][ C1] ? __pfx_bdev_disk_changed+0x10/0x10 [ 706.694713][ C1] ? __pfx_set_disk_ro+0x10/0x10 [ 706.694731][ C1] ? kobject_uevent_env+0x1cf/0x8e0 [ 706.694751][ C1] loop_reread_partitions+0x61/0x100 [ 706.694770][ C1] loop_configure+0xbc0/0xeb0 [ 706.694794][ C1] lo_ioctl+0x846/0x1f50 [ 706.694811][ C1] ? __pfx_validate_chain+0x10/0x10 [ 706.694833][ C1] ? validate_chain+0x11e/0x5920 [ 706.694853][ C1] ? __pfx_lo_ioctl+0x10/0x10 [ 706.694869][ C1] ? mark_lock+0x9a/0x360 [ 706.694889][ C1] ? __lock_acquire+0x1397/0x2100 [ 706.694920][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 706.694937][ C1] ? is_bpf_text_address+0x26/0x2a0 [ 706.694955][ C1] ? __pfx_lock_release+0x10/0x10 [ 706.694973][ C1] ? unwind_next_frame+0x18e6/0x22d0 [ 706.694992][ C1] ? preempt_count_add+0x93/0x190 [ 706.695016][ C1] ? 0xffffffffa00007c8 [ 706.695029][ C1] ? 0xffffffffa00007c8 [ 706.695041][ C1] ? is_bpf_text_address+0x285/0x2a0 [ 706.695057][ C1] ? is_bpf_text_address+0x26/0x2a0 [ 706.695079][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 706.695103][ C1] ? kernel_text_address+0xa7/0xe0 [ 706.695124][ C1] ? __kernel_text_address+0xd/0x40 [ 706.695143][ C1] ? unwind_get_return_address+0x4d/0x90 [ 706.695160][ C1] ? arch_stack_walk+0xfd/0x150 [ 706.695184][ C1] ? stack_trace_save+0x118/0x1d0 [ 706.695209][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 706.695233][ C1] ? stack_depot_save_flags+0x37/0x940 [ 706.695254][ C1] ? kasan_save_track+0x51/0x80 [ 706.695274][ C1] ? kasan_save_track+0x3f/0x80 [ 706.695293][ C1] ? kasan_save_free_info+0x40/0x50 [ 706.695309][ C1] ? __kasan_slab_free+0x59/0x70 [ 706.695329][ C1] ? kfree+0x196/0x430 [ 706.695351][ C1] ? tomoyo_path_number_perm+0x679/0x860 [ 706.695367][ C1] ? security_file_ioctl+0xc6/0x2a0 [ 706.695385][ C1] ? __se_sys_ioctl+0x46/0x170 [ 706.695403][ C1] ? do_syscall_64+0xf3/0x230 [ 706.695425][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 706.695450][ C1] ? do_vfs_ioctl+0xf07/0x2e40 [ 706.695472][ C1] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 706.695493][ C1] ? mark_lock+0x9a/0x360 [ 706.695519][ C1] ? tomoyo_path_number_perm+0x206/0x860 [ 706.695535][ C1] ? __pfx_lock_release+0x10/0x10 [ 706.695554][ C1] ? tomoyo_path_number_perm+0x679/0x860 [ 706.695572][ C1] ? tomoyo_path_number_perm+0x679/0x860 [ 706.695589][ C1] ? blkdev_common_ioctl+0xfb2/0x2460 [ 706.695607][ C1] ? __lock_acquire+0x1397/0x2100 [ 706.695624][ C1] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 706.695640][ C1] ? tomoyo_path_number_perm+0x206/0x860 [ 706.695674][ C1] ? __pfx_smack_file_ioctl+0x10/0x10 [ 706.695699][ C1] ? file_to_blk_mode+0xcc/0x140 [ 706.695716][ C1] ? __pfx_lo_ioctl+0x10/0x10 [ 706.695733][ C1] blkdev_ioctl+0x57d/0x6a0 [ 706.695749][ C1] ? __pfx_blkdev_ioctl+0x10/0x10 [ 706.695767][ C1] ? __pfx_blkdev_ioctl+0x10/0x10 [ 706.695784][ C1] __se_sys_ioctl+0xf5/0x170 [ 706.695804][ C1] do_syscall_64+0xf3/0x230 [ 706.695826][ C1] ? clear_bhb_loop+0x35/0x90 [ 706.695843][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 706.695865][ C1] RIP: 0033:0x7f22ba185d29 [ 706.695879][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 706.695893][ C1] RSP: 002b:00007f22bafde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 706.695909][ C1] RAX: ffffffffffffffda RBX: 00007f22ba375fa0 RCX: 00007f22ba185d29 [ 706.695922][ C1] RDX: 00000000200002c0 RSI: 0000000000004c0a RDI: 0000000000000003 [ 706.695933][ C1] RBP: 00007f22ba201b08 R08: 0000000000000000 R09: 0000000000000000 [ 706.695944][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 706.695954][ C1] R13: 0000000000000000 R14: 00007f22ba375fa0 R15: 00007fff26fe7698 [ 706.695973][ C1] [ 706.696420][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 706.696438][ C0] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Tainted: G L 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 706.696465][ C0] Tainted: [L]=SOFTLOCKUP [ 706.696472][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 706.696484][ C0] Workqueue: events_unbound toggle_allocation_gate [ 706.696511][ C0] Call Trace: [ 706.696519][ C0] [ 706.696527][ C0] dump_stack_lvl+0x241/0x360 [ 706.696554][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 706.696578][ C0] ? __pfx__printk+0x10/0x10 [ 706.696607][ C0] ? vscnprintf+0x5d/0x90 [ 706.696632][ C0] panic+0x349/0x880 [ 706.696655][ C0] ? watchdog_timer_fn+0x914/0x960 [ 706.696678][ C0] ? __pfx_panic+0x10/0x10 [ 706.696697][ C0] ? tick_nohz_tick_stopped+0x82/0xb0 [ 706.696724][ C0] ? __irq_work_queue_local+0x137/0x410 [ 706.696747][ C0] ? irq_work_queue+0xca/0x150 [ 706.696765][ C0] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 706.696793][ C0] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 706.696830][ C0] watchdog_timer_fn+0x957/0x960 [ 706.696856][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 706.696880][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 706.696904][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 706.696936][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 706.696959][ C0] __hrtimer_run_queues+0x551/0xd30 [ 706.697001][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 706.697024][ C0] ? handle_softirqs+0x7e0/0x9b0 [ 706.697051][ C0] ? read_tsc+0x9/0x20 [ 706.697074][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 706.697101][ C0] hrtimer_interrupt+0x403/0xa40 [ 706.697148][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 706.697173][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 706.697197][ C0] [ 706.697204][ C0] [ 706.697213][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 706.697240][ C0] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2c60 [ 706.697266][ C0] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 56 e9 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 01 e5 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 e5 e4 [ 706.697283][ C0] RSP: 0018:ffffc900001076e0 EFLAGS: 00000293 [ 706.697299][ C0] RAX: ffffffff81938efb RBX: 1ffff110170e88b9 RCX: ffff88801bee3c00 [ 706.697315][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 706.697327][ C0] RBP: ffffc900001078e0 R08: ffffffff81938eca R09: 1ffffffff284e110 [ 706.697342][ C0] R10: dffffc0000000000 R11: fffffbfff284e111 R12: dffffc0000000000 [ 706.697357][ C0] R13: ffff8880b87445c8 R14: ffff8880b863f940 R15: 0000000000000001 [ 706.697379][ C0] ? smp_call_function_many_cond+0x19da/0x2c60 [ 706.697402][ C0] ? smp_call_function_many_cond+0x1a0b/0x2c60 [ 706.697443][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 706.697476][ C0] ? __pfx___text_poke+0x10/0x10 [ 706.697497][ C0] ? process_scheduled_works+0x976/0x1840 [ 706.697531][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 706.697557][ C0] ? __pfx___might_resched+0x10/0x10 [ 706.697585][ C0] ? __pfx___mutex_trylock_common+0x10/0x10 [ 706.697615][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 706.697641][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 706.697666][ C0] text_poke_bp_batch+0x352/0xb30 [ 706.697691][ C0] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 706.697719][ C0] ? arch_jump_label_transform_apply+0x17/0x30 [ 706.697749][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 706.697781][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 706.697813][ C0] ? process_scheduled_works+0x976/0x1840 [ 706.697848][ C0] text_poke_finish+0x30/0x50 [ 706.697871][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 706.697897][ C0] static_key_enable_cpuslocked+0x136/0x260 [ 706.697924][ C0] static_key_enable+0x1a/0x20 [ 706.697947][ C0] toggle_allocation_gate+0xbc/0x260 [ 706.697974][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 706.698002][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 706.698040][ C0] process_scheduled_works+0xa66/0x1840 [ 706.698093][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 706.698130][ C0] ? assign_work+0x364/0x3d0 [ 706.698163][ C0] worker_thread+0x870/0xd30 [ 706.698195][ C0] ? __kthread_parkme+0x169/0x1d0 [ 706.698218][ C0] ? __pfx_worker_thread+0x10/0x10 [ 706.698236][ C0] kthread+0x2f0/0x390 [ 706.698257][ C0] ? __pfx_worker_thread+0x10/0x10 [ 706.698275][ C0] ? __pfx_kthread+0x10/0x10 [ 706.698297][ C0] ret_from_fork+0x4b/0x80 [ 706.698314][ C0] ? __pfx_kthread+0x10/0x10 [ 706.698336][ C0] ret_from_fork_asm+0x1a/0x30 [ 706.698376][ C0] [ 707.826230][ C0] Shutting down cpus with NMI [ 707.826504][ C0] Kernel Offset: disabled