[   52.113828][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.137837][   T11] device veth1_macvtap left promiscuous mode
[   52.145556][   T11] device veth0_macvtap left promiscuous mode
[   52.152132][   T11] device veth1_vlan left promiscuous mode
[   52.158097][   T11] device veth0_vlan left promiscuous mode
[   52.302948][   T11] team0 (unregistering): Port device team_slave_1 removed
[   52.315107][   T11] team0 (unregistering): Port device team_slave_0 removed
[   52.327185][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   52.343070][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   52.385770][   T11] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.0.99' (ECDSA) to the list of known hosts.
2022/08/25 20:16:05 ignoring optional flag "sandboxArg"="0"
2022/08/25 20:16:06 parsed 1 programs
[   66.301620][ T4066] cgroup: Unknown subsys name 'net'
[   66.310146][ T4066] cgroup: Unknown subsys name 'rlimit'
2022/08/25 20:16:06 executed programs: 0
[   69.679270][ T3644] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   71.201762][ T2473] cfg80211: failed to load regulatory.db
[   73.839255][ T3644] Bluetooth: hci0: Opcode 0x c03 failed: -110
[   75.927236][   T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   75.935687][   T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   75.943886][   T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   75.952360][   T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   75.960782][   T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   75.969922][   T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.030878][ T4102] chnl_net:caif_netlink_parms(): no params data found
[   76.063845][ T4102] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.071111][ T4102] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.078614][ T4102] device bridge_slave_0 entered promiscuous mode
[   76.087129][ T4102] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.094335][ T4102] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.104253][ T4102] device bridge_slave_1 entered promiscuous mode
[   76.121450][ T4102] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.132054][ T4102] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.152756][ T4102] team0: Port device team_slave_0 added
[   76.160250][ T4102] team0: Port device team_slave_1 added
[   76.175212][ T4102] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.182252][ T4102] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.212007][ T4102] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.225475][ T4102] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.232479][ T4102] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.258795][ T4102] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.282640][ T4102] device hsr_slave_0 entered promiscuous mode
[   76.289280][ T4102] device hsr_slave_1 entered promiscuous mode
[   76.340258][ T4102] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.347355][ T4102] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.355226][ T4102] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.362414][ T4102] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.395659][ T4102] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.407586][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   76.416189][  T141] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.424069][  T141] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.433727][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   76.444844][ T4102] 8021q: adding VLAN 0 to HW filter on device team0
[   76.454438][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   76.463431][  T141] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.470600][  T141] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.490071][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   76.498448][  T141] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.505531][  T141] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.513676][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   76.522828][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   76.534525][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   76.542357][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   76.553447][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   76.564154][ T4102] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   76.578802][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   76.587090][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   76.598526][ T4102] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.767912][ T4102] device veth0_vlan entered promiscuous mode
[   76.775176][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   76.784789][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   76.793802][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   76.801817][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   76.813797][ T4102] device veth1_vlan entered promiscuous mode
[   76.829391][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   76.837740][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   76.847031][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   76.857442][ T4102] device veth0_macvtap entered promiscuous mode
[   76.866434][ T4102] device veth1_macvtap entered promiscuous mode
[   76.881375][ T4102] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.888767][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.898634][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   76.909219][ T4102] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.920572][  T141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   77.239297][  T141] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   77.479148][  T141] usb 1-1: Using ep0 maxpacket: 8
[   77.600461][  T141] usb 1-1: config 0 has an invalid interface number: 119 but max is 0
[   77.608956][  T141] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[   77.619440][  T141] usb 1-1: config 0 has no interface number 0
[   77.625551][  T141] usb 1-1: config 0 interface 119 altsetting 0 bulk endpoint 0xF has invalid maxpacket 8
[   77.635603][  T141] usb 1-1: config 0 interface 119 altsetting 0 endpoint 0x6 has invalid maxpacket 1024, setting to 64
[   77.646714][  T141] usb 1-1: config 0 interface 119 altsetting 0 endpoint 0x83 has invalid maxpacket 29939, setting to 1024
[   77.658371][  T141] usb 1-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[   77.668670][  T141] usb 1-1: config 0 interface 119 altsetting 0 has an invalid endpoint with address 0xBD, skipping
[   77.681205][  T141] usb 1-1: config 0 interface 119 altsetting 0 has a duplicate endpoint with address 0xF, skipping
[   77.692118][  T141] usb 1-1: config 0 interface 119 altsetting 0 endpoint 0x8 has an invalid bInterval 244, changing to 11
[   77.704227][  T141] usb 1-1: config 0 interface 119 altsetting 0 has an invalid endpoint with address 0x0, skipping
[   77.714930][  T141] usb 1-1: config 0 interface 119 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64
[   77.726660][  T141] usb 1-1: config 0 interface 119 altsetting 0 endpoint 0x2 has an invalid bInterval 31, changing to 7
[   77.738017][  T141] usb 1-1: config 0 interface 119 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   77.749945][  T141] usb 1-1: config 0 interface 119 altsetting 0 has a duplicate endpoint with address 0x6, skipping
[   77.760960][  T141] usb 1-1: config 0 interface 119 altsetting 0 has 14 endpoint descriptors, different from the interface descriptor's value: 13
[   77.929309][  T141] usb 1-1: New USB device found, idVendor=cace, idProduct=0300, bcdDevice=31.25
[   77.939094][  T141] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.947127][  T141] usb 1-1: Product: syz
[   77.952515][  T141] usb 1-1: Manufacturer: syz
[   77.957478][  T141] usb 1-1: SerialNumber: syz
[   77.965511][  T141] usb 1-1: config 0 descriptor??
[   77.990564][ T4121] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   78.000331][ T2473] Bluetooth: hci0: command 0x0409 tx timeout
[   78.161716][  T141] usb 1-1: reset high-speed USB device number 2 using dummy_hcd
2022/08/25 20:16:18 executed programs: 1
[   79.119609][  T141] usb 1-1: device descriptor read/64, error -71
[   79.389194][  T141] usb 1-1: reset high-speed USB device number 2 using dummy_hcd
[   79.629136][  T141] usb 1-1: Using ep0 maxpacket: 8
[   79.769336][ T4125] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   79.801963][  T141] usb 1-1: driver   API: 1.9.9 2016-02-15 [1-1]
[   79.808341][  T141] usb 1-1: firmware API: 1.9.6 2012-07-07
[   79.815788][  T141] ------------[ cut here ]------------
[   79.821800][  T141] usb 1-1: BOGUS urb xfer, pipe 1 != type 3
[   79.827927][  T141] WARNING: CPU: 0 PID: 141 at drivers/usb/core/urb.c:502 usb_submit_urb+0xb07/0x1690
[   79.838840][  T141] Modules linked in:
[   79.843113][  T141] CPU: 0 PID: 141 Comm: kworker/0:2 Not tainted 6.0.0-rc2-syzkaller #0
[   79.852321][  T141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   79.862613][  T141] Workqueue: events request_firmware_work_func
[   79.868999][  T141] RIP: 0010:usb_submit_urb+0xb07/0x1690
[   79.875821][  T141] Code: 4c 24 18 89 4c 24 08 44 89 04 24 e8 13 5d 19 ff 44 8b 04 24 4c 89 e2 48 c7 c7 c0 2f a5 89 8b 4c 24 08 48 89 c6 e8 f4 0a 57 03 <0f> 0b 4c 8b 4c 24 18 e9 c0 fa ff ff 48 8d 7b 1c 48 ba 00 00 00 00
[   79.896550][  T141] RSP: 0018:ffffc900025cfba8 EFLAGS: 00010286
[   79.902976][  T141] RAX: 0000000000000000 RBX: ffff88807d7b5000 RCX: 0000000000000000
[   79.911685][  T141] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff520004b9f67
[   79.919954][  T141] RBP: ffff88801fdcd300 R08: 0000000000000001 R09: ffff8880b9e2792b
[   79.928542][  T141] R10: ffffed10173c4f25 R11: 0000000000000000 R12: ffff88801fdbb208
[   79.936755][  T141] R13: 000000000000000e R14: 0000000000000002 R15: 0000000000000000
[   79.945220][  T141] FS:  0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
[   79.954863][  T141] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   79.961882][  T141] CR2: 000055762c6a3000 CR3: 0000000024023000 CR4: 00000000003506f0
[   79.970252][  T141] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   79.978511][  T141] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   79.986960][  T141] Call Trace:
[   79.990475][  T141]  <TASK>
[   79.993599][  T141]  carl9170_usb_send_rx_irq_urb+0x266/0x340
[   79.999940][  T141]  carl9170_usb_firmware_step2+0x188/0x230
[   80.004163][ T3661] usb 1-1: USB disconnect, device number 2
[   80.005782][  T141]  ? carl9170_usb_resume+0x130/0x130
[   80.017543][  T141]  request_firmware_work_func+0x126/0x230
[   80.023677][  T141]  ? request_partial_firmware_into_buf+0x90/0x90
[   80.030224][  T141]  process_one_work+0x841/0x13a0
[   80.035265][  T141]  ? lock_release+0x780/0x780
[   80.040122][  T141]  ? pwq_dec_nr_in_flight+0x230/0x230
[   80.045687][  T141]  ? rwlock_bug.part.0+0x90/0x90
[   80.050707][  T141]  ? _raw_spin_lock_irq+0x41/0x50
[   80.055948][  T141]  worker_thread+0x598/0xec0
[   80.060789][  T141]  ? __kthread_parkme+0xc1/0x1f0
[   80.065877][  T141]  ? process_one_work+0x13a0/0x13a0
[   80.071149][  T141]  kthread+0x294/0x330
[   80.075366][  T141]  ? kthread_complete_and_exit+0x20/0x20
[   80.079320][ T2473] Bluetooth: hci0: command 0x041b tx timeout
[   80.081468][  T141]  ret_from_fork+0x1f/0x30
[   80.091927][  T141]  </TASK>
[   80.094942][  T141] Kernel panic - not syncing: panic_on_warn set ...
[   80.101523][  T141] CPU: 0 PID: 141 Comm: kworker/0:2 Not tainted 6.0.0-rc2-syzkaller #0
[   80.109746][  T141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   80.119874][  T141] Workqueue: events request_firmware_work_func
[   80.126042][  T141] Call Trace:
[   80.129305][  T141]  <TASK>
[   80.132231][  T141]  dump_stack_lvl+0x57/0x7d
[   80.136759][  T141]  panic+0x219/0x458
[   80.140662][  T141]  ? panic_print_sys_info.part.0+0x69/0x69
[   80.146555][  T141]  ? usb_submit_urb+0xb07/0x1690
[   80.151474][  T141]  __warn.cold+0x19f/0x1d9
[   80.155872][  T141]  ? usb_submit_urb+0xb07/0x1690
[   80.160785][  T141]  report_bug+0x15a/0x1c0
[   80.165092][  T141]  ? vprintk_emit+0x122/0x3d0
[   80.169844][  T141]  handle_bug+0x3c/0x60
[   80.173996][  T141]  exc_invalid_op+0x14/0x40
[   80.178484][  T141]  asm_exc_invalid_op+0x16/0x20
[   80.183320][  T141] RIP: 0010:usb_submit_urb+0xb07/0x1690
[   80.189038][  T141] Code: 4c 24 18 89 4c 24 08 44 89 04 24 e8 13 5d 19 ff 44 8b 04 24 4c 89 e2 48 c7 c7 c0 2f a5 89 8b 4c 24 08 48 89 c6 e8 f4 0a 57 03 <0f> 0b 4c 8b 4c 24 18 e9 c0 fa ff ff 48 8d 7b 1c 48 ba 00 00 00 00
[   80.208850][  T141] RSP: 0018:ffffc900025cfba8 EFLAGS: 00010286
[   80.214995][  T141] RAX: 0000000000000000 RBX: ffff88807d7b5000 RCX: 0000000000000000
[   80.222941][  T141] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff520004b9f67
[   80.231059][  T141] RBP: ffff88801fdcd300 R08: 0000000000000001 R09: ffff8880b9e2792b
[   80.239370][  T141] R10: ffffed10173c4f25 R11: 0000000000000000 R12: ffff88801fdbb208
[   80.247442][  T141] R13: 000000000000000e R14: 0000000000000002 R15: 0000000000000000
[   80.255413][  T141]  ? usb_submit_urb+0xb07/0x1690
[   80.260439][  T141]  carl9170_usb_send_rx_irq_urb+0x266/0x340
[   80.266313][  T141]  carl9170_usb_firmware_step2+0x188/0x230
[   80.272097][  T141]  ? carl9170_usb_resume+0x130/0x130
[   80.277433][  T141]  request_firmware_work_func+0x126/0x230
[   80.283143][  T141]  ? request_partial_firmware_into_buf+0x90/0x90
[   80.289555][  T141]  process_one_work+0x841/0x13a0
[   80.294480][  T141]  ? lock_release+0x780/0x780
[   80.299128][  T141]  ? pwq_dec_nr_in_flight+0x230/0x230
[   80.304479][  T141]  ? rwlock_bug.part.0+0x90/0x90
[   80.309396][  T141]  ? _raw_spin_lock_irq+0x41/0x50
[   80.314402][  T141]  worker_thread+0x598/0xec0
[   80.318988][  T141]  ? __kthread_parkme+0xc1/0x1f0
[   80.323909][  T141]  ? process_one_work+0x13a0/0x13a0
[   80.329084][  T141]  kthread+0x294/0x330
[   80.333129][  T141]  ? kthread_complete_and_exit+0x20/0x20
[   80.339101][  T141]  ret_from_fork+0x1f/0x30
[   80.343511][  T141]  </TASK>
[   80.346897][  T141] Kernel Offset: disabled
[   80.351320][  T141] Rebooting in 86400 seconds..