last executing test programs: 1m8.382731418s ago: executing program 4 (id=3741): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000300)=0x0) timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0) readv(r3, &(0x7f00000001c0)=[{&(0x7f0000000380)=""/162, 0xa2}], 0x1) 1m7.463959607s ago: executing program 4 (id=3761): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000), 0x4) 1m7.288193852s ago: executing program 4 (id=3765): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) clock_nanosleep(0x2, 0x0, &(0x7f0000000040), 0x0) 1m7.136130813s ago: executing program 4 (id=3770): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x110) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(0x0, 0x0, 0x0, 0x8b101a, 0x0) mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m7.00971397s ago: executing program 4 (id=3774): semget$private(0x0, 0x6, 0x40d) socket(0x15, 0x5, 0x0) r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x470bd30, 0x25dfdc01, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xf, 0x4, 0xff, 0x81, 0x0, 0x6080, 0xef3, 0x1}}, {0x6, 0x2, [0x5]}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x44080) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000) 1m6.219726317s ago: executing program 4 (id=3797): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$SNDCTL_SEQ_TESTMIDI(r0, 0x40045108, &(0x7f0000000200)) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$SNDCTL_SEQ_RESET(r1, 0x5100) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$SNDCTL_SEQ_RESET(r1, 0x5100) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 1m5.930851059s ago: executing program 32 (id=3797): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$SNDCTL_SEQ_TESTMIDI(r0, 0x40045108, &(0x7f0000000200)) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$SNDCTL_SEQ_RESET(r1, 0x5100) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$SNDCTL_SEQ_RESET(r1, 0x5100) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 22.108738528s ago: executing program 5 (id=4879): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0x8}, 0x94) 21.961728849s ago: executing program 5 (id=4885): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x4000000000002a7, 0x4) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="640100004a00010200000000000000000a"], 0x164}}, 0x0) 21.758528964s ago: executing program 5 (id=4889): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00') 21.432553667s ago: executing program 5 (id=4896): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$tipc(0x1e, 0x2, 0x0) sendmsg$tipc(r2, &(0x7f0000000180)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x100000}}, 0x10, 0x0}, 0xf0099ef46a9bbccf) 21.169926281s ago: executing program 5 (id=4900): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0) 20.911202273s ago: executing program 5 (id=4904): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d100"], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 17.53253668s ago: executing program 1 (id=4950): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) waitid(0x3, 0x0, 0x0, 0x8, 0x0) 17.355146461s ago: executing program 1 (id=4953): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pipe2(&(0x7f00000009c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) flistxattr(r2, 0x0, 0x0) 17.161406094s ago: executing program 1 (id=4958): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000140)=0x80000) 16.963299852s ago: executing program 1 (id=4961): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYBLOB="f8000000160001002bbd7000ffdbde25200100000000000000000000000000000a0101010000000000000000000000004e2000074e2400000200000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e0000001000000000000000000000000000004d26c00000000000000000000000000ffffac1414150000000000000000e805000000000000faffffffffffffff06000000000000000800000000000000000100000000000001000000000000000008000000000000d931a06800000000810000000000000001800000000000007cf000000000000002000000ba0b00000100000029bd700000000000020003f20100000000000000f1"], 0xf8}, 0x1, 0x0, 0x0, 0x4000000}, 0x44000) 16.791621694s ago: executing program 1 (id=4964): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1, 0x1}}, 0x10) bind$tipc(r1, &(0x7f0000000080)=@name={0x1e, 0x2, 0x2, {{0x42, 0x4}}}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x40000042}, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r3, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x8) 16.648468097s ago: executing program 1 (id=4966): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x40140, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x5) 14.443760009s ago: executing program 0 (id=5002): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xd4000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x181c800, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="e109"]) 14.267683751s ago: executing program 0 (id=5006): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) futex_waitv(&(0x7f0000000ec0)=[{0x0, 0x0, 0x2}], 0x1, 0x0, 0x0, 0x0) 14.083178741s ago: executing program 0 (id=5010): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = gettid() getpriority(0x1, r2) 13.940644139s ago: executing program 0 (id=5011): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 13.765570457s ago: executing program 0 (id=5014): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair(0x26, 0x5, 0x4, &(0x7f0000000040)) 13.543857218s ago: executing program 0 (id=5019): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0x10, 0x803, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000140)={'ip6tnl0\x00', 0x0}) 5.781556126s ago: executing program 33 (id=4904): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d100"], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 1.539632802s ago: executing program 34 (id=4966): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x40140, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x5) 800.211284ms ago: executing program 2 (id=5242): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0xb, 0x42, 0x3e, 0x42}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0, 0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000180)}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000280)}, 0x20) close(0x3) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) ftruncate(r3, 0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x8, 0x1005, &(0x7f00000014c0)=""/4101, 0x41100, 0xc}, 0x94) 800.036609ms ago: executing program 3 (id=5243): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r2, 0x29, 0x1, 0x0, &(0x7f00000048c0)) 616.203477ms ago: executing program 2 (id=5244): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0x11, 0xa, 0x5) ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000240)={'ipvlan0\x00', {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}) 616.059001ms ago: executing program 3 (id=5245): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='ext3\x00', 0x200000, 0x0) 499.244241ms ago: executing program 3 (id=5246): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000380)={'team_slave_0\x00', &(0x7f0000000140)=@ethtool_sfeatures}) 480.17585ms ago: executing program 2 (id=5247): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_open_dev$evdev(&(0x7f0000000480), 0xc000, 0x142) write$evdev(r2, &(0x7f0000000640)=[{{0x77359400}, 0x1, 0x2ff, 0x2}], 0x18) 220.100474ms ago: executing program 3 (id=5248): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x15001}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x4}}}]}, 0x30}, 0x1, 0x0, 0x0, 0x14000084}, 0x20004080) 219.901072ms ago: executing program 2 (id=5249): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) writev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="f1", 0x1}], 0x1) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x3f9, 0x4) recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0) 145.969781ms ago: executing program 2 (id=5250): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev}, 0x2}}, 0x2e) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r3, 0x1, 0x70bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x20000084) 139.620818ms ago: executing program 3 (id=5251): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000008c0), 0x40000, 0x0) ioctl$TIOCCONS(r2, 0x541d) 141.062µs ago: executing program 2 (id=5252): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x2c, 0x0) 0s ago: executing program 3 (id=5253): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) inotify_add_watch(r2, 0x0, 0xa0000b0) kernel console output (not intermixed with test programs): mplete MPEG2 transport stream to the software demuxer. [ 100.943188][ T5869] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 100.943385][ T5869] usb 1-1: media controller created [ 101.132861][ T5869] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 101.237872][ T5869] az6027: usb out operation failed. (-71) [ 101.243273][ T5869] az6027: usb out operation failed. (-71) [ 101.243291][ T5869] stb0899_attach: Driver disabled by Kconfig [ 101.243301][ T5869] az6027: no front-end attached [ 101.243301][ T5869] [ 101.243725][ T5869] az6027: usb out operation failed. (-71) [ 101.243739][ T5869] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 101.262327][ T5869] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input5 [ 101.337831][ T5993] netlink: 20 bytes leftover after parsing attributes in process `syz.1.29'. [ 101.344686][ T5869] dvb-usb: schedule remote query interval to 400 msecs. [ 101.344714][ T5869] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 101.465766][ T5869] usb 1-1: USB disconnect, device number 2 [ 101.861201][ T6006] netlink: 'syz.0.36': attribute type 8 has an invalid length. [ 101.863064][ T6006] sch_fq: defrate 0 ignored. [ 101.927488][ T5869] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 102.345002][ T6024] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 102.442786][ T31] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 102.586752][ T31] usb 5-1: Using ep0 maxpacket: 16 [ 102.595898][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 102.595948][ T31] usb 5-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice= 0.00 [ 102.595971][ T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.660658][ T31] usb 5-1: config 0 descriptor?? [ 102.693578][ T31] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input6 [ 102.876380][ T5154] bcm5974 5-1:0.0: could not read from device [ 102.946221][ T31] usb 5-1: USB disconnect, device number 2 [ 104.730576][ T6085] netlink: 8 bytes leftover after parsing attributes in process `syz.2.71'. [ 105.027775][ T31] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 105.190835][ T6099] netlink: 'syz.3.75': attribute type 8 has an invalid length. [ 105.209370][ T31] usb 1-1: Using ep0 maxpacket: 16 [ 105.213636][ T31] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 105.213662][ T31] usb 1-1: config 0 has no interface number 0 [ 105.213713][ T31] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 105.213790][ T31] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 105.262679][ T31] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 105.262707][ T31] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 105.262725][ T31] usb 1-1: Product: syz [ 105.262738][ T31] usb 1-1: SerialNumber: syz [ 105.289043][ T31] usb 1-1: config 0 descriptor?? [ 105.347967][ T31] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 105.351564][ T31] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input8 [ 105.503198][ T6105] netlink: 'syz.2.78': attribute type 21 has an invalid length. [ 105.503219][ T6105] netlink: 'syz.2.78': attribute type 1 has an invalid length. [ 105.503231][ T6105] netlink: 'syz.2.78': attribute type 2 has an invalid length. [ 105.503243][ T6105] netlink: 9062 bytes leftover after parsing attributes in process `syz.2.78'. [ 105.592155][ T6108] netlink: 48 bytes leftover after parsing attributes in process `syz.2.79'. [ 105.640817][ T6109] Bluetooth: MGMT ver 1.23 [ 105.693274][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 105.697888][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 105.697996][ T5870] usb 1-1: USB disconnect, device number 3 [ 105.698128][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 105.698150][ C1] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 105.838252][ T5870] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 105.908192][ T6116] netlink: 36 bytes leftover after parsing attributes in process `syz.3.81'. [ 106.171954][ T6120] tun0: tun_chr_ioctl cmd 1074025677 [ 106.172126][ T6120] tun0: linktype set to 823 [ 106.726827][ T5870] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 106.726972][ T6134] bond0: Unable to set down delay as MII monitoring is disabled [ 106.876734][ T5870] usb 1-1: Using ep0 maxpacket: 8 [ 106.879751][ T5870] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 106.879779][ T5870] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 106.879803][ T5870] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 106.879825][ T5870] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 106.879865][ T5870] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 106.879942][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.121768][ T31] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 107.206838][ T5870] usb 1-1: GET_CAPABILITIES returned 0 [ 107.206886][ T5870] usbtmc 1-1:16.0: can't read capabilities [ 107.283262][ T31] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 107.289203][ T31] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 107.289252][ T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.289271][ T31] usb 4-1: Product: syz [ 107.289284][ T31] usb 4-1: Manufacturer: syz [ 107.289297][ T31] usb 4-1: SerialNumber: syz [ 107.424833][ T5869] usb 1-1: USB disconnect, device number 4 [ 107.567649][ T31] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 107.769865][ T5870] usb 4-1: USB disconnect, device number 2 [ 107.785894][ T5870] usblp0: removed [ 107.973973][ T6158] netlink: 44 bytes leftover after parsing attributes in process `syz.4.100'. [ 107.974768][ T6158] netlink: 67 bytes leftover after parsing attributes in process `syz.4.100'. [ 108.701901][ T6173] syz.1.106 (6173) used greatest stack depth: 15992 bytes left [ 108.765578][ T6182] netlink: 'syz.3.111': attribute type 21 has an invalid length. [ 108.828869][ T5118] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 108.828990][ T5118] Bluetooth: hci4: Injecting HCI hardware error event [ 108.830426][ T5812] Bluetooth: hci4: hardware error 0x00 [ 108.897070][ T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 109.086848][ T10] usb 1-1: unable to get BOS descriptor or descriptor too short [ 109.086922][ T10] usb 1-1: no configurations [ 109.086934][ T10] usb 1-1: can't read configurations, error -22 [ 110.503673][ T6222] bridge0: entered promiscuous mode [ 110.546334][ T6222] bridge0: port 3(macvtap1) entered blocking state [ 110.552907][ T6222] bridge0: port 3(macvtap1) entered disabled state [ 110.553198][ T6222] macvtap1: entered allmulticast mode [ 110.553214][ T6222] bridge0: entered allmulticast mode [ 110.626145][ T6222] macvtap1: left allmulticast mode [ 110.626167][ T6222] bridge0: left allmulticast mode [ 110.708632][ T6222] bridge0: left promiscuous mode [ 111.229145][ T5812] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 111.493457][ T6247] netlink: 212340 bytes leftover after parsing attributes in process `syz.0.139'. [ 111.493660][ T6247] openvswitch: netlink: Port 167772160 exceeds max allowable 65535 [ 111.685141][ T6250] Driver unsupported XDP return value 0 on prog (id 7) dev N/A, expect packet loss! [ 111.705537][ T6253] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 112.507769][ T6279] sp0: Synchronizing with TNC [ 113.019073][ T6292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.158'. [ 113.052490][ T6293] overlayfs: invalid origin (0000) [ 113.276294][ T6298] netlink: 'syz.4.161': attribute type 10 has an invalid length. [ 113.350996][ T6298] macvlan0: entered promiscuous mode [ 113.351023][ T6298] macvlan0: entered allmulticast mode [ 113.429614][ T6298] veth1_vlan: entered allmulticast mode [ 113.465906][ T6298] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 113.735405][ T6310] netlink: 20 bytes leftover after parsing attributes in process `syz.1.165'. [ 113.735434][ T6310] netlink: 20 bytes leftover after parsing attributes in process `syz.1.165'. [ 114.117855][ T6320] mmap: syz.1.171 (6320) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 114.710712][ T6345] netlink: 4 bytes leftover after parsing attributes in process `syz.1.179'. [ 114.979502][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.3.183'. [ 114.979731][ T6348] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 118.008311][ T6423] Bluetooth: MGMT ver 1.23 [ 118.104422][ T6424] IPVS: sh: UDP 172.20.20.187:0 - no destination available [ 118.119093][ T1583] IPVS: starting estimator thread 0... [ 118.206994][ T6427] IPVS: using max 8 ests per chain, 19200 per kthread [ 118.491978][ T6443] netlink: 'syz.2.224': attribute type 11 has an invalid length. [ 118.492001][ T6443] netlink: 190972 bytes leftover after parsing attributes in process `syz.2.224'. [ 118.518711][ T6441] netlink: 'syz.3.225': attribute type 1 has an invalid length. [ 118.518731][ T6441] netlink: 'syz.3.225': attribute type 2 has an invalid length. [ 118.535480][ T6441] netlink: 'syz.3.225': attribute type 1 has an invalid length. [ 118.535501][ T6441] netlink: 'syz.3.225': attribute type 2 has an invalid length. [ 119.222759][ T6458] netlink: 8 bytes leftover after parsing attributes in process `syz.2.230'. [ 120.468018][ T6489] process 'syz.2.245' launched '/dev/fd/4' with NULL argv: empty string added [ 121.297579][ T6513] loop2: detected capacity change from 0 to 7 [ 121.340673][ T6513] Dev loop2: unable to read RDB block 7 [ 121.340718][ T6513] loop2: AHDI p1 p2 [ 121.340745][ T6513] loop2: partition table partially beyond EOD, truncated [ 121.340988][ T6513] loop2: p1 start 1835360114 is beyond EOD, truncated [ 122.530275][ T6540] netlink: 11 bytes leftover after parsing attributes in process `syz.0.267'. [ 124.520130][ T6570] program syz.0.279 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 124.673017][ T6575] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.848542][ T13] tipc: Subscription rejected, illegal request [ 124.956840][ T1583] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 124.961262][ T6582] netlink: 8 bytes leftover after parsing attributes in process `syz.1.286'. [ 125.106791][ T1583] usb 4-1: Using ep0 maxpacket: 8 [ 125.111036][ T1583] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 125.111072][ T1583] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.174575][ T1583] pvrusb2: Hardware description: Terratec Grabster AV400 [ 125.174596][ T1583] pvrusb2: ********** [ 125.174604][ T1583] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 125.174615][ T1583] pvrusb2: Important functionality might not be entirely working. [ 125.174622][ T1583] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 125.174633][ T1583] pvrusb2: ********** [ 125.375042][ T2365] pvrusb2: Invalid write control endpoint [ 125.511748][ T2365] pvrusb2: Invalid write control endpoint [ 125.511762][ T2365] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 125.511771][ T2365] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 125.511779][ T2365] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 125.511788][ T2365] pvrusb2: Device being rendered inoperable [ 125.576799][ T2365] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 125.576907][ T2365] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 125.581868][ T2365] pvrusb2: Attached sub-driver cx25840 [ 125.581889][ T2365] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 125.581898][ T2365] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 125.586311][ T6576] pvrusb2: Attempted to execute control transfer when device not ok [ 125.599653][ T1583] usb 4-1: USB disconnect, device number 3 [ 126.413158][ T6621] netlink: 64 bytes leftover after parsing attributes in process `syz.2.303'. [ 126.567953][ T5905] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 126.720197][ T5905] usb 4-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.720275][ T5905] usb 4-1: config 0 interface 0 has no altsetting 0 [ 126.720310][ T5905] usb 4-1: New USB device found, idVendor=058f, idProduct=9410, bcdDevice= 0.00 [ 126.720333][ T5905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.762107][ T5905] usb 4-1: config 0 descriptor?? [ 126.793021][ T6632] input: syz0 as /devices/virtual/input/input9 [ 127.016771][ T44] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 127.154062][ T6639] netlink: 4 bytes leftover after parsing attributes in process `syz.1.311'. [ 127.174503][ T44] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 127.174533][ T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.174553][ T44] usb 3-1: Product: syz [ 127.174567][ T44] usb 3-1: Manufacturer: syz [ 127.174581][ T44] usb 3-1: SerialNumber: syz [ 127.182423][ T44] usb 3-1: config 0 descriptor?? [ 127.260047][ T5905] maltron 0003:058F:9410.0001: unknown main item tag 0x0 [ 127.260086][ T5905] maltron 0003:058F:9410.0001: unknown main item tag 0x0 [ 127.320952][ T5905] maltron 0003:058F:9410.0001: hidraw0: USB HID v0.00 Device [HID 058f:9410] on usb-dummy_hcd.3-1/input0 [ 127.402805][ T44] usb 4-1: USB disconnect, device number 4 [ 127.455881][ T5905] usb 3-1: USB disconnect, device number 2 [ 127.842177][ T6656] program syz.0.318 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.053887][ T6664] ======================================================= [ 128.053887][ T6664] WARNING: The mand mount option has been deprecated and [ 128.053887][ T6664] and is ignored by this kernel. Remove the mand [ 128.053887][ T6664] option from the mount to silence this warning. [ 128.053887][ T6664] ======================================================= [ 128.487052][ T6685] netem: incorrect ge model size [ 128.487069][ T6685] netem: change failed [ 128.811362][ T6695] netlink: 12 bytes leftover after parsing attributes in process `syz.2.338'. [ 128.932517][ T6704] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 128.966956][ T6695] netlink: 12 bytes leftover after parsing attributes in process `syz.2.338'. [ 129.454427][ T6731] netlink: 4 bytes leftover after parsing attributes in process `syz.2.352'. [ 129.504046][ T6731] hsr_slave_0: left promiscuous mode [ 129.560330][ T6731] hsr_slave_1: left promiscuous mode [ 130.868611][ T6792] input: syz0 as /devices/virtual/input/input10 [ 130.947830][ T3926] Bluetooth: hci5: Frame reassembly failed (-84) [ 131.747589][ T6809] ref_ctr_offset mismatch. inode: 0x1d6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1140200000010 [ 132.616821][ T31] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 132.786814][ T31] usb 1-1: Using ep0 maxpacket: 16 [ 132.791951][ T31] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 132.791967][ T31] usb 1-1: config 0 has no interface number 0 [ 132.795557][ T31] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 132.795574][ T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.795584][ T31] usb 1-1: Product: syz [ 132.795592][ T31] usb 1-1: Manufacturer: syz [ 132.795599][ T31] usb 1-1: SerialNumber: syz [ 132.804811][ T31] usb 1-1: config 0 descriptor?? [ 132.838325][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.838475][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.897266][ T31] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 132.986829][ T5812] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 133.478849][ T6876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.420'. [ 133.692306][ T6884] syzkaller1: entered promiscuous mode [ 133.692330][ T6884] syzkaller1: entered allmulticast mode [ 133.864792][ T6889] netlink: 604 bytes leftover after parsing attributes in process `syz.2.424'. [ 133.919334][ T31] gspca_spca1528: reg_w err -71 [ 133.919442][ T31] spca1528 1-1:0.1: probe with driver spca1528 failed with error -71 [ 133.922572][ T31] usb 1-1: USB disconnect, device number 7 [ 133.978541][ T6887] netlink: 'syz.2.424': attribute type 29 has an invalid length. [ 133.978818][ T6888] netlink: 'syz.2.424': attribute type 29 has an invalid length. [ 134.475469][ T6917] binder: 6916:6917 ioctl c0306201 2000000002c0 returned -14 [ 134.520541][ T6921] netlink: 8 bytes leftover after parsing attributes in process `syz.0.437'. [ 134.520575][ T6921] netlink: 8 bytes leftover after parsing attributes in process `syz.0.437'. [ 134.636738][ T31] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 134.787974][ T31] usb 4-1: Using ep0 maxpacket: 16 [ 134.795110][ T31] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 134.795140][ T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.795159][ T31] usb 4-1: Product: syz [ 134.795174][ T31] usb 4-1: Manufacturer: syz [ 134.795188][ T31] usb 4-1: SerialNumber: syz [ 134.805626][ T31] usb 4-1: config 0 descriptor?? [ 134.816414][ T31] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 134.820379][ T31] usb 4-1: Detected FT-X [ 134.976781][ T44] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 135.031031][ T31] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 135.136970][ T44] usb 5-1: Using ep0 maxpacket: 32 [ 135.146592][ T44] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 135.147498][ T44] usb 5-1: config 0 has no interface number 0 [ 135.164877][ T44] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 135.165109][ T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.165129][ T44] usb 5-1: Product: syz [ 135.165143][ T44] usb 5-1: Manufacturer: syz [ 135.165157][ T44] usb 5-1: SerialNumber: syz [ 135.212316][ T44] usb 5-1: config 0 descriptor?? [ 135.280581][ T44] smsc95xx v2.0.0 [ 135.524457][ T31] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 135.538939][ T6945] Zero length message leads to an empty skb [ 135.638630][ T10] usb 4-1: USB disconnect, device number 5 [ 135.696729][ T37] audit: type=1326 audit(1763365166.689:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6949 comm="syz.0.451" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f67b6c66567 code=0x0 [ 135.767658][ T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 135.768268][ T10] ftdi_sio 4-1:0.0: device disconnected [ 135.782954][ T37] audit: type=1326 audit(1763365166.769:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc393326567 code=0x7ffc0000 [ 135.784409][ T37] audit: type=1326 audit(1763365166.779:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc3932cb789 code=0x7ffc0000 [ 135.785312][ T37] audit: type=1326 audit(1763365166.779:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc393326567 code=0x7ffc0000 [ 135.786122][ T37] audit: type=1326 audit(1763365166.779:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc3932cb789 code=0x7ffc0000 [ 135.799797][ T37] audit: type=1326 audit(1763365166.779:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 135.807819][ T37] audit: type=1326 audit(1763365166.799:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 135.834844][ T44] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 135.834874][ T44] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 135.838191][ T44] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 135.842867][ T44] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71 [ 135.849306][ T37] audit: type=1326 audit(1763365166.849:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 135.850712][ T37] audit: type=1326 audit(1763365166.849:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 135.850758][ T37] audit: type=1326 audit(1763365166.849:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6953 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 135.855715][ T44] usb 5-1: USB disconnect, device number 3 [ 136.536289][ T6981] netlink: 24 bytes leftover after parsing attributes in process `syz.2.466'. [ 136.580129][ T6984] openvswitch: netlink: nsh attribute has 65276 unknown bytes. [ 136.580168][ T6984] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 136.654753][ T6986] netlink: 244 bytes leftover after parsing attributes in process `syz.3.471'. [ 136.756757][ T31] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 136.907035][ T31] usb 2-1: Using ep0 maxpacket: 32 [ 136.911262][ T31] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 136.911288][ T31] usb 2-1: config 0 has no interface number 0 [ 136.914215][ T31] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 136.914243][ T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.914263][ T31] usb 2-1: Product: syz [ 136.914278][ T31] usb 2-1: Manufacturer: syz [ 136.914292][ T31] usb 2-1: SerialNumber: syz [ 136.979128][ T31] usb 2-1: config 0 descriptor?? [ 136.996368][ T31] smsc95xx v2.0.0 [ 137.408268][ T31] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 137.408299][ T31] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 137.815599][ T31] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 137.817610][ T31] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71 [ 137.867971][ T31] usb 2-1: USB disconnect, device number 2 [ 138.142782][ T7031] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 138.142972][ T7031] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 138.807811][ T7063] macvlan0: entered promiscuous mode [ 138.813954][ T7063] bond0: entered promiscuous mode [ 138.813975][ T7063] bond_slave_0: entered promiscuous mode [ 138.814218][ T7063] bond_slave_1: entered promiscuous mode [ 138.860800][ T7063] hsr1: entered allmulticast mode [ 138.860820][ T7063] macvlan0: entered allmulticast mode [ 138.860833][ T7063] veth1_vlan: entered allmulticast mode [ 138.860864][ T7063] bond0: entered allmulticast mode [ 138.860877][ T7063] bond_slave_0: entered allmulticast mode [ 138.860894][ T7063] bond_slave_1: entered allmulticast mode [ 138.986734][ T31] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 139.136825][ T31] usb 3-1: Using ep0 maxpacket: 32 [ 139.143021][ T31] usb 3-1: config 0 has an invalid interface number: 125 but max is 0 [ 139.143047][ T31] usb 3-1: config 0 has no interface number 0 [ 139.143080][ T31] usb 3-1: config 0 interface 125 has no altsetting 0 [ 139.146585][ T31] usb 3-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7 [ 139.184098][ T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.184124][ T31] usb 3-1: Product: syz [ 139.184138][ T31] usb 3-1: Manufacturer: syz [ 139.184152][ T31] usb 3-1: SerialNumber: syz [ 139.216279][ T31] usb 3-1: config 0 descriptor?? [ 139.465456][ T31] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II [ 140.146921][ T31] usb 3-1: reset high-speed USB device number 3 using dummy_hcd [ 140.543325][ T7086] input: syz1 as /devices/virtual/input/input12 [ 141.041402][ T31] ueagle-atm 3-1:0.125: usbatm_usb_probe: bind failed: -19! [ 141.170428][ T5905] usb 3-1: USB disconnect, device number 3 [ 143.309949][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b9d6000: rx timeout, send abort [ 143.810677][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b9d6000: abort rx timeout. Force session deactivation [ 143.956314][ T7182] netlink: 'syz.3.535': attribute type 3 has an invalid length. [ 143.965711][ T7177] netlink: 'syz.3.535': attribute type 3 has an invalid length. [ 145.240520][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.554'. [ 145.290960][ T7226] syz.2.553 uses obsolete (PF_INET,SOCK_PACKET) [ 145.366953][ T5886] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 145.442208][ T7234] sctp: [Deprecated]: syz.1.559 (pid 7234) Use of struct sctp_assoc_value in delayed_ack socket option. [ 145.442208][ T7234] Use struct sctp_sack_info instead [ 145.536832][ T5886] usb 1-1: Using ep0 maxpacket: 16 [ 145.538972][ T5886] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 145.539015][ T5886] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 145.539027][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.544544][ T5886] usb 1-1: config 0 descriptor?? [ 145.980343][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980381][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980408][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980433][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980458][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980485][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980514][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980541][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980568][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 145.980594][ T5886] sony 0003:054C:0268.0002: unknown main item tag 0x0 [ 146.022238][ T5886] sony 0003:054C:0268.0002: hiddev0,hidraw0: USB HID v80.09 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0 [ 146.022271][ T5886] sony 0003:054C:0268.0002: failed to claim input [ 146.179354][ T10] usb 1-1: USB disconnect, device number 8 [ 147.442715][ T7267] syzkaller1: entered promiscuous mode [ 147.442739][ T7267] syzkaller1: entered allmulticast mode [ 147.584354][ T5812] Bluetooth: hci3: link tx timeout [ 147.584629][ T5812] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 147.587341][ T5812] Bluetooth: hci3: link tx timeout [ 147.587354][ T5812] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 147.610939][ T5812] Bluetooth: hci3: link tx timeout [ 147.610957][ T5812] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 147.740818][ T7275] vxcan1: tx address claim with different name [ 148.552132][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 148.552150][ T37] audit: type=1326 audit(1763365179.549:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.552198][ T37] audit: type=1326 audit(1763365179.549:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.561673][ T37] audit: type=1326 audit(1763365179.559:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.561722][ T37] audit: type=1326 audit(1763365179.559:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.561760][ T37] audit: type=1326 audit(1763365179.559:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.561798][ T37] audit: type=1326 audit(1763365179.559:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.561835][ T37] audit: type=1326 audit(1763365179.559:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.561873][ T37] audit: type=1326 audit(1763365179.559:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.562672][ T37] audit: type=1326 audit(1763365179.559:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 148.799608][ T37] audit: type=1326 audit(1763365179.799:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7297 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc39332f6c9 code=0x7ffc0000 [ 149.562493][ T7338] netlink: 20 bytes leftover after parsing attributes in process `syz.0.600'. [ 149.628113][ T5812] Bluetooth: hci3: command 0x0406 tx timeout [ 150.097875][ T7360] batadv_slave_1: entered promiscuous mode [ 150.098839][ T7360] batadv_slave_1: left promiscuous mode [ 150.520315][ T7381] netlink: 40 bytes leftover after parsing attributes in process `syz.1.622'. [ 151.036794][ T5886] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 151.044319][ T7402] tipc: Started in network mode [ 151.044348][ T7402] tipc: Node identity ac14142f, cluster identity 4711 [ 151.045370][ T7402] tipc: New replicast peer: 0.0.0.0 [ 151.080544][ T7402] tipc: Enabled bearer , priority 10 [ 151.081638][ T7402] tipc: New replicast peer: 2001:0000:0000:0000:0000:0000:0000:0002 [ 151.216766][ T5886] usb 1-1: Using ep0 maxpacket: 16 [ 151.219242][ T5886] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 178, changing to 11 [ 151.219274][ T5886] usb 1-1: config 0 interface 0 has no altsetting 0 [ 151.219307][ T5886] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 151.219329][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.269757][ T5886] usb 1-1: config 0 descriptor?? [ 151.689754][ T5886] hid (null): global environment stack underflow [ 151.689808][ T5886] hid (null): unknown global tag 0xd [ 151.689823][ T5886] hid (null): unknown global tag 0x86 [ 151.689903][ T5886] hid (null): unknown global tag 0x90 [ 151.689952][ T5886] hid (null): unknown global tag 0xe3 [ 151.690011][ T5886] hid (null): unknown global tag 0xc [ 151.691763][ T5886] hid (null): invalid report_size 249916996 [ 151.930856][ T5870] usb 1-1: USB disconnect, device number 9 [ 152.036859][ T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 152.159236][ T5870] tipc: Node number set to 2886997039 [ 152.188990][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 152.209627][ T10] usb 2-1: config 0 has an invalid interface number: 38 but max is 0 [ 152.209654][ T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 152.209673][ T10] usb 2-1: config 0 has no interface number 0 [ 152.209724][ T10] usb 2-1: config 0 interface 38 altsetting 157 endpoint 0x6 has invalid wMaxPacketSize 0 [ 152.209746][ T10] usb 2-1: config 0 interface 38 altsetting 157 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 152.209773][ T10] usb 2-1: config 0 interface 38 has no altsetting 0 [ 152.212949][ T10] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=7f.b3 [ 152.212974][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.212993][ T10] usb 2-1: Product: syz [ 152.213007][ T10] usb 2-1: Manufacturer: syz [ 152.213028][ T10] usb 2-1: SerialNumber: syz [ 152.221407][ T10] usb 2-1: config 0 descriptor?? [ 152.260580][ T10] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 153.074941][ T10] input: gspca_pac7302 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input13 [ 153.268174][ T5905] usb 2-1: USB disconnect, device number 3 [ 153.587876][ T7487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.662'. [ 154.202919][ T7514] GUP no longer grows the stack in syz.4.674 (7514): 200000004000-200000008000 (200000002000) [ 154.202975][ T7514] CPU: 1 UID: 0 PID: 7514 Comm: syz.4.674 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 154.202997][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 154.203013][ T7514] Call Trace: [ 154.203024][ T7514] [ 154.203034][ T7514] dump_stack_lvl+0x189/0x250 [ 154.203075][ T7514] ? __pfx_dump_stack_lvl+0x10/0x10 [ 154.203109][ T7514] ? __pfx__printk+0x10/0x10 [ 154.203138][ T7514] ? find_vma+0xe7/0x160 [ 154.203178][ T7514] __get_user_pages+0x22f0/0x2860 [ 154.203242][ T7514] get_user_pages_remote+0x2f1/0xac0 [ 154.203269][ T7514] ? __pfx_mtree_load+0x10/0x10 [ 154.203304][ T7514] ? __pfx_get_user_pages_remote+0x10/0x10 [ 154.203334][ T7514] ? __access_remote_vm+0x367/0x7d0 [ 154.203368][ T7514] __access_remote_vm+0x211/0x7d0 [ 154.203406][ T7514] ? __pfx___access_remote_vm+0x10/0x10 [ 154.203433][ T7514] ? set_page_refcounted+0xa0/0x1e0 [ 154.203466][ T7514] ? alloc_pages_noprof+0xe4/0x1e0 [ 154.203502][ T7514] proc_pid_cmdline_read+0x433/0x810 [ 154.203541][ T7514] ? __asan_memset+0x22/0x50 [ 154.203574][ T7514] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 154.203598][ T7514] ? rw_verify_area+0x2ac/0x4e0 [ 154.203628][ T7514] vfs_readv+0x5b3/0x850 [ 154.203660][ T7514] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 154.203683][ T7514] ? __pfx_vfs_readv+0x10/0x10 [ 154.203730][ T7514] ? __fget_files+0x2a/0x420 [ 154.203763][ T7514] ? __fget_files+0x3a6/0x420 [ 154.203789][ T7514] ? __fget_files+0x2a/0x420 [ 154.203827][ T7514] __x64_sys_preadv+0x19a/0x2a0 [ 154.203858][ T7514] ? __pfx___x64_sys_preadv+0x10/0x10 [ 154.203889][ T7514] ? do_syscall_64+0xbe/0xfa0 [ 154.203924][ T7514] do_syscall_64+0xfa/0xfa0 [ 154.203952][ T7514] ? lockdep_hardirqs_on+0x9c/0x150 [ 154.203990][ T7514] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.204011][ T7514] ? clear_bhb_loop+0x60/0xb0 [ 154.204036][ T7514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.204054][ T7514] RIP: 0033:0x7faf879cf6c9 [ 154.204080][ T7514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.204097][ T7514] RSP: 002b:00007faf85c2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 154.204126][ T7514] RAX: ffffffffffffffda RBX: 00007faf87c25fa0 RCX: 00007faf879cf6c9 [ 154.204142][ T7514] RDX: 0000000000000001 RSI: 0000200000000d00 RDI: 0000000000000003 [ 154.204155][ T7514] RBP: 00007faf87a51f91 R08: 0000000000000200 R09: 0000000000000000 [ 154.204168][ T7514] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 154.204181][ T7514] R13: 00007faf87c26038 R14: 00007faf87c25fa0 R15: 00007fff2c83eee8 [ 154.204216][ T7514] [ 154.221388][ T7513] netlink: 'syz.2.672': attribute type 11 has an invalid length. [ 155.610107][ T7564] tipc: Started in network mode [ 155.610129][ T7564] tipc: Node identity 8, cluster identity 4711 [ 155.610142][ T7564] tipc: Node number set to 8 [ 156.263526][ T7593] sctp: [Deprecated]: syz.2.708 (pid 7593) Use of int in max_burst socket option deprecated. [ 156.263526][ T7593] Use struct sctp_assoc_value instead [ 156.351391][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 156.351408][ T37] audit: type=1326 audit(1763365187.349:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.352468][ T37] audit: type=1326 audit(1763365187.349:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.364363][ T37] audit: type=1326 audit(1763365187.359:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.364805][ T37] audit: type=1326 audit(1763365187.359:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.364846][ T37] audit: type=1326 audit(1763365187.359:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.367363][ T37] audit: type=1326 audit(1763365187.369:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.369613][ T37] audit: type=1326 audit(1763365187.369:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.369656][ T37] audit: type=1326 audit(1763365187.369:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.370158][ T37] audit: type=1326 audit(1763365187.369:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.420637][ T37] audit: type=1326 audit(1763365187.419:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 156.826977][ T5792] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 156.877653][ T7623] netlink: 116 bytes leftover after parsing attributes in process `syz.0.719'. [ 156.879547][ T7623] netlink: 116 bytes leftover after parsing attributes in process `syz.0.719'. [ 156.982771][ T5792] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 156.982798][ T5792] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 156.984232][ T5792] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 156.984258][ T5792] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 156.984278][ T5792] usb 3-1: SerialNumber: syz [ 157.274314][ T5792] usb 3-1: 0:2 : does not exist [ 157.311739][ T5792] usb 3-1: 5:0: failed to get current value for ch 0 (-22) [ 157.377164][ T5792] usb 3-1: USB disconnect, device number 4 [ 157.936714][ T5792] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 158.086761][ T5792] usb 4-1: Using ep0 maxpacket: 32 [ 158.090493][ T5792] usb 4-1: config 0 interface 0 has no altsetting 0 [ 158.092966][ T5792] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 158.092992][ T5792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.093011][ T5792] usb 4-1: Product: syz [ 158.093023][ T5792] usb 4-1: Manufacturer: syz [ 158.093037][ T5792] usb 4-1: SerialNumber: syz [ 158.148851][ T5792] usb 4-1: config 0 descriptor?? [ 158.451663][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.741'. [ 158.569853][ T5792] gs_usb 4-1:0.0: Configuring for 1 interfaces [ 159.012260][ T5792] gs_usb 4-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 159.103471][ T5792] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -22 [ 159.222607][ T5792] usb 4-1: USB disconnect, device number 6 [ 159.539461][ T7680] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.540968][ T7680] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.901263][ T7695] Bluetooth: MGMT ver 1.23 [ 160.082689][ T7698] netlink: 20 bytes leftover after parsing attributes in process `syz.2.752'. [ 160.191959][ T7701] netlink: 12 bytes leftover after parsing attributes in process `syz.1.753'. [ 160.192001][ T7701] netlink: 12 bytes leftover after parsing attributes in process `syz.1.753'. [ 160.308641][ T7704] netlink: 48 bytes leftover after parsing attributes in process `syz.3.754'. [ 160.402224][ T7680] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 160.423573][ T7680] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.574197][ T7680] veth1_vlan: left allmulticast mode [ 161.570042][ T7680] hsr1: left allmulticast mode [ 161.570057][ T7680] macvlan0: left allmulticast mode [ 161.570068][ T7680] bond0: left allmulticast mode [ 161.570075][ T7680] bond_slave_0: left allmulticast mode [ 161.570085][ T7680] bond_slave_1: left allmulticast mode [ 161.616708][ T1391] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.666833][ T7712] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 161.671998][ T1391] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.673850][ T1391] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.673894][ T1391] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.826513][ T7712] usb 2-1: config index 0 descriptor too short (expected 39, got 27) [ 161.826549][ T7712] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.826584][ T7712] usb 2-1: config 0 interface 0 has no altsetting 0 [ 161.861945][ T7712] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 161.861973][ T7712] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 161.861992][ T7712] usb 2-1: Product: syz [ 161.862006][ T7712] usb 2-1: Manufacturer: syz [ 161.862018][ T7712] usb 2-1: SerialNumber: syz [ 161.903192][ T7712] usb 2-1: config 0 descriptor?? [ 161.914847][ T7712] hub 2-1:0.0: bad descriptor, ignoring hub [ 161.914885][ T7712] hub 2-1:0.0: probe with driver hub failed with error -5 [ 161.982193][ T7712] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 162.468458][ T5869] usb 2-1: reset high-speed USB device number 4 using dummy_hcd [ 162.660519][ T5869] usb 2-1: device firmware changed [ 162.681820][ T5869] usb 2-1: USB disconnect, device number 4 [ 162.733252][ T7767] sctp: [Deprecated]: syz.4.779 (pid 7767) Use of int in maxseg socket option. [ 162.733252][ T7767] Use struct sctp_assoc_value instead [ 162.848054][ T5869] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 163.008955][ T5869] usb 2-1: config index 0 descriptor too short (expected 39, got 27) [ 163.008985][ T5869] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 163.009024][ T5869] usb 2-1: config 0 interface 0 has no altsetting 0 [ 163.016316][ T5869] usb 2-1: string descriptor 0 read error: -22 [ 163.016495][ T5869] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 163.016521][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 163.030449][ T5869] usb 2-1: config 0 descriptor?? [ 163.047188][ T5869] hub 2-1:0.0: bad descriptor, ignoring hub [ 163.047225][ T5869] hub 2-1:0.0: probe with driver hub failed with error -5 [ 163.189275][ T5869] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 163.370467][ T7690] usb 2-1: USB disconnect, device number 5 [ 163.936535][ T7818] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 164.014789][ T7818] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 164.556752][ T5870] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 164.676753][ T7690] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 164.711541][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.711573][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.711596][ T5870] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 164.711638][ T5870] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 164.711661][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.774266][ T5870] usb 3-1: config 0 descriptor?? [ 164.830843][ T7690] usb 1-1: Using ep0 maxpacket: 16 [ 164.844258][ T7690] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.844428][ T7690] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.844452][ T7690] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 164.844546][ T7690] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 164.844569][ T7690] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.886097][ T7690] usb 1-1: config 0 descriptor?? [ 165.116772][ T7712] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 165.246558][ T5870] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd [ 165.279121][ T7712] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 165.279154][ T7712] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 165.279192][ T7712] usb 5-1: New USB device found, idVendor=046d, idProduct=7f26, bcdDevice= 0.00 [ 165.279212][ T7712] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.298530][ T7712] usb 5-1: config 0 descriptor?? [ 165.323545][ T7690] hid_parser_main: 144 callbacks suppressed [ 165.323567][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323596][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323622][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323649][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323676][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323702][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323729][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323756][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323782][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.323808][ T7690] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0 [ 165.335373][ T5870] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 165.462154][ T7690] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0005/input/input15 [ 165.513160][ T7867] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 165.513160][ T7867] The task syz.1.824 (7867) triggered the difference, watch for misbehavior. [ 165.566960][ T7691] usb 3-1: USB disconnect, device number 5 [ 165.604303][ T7690] microsoft 0003:045E:07DA.0005: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 165.622824][ T7690] usb 1-1: USB disconnect, device number 10 [ 165.721212][ T7712] hid-generic 0003:046D:7F26.0006: item fetching failed at offset 10/11 [ 165.722092][ T7712] hid-generic 0003:046D:7F26.0006: probe with driver hid-generic failed with error -22 [ 165.915773][ T7712] usb 5-1: USB disconnect, device number 4 [ 166.274420][ T7882] input: syz0 as /devices/virtual/input/input16 [ 166.274653][ T7882] input: failed to attach handler leds to device input16, error: -6 [ 166.321983][ T37] kauditd_printk_skb: 88 callbacks suppressed [ 166.322000][ T37] audit: type=1326 audit(1763365197.309:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.322041][ T37] audit: type=1326 audit(1763365197.319:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.326368][ T37] audit: type=1326 audit(1763365197.319:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.326417][ T37] audit: type=1326 audit(1763365197.319:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.332120][ T37] audit: type=1326 audit(1763365197.329:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.332170][ T37] audit: type=1326 audit(1763365197.329:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.342609][ T37] audit: type=1326 audit(1763365197.339:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.342901][ T37] audit: type=1326 audit(1763365197.339:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.343540][ T37] audit: type=1326 audit(1763365197.339:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 166.344210][ T37] audit: type=1326 audit(1763365197.339:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7885 comm="syz.1.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 167.089793][ T7690] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 167.096760][ T44] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 167.236697][ T7690] usb 4-1: Using ep0 maxpacket: 16 [ 167.239303][ T7690] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.239333][ T7690] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.239372][ T7690] usb 4-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 167.239394][ T7690] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.248262][ T7690] usb 4-1: config 0 descriptor?? [ 167.298726][ T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.298759][ T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.300349][ T44] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 167.300374][ T44] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 167.300394][ T44] usb 2-1: Manufacturer: syz [ 167.306081][ T44] usb 2-1: config 0 descriptor?? [ 167.695124][ T7690] mcp2200 0003:04D8:00DF.0007: item fetching failed at offset 2/5 [ 167.695922][ T7690] mcp2200 0003:04D8:00DF.0007: can't parse reports [ 167.696027][ T7690] mcp2200 0003:04D8:00DF.0007: probe with driver mcp2200 failed with error -22 [ 167.909085][ T7712] usb 4-1: USB disconnect, device number 7 [ 168.170114][ T44] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0008/input/input17 [ 168.254828][ T44] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0008/input/input18 [ 168.282986][ T44] input: syz Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0008/input/input19 [ 168.312041][ T44] input: syz Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0008/input/input20 [ 168.336761][ T44] uclogic 0003:256C:006D.0008: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.1-1/input0 [ 168.341856][ T44] usb 2-1: USB disconnect, device number 6 [ 169.437069][ T7977] netlink: 96 bytes leftover after parsing attributes in process `syz.0.870'. [ 169.615220][ T7989] binder: 7988:7989 ioctl c0306201 2000000001c0 returned -14 [ 169.776919][ T5886] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 169.930707][ T5886] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.930740][ T5886] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 169.932357][ T5886] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 169.932384][ T5886] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 169.932404][ T5886] usb 1-1: Manufacturer: syz [ 169.985796][ T5886] usb 1-1: config 0 descriptor?? [ 170.893437][ T5886] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0009/input/input21 [ 170.973686][ T5886] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0009/input/input22 [ 171.007973][ T5886] input: syz Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0009/input/input23 [ 171.044029][ T5886] input: syz Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0009/input/input24 [ 171.094012][ T5886] uclogic 0003:256C:006D.0009: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.0-1/input0 [ 171.122397][ T5886] usb 1-1: USB disconnect, device number 11 [ 171.930374][ T8068] netlink: 8 bytes leftover after parsing attributes in process `syz.1.910'. [ 171.930544][ T8068] erspan0: entered promiscuous mode [ 173.648980][ T8155] syzkaller1: entered promiscuous mode [ 173.649007][ T8155] syzkaller1: entered allmulticast mode [ 174.515346][ T8193] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 174.790331][ T8208] netlink: 'syz.1.976': attribute type 12 has an invalid length. [ 174.790352][ T8208] netlink: 'syz.1.976': attribute type 29 has an invalid length. [ 174.790367][ T8208] netlink: 148 bytes leftover after parsing attributes in process `syz.1.976'. [ 174.790408][ T8208] netlink: 'syz.1.976': attribute type 1 has an invalid length. [ 174.984643][ T37] kauditd_printk_skb: 3 callbacks suppressed [ 174.984660][ T37] audit: type=1326 audit(1763365205.979:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8219 comm="syz.1.982" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x0 [ 175.146878][ T5886] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 175.196815][ T5904] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 175.309492][ T5886] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 175.309527][ T5886] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 175.312970][ T5886] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 175.313001][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.313022][ T5886] usb 4-1: Product: syz [ 175.313036][ T5886] usb 4-1: Manufacturer: syz [ 175.313049][ T5886] usb 4-1: SerialNumber: syz [ 175.349587][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.349619][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.351426][ T5904] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 175.351452][ T5904] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 175.351471][ T5904] usb 5-1: Manufacturer: syz [ 175.361688][ T5904] usb 5-1: config 0 descriptor?? [ 175.639899][ T5886] usb 4-1: 0:2 : does not exist [ 175.661152][ T5886] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 175.713954][ T5886] usb 4-1: USB disconnect, device number 8 [ 176.204332][ T5904] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.000A/input/input25 [ 176.277945][ T8269] [U] ^C„ [ 176.278362][ T8268] [U] ^C [ 176.298916][ T5904] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.000A/input/input26 [ 176.324219][ T5904] input: syz Touch Strip as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.000A/input/input27 [ 176.391844][ T5904] input: syz Dial as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.000A/input/input28 [ 176.440843][ T5904] uclogic 0003:256C:006D.000A: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.4-1/input0 [ 176.451856][ T5904] usb 5-1: USB disconnect, device number 5 [ 176.983521][ T8295] netlink: 'syz.1.1019': attribute type 3 has an invalid length. [ 176.983542][ T8295] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1019'. [ 177.616276][ T8322] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1030'. [ 178.697684][ T8367] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 178.782428][ T8371] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1051'. [ 178.870671][ T8374] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1055'. [ 178.988475][ T8382] dlm: non-version read from control device 4 [ 179.212944][ T8393] netlink: 'syz.0.1062': attribute type 4 has an invalid length. [ 179.958677][ T8429] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1079'. [ 180.570695][ T8455] vivid-002: disconnect [ 180.590730][ T8454] vivid-002: reconnect [ 180.998544][ T8475] batadv_slave_1: entered promiscuous mode [ 181.000266][ T8474] batadv_slave_1: left promiscuous mode [ 181.499668][ T37] audit: type=1326 audit(1763365212.499:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8491 comm="syz.3.1107" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff77f6ef6c9 code=0x0 [ 181.759758][ T8502] netlink: 'syz.0.1112': attribute type 11 has an invalid length. [ 182.327882][ T8523] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.1121'. [ 183.046819][ T5886] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 183.104875][ T8562] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 183.199447][ T5886] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 183.199479][ T5886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.215460][ T5886] usb 2-1: config 0 descriptor?? [ 183.230498][ T5886] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 183.650083][ T5886] cpia1 2-1:0.0: unexpected state after lo power cmd: 00 [ 183.704563][ T8592] netem: invalid attributes len -22 [ 183.704580][ T8592] netem: change failed [ 184.056777][ T5886] gspca_cpia1: usb_control_msg 02, error -32 [ 184.057673][ T5886] gspca_cpia1: usb_control_msg 02, error -71 [ 184.057702][ T5886] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0) [ 184.084986][ T5886] usb 2-1: USB disconnect, device number 7 [ 184.490369][ T37] audit: type=1326 audit(1763365215.489:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8619 comm="syz.0.1166" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f67b6c6f6c9 code=0x0 [ 184.916225][ T8638] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 185.647469][ T5886] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 185.744839][ T8681] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1193'. [ 185.812084][ T5886] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 185.812115][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.812135][ T5886] usb 4-1: Product: syz [ 185.812149][ T5886] usb 4-1: Manufacturer: syz [ 185.812163][ T5886] usb 4-1: SerialNumber: syz [ 185.829699][ T5886] usb 4-1: config 0 descriptor?? [ 185.846796][ T5886] gspca_main: sq930x-2.14.0 probing 2770:930c [ 186.886757][ T5886] gspca_sq930x: reg_w 0105 0f00 failed -71 [ 186.886861][ T5886] sq930x 4-1:0.0: probe with driver sq930x failed with error -71 [ 186.899911][ T5886] usb 4-1: USB disconnect, device number 9 [ 188.568513][ T8820] netlink: 'syz.3.1259': attribute type 11 has an invalid length. [ 188.568535][ T8820] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1259'. [ 191.221895][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1304'. [ 191.634784][ T8937] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1314'. [ 191.926713][ T5886] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 192.085056][ T5886] usb 2-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 192.085092][ T5886] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.090817][ T5886] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 192.090847][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 192.090867][ T5886] usb 2-1: Product: syz [ 192.090881][ T5886] usb 2-1: Manufacturer: syz [ 192.090895][ T5886] usb 2-1: SerialNumber: syz [ 192.102722][ T5886] usb 2-1: config 0 descriptor?? [ 192.225713][ T5886] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 192.373454][ T5886] usb 2-1: USB disconnect, device number 8 [ 192.548823][ T8982] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1333'. [ 192.549118][ T8982] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1333'. [ 192.703865][ T8992] sctp: [Deprecated]: syz.4.1339 (pid 8992) Use of int in max_burst socket option deprecated. [ 192.703865][ T8992] Use struct sctp_assoc_value instead [ 192.836712][ T5886] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 192.975597][ T9008] dlm: non-version read from control device 4 [ 192.989912][ T5886] usb 2-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 192.989945][ T5886] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.994166][ T5886] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 192.994193][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 192.994213][ T5886] usb 2-1: Product: syz [ 192.994227][ T5886] usb 2-1: Manufacturer: syz [ 192.994241][ T5886] usb 2-1: SerialNumber: syz [ 193.007568][ T5886] usb 2-1: config 0 descriptor?? [ 193.150307][ T5886] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 193.258894][ T5886] usb 2-1: USB disconnect, device number 9 [ 193.526736][ T7712] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 193.676777][ T7712] usb 5-1: Using ep0 maxpacket: 16 [ 193.680595][ T7712] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 193.680622][ T7712] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 193.680642][ T7712] usb 5-1: config 0 has no interface number 0 [ 193.683275][ T7712] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 193.683304][ T7712] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.683324][ T7712] usb 5-1: Product: syz [ 193.683339][ T7712] usb 5-1: Manufacturer: syz [ 193.683353][ T7712] usb 5-1: SerialNumber: syz [ 193.698642][ T7712] usb 5-1: config 0 descriptor?? [ 193.910874][ T7712] uvcvideo 5-1:0.105: Found UVC 0.00 device syz (046d:08f3) [ 193.910916][ T7712] uvcvideo 5-1:0.105: No valid video chain found. [ 193.934535][ T7712] usb 5-1: USB disconnect, device number 6 [ 194.273920][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.273984][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.608307][ T37] audit: type=1326 audit(1763365225.579:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.608359][ T37] audit: type=1326 audit(1763365225.609:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.608399][ T37] audit: type=1326 audit(1763365225.609:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.608439][ T37] audit: type=1326 audit(1763365225.609:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.608478][ T37] audit: type=1326 audit(1763365225.609:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.608517][ T37] audit: type=1326 audit(1763365225.609:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.608555][ T37] audit: type=1326 audit(1763365225.609:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.621113][ T37] audit: type=1326 audit(1763365225.619:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.621161][ T37] audit: type=1326 audit(1763365225.619:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.621199][ T37] audit: type=1326 audit(1763365225.619:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9091 comm="syz.4.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 194.956963][ T44] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 195.060414][ T9114] serio: Serial port pty29 [ 195.129196][ T44] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 195.129224][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.144895][ T44] usb 1-1: config 0 descriptor?? [ 195.152177][ T44] cp210x 1-1:0.0: cp210x converter detected [ 195.574213][ T44] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 195.641657][ T9141] netlink: 'syz.4.1412': attribute type 3 has an invalid length. [ 195.788839][ T44] usb 1-1: cp210x converter now attached to ttyUSB0 [ 195.990110][ T7690] usb 1-1: USB disconnect, device number 12 [ 196.009396][ T7690] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 196.127673][ T7690] cp210x 1-1:0.0: device disconnected [ 196.849701][ T44] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 197.018122][ T44] usb 5-1: Using ep0 maxpacket: 8 [ 197.020356][ T44] usb 5-1: config 0 has an invalid interface number: 186 but max is 0 [ 197.020382][ T44] usb 5-1: config 0 has no interface number 0 [ 197.020432][ T44] usb 5-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 197.020457][ T44] usb 5-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 197.020483][ T44] usb 5-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 197.020510][ T44] usb 5-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 197.081160][ T44] usb 5-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 197.081189][ T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.081209][ T44] usb 5-1: Product: syz [ 197.081222][ T44] usb 5-1: Manufacturer: syz [ 197.081236][ T44] usb 5-1: SerialNumber: syz [ 197.088317][ T44] usb 5-1: config 0 descriptor?? [ 197.347116][ T44] iowarrior 5-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 197.559396][ T44] usb 5-1: USB disconnect, device number 7 [ 197.777624][ T9231] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1452'. [ 198.105562][ T9257] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 198.157297][ T44] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 198.320174][ T44] usb 1-1: Using ep0 maxpacket: 32 [ 198.322619][ T44] usb 1-1: config 0 has an invalid interface number: 85 but max is 0 [ 198.322644][ T44] usb 1-1: config 0 has no interface number 0 [ 198.322692][ T44] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 198.322716][ T44] usb 1-1: config 0 interface 85 has no altsetting 0 [ 198.327121][ T44] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 198.327147][ T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.327167][ T44] usb 1-1: Product: syz [ 198.327181][ T44] usb 1-1: Manufacturer: syz [ 198.327194][ T44] usb 1-1: SerialNumber: syz [ 198.341673][ T44] usb 1-1: config 0 descriptor?? [ 198.959426][ T44] appletouch 1-1:0.85: Geyser mode initialized. [ 198.963224][ T44] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input29 [ 199.172811][ T44] usb 1-1: USB disconnect, device number 13 [ 199.284506][ T44] appletouch 1-1:0.85: input: appletouch disconnected [ 199.979928][ T9348] capability: warning: `syz.0.1510' uses deprecated v2 capabilities in a way that may be insecure [ 200.708406][ T9380] tun0: tun_chr_ioctl cmd 1074025675 [ 200.708440][ T9380] tun0: persist enabled [ 200.708780][ T9380] tun0: tun_chr_ioctl cmd 1074025675 [ 200.708796][ T9380] tun0: persist enabled [ 201.732939][ T9440] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1554'. [ 201.811743][ T9440] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1554'. [ 202.199770][ T9468] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1568'. [ 202.912264][ T44] IPVS: starting estimator thread 0... [ 202.932918][ T9503] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 202.996866][ T9508] IPVS: using max 8 ests per chain, 19200 per kthread [ 203.836730][ T5904] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 203.993117][ T5904] usb 1-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 203.993153][ T5904] usb 1-1: config 0 interface 0 has no altsetting 0 [ 203.996121][ T5904] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 203.996150][ T5904] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 203.996170][ T5904] usb 1-1: Product: syz [ 203.996185][ T5904] usb 1-1: Manufacturer: syz [ 203.996207][ T5904] usb 1-1: SerialNumber: syz [ 204.068795][ T5904] usb 1-1: config 0 descriptor?? [ 204.137519][ T5904] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 204.305798][ T5904] usb 1-1: USB disconnect, device number 14 [ 204.595020][ T9603] loop8: detected capacity change from 0 to 8 [ 204.644131][ T9603] Dev loop8: unable to read RDB block 8 [ 204.644187][ T9603] loop8: unable to read partition table [ 204.644422][ T9603] loop8: partition table beyond EOD, truncated [ 204.644441][ T9603] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 204.746737][ T5904] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 204.748130][ T37] kauditd_printk_skb: 14 callbacks suppressed [ 204.748145][ T37] audit: type=1326 audit(1763365235.749:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.748281][ T37] audit: type=1326 audit(1763365235.749:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.772822][ T37] audit: type=1326 audit(1763365235.769:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.774181][ T37] audit: type=1326 audit(1763365235.769:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.774227][ T37] audit: type=1326 audit(1763365235.769:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.774271][ T37] audit: type=1326 audit(1763365235.769:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.776346][ T37] audit: type=1326 audit(1763365235.769:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.776696][ T37] audit: type=1326 audit(1763365235.769:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.794476][ T37] audit: type=1326 audit(1763365235.789:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.796737][ T37] audit: type=1326 audit(1763365235.789:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9604 comm="syz.4.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x7ffc0000 [ 204.987028][ T5904] usb 1-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 204.987062][ T5904] usb 1-1: config 0 interface 0 has no altsetting 0 [ 205.010313][ T5904] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 205.010343][ T5904] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 205.010364][ T5904] usb 1-1: Product: syz [ 205.010385][ T5904] usb 1-1: Manufacturer: syz [ 205.010400][ T5904] usb 1-1: SerialNumber: syz [ 205.056883][ T5904] usb 1-1: config 0 descriptor?? [ 205.102289][ T5904] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 205.302343][ T5904] usb 1-1: USB disconnect, device number 15 [ 208.220589][ T9783] IPVS: sh: UDP 172.20.20.187:0 - no destination available [ 208.516813][ T7690] psmouse serio3: Failed to reset mouse on : -5 [ 209.076738][ T7711] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 209.229055][ T7711] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 209.229114][ T7711] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 209.229142][ T7711] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 209.229164][ T7711] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 209.229209][ T7711] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 209.229232][ T7711] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.248413][ T7711] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 209.250006][ T7711] usb 1-1: invalid MIDI out EP 0 [ 209.464992][ T7711] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 209.486082][ T7711] usb 1-1: USB disconnect, device number 16 [ 209.859339][ T9867] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1757'. [ 210.115446][ T9875] support for the xor transformation has been removed. [ 211.074347][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1782'. [ 211.074394][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1782'. [ 211.719263][ T5817] Bluetooth: hci2: command 0x0406 tx timeout [ 211.719306][ T5817] Bluetooth: hci1: command 0x0406 tx timeout [ 212.287573][ T7690] misc userio: Buffer overflowed, userio client isn't keeping up [ 213.246870][ T5886] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 213.340127][ T7690] input: PS/2 Generic Mouse as /devices/serio3/input/input30 [ 213.407334][ T5886] usb 2-1: Using ep0 maxpacket: 8 [ 213.413434][ T5886] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 213.413465][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.413494][ T5886] usb 2-1: Product: syz [ 213.413508][ T5886] usb 2-1: Manufacturer: syz [ 213.413522][ T5886] usb 2-1: SerialNumber: syz [ 213.421948][ T5886] usb 2-1: config 0 descriptor?? [ 213.440273][ T5886] gspca_main: sq905-2.14.0 probing 2770:9120 [ 213.546749][ T7690] psmouse serio3: Failed to enable mouse on [ 213.845596][T10041] netlink: 'syz.0.1844': attribute type 1 has an invalid length. [ 213.845637][T10041] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 214.474013][ T5886] gspca_sq905: sq905_read_data: usb_control_msg failed (-71) [ 214.474112][ T5886] sq905 2-1:0.0: probe with driver sq905 failed with error -71 [ 214.490563][ T5886] usb 2-1: USB disconnect, device number 10 [ 214.736786][T10089] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1867'. [ 215.768108][T10138] netlink: 'syz.1.1892': attribute type 12 has an invalid length. [ 217.167675][T10202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1923'. [ 217.224204][T10206] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1923'. [ 219.594164][T10298] netlink: 51 bytes leftover after parsing attributes in process `syz.0.1968'. [ 220.003492][T10317] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1975'. [ 220.003528][T10317] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1975'. [ 220.029950][T10317] erspan0: entered promiscuous mode [ 220.031558][T10317] gretap0: entered promiscuous mode [ 220.032557][T10317] debugfs: 'hsr1' already exists in 'hsr' [ 220.032581][T10317] Cannot create hsr debugfs directory [ 221.305537][T10394] bridge0: entered promiscuous mode [ 221.305878][T10394] macsec1: entered promiscuous mode [ 221.320407][T10394] bridge0: port 3(macsec1) entered blocking state [ 221.342692][T10394] bridge0: port 3(macsec1) entered disabled state [ 221.342943][T10394] macsec1: entered allmulticast mode [ 221.342960][T10394] bridge0: entered allmulticast mode [ 221.369363][T10394] macsec1: left allmulticast mode [ 221.369380][T10394] bridge0: left allmulticast mode [ 221.432482][T10394] bridge0: left promiscuous mode [ 222.231172][T10430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2031'. [ 222.739250][T10456] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2044'. [ 222.743177][T10456] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2044'. [ 222.911672][T10468] bridge_slave_0: left allmulticast mode [ 222.911702][T10468] bridge_slave_0: left promiscuous mode [ 222.911984][T10468] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.703042][T10520] input: syz0 as /devices/virtual/input/input32 [ 225.037168][T10586] batadv_slave_1: entered promiscuous mode [ 225.038201][T10584] batadv_slave_1: left promiscuous mode [ 225.310102][T10592] evm: overlay not supported [ 225.948058][ T5904] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 226.099041][ T5904] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 226.099073][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 226.099099][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 226.099122][ T5904] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 226.099165][ T5904] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 226.099190][ T5904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.116693][ T5886] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 226.183991][ T5904] usb 5-1: config 0 descriptor?? [ 226.282986][ T5886] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 226.283017][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.296465][ T5886] usb 1-1: config 0 descriptor?? [ 226.313509][ T5886] cp210x 1-1:0.0: cp210x converter detected [ 226.606652][ T5904] plantronics 0003:047F:FFFF.000B: ignoring exceeding usage max [ 226.636355][ T5904] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 226.739764][T10640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 226.740189][T10640] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 226.740341][ T5886] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 226.756264][ T5886] usb 1-1: cp210x converter now attached to ttyUSB0 [ 226.963968][ T5886] usb 1-1: USB disconnect, device number 17 [ 226.994484][ T5886] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 227.188559][ T5886] cp210x 1-1:0.0: device disconnected [ 228.205187][T10722] netlink: 'syz.1.2169': attribute type 1 has an invalid length. [ 228.319925][T10722] 8021q: adding VLAN 0 to HW filter on device bond1 [ 228.344219][T10728] bond1: (slave geneve2): making interface the new active one [ 228.379139][T10728] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 228.839087][ T5904] usb 5-1: USB disconnect, device number 8 [ 232.047656][ T5904] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 232.176727][ T5904] usb 1-1: device descriptor read/64, error -71 [ 232.426702][ T5904] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 232.556704][ T5904] usb 1-1: device descriptor read/64, error -71 [ 232.667516][ T5904] usb usb1-port1: attempt power cycle [ 233.006738][ T5904] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 233.027403][ T5904] usb 1-1: device descriptor read/8, error -71 [ 233.266726][ T5904] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 233.287220][ T5904] usb 1-1: device descriptor read/8, error -71 [ 233.304089][ T37] kauditd_printk_skb: 13 callbacks suppressed [ 233.304106][ T37] audit: type=1326 audit(1763365264.299:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 233.304268][ T37] audit: type=1326 audit(1763365264.299:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 233.358631][ T37] audit: type=1326 audit(1763365264.359:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 233.358681][ T37] audit: type=1326 audit(1763365264.359:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 233.358721][ T37] audit: type=1326 audit(1763365264.359:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 233.364757][ T37] audit: type=1326 audit(1763365264.359:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b6c5ddf10 code=0x7ffc0000 [ 233.364807][ T37] audit: type=1326 audit(1763365264.359:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f0b6c5e0ef7 code=0x7ffc0000 [ 233.365871][ T37] audit: type=1326 audit(1763365264.359:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 233.365915][ T37] audit: type=1326 audit(1763365264.359:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f0b6c5e0ef7 code=0x7ffc0000 [ 233.365954][ T37] audit: type=1326 audit(1763365264.359:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10926 comm="syz.1.2269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0b6c5de32a code=0x7ffc0000 [ 233.476760][ T5904] usb usb1-port1: unable to enumerate USB device [ 234.386414][T10988] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2298'. [ 235.911260][T11082] tls_set_device_offload: netdev not found [ 236.821908][T11143] binder: 11141:11143 ioctl 40046205 0 returned -22 [ 237.172516][T11167] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.2384'. [ 239.036029][T11271] binder: 11269:11271 ioctl c0306201 200000000040 returned -22 [ 242.287893][T11452] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 244.224661][T11570] input: syz0 as /devices/virtual/input/input33 [ 244.746421][ T7690] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 244.766600][T11604] netlink: 1319 bytes leftover after parsing attributes in process `syz.1.2588'. [ 244.896249][ T7690] usb 5-1: Using ep0 maxpacket: 16 [ 244.898703][ T7690] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.898735][ T7690] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.898758][ T7690] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 244.898802][ T7690] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 244.898826][ T7690] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.934360][ T7690] usb 5-1: config 0 descriptor?? [ 245.384522][ T7690] input: HID 05ac:8241 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:05AC:8241.000C/input/input34 [ 245.528820][ T7690] appleir 0003:05AC:8241.000C: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.4-1/input0 [ 245.612080][ T7690] usb 5-1: USB disconnect, device number 9 acpid: input device has been disconnected, fd 10 [ 246.075666][ T44] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 246.243675][ T44] usb 2-1: Using ep0 maxpacket: 32 [ 246.252241][ T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 246.252273][ T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 246.252312][ T44] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 246.252335][ T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.307803][ T44] usb 2-1: config 0 descriptor?? [ 246.311582][ T44] hub 2-1:0.0: USB hub found [ 246.532634][ T44] hub 2-1:0.0: 1 port detected [ 247.140170][ T44] hub 2-1:0.0: activate --> -90 [ 247.362703][T11742] tty tty20: ldisc open failed (-12), clearing slot 19 [ 247.556299][ T7711] usb 2-1: USB disconnect, device number 11 [ 247.775119][ T44] usb 2-1-port1: config error [ 247.937393][T11775] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 250.593723][T11897] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.2726'. [ 252.170067][T11975] ptrace attach of "./syz-executor exec"[11977] was attempted by "./syz-executor exec"[11975] [ 253.406234][T12038] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2790'. [ 255.073647][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 255.073665][ T37] audit: type=1326 audit(1763365286.076:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.343653][T12128] netlink: 'syz.4.2833': attribute type 29 has an invalid length. [ 255.359660][T12128] netlink: 'syz.4.2833': attribute type 29 has an invalid length. [ 255.360563][T12128] netlink: 500 bytes leftover after parsing attributes in process `syz.4.2833'. [ 255.560922][ T37] audit: type=1326 audit(1763365286.556:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.560974][ T37] audit: type=1326 audit(1763365286.556:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.561020][ T37] audit: type=1326 audit(1763365286.556:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.561060][ T37] audit: type=1326 audit(1763365286.556:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.561101][ T37] audit: type=1326 audit(1763365286.556:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.561141][ T37] audit: type=1326 audit(1763365286.556:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.561181][ T37] audit: type=1326 audit(1763365286.556:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.561221][ T37] audit: type=1326 audit(1763365286.556:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.561261][ T37] audit: type=1326 audit(1763365286.556:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12104 comm="syz.1.2824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7fc00000 [ 255.720571][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.720640][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.480521][ T7691] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 256.640383][ T7691] usb 2-1: Using ep0 maxpacket: 16 [ 256.642850][ T7691] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 256.642882][ T7691] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 256.646070][ T7691] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 256.646099][ T7691] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.646120][ T7691] usb 2-1: Product: syz [ 256.646134][ T7691] usb 2-1: Manufacturer: syz [ 256.646149][ T7691] usb 2-1: SerialNumber: syz [ 256.665846][ T7691] usb 2-1: config 0 descriptor?? [ 256.684888][ T7691] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 256.684925][ T7691] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 257.318251][ T7691] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 257.322064][ T7691] em28xx 2-1:0.0: Config register raw data: 0x36 [ 257.322085][ T7691] em28xx 2-1:0.0: I2S Audio (3 sample rate(s)) [ 257.322100][ T7691] em28xx 2-1:0.0: No AC97 audio processor [ 257.743414][ T7691] usb 2-1: USB disconnect, device number 12 [ 259.159112][ T5904] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 259.313049][ T5904] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30 [ 259.313105][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 259.313131][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 259.313154][ T5904] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129 [ 259.313196][ T5904] usb 5-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00 [ 259.313218][ T5904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.318636][ T5904] usb 5-1: config 0 descriptor?? [ 259.751336][ T5904] wacom 0003:056A:0015.000D: Unknown device_type for 'HID 056a:0015'. Assuming pen. [ 259.777208][ T5904] wacom 0003:056A:0015.000D: hidraw0: USB HID v0.00 Device [HID 056a:0015] on usb-dummy_hcd.4-1/input0 [ 259.790971][ T5904] input: Wacom Graphire4 4x5 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:0015.000D/input/input35 [ 259.933369][ T5904] usb 5-1: USB disconnect, device number 10 [ 260.368529][ T44] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 260.528559][ T44] usb 1-1: Using ep0 maxpacket: 32 [ 260.531210][ T44] usb 1-1: config 0 has an invalid interface number: 12 but max is 0 [ 260.531239][ T44] usb 1-1: config 0 has no interface number 0 [ 260.531291][ T44] usb 1-1: config 0 interface 12 has no altsetting 0 [ 260.536498][ T44] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 260.536525][ T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.536545][ T44] usb 1-1: Product: syz [ 260.536559][ T44] usb 1-1: Manufacturer: syz [ 260.536573][ T44] usb 1-1: SerialNumber: syz [ 260.605608][ T44] usb 1-1: config 0 descriptor?? [ 261.871028][ T44] f81534 1-1:0.12: f81534_set_register: reg: 1003 data: b8 failed: -71 [ 261.871157][ T44] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71 [ 261.871176][ T44] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 261.871271][ T44] f81534 1-1:0.12: probe with driver f81534 failed with error -71 [ 261.911527][ T44] usb 1-1: USB disconnect, device number 22 [ 262.789847][T12425] syzkaller1: entered promiscuous mode [ 262.789871][T12425] syzkaller1: entered allmulticast mode [ 264.216634][ T7712] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 264.369177][ T7712] usb 1-1: config index 0 descriptor too short (expected 64706, got 72) [ 264.386602][ T7712] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 264.386631][ T7712] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.386649][ T7712] usb 1-1: Product: syz [ 264.386662][ T7712] usb 1-1: Manufacturer: syz [ 264.386675][ T7712] usb 1-1: SerialNumber: syz [ 264.410306][T12488] netlink: 'syz.1.3008': attribute type 11 has an invalid length. [ 264.410327][T12488] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3008'. [ 264.412200][T12488] netlink: 'syz.1.3008': attribute type 11 has an invalid length. [ 264.412218][T12488] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3008'. [ 264.412459][T12488] netlink: 'syz.1.3008': attribute type 11 has an invalid length. [ 264.412472][T12488] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3008'. [ 264.501079][ T7712] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 264.626782][ T7711] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 264.849208][ T5904] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 264.897754][ T7690] usb 1-1: USB disconnect, device number 23 [ 264.999828][ T5904] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 264.999860][ T5904] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.005737][ T5904] usb 2-1: config 0 descriptor?? [ 265.020605][ T5904] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 265.698384][ T7711] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 265.699330][ T7711] ath9k_htc: Failed to initialize the device [ 265.707116][ T7690] usb 1-1: ath9k_htc: USB layer deinitialized [ 266.281603][ T5904] usb 2-1: USB disconnect, device number 13 [ 266.306123][T12559] netlink: 'syz.0.3041': attribute type 1 has an invalid length. [ 266.306144][T12559] netlink: 'syz.0.3041': attribute type 3 has an invalid length. [ 266.306157][T12559] netlink: 'syz.0.3041': attribute type 2 has an invalid length. [ 266.306170][T12559] netlink: 200 bytes leftover after parsing attributes in process `syz.0.3041'. [ 271.258657][T12841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3165'. [ 271.360765][ T7690] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 271.509045][ T7690] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 271.509072][ T7690] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 271.510644][ T7690] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 271.510671][ T7690] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 271.510691][ T7690] usb 2-1: SerialNumber: syz [ 271.750134][ T7690] usb 2-1: 0:2 : does not exist [ 271.803055][ T7690] usb 2-1: USB disconnect, device number 14 [ 272.820072][T12919] loop2: detected capacity change from 0 to 7 [ 272.821256][T12919] Dev loop2: unable to read RDB block 7 [ 272.821305][T12919] loop2: unable to read partition table [ 272.821558][T12919] loop2: partition table beyond EOD, truncated [ 272.821577][T12919] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 273.132257][ T5812] Bluetooth: hci3: command 0x0406 tx timeout [ 273.534214][ T5869] Process accounting resumed [ 273.739691][T12975] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3223'. [ 273.755078][T12975] veth1_macvtap: left promiscuous mode [ 275.840552][T13078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3276'. [ 276.427325][ T7690] libceph: connect (1)[c::]:6789 error -101 [ 276.428024][ T7690] libceph: mon0 (1)[c::]:6789 connect error [ 276.479640][ T7690] libceph: connect (1)[c::]:6789 error -101 [ 276.479835][ T7690] libceph: mon0 (1)[c::]:6789 connect error [ 276.491015][T13100] ceph: No mds server is up or the cluster is laggy [ 279.029082][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 279.202354][T13206] netlink: 'syz.0.3334': attribute type 10 has an invalid length. [ 279.204996][T13206] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.206718][T13206] team0: entered promiscuous mode [ 279.206730][T13206] team_slave_0: entered promiscuous mode [ 279.206856][T13206] team_slave_1: entered promiscuous mode [ 279.207354][T13206] bond0: (slave team0): Enslaving as an active interface with an up link [ 279.472138][T13212] netlink: 212360 bytes leftover after parsing attributes in process `syz.4.3336'. [ 279.790174][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 280.696931][ T37] kauditd_printk_skb: 116 callbacks suppressed [ 280.696949][ T37] audit: type=1326 audit(1763365311.709:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13276 comm="syz.0.3366" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x0 [ 282.141725][ T37] audit: type=1326 audit(1763365313.159:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.0.3395" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x0 [ 283.037178][ T7690] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 283.205792][ T7690] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 283.218675][ T7690] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 283.218705][ T7690] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.218726][ T7690] usb 5-1: Product: syz [ 283.218741][ T7690] usb 5-1: Manufacturer: syz [ 283.218755][ T7690] usb 5-1: SerialNumber: syz [ 284.279599][ T7690] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 284.279643][ T7690] cdc_ncm 5-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 284.279663][ T7690] cdc_ncm 5-1:1.0: setting rx_max = 2048 [ 284.696428][ T7690] cdc_ncm 5-1:1.0: setting tx_max = 88 [ 284.758938][ T7690] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 284.822776][ T7690] usb 5-1: USB disconnect, device number 11 [ 284.825154][ T7690] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP) [ 286.653371][T13541] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 287.115124][ T7711] usb 1-1: new full-speed USB device number 24 using dummy_hcd [ 287.267928][ T7711] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 287.267961][ T7711] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.303040][ T7711] usb 1-1: config 0 descriptor?? [ 287.823049][ T7711] logitech 0003:046D:C293.000E: hidraw0: USB HID v0.00 Device [HID 046d:c293] on usb-dummy_hcd.0-1/input0 [ 287.823105][ T7711] logitech 0003:046D:C293.000E: no inputs found [ 288.575008][ T7712] usb 1-1: USB disconnect, device number 24 [ 289.096380][ T7712] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 289.246552][ T7712] usb 1-1: config 0 has no interfaces? [ 289.246588][ T7712] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 289.246613][ T7712] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.252130][ T7712] usb 1-1: config 0 descriptor?? [ 289.548380][ T7711] usb 1-1: USB disconnect, device number 25 [ 291.473702][T13769] trusted_key: encrypted_key: insufficient parameters specified [ 291.551638][ T37] audit: type=1326 audit(1763365322.564:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13772 comm="syz.4.3603" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x0 [ 294.719540][T13964] random: crng reseeded on system resumption [ 294.994141][ T37] audit: type=1326 audit(1763365326.016:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13980 comm="syz.4.3702" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf879cf6c9 code=0x0 [ 295.860765][ T5869] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 296.010708][ T5869] usb 2-1: Using ep0 maxpacket: 8 [ 296.016226][ T5869] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 296.016254][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 296.016274][ T5869] usb 2-1: Product: syz [ 296.016288][ T5869] usb 2-1: Manufacturer: syz [ 296.016302][ T5869] usb 2-1: SerialNumber: syz [ 296.050497][ T5869] usb 2-1: config 0 descriptor?? [ 296.270838][ T5869] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 296.877686][ T5869] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 296.883217][ T5869] usb 2-1: USB disconnect, device number 15 [ 299.046377][ T7125] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.457191][T14213] futex_wake_op: syz.1.3819 tries to shift op by 144; fix this program [ 299.499553][ T7691] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 299.534434][ T5812] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 299.548323][ T5812] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 299.564612][ T7125] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.582204][ T5812] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 299.600712][ T5812] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 299.602003][ T5812] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 299.648842][ T7691] usb 1-1: Using ep0 maxpacket: 32 [ 299.663765][ T7691] usb 1-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config [ 299.664085][ T7691] usb 1-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 299.664113][ T7691] usb 1-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 299.664141][ T7691] usb 1-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 299.683884][ T7691] usb 1-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 299.683915][ T7691] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.683934][ T7691] usb 1-1: Product: syz [ 299.683949][ T7691] usb 1-1: Manufacturer: syz [ 299.683963][ T7691] usb 1-1: SerialNumber: syz [ 299.731943][ C0] imon 1-1:155.0: imon usb_rx_callback_intf0: status(-71) [ 299.904392][ T7691] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/input/input38 [ 300.008885][ T7691] imon 1-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR [ 300.008905][ T7691] (id 0x00) [ 300.126610][ T7125] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.148574][ T7691] rc_core: IR keymap rc-imon-pad not found [ 300.148595][ T7691] Registered IR keymap rc-empty [ 300.149262][ T7691] imon 1-1:155.0: Looks like you're trying to use an IR protocol this device does not support [ 300.149283][ T7691] imon 1-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 300.210958][ T7691] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/rc/rc0 [ 300.214775][ T7691] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/rc/rc0/input39 [ 300.272168][ T7691] imon 1-1:155.0: iMON device (15c2:ffdc, intf0) on usb<1:26> initialized [ 300.401576][ T7691] usb 1-1: USB disconnect, device number 26 acpid: input device has been disconnected, fd 3 [ 300.566410][ T7125] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 acpid: input device has been disconnected, fd 10 [ 301.231759][ T7125] bridge_slave_1: left allmulticast mode [ 301.231960][ T7125] bridge_slave_1: left promiscuous mode [ 301.236208][ T7125] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.340998][ T7125] bridge_slave_0: left allmulticast mode [ 301.341029][ T7125] bridge_slave_0: left promiscuous mode [ 301.341263][ T7125] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.679872][ T5812] Bluetooth: hci2: command tx timeout [ 302.757047][ T7125] erspan0 (unregistering): left promiscuous mode [ 302.958325][ T7125] gretap0 (unregistering): left promiscuous mode [ 303.149932][T14400] syz.0.3908 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 303.756952][ T5812] Bluetooth: hci2: command tx timeout [ 304.942571][T14503] binder: 14502:14503 ioctl 4018620d 0 returned -22 [ 304.977991][ T7125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 305.076826][ T7125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 305.170779][ T7125] bond0 (unregistering): (slave macvlan0): Releasing backup interface [ 305.208566][ T7125] veth1_vlan: left allmulticast mode [ 305.249628][ T7125] bond0 (unregistering): Released all slaves [ 305.676884][T14317] team0: Port device team_slave_0 removed [ 305.843096][ T5812] Bluetooth: hci2: command tx timeout [ 306.390614][T14218] chnl_net:caif_netlink_parms(): no params data found [ 307.349731][ T37] audit: type=1326 audit(1763365338.382:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14627 comm="syz.1.4018" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x0 [ 307.675069][T14218] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.675199][T14218] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.675424][T14218] bridge_slave_0: entered allmulticast mode [ 307.678260][T14218] bridge_slave_0: entered promiscuous mode [ 307.713894][T14218] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.714017][T14218] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.714228][T14218] bridge_slave_1: entered allmulticast mode [ 307.747212][T14218] bridge_slave_1: entered promiscuous mode [ 307.914751][ T5812] Bluetooth: hci2: command tx timeout [ 307.932548][ T7125] hsr_slave_0: left promiscuous mode [ 307.981111][ T7125] hsr_slave_1: left promiscuous mode [ 307.982106][ T7125] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 307.982407][ T7125] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 308.044735][ T7125] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 308.044764][ T7125] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 308.287735][ T7125] veth1_macvtap: left promiscuous mode [ 308.287944][ T7125] veth0_macvtap: left promiscuous mode [ 308.288128][ T7125] veth1_vlan: left promiscuous mode [ 308.288477][ T7125] veth0_vlan: left promiscuous mode [ 309.349084][ T37] audit: type=1326 audit(1763365340.373:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14738 comm="syz.1.4073" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x0 [ 310.882913][T14824] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4116'. [ 310.962710][T14831] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4116'. [ 312.054332][ T7125] team0 (unregistering): Port device team_slave_1 removed [ 312.383659][ T7125] team0 (unregistering): Port device team_slave_0 removed [ 316.170610][T14218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 316.176042][T14218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 316.696827][T14218] team0: Port device team_slave_0 added [ 316.712802][T14218] team0: Port device team_slave_1 added [ 316.850320][ T7711] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 317.022545][ T7711] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 317.022607][ T7711] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 317.024081][ T7711] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 317.024110][ T7711] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 317.024130][ T7711] usb 2-1: Manufacturer: syz [ 317.037449][ T7711] usb 2-1: config 0 descriptor?? [ 317.119946][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.120048][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.150103][ T7711] rc_core: IR keymap rc-hauppauge not found [ 317.150123][ T7711] Registered IR keymap rc-empty [ 317.152383][ T7711] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 317.155460][ T7711] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input40 [ 317.168815][T14218] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 317.168830][T14218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 317.168856][T14218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 317.180192][T14218] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 317.180207][T14218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 317.180233][T14218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 317.312298][ C1] igorplugusb 2-1:0.0: Error: urb status = -32 [ 317.415750][ T7711] usb 2-1: USB disconnect, device number 16 acpid: input device has been disconnected, fd 3 [ 317.703654][T15197] cgroup: Unknown subsys name 'fsmagic' [ 317.810830][T14218] hsr_slave_0: entered promiscuous mode [ 317.812324][T14218] hsr_slave_1: entered promiscuous mode [ 317.813298][T14218] debugfs: 'hsr0' already exists in 'hsr' [ 317.813321][T14218] Cannot create hsr debugfs directory [ 318.171492][ T7125] IPVS: stop unused estimator thread 0... [ 319.186825][T14218] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 319.226016][T14218] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 319.245227][T14218] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 319.299864][T14218] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 319.566997][T14218] 8021q: adding VLAN 0 to HW filter on device bond0 [ 319.624534][T14218] 8021q: adding VLAN 0 to HW filter on device team0 [ 319.654668][ T7101] bridge0: port 1(bridge_slave_0) entered blocking state [ 319.665602][ T7101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 319.718910][ T7101] bridge0: port 2(bridge_slave_1) entered blocking state [ 319.719047][ T7101] bridge0: port 2(bridge_slave_1) entered forwarding state [ 320.822978][T14218] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 321.662028][T14218] veth0_vlan: entered promiscuous mode [ 321.695184][T14218] veth1_vlan: entered promiscuous mode [ 321.792109][T14218] veth0_macvtap: entered promiscuous mode [ 321.810855][T14218] veth1_macvtap: entered promiscuous mode [ 321.874101][T14218] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 321.921971][T14218] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 321.966237][ T7091] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.982400][ T7091] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.003744][ T7091] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.011377][ T7091] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.396355][ T7091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.396376][ T7091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.559548][ T7101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.559569][ T7101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.757388][ T7691] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 322.909829][ T7691] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 322.909862][ T7691] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 322.909885][ T7691] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 322.909929][ T7691] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 322.909952][ T7691] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.976694][ T7691] usb 1-1: config 0 descriptor?? [ 323.416239][ T7691] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 324.742149][T15424] usb 1-1: string descriptor 0 read error: -71 [ 324.842081][T15539] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4454'. [ 325.529663][ T7691] usb 1-1: USB disconnect, device number 27 [ 325.717921][T15590] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4478'. [ 326.412650][ T37] audit: type=1326 audit(1763365357.452:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.412704][ T37] audit: type=1326 audit(1763365357.452:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.428274][ T37] audit: type=1326 audit(1763365357.472:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.435435][ T37] audit: type=1326 audit(1763365357.472:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.435485][ T37] audit: type=1326 audit(1763365357.472:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.435523][ T37] audit: type=1326 audit(1763365357.472:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.435561][ T37] audit: type=1326 audit(1763365357.472:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.435598][ T37] audit: type=1326 audit(1763365357.472:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.435637][ T37] audit: type=1326 audit(1763365357.472:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 326.435675][ T37] audit: type=1326 audit(1763365357.472:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15622 comm="syz.0.4494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 327.205230][ T7712] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 327.369608][ T7712] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 327.369638][ T7712] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.369659][ T7712] usb 6-1: Product: syz [ 327.369673][ T7712] usb 6-1: Manufacturer: syz [ 327.369687][ T7712] usb 6-1: SerialNumber: syz [ 327.377176][ T7712] usb 6-1: config 0 descriptor?? [ 327.624979][ T7712] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 328.589813][T15721] netlink: 'syz.1.4538': attribute type 1 has an invalid length. [ 328.733839][T15721] 8021q: adding VLAN 0 to HW filter on device bond2 [ 328.991445][T15729] bond2: (slave veth3): Enslaving as an active interface with a down link [ 329.026512][ T7712] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 329.037570][ T7712] usb 6-1: USB disconnect, device number 2 [ 329.119674][T15730] bond2: (slave veth0_to_bond): making interface the new active one [ 329.141677][T15730] veth0_to_bond: entered promiscuous mode [ 329.155249][T15730] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 329.727834][T15773] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4562'. [ 333.610725][T15950] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4644'. [ 333.920788][T15961] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 334.400186][T15987] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 335.061923][ T37] kauditd_printk_skb: 10 callbacks suppressed [ 335.061940][ T37] audit: type=1326 audit(1763365366.106:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16032 comm="syz.0.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 335.062062][ T37] audit: type=1326 audit(1763365366.106:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16032 comm="syz.0.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 335.063333][ T37] audit: type=1326 audit(1763365366.106:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16032 comm="syz.0.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 335.063504][ T37] audit: type=1326 audit(1763365366.106:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16032 comm="syz.0.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 335.063650][ T37] audit: type=1326 audit(1763365366.106:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16032 comm="syz.0.4684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67b6c6f6c9 code=0x7ffc0000 [ 336.236021][T16096] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4715'. [ 336.388718][T16105] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4721'. [ 339.196909][ T37] audit: type=1326 audit(1763365370.238:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16253 comm="syz.1.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 339.199104][ T37] audit: type=1326 audit(1763365370.238:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16253 comm="syz.1.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 339.250310][ T37] audit: type=1326 audit(1763365370.288:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16253 comm="syz.1.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 339.250362][ T37] audit: type=1326 audit(1763365370.288:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16253 comm="syz.1.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 339.250404][ T37] audit: type=1326 audit(1763365370.288:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16253 comm="syz.1.4788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6c5df6c9 code=0x7ffc0000 [ 340.249262][ T7091] veth0_to_bond: left promiscuous mode [ 340.940223][ T37] kauditd_printk_skb: 19 callbacks suppressed [ 340.940241][ T37] audit: type=1800 audit(1763365371.929:394): pid=16326 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.4825" name="bus" dev="ramfs" ino=48539 res=0 errno=0 [ 341.571966][T16377] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4847'. [ 341.711189][T16373] mkiss: ax0: crc mode is auto. [ 342.146686][T16413] overlayfs: upper fs does not support file handles, falling back to index=off. [ 342.280743][T16418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4868'. [ 342.317022][T16422] fuse: Bad value for 'fd' [ 348.152260][T16620] mkiss: ax0: crc mode is auto. [ 348.717772][T16642] MTD: Couldn't look up '/dev/sg0': -15 [ 348.717871][T16642] /dev/sg0: Can't lookup blockdev [ 350.293620][T16696] 9pnet_fd: Insufficient options for proto=fd [ 360.000204][ T5118] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 360.005118][ T5118] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 360.006967][ T5118] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 360.048131][ T5118] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 360.048999][ T5118] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 362.141304][ T5118] Bluetooth: hci5: command tx timeout [ 364.201230][ T5812] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 364.217276][ T5807] Bluetooth: hci5: command tx timeout [ 364.234112][ T5812] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 364.235540][ T5812] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 364.236873][ T5812] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 364.264680][ T5812] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 366.297359][ T5118] Bluetooth: hci5: command tx timeout [ 366.300395][ T5812] Bluetooth: hci6: command tx timeout [ 368.377204][ T5118] Bluetooth: hci5: command tx timeout [ 368.377251][ T5812] Bluetooth: hci6: command tx timeout [ 370.457207][ T5812] Bluetooth: hci6: command tx timeout [ 372.537269][ T5812] Bluetooth: hci6: command tx timeout [ 426.704428][ T5812] Bluetooth: hci2: command 0x0406 tx timeout [ 447.837060][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 447.837083][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P16 [ 447.837109][ C0] rcu: (detected by 0, t=10502 jiffies, g=42589, q=35061 ncpus=2) [ 447.837130][ C0] task:ktimers/0 state:R running task stack:22904 pid:16 tgid:16 ppid:2 task_flags:0x4208040 flags:0x00080000 [ 447.837185][ C0] Call Trace: [ 447.837199][ C0] [ 447.837208][ C0] sched_show_task+0x49d/0x630 [ 447.837237][ C0] ? __pfx_sched_show_task+0x10/0x10 [ 447.837247][ C0] ? rcu_dump_cpu_stacks+0x79/0x4e0 [ 447.837262][ C0] ? wq_watchdog_touch+0xef/0x180 [ 447.837274][ C0] print_other_cpu_stall+0xf78/0x1340 [ 447.837293][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 447.837315][ C0] rcu_sched_clock_irq+0xa47/0x11b0 [ 447.837324][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 447.837338][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 447.837352][ C0] update_process_times+0x235/0x2d0 [ 447.837367][ C0] tick_nohz_handler+0x39a/0x520 [ 447.837381][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 447.837390][ C0] __hrtimer_run_queues+0x506/0xd40 [ 447.837419][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 447.837431][ C0] ? read_tsc+0x9/0x20 [ 447.837446][ C0] hrtimer_interrupt+0x45d/0xa90 [ 447.837473][ C0] __sysvec_apic_timer_interrupt+0x10b/0x410 [ 447.837488][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 447.837502][ C0] [ 447.837506][ C0] [ 447.837510][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 447.837521][ C0] RIP: 0010:advance_sched+0xac5/0xc90 [ 447.837534][ C0] Code: 4c 89 ef e8 cd 16 c7 ff e8 d8 c1 e2 01 89 c5 31 ff 89 c6 e8 3d eb e0 f8 85 ed 74 10 e8 54 26 c7 f8 84 c0 74 0e e8 7b e6 e0 f8 56 e8 74 e6 e0 f8 eb 4f e8 ad c1 e2 01 89 c5 31 ff 89 c6 e8 12 [ 447.837543][ C0] RSP: 0018:ffffc900001578d0 EFLAGS: 00000246 [ 447.837551][ C0] RAX: ffffffff88ddc725 RBX: ffffffff88ddc661 RCX: ffff88801b6a5a00 [ 447.837559][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100 [ 447.837565][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000100 [ 447.837571][ C0] R10: dffffc0000000000 R11: ffffed1003f5563c R12: ffff88801faab4e0 [ 447.837578][ C0] R13: ffff88801faab000 R14: 187f312cd0000000 R15: ffff88805b82a800 [ 447.837587][ C0] ? advance_sched+0xa01/0xc90 [ 447.837597][ C0] ? advance_sched+0xac5/0xc90 [ 447.837620][ C0] ? __pfx_advance_sched+0x10/0x10 [ 447.837630][ C0] __hrtimer_run_queues+0x552/0xd40 [ 447.837652][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 447.837664][ C0] ? ktime_get_update_offsets_now+0x3b2/0x3d0 [ 447.837681][ C0] hrtimer_run_softirq+0x1a3/0x2e0 [ 447.837693][ C0] handle_softirqs+0x22f/0x710 [ 447.837709][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 447.837726][ C0] run_ktimerd+0xcf/0x190 [ 447.837737][ C0] ? __pfx_run_ktimerd+0x10/0x10 [ 447.837748][ C0] ? schedule+0x91/0x360 [ 447.837764][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 447.837775][ C0] smpboot_thread_fn+0x542/0xa60 [ 447.837787][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 447.837802][ C0] kthread+0x711/0x8a0 [ 447.837817][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 447.837829][ C0] ? __pfx_kthread+0x10/0x10 [ 447.837839][ C0] ? rt_spin_unlock+0x150/0x200 [ 447.837852][ C0] ? rt_spin_unlock+0x161/0x200 [ 447.837862][ C0] ? __pfx_kthread+0x10/0x10 [ 447.837875][ C0] ret_from_fork+0x4bc/0x870 [ 447.837887][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 447.837902][ C0] ? __switch_to_asm+0x39/0x70 [ 447.837911][ C0] ? __switch_to_asm+0x33/0x70 [ 447.837919][ C0] ? __pfx_kthread+0x10/0x10 [ 447.837932][ C0] ret_from_fork_asm+0x1a/0x30 [ 447.837951][ C0] [ 447.837955][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 9223 jiffies! g42589 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 447.837966][ C0] rcu: Possible timer handling issue on cpu=0 timer-softirq=21789 [ 447.837971][ C0] rcu: rcu_preempt kthread starved for 9224 jiffies! g42589 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 447.837982][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 447.837987][ C0] rcu: RCU grace-period kthread stack dump: [ 447.837990][ C0] task:rcu_preempt state:I stack:26888 pid:18 tgid:18 ppid:2 task_flags:0x208040 flags:0x00080000 [ 447.838018][ C0] Call Trace: [ 447.838021][ C0] [ 447.838026][ C0] __schedule+0x16f3/0x4c20 [ 447.838042][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 447.838059][ C0] ? __lock_acquire+0xab9/0xd20 [ 447.838071][ C0] ? __pfx___schedule+0x10/0x10 [ 447.838091][ C0] ? schedule+0x91/0x360 [ 447.838104][ C0] schedule+0x165/0x360 [ 447.838117][ C0] schedule_timeout+0x12b/0x270 [ 447.838129][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 447.838141][ C0] ? __pfx_process_timeout+0x10/0x10 [ 447.838154][ C0] ? prepare_to_swait_event+0x341/0x380 [ 447.838168][ C0] rcu_gp_fqs_loop+0x301/0x1540 [ 447.838187][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 447.838198][ C0] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 447.838211][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 447.838222][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 447.838237][ C0] ? finish_swait+0xcd/0x1f0 [ 447.838249][ C0] rcu_gp_kthread+0x99/0x390 [ 447.838265][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 447.838283][ C0] ? __kthread_parkme+0x7b/0x200 [ 447.838295][ C0] ? __kthread_parkme+0x1a1/0x200 [ 447.838309][ C0] kthread+0x711/0x8a0 [ 447.838323][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 447.838335][ C0] ? __pfx_kthread+0x10/0x10 [ 447.838346][ C0] ? rt_spin_unlock+0x150/0x200 [ 447.838358][ C0] ? rt_spin_unlock+0x161/0x200 [ 447.838368][ C0] ? __pfx_kthread+0x10/0x10 [ 447.838380][ C0] ret_from_fork+0x4bc/0x870 [ 447.838392][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 447.838412][ C0] ? __switch_to_asm+0x39/0x70 [ 447.838420][ C0] ? __switch_to_asm+0x33/0x70 [ 447.838428][ C0] ? __pfx_kthread+0x10/0x10 [ 447.838441][ C0] ret_from_fork_asm+0x1a/0x30 [ 447.838459][ C0] [ 447.838462][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 447.838485][ C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 447.838509][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 447.838521][ C0] RIP: 0010:advance_sched+0xac5/0xc90 [ 447.838545][ C0] Code: 4c 89 ef e8 cd 16 c7 ff e8 d8 c1 e2 01 89 c5 31 ff 89 c6 e8 3d eb e0 f8 85 ed 74 10 e8 54 26 c7 f8 84 c0 74 0e e8 7b e6 e0 f8 56 e8 74 e6 e0 f8 eb 4f e8 ad c1 e2 01 89 c5 31 ff 89 c6 e8 12 [ 447.838563][ C0] RSP: 0018:ffffc900001578d0 EFLAGS: 00000246 [ 447.838579][ C0] RAX: ffffffff88ddc725 RBX: ffffffff88ddc661 RCX: ffff88801b6a5a00 [ 447.838596][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100 [ 447.838610][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000100 [ 447.838622][ C0] R10: dffffc0000000000 R11: ffffed1003f5563c R12: ffff88801faab4e0 [ 447.838638][ C0] R13: ffff88801faab000 R14: 187f312cd0000000 R15: ffff88805b82a800 [ 447.838655][ C0] FS: 0000000000000000(0000) GS:ffff888126df7000(0000) knlGS:0000000000000000 [ 447.838673][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 447.838687][ C0] CR2: 000055556151c808 CR3: 0000000035a84000 CR4: 00000000003526f0 [ 447.838705][ C0] Call Trace: [ 447.838708][ C0] [ 447.838720][ C0] ? __pfx_advance_sched+0x10/0x10 [ 447.838730][ C0] __hrtimer_run_queues+0x552/0xd40 [ 447.838752][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 447.838764][ C0] ? ktime_get_update_offsets_now+0x3b2/0x3d0 [ 447.838780][ C0] hrtimer_run_softirq+0x1a3/0x2e0 [ 447.838791][ C0] handle_softirqs+0x22f/0x710 [ 447.838807][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 447.838823][ C0] run_ktimerd+0xcf/0x190 [ 447.838834][ C0] ? __pfx_run_ktimerd+0x10/0x10 [ 447.838845][ C0] ? schedule+0x91/0x360 [ 447.838860][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 447.838870][ C0] smpboot_thread_fn+0x542/0xa60 [ 447.838881][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 447.838896][ C0] kthread+0x711/0x8a0 [ 447.838910][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 447.838921][ C0] ? __pfx_kthread+0x10/0x10 [ 447.838932][ C0] ? rt_spin_unlock+0x150/0x200 [ 447.838944][ C0] ? rt_spin_unlock+0x161/0x200 [ 447.838953][ C0] ? __pfx_kthread+0x10/0x10 [ 447.838966][ C0] ret_from_fork+0x4bc/0x870 [ 447.838978][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 447.838992][ C0] ? __switch_to_asm+0x39/0x70 [ 447.839000][ C0] ? __switch_to_asm+0x33/0x70 [ 447.839008][ C0] ? __pfx_kthread+0x10/0x10 [ 447.839021][ C0] ret_from_fork_asm+0x1a/0x30 [ 447.839038][ C0] [ 483.024212][ T5812] Bluetooth: hci5: command 0x0406 tx timeout [ 488.145081][ T5817] Bluetooth: hci6: command 0x0406 tx timeout