last executing test programs: 3.517370446s ago: executing program 0 (id=14419): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b"], 0xfc}, 0x1, 0x0, 0x0, 0x2000c010}, 0x0) socket$key(0xf, 0x3, 0x2) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) 3.400120963s ago: executing program 0 (id=14422): unshare(0x600) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f00000005c0)=ANY=[], 0x4) 3.353511714s ago: executing program 0 (id=14424): r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x103000) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000940)={0x53, 0xfffffffffffffffe, 0x3, 0xff, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000240)='Jh*', 0x0, 0x80000000, 0x10024, 0x3, 0x0}) 3.251844037s ago: executing program 0 (id=14427): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x100}}, 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2c, 0x9}) ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x40603d07, &(0x7f0000000100)={0xfffffffc}) r2 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(0xffffffffffffffff, 0x0, 0xb) splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) prctl$PR_SET_NAME(0xf, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a31000000000500010007"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 1.644955187s ago: executing program 3 (id=14447): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) writev(r4, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1) 1.575391333s ago: executing program 1 (id=14449): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r0, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e23, 0x2, @private2}, 0x1c) 1.476158069s ago: executing program 1 (id=14450): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x8, 0x2, 0x8204, 0x8000, 0x26c7, 0xc, 0xffff7957, 0xfffffff8}, 0x20) 1.463282917s ago: executing program 1 (id=14451): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$packet(0x11, 0x3, 0x300) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e21, @private=0xa010102}], 0x10) socket$rds(0x15, 0x5, 0x0) socket$inet6(0xa, 0x3, 0x5) unshare(0x2040400) getsockopt$inet_mreqn(r0, 0x0, 0x24, 0x0, 0x0) 759.923348ms ago: executing program 3 (id=14459): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a00010000000000000000000a00000a54000000060a0104000000000000000002000000280004800500"], 0x7c}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000) 559.851854ms ago: executing program 1 (id=14463): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x7, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x24008004}, 0x880) 488.041769ms ago: executing program 2 (id=14464): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) unshare(0x22020600) bind$inet(0xffffffffffffffff, 0x0, 0x0) 487.832603ms ago: executing program 1 (id=14465): r0 = syz_open_dev$evdev(&(0x7f000001fa80), 0x20000000, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x40084504, 0x0) 425.77879ms ago: executing program 2 (id=14466): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0) ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 377.168009ms ago: executing program 1 (id=14467): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) writev(r4, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1) 335.720187ms ago: executing program 2 (id=14468): r0 = socket$inet_smc(0x2b, 0x1, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x108) 224.093432ms ago: executing program 3 (id=14469): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00), 0x0, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) capset(&(0x7f0000000040)={0x20080522}, 0x0) 223.960374ms ago: executing program 2 (id=14470): setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084) 200.459176ms ago: executing program 3 (id=14471): r0 = syz_open_dev$usbfs(&(0x7f0000000280), 0xb, 0x1) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000300)={0x2, 0x3, 0xd3f, 0x3fe, 0x0, 0xc7, 0x0}) 183.144114ms ago: executing program 0 (id=14472): move_mount(0xffffffffffffffff, &(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0xffffffffffffffff, 0x0, 0x200) r0 = socket$kcm(0x15, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000080)=@rc={0xa}, 0x80, 0x0}, 0x0) 116.332816ms ago: executing program 2 (id=14473): bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x1}, 0xe) r0 = socket$inet6(0xa, 0x805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec) 111.668455ms ago: executing program 3 (id=14474): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) unshare(0x22020600) bind$inet(0xffffffffffffffff, 0x0, 0x0) 71.870941ms ago: executing program 0 (id=14475): ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x8e59, 0x0, 0x6}) close_range(r0, 0xffffffffffffffff, 0x0) r1 = getpgid(0xffffffffffffffff) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x2, &(0x7f00000000c0)=""/168) syz_pidfd_open(r1, 0x0) unshare(0x2c060000) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x4, {{@in=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x1000000000000000, 0x7, 0xffffffffffffff8b, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffc}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1, 0x0, 0x2}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x1}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) unshare(0x2c020400) 160.423µs ago: executing program 3 (id=14476): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0) ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 0s ago: executing program 2 (id=14477): r0 = open(&(0x7f00000014c0)='./file0\x00', 0x141140, 0x18) finit_module(r0, 0x0, 0x1) kernel console output (not intermixed with test programs): ] usb 3-1: config 0 has an invalid interface number: 3 but max is 0 [ 1006.972212][ T977] usb 3-1: config 0 has no interface number 0 [ 1006.978349][ T977] usb 3-1: New USB device found, idVendor=1199, idProduct=6821, bcdDevice=98.59 [ 1007.008078][ T977] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1007.036983][ T977] usb 3-1: config 0 descriptor?? [ 1007.050531][ T977] hub 3-1:0.3: bad descriptor, ignoring hub [ 1007.066261][ T977] hub 3-1:0.3: probe with driver hub failed with error -5 [ 1007.082594][ T977] sierra 3-1:0.3: Sierra USB modem converter detected [ 1007.266195][ T977] usb 3-1: Sierra USB modem converter now attached to ttyUSB0 [ 1007.321842][ T977] usb 3-1: USB disconnect, device number 36 [ 1007.344122][ T977] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 1007.363769][ T977] sierra 3-1:0.3: device disconnected [ 1008.017497][T25631] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8819'. [ 1015.100707][T22482] usb 4-1: new low-speed USB device number 62 using dummy_hcd [ 1015.298013][T22482] usb 4-1: config 0 has an invalid interface number: 3 but max is 0 [ 1015.306317][T22482] usb 4-1: config 0 has no interface number 0 [ 1015.321329][T22482] usb 4-1: New USB device found, idVendor=1199, idProduct=6821, bcdDevice=98.59 [ 1015.330402][T22482] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1015.373280][T22482] usb 4-1: config 0 descriptor?? [ 1015.391012][T22482] hub 4-1:0.3: bad descriptor, ignoring hub [ 1015.396994][T22482] hub 4-1:0.3: probe with driver hub failed with error -5 [ 1015.422524][T22482] sierra 4-1:0.3: Sierra USB modem converter detected [ 1015.592889][T22482] usb 4-1: Sierra USB modem converter now attached to ttyUSB0 [ 1015.653080][T22482] usb 4-1: USB disconnect, device number 62 [ 1015.674477][T22482] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 1015.707730][T22482] sierra 4-1:0.3: device disconnected [ 1023.199263][T25887] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8941'. [ 1023.502376][T25899] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1023.534074][T25899] kvm: pic: level sensitive irq not supported [ 1023.534150][T25899] kvm: pic: non byte read [ 1023.550712][T25899] kvm: pic: level sensitive irq not supported [ 1023.551006][T25899] kvm: pic: non byte read [ 1023.561967][T25899] kvm: pic: level sensitive irq not supported [ 1023.562033][T25899] kvm: pic: non byte read [ 1023.811481][T25915] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8953'. [ 1025.379021][T25975] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8983'. [ 1025.717901][T25996] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8993'. [ 1027.101333][T26047] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9018'. [ 1028.803801][T26116] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9051'. [ 1029.145868][T26137] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9062'. [ 1031.423595][T26219] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9103'. [ 1033.539632][ T62] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 1033.701421][ T62] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1033.711926][ T62] usb 4-1: config 0 has no interfaces? [ 1033.729380][ T62] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1033.743411][ T62] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1033.760810][ T62] usb 4-1: Product: syz [ 1033.770115][ T62] usb 4-1: Manufacturer: syz [ 1033.774759][ T62] usb 4-1: SerialNumber: syz [ 1033.793217][ T62] usb 4-1: config 0 descriptor?? [ 1034.004289][ T24] usb 4-1: USB disconnect, device number 63 [ 1038.872835][T26375] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1038.932273][T26375] kvm: pic: level sensitive irq not supported [ 1038.932348][T26375] kvm: pic: non byte read [ 1038.979808][T26375] kvm: pic: level sensitive irq not supported [ 1038.979878][T26375] kvm: pic: non byte read [ 1038.991335][T26375] kvm: pic: level sensitive irq not supported [ 1038.991409][T26375] kvm: pic: non byte read [ 1040.211526][T26384] binder: 26383:26384 ioctl c0306201 0 returned -14 [ 1040.948354][T26410] netlink: 96 bytes leftover after parsing attributes in process `syz.1.9194'. [ 1042.869129][T17222] usb 3-1: new low-speed USB device number 37 using dummy_hcd [ 1043.080775][T17222] usb 3-1: config 0 has an invalid interface number: 3 but max is 0 [ 1043.088817][T17222] usb 3-1: config 0 has no interface number 0 [ 1043.100245][T17222] usb 3-1: New USB device found, idVendor=1199, idProduct=6821, bcdDevice=98.59 [ 1043.119228][T17222] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1043.140152][T17222] usb 3-1: config 0 descriptor?? [ 1043.172146][T17222] hub 3-1:0.3: bad descriptor, ignoring hub [ 1043.178115][T17222] hub 3-1:0.3: probe with driver hub failed with error -5 [ 1043.210157][T17222] sierra 3-1:0.3: Sierra USB modem converter detected [ 1043.366324][T17222] usb 3-1: Sierra USB modem converter now attached to ttyUSB0 [ 1043.429865][T17222] usb 3-1: USB disconnect, device number 37 [ 1043.450389][T17222] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 1043.489635][T17222] sierra 3-1:0.3: device disconnected [ 1044.304310][T26501] dns_resolver: Unsupported content type (240) [ 1046.131241][T26533] overlayfs: missing 'lowerdir' [ 1051.853150][T26606] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9288'. [ 1053.408947][T26658] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9311'. [ 1053.513401][T26661] binder: 26660:26661 ioctl c0306201 0 returned -14 [ 1053.911929][T26683] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9323'. [ 1053.923366][T26683] ip6gre0: left promiscuous mode [ 1053.928348][T26683] ip6gre0: left allmulticast mode [ 1054.546707][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.553143][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.676968][T26706] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9335'. [ 1056.810816][T26740] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1056.872491][T26740] kvm: pic: level sensitive irq not supported [ 1056.872566][T26740] kvm: pic: non byte read [ 1056.883912][T26740] kvm: pic: level sensitive irq not supported [ 1056.883982][T26740] kvm: pic: non byte read [ 1056.905112][T26740] kvm: pic: level sensitive irq not supported [ 1056.905189][T26740] kvm: pic: non byte read [ 1057.307604][T26756] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9358'. [ 1057.398525][ T5870] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 1057.570217][ T5870] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1057.581651][ T5870] usb 4-1: config 0 has no interfaces? [ 1057.591281][ T5870] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1057.600680][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1057.619237][ T5870] usb 4-1: Product: syz [ 1057.628287][ T5870] usb 4-1: Manufacturer: syz [ 1057.632924][ T5870] usb 4-1: SerialNumber: syz [ 1057.659492][ T5870] usb 4-1: config 0 descriptor?? [ 1057.878100][ T5870] usb 4-1: USB disconnect, device number 64 [ 1058.238948][T26794] tmpfs: Bad value for 'nr_blocks' [ 1058.955119][T26822] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9389'. [ 1059.202335][T26828] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9392'. [ 1059.228899][T26828] ip6_vti0: entered promiscuous mode [ 1059.238218][T26828] ip6_vti0: entered allmulticast mode [ 1059.248247][ T5870] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 1059.408603][ T5870] usb 3-1: config index 0 descriptor too short (expected 28516, got 100) [ 1059.417077][ T5870] usb 3-1: config 15 has too many interfaces: 240, using maximum allowed: 32 [ 1059.448208][ T5870] usb 3-1: config 15 has an invalid descriptor of length 0, skipping remainder of the config [ 1059.468450][ T5870] usb 3-1: config 15 has 0 interfaces, different from the descriptor's value: 240 [ 1059.500018][ T5870] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1059.528155][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1059.548157][ T5870] usb 3-1: Product: syz [ 1059.552359][ T5870] usb 3-1: Manufacturer: syz [ 1059.556963][ T5870] usb 3-1: SerialNumber: syz [ 1060.316071][ T5870] usb 3-1: USB disconnect, device number 38 [ 1065.412987][T26886] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9420'. [ 1066.080559][ T977] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 1066.107633][T26904] 9p: Bad value for 'rfdno' [ 1066.239490][ T977] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1066.257829][ T977] usb 4-1: config 0 has no interfaces? [ 1066.276345][ T977] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1066.308364][ T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1066.326699][ T977] usb 4-1: Product: syz [ 1066.339745][ T977] usb 4-1: Manufacturer: syz [ 1066.355470][ T977] usb 4-1: SerialNumber: syz [ 1066.370705][ T977] usb 4-1: config 0 descriptor?? [ 1066.479955][T22536] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1066.495073][T22536] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1066.506129][T22536] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1066.511745][T26913] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9432'. [ 1066.533204][T22536] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1066.541940][T22536] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1066.939831][ T3520] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1067.066920][ T3520] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1067.096435][T26910] chnl_net:caif_netlink_parms(): no params data found [ 1067.129295][ T977] usb 4-1: USB disconnect, device number 65 [ 1067.264360][ T3520] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1067.400804][ T3520] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1067.438820][T26910] bridge0: port 1(bridge_slave_0) entered blocking state [ 1067.450983][T26910] bridge0: port 1(bridge_slave_0) entered disabled state [ 1067.467951][T26910] bridge_slave_0: entered allmulticast mode [ 1067.479251][T26910] bridge_slave_0: entered promiscuous mode [ 1067.489606][T26910] bridge0: port 2(bridge_slave_1) entered blocking state [ 1067.510614][T26910] bridge0: port 2(bridge_slave_1) entered disabled state [ 1067.523806][T26910] bridge_slave_1: entered allmulticast mode [ 1067.548843][T26910] bridge_slave_1: entered promiscuous mode [ 1067.662593][T26910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1067.711393][T26910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1067.877558][T26910] team0: Port device team_slave_0 added [ 1067.930604][T26910] team0: Port device team_slave_1 added [ 1068.111355][T26910] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1068.128776][T26910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1068.207904][T26910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1068.245620][T26910] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1068.263663][T26910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1068.338399][T26910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1068.393859][ T3520] bridge_slave_1: left allmulticast mode [ 1068.407935][ T3520] bridge_slave_1: left promiscuous mode [ 1068.428197][ T3520] bridge0: port 2(bridge_slave_1) entered disabled state [ 1068.484753][ T3520] bridge_slave_0: left allmulticast mode [ 1068.500253][ T3520] bridge_slave_0: left promiscuous mode [ 1068.508272][ T3520] bridge0: port 1(bridge_slave_0) entered disabled state [ 1068.580846][T26971] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1068.617783][ T5830] Bluetooth: hci0: command tx timeout [ 1069.452158][ T3520] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1069.464480][ T3520] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1069.474771][ T3520] bond0 (unregistering): Released all slaves [ 1069.594050][T26910] hsr_slave_0: entered promiscuous mode [ 1069.612950][T26910] hsr_slave_1: entered promiscuous mode [ 1070.050339][ T3520] hsr_slave_0: left promiscuous mode [ 1070.064739][ T3520] hsr_slave_1: left promiscuous mode [ 1070.073311][ T3520] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1070.083382][ T3520] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1070.098177][ T3520] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1070.105739][ T3520] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1070.153961][ T3520] veth1_macvtap: left promiscuous mode [ 1070.170905][ T3520] veth0_macvtap: left promiscuous mode [ 1070.176560][ T3520] veth1_vlan: left promiscuous mode [ 1070.190073][ T3520] veth0_vlan: left promiscuous mode [ 1070.371649][T27033] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1070.701523][ T5830] Bluetooth: hci0: command tx timeout [ 1070.901179][ T3520] team0 (unregistering): Port device team_slave_1 removed [ 1070.917623][ T5870] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 1070.942842][ T3520] team0 (unregistering): Port device team_slave_0 removed [ 1071.081448][ T5870] usb 4-1: config 0 has no interfaces? [ 1071.095638][ T5870] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1071.108283][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1071.116563][ T5870] usb 4-1: Product: syz [ 1071.120984][ T5870] usb 4-1: Manufacturer: syz [ 1071.125618][ T5870] usb 4-1: SerialNumber: syz [ 1071.133731][ T5870] usb 4-1: config 0 descriptor?? [ 1071.863574][T22482] usb 4-1: USB disconnect, device number 66 [ 1072.057492][ T5870] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 1072.160806][T26910] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1072.183278][T26910] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1072.206924][T26910] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1072.247877][ T5870] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1072.259484][ T5870] usb 3-1: config 0 has no interfaces? [ 1072.270322][T26910] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1072.283408][ T5870] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1072.303678][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1072.326095][ T5870] usb 3-1: Product: syz [ 1072.340839][ T5870] usb 3-1: Manufacturer: syz [ 1072.353826][ T5870] usb 3-1: SerialNumber: syz [ 1072.397029][ T5870] usb 3-1: config 0 descriptor?? [ 1072.517188][T26910] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1072.575980][T26910] 8021q: adding VLAN 0 to HW filter on device team0 [ 1072.604068][T22652] bridge0: port 1(bridge_slave_0) entered blocking state [ 1072.611336][T22652] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1072.613696][ T5870] usb 3-1: USB disconnect, device number 39 [ 1072.680891][T22652] bridge0: port 2(bridge_slave_1) entered blocking state [ 1072.688138][T22652] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1072.778512][ T5830] Bluetooth: hci0: command tx timeout [ 1073.224075][T26910] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1073.391404][T26910] veth0_vlan: entered promiscuous mode [ 1073.421002][T26910] veth1_vlan: entered promiscuous mode [ 1073.549695][T26910] veth0_macvtap: entered promiscuous mode [ 1073.601823][T26910] veth1_macvtap: entered promiscuous mode [ 1073.650010][T26910] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1073.689216][T26910] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1073.724803][ T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.744753][ T50] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.772442][ T50] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.814814][ T1146] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1073.948197][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1073.978039][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1074.036616][ T3520] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1074.054959][ T3520] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1074.825465][T27167] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1074.861543][ T5830] Bluetooth: hci0: command tx timeout [ 1075.924597][T27205] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1076.625112][T27235] netlink: 76 bytes leftover after parsing attributes in process `syz.1.9530'. [ 1077.077411][T27245] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 1077.507511][T27256] netlink: 92 bytes leftover after parsing attributes in process `syz.1.9536'. [ 1079.555421][T27318] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9554'. [ 1080.625476][T27367] binder: 27366:27367 ioctl c0306201 0 returned -14 [ 1081.005005][ T30] audit: type=1326 audit(1763163535.119:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27360 comm="syz.1.9583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0898f6c9 code=0x7ffc0000 [ 1081.087105][ T30] audit: type=1326 audit(1763163535.149:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27360 comm="syz.1.9583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0898f6c9 code=0x7ffc0000 [ 1081.159714][ T30] audit: type=1326 audit(1763163535.149:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27360 comm="syz.1.9583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0a0898f6c9 code=0x7ffc0000 [ 1081.226975][ T30] audit: type=1326 audit(1763163535.149:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27360 comm="syz.1.9583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0a0898f6c9 code=0x7ffc0000 [ 1082.373296][T27406] tmpfs: Bad value for 'nr_blocks' [ 1086.502024][T22536] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1086.512048][T22536] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1086.522378][T22536] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1086.541194][T22536] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1086.549414][T22536] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1086.953848][T27547] chnl_net:caif_netlink_parms(): no params data found [ 1087.304315][ T1146] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.330262][T27547] bridge0: port 1(bridge_slave_0) entered blocking state [ 1087.357919][T27547] bridge0: port 1(bridge_slave_0) entered disabled state [ 1087.365220][T27547] bridge_slave_0: entered allmulticast mode [ 1087.395294][T27547] bridge_slave_0: entered promiscuous mode [ 1087.415100][T27547] bridge0: port 2(bridge_slave_1) entered blocking state [ 1087.432903][T27547] bridge0: port 2(bridge_slave_1) entered disabled state [ 1087.451906][T27547] bridge_slave_1: entered allmulticast mode [ 1087.470248][T27547] bridge_slave_1: entered promiscuous mode [ 1087.510383][T27575] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9680'. [ 1087.526042][ T1146] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.690365][ T1146] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.739388][T27547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1087.771470][T27547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1087.844182][ T1146] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.982383][T27547] team0: Port device team_slave_0 added [ 1088.019843][T27547] team0: Port device team_slave_1 added [ 1088.104387][T27547] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1088.126576][T27547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1088.183300][T27547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1088.208900][T27547] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1088.215872][T27547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1088.286543][T27547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1088.440418][T27547] hsr_slave_0: entered promiscuous mode [ 1088.459389][T27547] hsr_slave_1: entered promiscuous mode [ 1088.465870][T27547] debugfs: 'hsr0' already exists in 'hsr' [ 1088.486750][T27547] Cannot create hsr debugfs directory [ 1088.616727][T22536] Bluetooth: hci1: command tx timeout [ 1088.849563][ T1146] bridge_slave_1: left allmulticast mode [ 1088.856591][ T1146] bridge_slave_1: left promiscuous mode [ 1088.863154][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state [ 1088.933615][ T1146] bridge_slave_0: left allmulticast mode [ 1088.960600][ T1146] bridge_slave_0: left promiscuous mode [ 1088.966512][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state [ 1090.088285][ T1146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1090.119878][ T1146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1090.139419][ T1146] bond0 (unregistering): Released all slaves [ 1090.556707][ T5870] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 1090.697280][T22536] Bluetooth: hci1: command tx timeout [ 1090.716718][ T1146] hsr_slave_0: left promiscuous mode [ 1090.723946][ T5870] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1090.723976][ T5870] usb 2-1: config 0 has no interfaces? [ 1090.730968][ T5870] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1090.750897][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1090.761938][ T5870] usb 2-1: Product: syz [ 1090.766132][ T5870] usb 2-1: Manufacturer: syz [ 1090.770955][ T5870] usb 2-1: SerialNumber: syz [ 1090.798327][ T5870] usb 2-1: config 0 descriptor?? [ 1090.802301][ T1146] hsr_slave_1: left promiscuous mode [ 1090.826086][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1090.843915][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1090.870696][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1090.888462][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1090.943914][ T1146] veth1_macvtap: left promiscuous mode [ 1090.969204][ T1146] veth0_macvtap: left promiscuous mode [ 1090.986168][ T1146] veth1_vlan: left promiscuous mode [ 1090.995354][ T1146] veth0_vlan: left promiscuous mode [ 1091.014958][ T5870] usb 2-1: USB disconnect, device number 42 [ 1092.258392][ T1146] team0 (unregistering): Port device team_slave_1 removed [ 1092.380344][ T1146] team0 (unregistering): Port device team_slave_0 removed [ 1092.776703][T22536] Bluetooth: hci1: command tx timeout [ 1094.083441][T27547] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1094.142963][T27547] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1094.230303][T27547] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1094.311843][T27547] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1094.674091][T27547] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1094.741846][T27547] 8021q: adding VLAN 0 to HW filter on device team0 [ 1094.782158][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1094.789399][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1094.831476][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1094.838712][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1094.860332][T22536] Bluetooth: hci1: command tx timeout [ 1095.370792][T27547] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1095.539048][T27547] veth0_vlan: entered promiscuous mode [ 1095.584613][T27547] veth1_vlan: entered promiscuous mode [ 1095.683331][T27547] veth0_macvtap: entered promiscuous mode [ 1095.694898][T27547] veth1_macvtap: entered promiscuous mode [ 1095.763097][T27547] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1095.807199][T27547] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1095.841310][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.857791][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.882951][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.896204][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1096.065198][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1096.093591][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1096.168957][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1096.185526][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1096.481686][ T30] audit: type=1326 audit(1763163550.580:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.520494][ T30] audit: type=1326 audit(1763163550.580:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.578015][ T30] audit: type=1326 audit(1763163550.580:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.636235][ T30] audit: type=1326 audit(1763163550.590:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.686198][ T30] audit: type=1326 audit(1763163550.590:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.746329][ T30] audit: type=1326 audit(1763163550.590:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.806263][ T30] audit: type=1326 audit(1763163550.590:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.854629][ T30] audit: type=1326 audit(1763163550.590:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.877943][ T30] audit: type=1326 audit(1763163550.590:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1096.942605][ T30] audit: type=1326 audit(1763163550.590:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27693 comm="syz.2.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f641118f6c9 code=0x7ffc0000 [ 1097.100512][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1097.113894][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1097.131408][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1097.139811][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1097.148512][ T5830] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1097.798180][T27721] chnl_net:caif_netlink_parms(): no params data found [ 1098.021386][ T1106] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1098.334237][ T1106] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1098.412633][T27721] bridge0: port 1(bridge_slave_0) entered blocking state [ 1098.420061][T27721] bridge0: port 1(bridge_slave_0) entered disabled state [ 1098.441639][T27721] bridge_slave_0: entered allmulticast mode [ 1098.452176][T27721] bridge_slave_0: entered promiscuous mode [ 1098.490399][ T1106] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1098.511603][T27721] bridge0: port 2(bridge_slave_1) entered blocking state [ 1098.520110][T27721] bridge0: port 2(bridge_slave_1) entered disabled state [ 1098.537715][T27721] bridge_slave_1: entered allmulticast mode [ 1098.557419][T27721] bridge_slave_1: entered promiscuous mode [ 1098.638062][T27754] binder: 27753:27754 ioctl c0306201 0 returned -14 [ 1098.668787][ T1106] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1098.719846][T27721] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1098.742116][T27721] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1098.883737][T27721] team0: Port device team_slave_0 added [ 1098.905426][T27721] team0: Port device team_slave_1 added [ 1099.072910][T27721] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1099.096414][T27721] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1099.143773][T27721] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1099.214490][T27721] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1099.228301][T27721] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1099.266187][ T5830] Bluetooth: hci3: command tx timeout [ 1099.292578][T27721] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1099.614020][T27721] hsr_slave_0: entered promiscuous mode [ 1099.627951][T27721] hsr_slave_1: entered promiscuous mode [ 1099.644968][T27721] debugfs: 'hsr0' already exists in 'hsr' [ 1099.653941][T27721] Cannot create hsr debugfs directory [ 1099.888465][ T1106] bridge_slave_1: left allmulticast mode [ 1099.894226][ T1106] bridge_slave_1: left promiscuous mode [ 1099.910511][ T1106] bridge0: port 2(bridge_slave_1) entered disabled state [ 1099.987009][ T1106] bridge_slave_0: left allmulticast mode [ 1100.003082][ T1106] bridge_slave_0: left promiscuous mode [ 1100.013476][ T1106] bridge0: port 1(bridge_slave_0) entered disabled state [ 1101.187584][ T1106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1101.226578][ T1106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1101.237938][ T1106] bond0 (unregistering): Released all slaves [ 1101.335964][ T5830] Bluetooth: hci3: command tx timeout [ 1102.046750][ T1106] hsr_slave_0: left promiscuous mode [ 1102.094281][ T1106] hsr_slave_1: left promiscuous mode [ 1102.107832][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1102.115262][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1102.177272][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1102.208287][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1102.282565][ T1106] veth1_macvtap: left promiscuous mode [ 1102.311071][ T1106] veth0_macvtap: left promiscuous mode [ 1102.328182][ T1106] veth1_vlan: left promiscuous mode [ 1102.340898][ T1106] veth0_vlan: left promiscuous mode [ 1102.612535][T27822] loop5: detected capacity change from 0 to 7 [ 1102.879878][T27822] Dev loop5: unable to read RDB block 7 [ 1102.885760][T27822] loop5: unable to read partition table [ 1102.891950][T27822] loop5: partition table beyond EOD, truncated [ 1102.901904][T27822] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1103.415764][ T5830] Bluetooth: hci3: command tx timeout [ 1103.558742][ T1106] team0 (unregistering): Port device team_slave_1 removed [ 1103.652876][ T1106] team0 (unregistering): Port device team_slave_0 removed [ 1105.370606][T27721] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1105.404341][T27721] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1105.477280][T27721] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1105.495657][ T5830] Bluetooth: hci3: command tx timeout [ 1105.529689][T27721] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1105.789292][T27721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1105.817417][T27721] 8021q: adding VLAN 0 to HW filter on device team0 [ 1105.831789][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 1105.839092][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1105.882388][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 1105.889649][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1105.999616][T27889] binder: 27888:27889 ioctl 4018620d 0 returned -22 [ 1106.394143][T27721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1106.508448][T27721] veth0_vlan: entered promiscuous mode [ 1106.586539][T27721] veth1_vlan: entered promiscuous mode [ 1106.688814][T27721] veth0_macvtap: entered promiscuous mode [ 1106.720798][T27721] veth1_macvtap: entered promiscuous mode [ 1106.790120][T27721] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1106.820604][T27721] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1106.858208][T22652] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1106.889247][T22652] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1106.914958][T27919] binder: 27918:27919 ioctl c0306201 0 returned -14 [ 1106.934431][T22652] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1106.994980][T22652] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1107.134841][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1107.175694][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1107.258625][T22652] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1107.287447][T22652] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1107.798573][T27951] binder: 27950:27951 ioctl c0306201 0 returned -14 [ 1108.006446][T27957] loop5: detected capacity change from 0 to 7 [ 1108.441254][T27957] Dev loop5: unable to read RDB block 7 [ 1108.464606][T27957] loop5: unable to read partition table [ 1108.490896][T27957] loop5: partition table beyond EOD, truncated [ 1108.498036][T22536] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1108.509591][T22536] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1108.525992][T22536] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1108.538774][T27957] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1108.548083][T22536] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1108.559842][T22536] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1108.960553][T27977] binder: 27976:27977 ioctl 4018620d 0 returned -22 [ 1108.992713][T27965] chnl_net:caif_netlink_parms(): no params data found [ 1109.461157][T27965] bridge0: port 1(bridge_slave_0) entered blocking state [ 1109.476624][T27965] bridge0: port 1(bridge_slave_0) entered disabled state [ 1109.494247][T27965] bridge_slave_0: entered allmulticast mode [ 1109.514781][T27965] bridge_slave_0: entered promiscuous mode [ 1109.658696][T27965] bridge0: port 2(bridge_slave_1) entered blocking state [ 1109.668074][T27965] bridge0: port 2(bridge_slave_1) entered disabled state [ 1109.686934][T27965] bridge_slave_1: entered allmulticast mode [ 1109.697801][T27965] bridge_slave_1: entered promiscuous mode [ 1109.808263][ T24] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 1109.871509][T27965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1109.937266][T27965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1109.991079][ T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1110.018226][ T24] usb 3-1: config 0 has no interfaces? [ 1110.047060][ T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1110.058439][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1110.061888][T27965] team0: Port device team_slave_0 added [ 1110.074139][ T24] usb 3-1: Product: syz [ 1110.084774][ T24] usb 3-1: Manufacturer: syz [ 1110.093978][ T24] usb 3-1: SerialNumber: syz [ 1110.104360][T27965] team0: Port device team_slave_1 added [ 1110.139392][ T24] usb 3-1: config 0 descriptor?? [ 1110.251943][T27965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1110.260266][T27965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1110.297786][T27965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1110.350768][ T3520] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1110.375091][T27965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1110.383517][T27965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1110.410241][T27965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1110.463420][ T3520] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1110.589014][ T3520] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1110.615573][ T5830] Bluetooth: hci2: command tx timeout [ 1110.640919][T27965] hsr_slave_0: entered promiscuous mode [ 1110.656595][T27965] hsr_slave_1: entered promiscuous mode [ 1110.663174][T27965] debugfs: 'hsr0' already exists in 'hsr' [ 1110.685297][T27965] Cannot create hsr debugfs directory [ 1110.732799][ T3520] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1111.229623][ T3520] bridge_slave_1: left allmulticast mode [ 1111.237758][ T3520] bridge_slave_1: left promiscuous mode [ 1111.255699][ T3520] bridge0: port 2(bridge_slave_1) entered disabled state [ 1111.272927][ T3520] bridge_slave_0: left allmulticast mode [ 1111.286782][ T3520] bridge_slave_0: left promiscuous mode [ 1111.299354][ T3520] bridge0: port 1(bridge_slave_0) entered disabled state [ 1112.047417][ T3520] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1112.080741][ T3520] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1112.103533][ T3520] bond0 (unregistering): Released all slaves [ 1112.484549][ T5870] usb 3-1: USB disconnect, device number 40 [ 1112.700320][ T5830] Bluetooth: hci2: command tx timeout [ 1112.707416][ T3520] hsr_slave_0: left promiscuous mode [ 1112.745673][ T3520] hsr_slave_1: left promiscuous mode [ 1112.751950][ T3520] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1112.764070][ T3520] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1112.780882][ T3520] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1112.797712][ T3520] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1112.853812][ T3520] veth1_macvtap: left promiscuous mode [ 1112.868212][ T3520] veth0_macvtap: left promiscuous mode [ 1112.880535][ T3520] veth1_vlan: left promiscuous mode [ 1112.891243][ T3520] veth0_vlan: left promiscuous mode [ 1113.641176][ T3520] team0 (unregistering): Port device team_slave_1 removed [ 1113.692959][ T3520] team0 (unregistering): Port device team_slave_0 removed [ 1114.359531][T27965] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1114.378337][T27965] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1114.410683][T27965] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1114.466638][T27965] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1114.591188][T28062] binder: 28060:28062 ioctl c0306201 0 returned -14 [ 1114.775311][ T5830] Bluetooth: hci2: command tx timeout [ 1114.791218][T28071] binder: 28070:28071 ioctl 4018620d 0 returned -22 [ 1114.851099][T27965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1114.924108][T27965] 8021q: adding VLAN 0 to HW filter on device team0 [ 1114.969603][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1114.976942][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1115.021030][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 1115.028295][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1115.191424][T27965] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1115.653157][T27965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1115.757163][T27965] veth0_vlan: entered promiscuous mode [ 1115.784372][T27965] veth1_vlan: entered promiscuous mode [ 1115.868320][T27965] veth0_macvtap: entered promiscuous mode [ 1115.888185][T27965] veth1_macvtap: entered promiscuous mode [ 1115.959013][T27965] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1115.981744][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.988348][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.009314][T27965] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1116.045660][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.068657][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.101939][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.115115][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.291607][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1116.304975][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1116.378984][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1116.400525][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1116.855201][ T5830] Bluetooth: hci2: command tx timeout [ 1117.086711][T28122] binder: 28120:28122 ioctl c0306201 0 returned -14 [ 1125.314767][T28262] binder: 28260:28262 ioctl 4018620d 0 returned -22 [ 1126.712140][T28319] binder: 28318:28319 ioctl 4018620d 0 returned -22 [ 1129.454262][ T62] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 1129.623979][ T62] usb 2-1: no configurations [ 1129.628872][ T62] usb 2-1: can't read configurations, error -22 [ 1129.711821][T28366] binder: 28365:28366 ioctl 4018620d 0 returned -22 [ 1129.784660][ T62] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 1129.958567][ T62] usb 2-1: no configurations [ 1129.968635][ T62] usb 2-1: can't read configurations, error -22 [ 1129.985066][ T62] usb usb2-port1: attempt power cycle [ 1130.344271][ T62] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 1130.375613][ T62] usb 2-1: no configurations [ 1130.380259][ T62] usb 2-1: can't read configurations, error -22 [ 1130.514438][ T62] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 1130.563971][ T62] usb 2-1: no configurations [ 1130.568684][ T62] usb 2-1: can't read configurations, error -22 [ 1130.594521][ T62] usb usb2-port1: unable to enumerate USB device [ 1132.278996][T28408] binder: 28407:28408 ioctl 4018620d 0 returned -22 [ 1133.314070][ T62] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 1133.484713][ T62] usb 4-1: no configurations [ 1133.489579][ T62] usb 4-1: can't read configurations, error -22 [ 1133.635151][ T62] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 1133.815211][ T62] usb 4-1: no configurations [ 1133.819991][ T62] usb 4-1: can't read configurations, error -22 [ 1133.836677][ T62] usb usb4-port1: attempt power cycle [ 1134.204034][ T62] usb 4-1: new high-speed USB device number 69 using dummy_hcd [ 1134.235558][ T62] usb 4-1: no configurations [ 1134.240204][ T62] usb 4-1: can't read configurations, error -22 [ 1134.288457][T28453] loop5: detected capacity change from 0 to 7 [ 1134.384010][ T62] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 1134.447743][ T62] usb 4-1: no configurations [ 1134.452396][ T62] usb 4-1: can't read configurations, error -22 [ 1134.460591][ T62] usb usb4-port1: unable to enumerate USB device [ 1134.565543][T28453] Dev loop5: unable to read RDB block 7 [ 1134.571177][T28453] loop5: unable to read partition table [ 1134.578111][T28453] loop5: partition table beyond EOD, truncated [ 1134.600118][T28453] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1135.438615][T28492] netlink: 2 bytes leftover after parsing attributes in process `syz.0.10017'. [ 1135.829546][T28505] binder: 28504:28505 ioctl c0306201 0 returned -14 [ 1135.948347][T28512] binder: 28511:28512 ioctl 4018620d 0 returned -22 [ 1136.293251][T28533] binder: 28532:28533 ioctl c0306201 0 returned -14 [ 1136.451925][T28544] binder: 28542:28544 ioctl 4018620d 0 returned -22 [ 1136.570369][T28549] netlink: 2 bytes leftover after parsing attributes in process `syz.2.10041'. [ 1136.711677][T28557] binder: 28556:28557 ioctl c0306201 0 returned -14 [ 1139.129572][ T5910] kernel write not supported for file [eventfd] (pid: 5910 comm: kworker/0:5) [ 1139.322309][T28674] binder: 28672:28674 ioctl c0306201 0 returned -14 [ 1139.795503][T28702] binder: 28701:28702 ioctl c0306201 0 returned -14 [ 1141.788999][T28771] binder: 28769:28771 ioctl c0306201 0 returned -14 [ 1142.550051][T28794] netlink: 2 bytes leftover after parsing attributes in process `syz.2.10157'. [ 1145.024875][T28847] loop5: detected capacity change from 0 to 7 [ 1145.335626][T28830] Dev loop5: unable to read RDB block 7 [ 1145.355674][T28830] loop5: unable to read partition table [ 1145.369400][T28830] loop5: partition table beyond EOD, truncated [ 1145.646142][T28847] Dev loop5: unable to read RDB block 7 [ 1145.651767][T28847] loop5: unable to read partition table [ 1145.659487][T28847] loop5: partition table beyond EOD, truncated [ 1145.666066][T28847] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1146.141708][T28870] binder: 28869:28870 ioctl 4018620d 0 returned -22 [ 1146.649656][T28895] netlink: 2 bytes leftover after parsing attributes in process `syz.0.10200'. [ 1147.072628][T28917] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10212'. [ 1148.038374][T28955] binder: 28954:28955 ioctl 4018620d 0 returned -22 [ 1148.430445][T28974] netlink: 92 bytes leftover after parsing attributes in process `syz.1.10237'. [ 1149.080471][T29003] binder: 29002:29003 ioctl 4018620d 0 returned -22 [ 1149.166051][T29007] netlink: 2 bytes leftover after parsing attributes in process `syz.2.10252'. [ 1149.584885][T29034] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10264'. [ 1150.116771][T29057] binder: 29056:29057 ioctl c0306201 0 returned -14 [ 1153.151657][T29127] binder: 29126:29127 ioctl c0306201 0 returned -14 [ 1153.763047][ T62] usb 4-1: new full-speed USB device number 71 using dummy_hcd [ 1153.934818][ T62] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1153.960803][ T62] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 1153.981007][ T62] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1154.012488][ T62] usb 4-1: config 0 descriptor?? [ 1154.023918][T29135] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1154.242678][ T62] usbhid 4-1:0.0: can't add hid device: -71 [ 1154.277110][ T62] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 1154.317085][ T62] usb 4-1: USB disconnect, device number 71 [ 1154.349322][T29145] binder: 29144:29145 ioctl c0306201 0 returned -14 [ 1154.535224][T29147] loop5: detected capacity change from 0 to 7 [ 1154.806863][T29093] Dev loop5: unable to read RDB block 7 [ 1154.832910][T29093] loop5: unable to read partition table [ 1154.839019][T29093] loop5: partition table beyond EOD, truncated [ 1155.176573][T29147] Dev loop5: unable to read RDB block 7 [ 1155.182490][T29147] loop5: unable to read partition table [ 1155.193156][T29147] loop5: partition table beyond EOD, truncated [ 1155.202890][T29147] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1155.388614][T29162] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10326'. [ 1156.311539][T29179] binder: 29178:29179 ioctl c0306201 0 returned -14 [ 1156.955799][T29197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10341'. [ 1156.992798][T29197] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10341'. [ 1157.002105][T29197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10341'. [ 1157.020096][T29199] binder: 29198:29199 ioctl c0306201 0 returned -14 [ 1157.729352][T29220] binder: 29219:29220 ioctl c0306201 0 returned -14 [ 1158.490281][T29244] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10364'. [ 1159.006977][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 1159.007001][ T30] audit: type=1800 audit(1763163613.124:144): pid=29268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10376" name="bus" dev="tmpfs" ino=1496 res=0 errno=0 [ 1159.084278][T29270] loop5: detected capacity change from 0 to 7 [ 1159.404815][T29270] Dev loop5: unable to read RDB block 7 [ 1159.423698][T29270] loop5: unable to read partition table [ 1159.431059][T29270] loop5: partition table beyond EOD, truncated [ 1159.441038][T29270] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1160.598913][T29336] binder: 29335:29336 ioctl 4018620d 0 returned -22 [ 1162.305999][T29421] netlink: 2 bytes leftover after parsing attributes in process `syz.3.10448'. [ 1163.977450][T29467] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10469'. [ 1164.040821][T29469] binder: 29468:29469 ioctl 4018620d 0 returned -22 [ 1167.126768][T29520] binder: 29519:29520 ioctl 4018620d 0 returned -22 [ 1174.464872][T29640] binder: 29639:29640 ioctl 4018620d 0 returned -22 [ 1174.604628][ T30] audit: type=1800 audit(1763163628.721:145): pid=29642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.10551" name="bus" dev="tmpfs" ino=980 res=0 errno=0 [ 1175.770882][T29658] binder: 29657:29658 ioctl 4018620d 0 returned -22 [ 1176.755487][T29684] netlink: 2 bytes leftover after parsing attributes in process `syz.3.10573'. [ 1177.193566][ T30] audit: type=1800 audit(1763163631.293:146): pid=29706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.10583" name="bus" dev="tmpfs" ino=1455 res=0 errno=0 [ 1177.409320][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.415888][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1178.086986][T29752] netlink: 44 bytes leftover after parsing attributes in process `syz.3.10604'. [ 1178.556948][T29768] binder: 29767:29768 ioctl 4018620d 0 returned -22 [ 1188.755648][T29927] netlink: 2 bytes leftover after parsing attributes in process `syz.3.10684'. [ 1188.783716][T29930] binder: 29929:29930 ioctl 4018620d 0 returned -22 [ 1189.386436][T29960] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10699'. [ 1189.717206][T22536] Bluetooth: hci0: command 0x0406 tx timeout [ 1193.318847][T30035] netlink: 68 bytes leftover after parsing attributes in process `syz.2.10733'. [ 1193.977528][T30045] loop5: detected capacity change from 0 to 7 [ 1194.299689][T30045] Dev loop5: unable to read RDB block 7 [ 1194.309117][T30045] loop5: unable to read partition table [ 1194.337265][T30045] loop5: partition table beyond EOD, truncated [ 1194.356623][T30045] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1194.963660][T30060] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10738'. [ 1195.152416][T30068] binder: 30067:30068 ioctl 4018620d 0 returned -22 [ 1195.410088][T30082] netlink: 2 bytes leftover after parsing attributes in process `syz.0.10754'. [ 1196.034079][T30094] binder: 30093:30094 ioctl 4018620d 0 returned -22 [ 1199.830028][T30213] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10815'. [ 1200.771292][T30236] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10826'. [ 1201.533192][T30257] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10836'. [ 1202.666081][T30261] binder: 30260:30261 ioctl 4018620d 0 returned -22 [ 1204.426774][T30302] tmpfs: Bad value for 'huge' [ 1207.006748][T30382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10896'. [ 1207.028929][T30382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10896'. [ 1207.126404][ T30] audit: type=1800 audit(1763163661.268:147): pid=30388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10899" name="bus" dev="tmpfs" ino=2522 res=0 errno=0 [ 1210.749607][T22536] Bluetooth: hci1: command 0x0406 tx timeout [ 1214.348629][T30551] netlink: 2 bytes leftover after parsing attributes in process `syz.1.10973'. [ 1216.011416][T30587] netlink: 2 bytes leftover after parsing attributes in process `syz.2.10982'. [ 1220.422772][T22536] Bluetooth: hci3: command 0x0406 tx timeout [ 1220.757919][T30681] netlink: 2 bytes leftover after parsing attributes in process `syz.1.11030'. [ 1221.508272][T30708] netlink: 2 bytes leftover after parsing attributes in process `syz.1.11042'. [ 1222.722895][T30730] netlink: 2 bytes leftover after parsing attributes in process `syz.1.11051'. [ 1225.250847][T30764] loop5: detected capacity change from 0 to 7 [ 1225.561793][T30764] Dev loop5: unable to read RDB block 7 [ 1225.579234][T30764] loop5: unable to read partition table [ 1225.585548][T30764] loop5: partition table beyond EOD, truncated [ 1225.593316][T30764] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1226.943878][T30789] netlink: 2 bytes leftover after parsing attributes in process `syz.2.11074'. [ 1227.079546][ T30] audit: type=1326 audit(1763163681.238:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.148408][ T30] audit: type=1326 audit(1763163681.238:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.208403][ T30] audit: type=1326 audit(1763163681.238:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.273149][ T30] audit: type=1326 audit(1763163681.238:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.328341][ T30] audit: type=1326 audit(1763163681.238:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.388296][ T30] audit: type=1326 audit(1763163681.238:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.438420][ T30] audit: type=1326 audit(1763163681.238:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.488253][ T30] audit: type=1326 audit(1763163681.238:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.539270][ T30] audit: type=1326 audit(1763163681.238:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1227.598218][ T30] audit: type=1326 audit(1763163681.238:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30790 comm="syz.2.11079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f149738f6c9 code=0x7ffc0000 [ 1230.682558][T22536] Bluetooth: hci2: command 0x0406 tx timeout [ 1233.704091][T30898] netlink: 2 bytes leftover after parsing attributes in process `syz.2.11129'. [ 1233.854962][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1233.854989][ T30] audit: type=1800 audit(1763163688.001:159): pid=30902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.11130" name="bus" dev="tmpfs" ino=1844 res=0 errno=0 [ 1235.615001][ T30] audit: type=1800 audit(1763163689.762:160): pid=30943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.11146" name="bus" dev="tmpfs" ino=1887 res=0 errno=0 [ 1238.827431][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.833918][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1241.609757][T31056] loop5: detected capacity change from 0 to 7 [ 1241.844795][T31056] Dev loop5: unable to read RDB block 7 [ 1241.850555][T31056] loop5: unable to read partition table [ 1241.857741][T31056] loop5: partition table beyond EOD, truncated [ 1241.864345][T31056] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1242.785792][ T30] audit: type=1800 audit(1763163696.946:161): pid=31082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.11209" name="bus" dev="tmpfs" ino=3096 res=0 errno=0 [ 1243.912113][T31111] tmpfs: Bad value for 'huge' [ 1245.547462][ T30] audit: type=1326 audit(1763163699.707:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31149 comm="syz.3.11241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1245.630656][ T30] audit: type=1326 audit(1763163699.727:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31149 comm="syz.3.11241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1245.689234][ T30] audit: type=1326 audit(1763163699.727:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31149 comm="syz.3.11241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1245.749121][ T30] audit: type=1326 audit(1763163699.727:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31149 comm="syz.3.11241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1247.365952][ T30] audit: type=1800 audit(1763163701.528:166): pid=31187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.11258" name="bus" dev="tmpfs" ino=2043 res=0 errno=0 [ 1249.248570][ T30] audit: type=1326 audit(1763163703.409:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.317370][ T30] audit: type=1326 audit(1763163703.409:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.377231][ T30] audit: type=1326 audit(1763163703.409:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.458176][ T30] audit: type=1326 audit(1763163703.409:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.508696][ T30] audit: type=1326 audit(1763163703.409:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.577026][ T30] audit: type=1326 audit(1763163703.409:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.654090][ T30] audit: type=1326 audit(1763163703.409:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.731939][ T30] audit: type=1326 audit(1763163703.409:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.804611][ T30] audit: type=1326 audit(1763163703.409:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1249.880682][ T30] audit: type=1326 audit(1763163703.409:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31194 comm="syz.3.11261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1250.043476][T31216] netlink: 2 bytes leftover after parsing attributes in process `syz.1.11271'. [ 1250.540798][T31230] loop5: detected capacity change from 0 to 7 [ 1250.714281][T31238] netlink: 2 bytes leftover after parsing attributes in process `syz.1.11280'. [ 1250.842968][T31230] Dev loop5: unable to read RDB block 7 [ 1250.853425][T31230] loop5: unable to read partition table [ 1250.874451][T31230] loop5: partition table beyond EOD, truncated [ 1250.894833][T31230] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1251.467227][T31258] netlink: 2 bytes leftover after parsing attributes in process `syz.0.11289'. [ 1256.033523][T31319] loop5: detected capacity change from 0 to 7 [ 1256.438136][T31319] Dev loop5: unable to read RDB block 7 [ 1256.452328][T31319] loop5: unable to read partition table [ 1256.463969][T31319] loop5: partition table beyond EOD, truncated [ 1256.471364][T31319] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1263.453643][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 1263.453661][ T30] audit: type=1800 audit(1763163717.626:182): pid=31456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.11376" name="bus" dev="tmpfs" ino=2765 res=0 errno=0 [ 1266.183831][T31528] loop5: detected capacity change from 0 to 7 [ 1266.484863][T31528] Dev loop5: unable to read RDB block 7 [ 1266.498944][T31528] loop5: unable to read partition table [ 1266.522125][T31528] loop5: partition table beyond EOD, truncated [ 1266.560369][T31528] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1266.910024][ T5196] Dev loop5: unable to read RDB block 7 [ 1266.926645][ T5196] loop5: unable to read partition table [ 1266.960666][ T5196] loop5: partition table beyond EOD, truncated [ 1271.754990][T31676] loop5: detected capacity change from 0 to 7 [ 1272.083690][T31676] Dev loop5: unable to read RDB block 7 [ 1272.089486][T31676] loop5: unable to read partition table [ 1272.095446][T31676] loop5: partition table beyond EOD, truncated [ 1272.102619][T31676] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1273.279236][T31715] netlink: 2 bytes leftover after parsing attributes in process `syz.2.11492'. [ 1273.671307][T31732] netlink: 'syz.0.11500': attribute type 8 has an invalid length. [ 1273.679280][T31732] netlink: 48 bytes leftover after parsing attributes in process `syz.0.11500'. [ 1274.568144][T31737] netlink: 2 bytes leftover after parsing attributes in process `syz.0.11503'. [ 1279.376766][T31779] fuse: Bad value for 'fd' [ 1279.951944][ T30] audit: type=1800 audit(1763163734.124:183): pid=31793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.11529" name="bus" dev="tmpfs" ino=2998 res=0 errno=0 [ 1283.292111][ T30] audit: type=1800 audit(1763163737.476:184): pid=31830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.11547" name="bus" dev="tmpfs" ino=2510 res=0 errno=0 [ 1287.297119][T31885] loop5: detected capacity change from 0 to 7 [ 1287.592718][T31885] Dev loop5: unable to read RDB block 7 [ 1287.610450][T31885] loop5: unable to read partition table [ 1287.616428][T31885] loop5: partition table beyond EOD, truncated [ 1287.622791][T31885] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1288.368217][T31913] netlink: 2 bytes leftover after parsing attributes in process `syz.3.11584'. [ 1289.375699][T22536] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1289.386165][T22536] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1289.394860][T22536] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1289.403523][T22536] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1289.411710][T22536] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1290.044582][ T50] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1290.206207][ T50] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1290.364287][ T50] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1290.426502][T31939] chnl_net:caif_netlink_parms(): no params data found [ 1290.491413][ T50] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1290.833473][T31939] bridge0: port 1(bridge_slave_0) entered blocking state [ 1290.843744][T31939] bridge0: port 1(bridge_slave_0) entered disabled state [ 1290.859566][T31939] bridge_slave_0: entered allmulticast mode [ 1290.879040][T31939] bridge_slave_0: entered promiscuous mode [ 1290.920586][T31939] bridge0: port 2(bridge_slave_1) entered blocking state [ 1290.928237][T31939] bridge0: port 2(bridge_slave_1) entered disabled state [ 1290.935691][T31939] bridge_slave_1: entered allmulticast mode [ 1290.950241][T31939] bridge_slave_1: entered promiscuous mode [ 1291.054224][T31939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1291.090728][ T50] bridge_slave_1: left allmulticast mode [ 1291.109023][ T50] bridge_slave_1: left promiscuous mode [ 1291.114864][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 1291.133881][ T50] bridge_slave_0: left allmulticast mode [ 1291.139807][ T50] bridge_slave_0: left promiscuous mode [ 1291.145607][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 1291.510112][ T5830] Bluetooth: hci4: command tx timeout [ 1291.802575][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1291.815165][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1291.827341][ T50] bond0 (unregistering): Released all slaves [ 1291.849035][T31939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1291.971924][T31939] team0: Port device team_slave_0 added [ 1291.998430][T31939] team0: Port device team_slave_1 added [ 1292.269277][T31939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1292.293881][T31939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1292.355927][T31939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1292.489777][T31939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1292.515811][T31939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1292.579169][T31939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1292.656805][ T50] hsr_slave_0: left promiscuous mode [ 1292.664067][ T50] hsr_slave_1: left promiscuous mode [ 1292.680379][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1292.705635][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1292.737723][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1292.758671][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1292.812776][ T50] veth1_macvtap: left promiscuous mode [ 1292.828935][ T50] veth0_macvtap: left promiscuous mode [ 1292.834715][ T50] veth1_vlan: left promiscuous mode [ 1292.853682][ T50] veth0_vlan: left promiscuous mode [ 1293.589991][ T5830] Bluetooth: hci4: command tx timeout [ 1293.678140][ T50] team0 (unregistering): Port device team_slave_1 removed [ 1293.720938][T32055] netlink: 2 bytes leftover after parsing attributes in process `syz.0.11637'. [ 1293.741694][ T50] team0 (unregistering): Port device team_slave_0 removed [ 1294.323229][T31939] hsr_slave_0: entered promiscuous mode [ 1294.331630][T31939] hsr_slave_1: entered promiscuous mode [ 1294.764277][T32075] netlink: 2 bytes leftover after parsing attributes in process `syz.2.11645'. [ 1295.450460][T31939] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1295.470322][T31939] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1295.519424][T31939] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1295.553064][T31939] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1295.664701][ T5830] Bluetooth: hci4: command tx timeout [ 1295.763251][T31939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1295.839054][T31939] 8021q: adding VLAN 0 to HW filter on device team0 [ 1295.880683][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 1295.887958][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1295.948038][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 1295.955347][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1296.550094][T31939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1296.697569][T31939] veth0_vlan: entered promiscuous mode [ 1296.739633][T31939] veth1_vlan: entered promiscuous mode [ 1296.847069][T31939] veth0_macvtap: entered promiscuous mode [ 1296.873753][T31939] veth1_macvtap: entered promiscuous mode [ 1296.951978][T31939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1296.994178][T32162] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11670'. [ 1296.998785][T31939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1297.065698][ T1146] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1297.084756][ T1146] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1297.128193][ T1146] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1297.147634][ T1146] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1297.193198][T32168] netlink: 2 bytes leftover after parsing attributes in process `syz.2.11672'. [ 1297.344523][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1297.368190][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1297.454866][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1297.462815][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1297.746177][ T5830] Bluetooth: hci4: command tx timeout [ 1298.533600][T32198] netlink: 2 bytes leftover after parsing attributes in process `syz.3.11680'. [ 1299.201377][T32217] netlink: 2 bytes leftover after parsing attributes in process `syz.1.11689'. [ 1299.954477][T32235] netlink: 2 bytes leftover after parsing attributes in process `syz.1.11700'. [ 1300.202686][ T30] audit: type=1800 audit(1763163754.394:185): pid=32243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.11703" name="bus" dev="tmpfs" ino=2778 res=0 errno=0 [ 1300.252563][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.258908][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1301.949923][T32285] loop5: detected capacity change from 0 to 7 [ 1302.238248][T32285] Dev loop5: unable to read RDB block 7 [ 1302.267838][T32285] loop5: unable to read partition table [ 1302.281272][T32285] loop5: partition table beyond EOD, truncated [ 1302.291527][T32285] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1302.316955][ T30] audit: type=1800 audit(1763163756.505:186): pid=32292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.11719" name="bus" dev="tmpfs" ino=3353 res=0 errno=0 [ 1304.529429][T32369] loop5: detected capacity change from 0 to 7 [ 1304.768665][T32369] Dev loop5: unable to read RDB block 7 [ 1304.774697][T32378] netlink: 2 bytes leftover after parsing attributes in process `syz.0.11767'. [ 1304.792337][T32369] loop5: unable to read partition table [ 1304.819998][T32369] loop5: partition table beyond EOD, truncated [ 1304.839496][T32369] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1304.911137][T32380] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11768'. [ 1312.835533][ T30] audit: type=1326 audit(1763163767.021:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32557 comm="syz.3.11846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1312.914398][ T30] audit: type=1326 audit(1763163767.021:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32557 comm="syz.3.11846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1312.955537][ T30] audit: type=1326 audit(1763163767.021:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32557 comm="syz.3.11846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1313.019147][ T30] audit: type=1326 audit(1763163767.021:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32557 comm="syz.3.11846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1313.072237][ T30] audit: type=1326 audit(1763163767.021:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32557 comm="syz.3.11846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eef78f6c9 code=0x7ffc0000 [ 1313.657570][T32575] loop5: detected capacity change from 0 to 7 [ 1313.929408][T32575] Dev loop5: unable to read RDB block 7 [ 1313.946063][T32575] loop5: unable to read partition table [ 1313.955332][T32575] loop5: partition table beyond EOD, truncated [ 1313.965587][T32575] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1314.774276][T32605] loop5: detected capacity change from 0 to 7 [ 1315.039475][T32605] Dev loop5: unable to read RDB block 7 [ 1315.045227][T32605] loop5: unable to read partition table [ 1315.051085][T32605] loop5: partition table beyond EOD, truncated [ 1315.058435][T32605] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1316.876017][T22536] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1316.886065][T22536] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1316.895020][T22536] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1316.910395][T22536] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1316.918463][T22536] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1317.529357][T32666] chnl_net:caif_netlink_parms(): no params data found [ 1317.748808][T30958] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1317.915154][T30958] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1318.090708][T30958] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1318.139259][T32666] bridge0: port 1(bridge_slave_0) entered blocking state [ 1318.167690][T32666] bridge0: port 1(bridge_slave_0) entered disabled state [ 1318.183622][T32666] bridge_slave_0: entered allmulticast mode [ 1318.199925][T32666] bridge_slave_0: entered promiscuous mode [ 1318.238278][T30958] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1318.283306][T32666] bridge0: port 2(bridge_slave_1) entered blocking state [ 1318.290793][T32666] bridge0: port 2(bridge_slave_1) entered disabled state [ 1318.314992][T32666] bridge_slave_1: entered allmulticast mode [ 1318.335358][T32666] bridge_slave_1: entered promiscuous mode [ 1318.441101][T32666] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1318.485143][T32666] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1318.571895][T32666] team0: Port device team_slave_0 added [ 1318.588327][T32666] team0: Port device team_slave_1 added [ 1318.769875][T32666] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1318.783555][T32666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1318.842634][T32666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1318.928237][T32666] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1318.937388][T32666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1318.992436][T32666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1319.019356][T22536] Bluetooth: hci0: command tx timeout [ 1319.123073][T30958] bridge_slave_1: left allmulticast mode [ 1319.128774][T30958] bridge_slave_1: left promiscuous mode [ 1319.147781][T30958] bridge0: port 2(bridge_slave_1) entered disabled state [ 1319.177407][T30958] bridge_slave_0: left allmulticast mode [ 1319.190407][T30958] bridge_slave_0: left promiscuous mode [ 1319.212064][T30958] bridge0: port 1(bridge_slave_0) entered disabled state [ 1320.027503][T30958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1320.040065][T30958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1320.050719][T30958] bond0 (unregistering): Released all slaves [ 1320.138190][T32666] hsr_slave_0: entered promiscuous mode [ 1320.158466][T32666] hsr_slave_1: entered promiscuous mode [ 1320.165160][T32666] debugfs: 'hsr0' already exists in 'hsr' [ 1320.175753][T32666] Cannot create hsr debugfs directory [ 1320.691789][T30958] hsr_slave_0: left promiscuous mode [ 1320.707656][T30958] hsr_slave_1: left promiscuous mode [ 1320.714468][T30958] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1320.735068][T30958] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1320.764532][T30958] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1320.788725][T30958] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1320.847167][T30958] veth1_macvtap: left promiscuous mode [ 1320.867040][T30958] veth0_macvtap: left promiscuous mode [ 1320.881817][T30958] veth1_vlan: left promiscuous mode [ 1320.895598][T30958] veth0_vlan: left promiscuous mode [ 1321.093885][T22536] Bluetooth: hci0: command tx timeout [ 1321.762455][T30958] team0 (unregistering): Port device team_slave_1 removed [ 1321.822637][T30958] team0 (unregistering): Port device team_slave_0 removed [ 1322.386272][ T309] kthread_run failed with err -4 [ 1323.170412][T22536] Bluetooth: hci0: command tx timeout [ 1324.041123][T32666] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1324.076497][T32666] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1324.119322][T32666] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1324.186525][T32666] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1325.080776][T32666] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1325.123214][ T365] loop5: detected capacity change from 0 to 7 [ 1325.134115][T32666] 8021q: adding VLAN 0 to HW filter on device team0 [ 1325.198705][T30958] bridge0: port 1(bridge_slave_0) entered blocking state [ 1325.205990][T30958] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1325.249734][T22536] Bluetooth: hci0: command tx timeout [ 1325.287552][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1325.294886][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1325.482352][ T365] Dev loop5: unable to read RDB block 7 [ 1325.495716][ T365] loop5: unable to read partition table [ 1325.507658][ T365] loop5: partition table beyond EOD, truncated [ 1325.529212][ T365] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1325.540534][T32666] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1326.575156][T32666] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1326.825922][T32666] veth0_vlan: entered promiscuous mode [ 1326.858671][T32666] veth1_vlan: entered promiscuous mode [ 1326.948047][T32666] veth0_macvtap: entered promiscuous mode [ 1326.979290][T32666] veth1_macvtap: entered promiscuous mode [ 1327.077961][T32666] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1327.114666][T32666] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1327.171973][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.209179][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.235869][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.261868][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1327.617779][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1327.640687][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1328.348986][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1328.395497][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1330.083258][ T453] loop5: detected capacity change from 0 to 7 [ 1330.473892][ T453] Dev loop5: unable to read RDB block 7 [ 1330.496849][ T453] loop5: unable to read partition table [ 1330.557376][ T453] loop5: partition table beyond EOD, truncated [ 1330.566830][ T453] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1331.087376][ T485] binder: 483:485 ioctl c0306201 200000000080 returned -14 [ 1339.915332][ T646] loop5: detected capacity change from 0 to 7 [ 1340.216843][ T646] Dev loop5: unable to read RDB block 7 [ 1340.236947][ T646] loop5: unable to read partition table [ 1340.252229][ T646] loop5: partition table beyond EOD, truncated [ 1340.260736][ T646] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1343.596138][ T729] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12074'. [ 1344.306842][ T759] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12088'. [ 1348.285607][ T889] loop5: detected capacity change from 0 to 7 [ 1348.590101][ T889] Dev loop5: unable to read RDB block 7 [ 1348.597708][ T889] loop5: unable to read partition table [ 1348.627803][ T889] loop5: partition table beyond EOD, truncated [ 1348.634153][ T889] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1352.350530][ T985] loop5: detected capacity change from 0 to 7 [ 1352.618392][T32670] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1352.628147][T32670] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1352.637061][T32670] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1352.667294][T32670] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1352.677934][T32670] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1352.693161][ T985] Dev loop5: unable to read RDB block 7 [ 1352.731314][ T985] loop5: unable to read partition table [ 1352.756926][ T985] loop5: partition table beyond EOD, truncated [ 1352.773617][ T985] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1353.126167][ T988] chnl_net:caif_netlink_parms(): no params data found [ 1353.564389][ T988] bridge0: port 1(bridge_slave_0) entered blocking state [ 1353.604368][ T988] bridge0: port 1(bridge_slave_0) entered disabled state [ 1353.622992][ T988] bridge_slave_0: entered allmulticast mode [ 1353.637033][ T988] bridge_slave_0: entered promiscuous mode [ 1353.657672][ T988] bridge0: port 2(bridge_slave_1) entered blocking state [ 1353.675344][ T988] bridge0: port 2(bridge_slave_1) entered disabled state [ 1353.715462][ T988] bridge_slave_1: entered allmulticast mode [ 1353.723365][ T988] bridge_slave_1: entered promiscuous mode [ 1353.946445][ T988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1353.980328][ T988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1354.230511][ T988] team0: Port device team_slave_0 added [ 1354.246168][ T988] team0: Port device team_slave_1 added [ 1354.567459][ T988] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1354.574446][ T988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1354.635021][ T988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1354.754830][T32670] Bluetooth: hci1: command tx timeout [ 1354.799559][ T1146] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1354.900176][ T988] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1354.917433][ T988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1354.984407][ T988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1355.046743][ T1146] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1355.232804][ T988] hsr_slave_0: entered promiscuous mode [ 1355.241207][ T988] hsr_slave_1: entered promiscuous mode [ 1355.265575][ T988] debugfs: 'hsr0' already exists in 'hsr' [ 1355.271349][ T988] Cannot create hsr debugfs directory [ 1355.348541][ T1146] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1355.578674][ T1146] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1355.649859][ T1035] loop5: detected capacity change from 0 to 7 [ 1356.044092][ T989] Dev loop5: unable to read RDB block 7 [ 1356.049879][ T989] loop5: unable to read partition table [ 1356.073284][ T989] loop5: partition table beyond EOD, truncated [ 1356.524803][ T1146] bridge_slave_1: left allmulticast mode [ 1356.532356][ T1146] bridge_slave_1: left promiscuous mode [ 1356.539003][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state [ 1356.592523][ T1146] bridge_slave_0: left allmulticast mode [ 1356.618680][ T1146] bridge_slave_0: left promiscuous mode [ 1356.635438][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state [ 1356.669935][ T1035] Dev loop5: unable to read RDB block 7 [ 1356.693600][ T1035] loop5: unable to read partition table [ 1356.729459][ T1035] loop5: partition table beyond EOD, truncated [ 1356.786079][ T1035] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1356.833990][T32670] Bluetooth: hci1: command tx timeout [ 1357.784288][ T1146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1357.816462][ T1146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1357.837795][ T1146] bond0 (unregistering): Released all slaves [ 1358.412325][ T1146] hsr_slave_0: left promiscuous mode [ 1358.441216][ T1146] hsr_slave_1: left promiscuous mode [ 1358.458334][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1358.482906][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1358.515157][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1358.543777][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1358.609892][ T1146] veth1_macvtap: left promiscuous mode [ 1358.625829][ T1146] veth0_macvtap: left promiscuous mode [ 1358.631585][ T1146] veth1_vlan: left promiscuous mode [ 1358.663062][ T1146] veth0_vlan: left promiscuous mode [ 1358.912664][T32670] Bluetooth: hci1: command tx timeout [ 1359.995896][ T1146] team0 (unregistering): Port device team_slave_1 removed [ 1360.133962][ T1146] team0 (unregistering): Port device team_slave_0 removed [ 1360.992322][T32670] Bluetooth: hci1: command tx timeout [ 1361.156792][ T1147] loop5: detected capacity change from 0 to 7 [ 1361.554127][ T1147] Dev loop5: unable to read RDB block 7 [ 1361.572131][ T1147] loop5: unable to read partition table [ 1361.578055][ T1147] loop5: partition table beyond EOD, truncated [ 1361.596307][ T1147] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1361.639019][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.645750][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1361.723642][ T988] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1361.756336][ T988] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1361.782655][ T988] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1361.806736][ T988] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1362.025398][ T988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1362.097554][ T988] 8021q: adding VLAN 0 to HW filter on device team0 [ 1362.125515][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 1362.132800][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1362.181567][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 1362.188766][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1362.693142][ T988] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1362.831601][ T988] veth0_vlan: entered promiscuous mode [ 1362.874369][ T988] veth1_vlan: entered promiscuous mode [ 1362.972878][ T988] veth0_macvtap: entered promiscuous mode [ 1363.013086][ T988] veth1_macvtap: entered promiscuous mode [ 1363.058780][ T988] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1363.083154][ T988] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1363.166110][ T3520] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1363.192812][ T3520] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1363.201929][ T3520] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1363.225027][ T3520] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1363.377320][ T1231] loop5: detected capacity change from 0 to 7 [ 1363.416673][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1363.434707][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1363.517475][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1363.565123][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1363.849285][ T1231] Dev loop5: unable to read RDB block 7 [ 1363.870287][ T1231] loop5: unable to read partition table [ 1363.880529][ T1231] loop5: partition table beyond EOD, truncated [ 1363.920030][ T1231] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1364.367479][T22536] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1364.378235][T22536] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1364.394906][T22536] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1364.411455][T22536] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1364.421159][T22536] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1365.112080][ T1284] netlink: 56 bytes leftover after parsing attributes in process `syz.1.12273'. [ 1365.181806][ T1261] chnl_net:caif_netlink_parms(): no params data found [ 1365.504269][ T1146] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1365.684983][ T1146] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1365.710286][ T1261] bridge0: port 1(bridge_slave_0) entered blocking state [ 1365.717616][ T1261] bridge0: port 1(bridge_slave_0) entered disabled state [ 1365.729245][ T1261] bridge_slave_0: entered allmulticast mode [ 1365.737054][ T1261] bridge_slave_0: entered promiscuous mode [ 1365.747889][ T1261] bridge0: port 2(bridge_slave_1) entered blocking state [ 1365.758902][ T1261] bridge0: port 2(bridge_slave_1) entered disabled state [ 1365.766248][ T1261] bridge_slave_1: entered allmulticast mode [ 1365.774334][ T1261] bridge_slave_1: entered promiscuous mode [ 1365.805599][ T1146] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1365.967671][ T1146] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1366.024748][ T1261] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1366.068142][ T1261] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1366.158368][ T1261] team0: Port device team_slave_0 added [ 1366.182077][ T1261] team0: Port device team_slave_1 added [ 1366.335014][ T1261] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1366.342320][ T1261] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1366.371083][ T1261] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1366.405349][ T1261] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1366.419184][ T1261] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1366.466037][ T1261] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1366.509161][T32670] Bluetooth: hci2: command tx timeout [ 1366.587851][ T1146] bridge_slave_1: left allmulticast mode [ 1366.598163][ T1146] bridge_slave_1: left promiscuous mode [ 1366.608920][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state [ 1366.629835][ T1146] bridge_slave_0: left allmulticast mode [ 1366.642261][ T1146] bridge_slave_0: left promiscuous mode [ 1366.653873][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state [ 1367.329363][ T1146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1367.351368][ T1146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1367.372701][ T1146] bond0 (unregistering): Released all slaves [ 1367.421788][ T1261] hsr_slave_0: entered promiscuous mode [ 1367.435853][ T1261] hsr_slave_1: entered promiscuous mode [ 1367.454108][ T1261] debugfs: 'hsr0' already exists in 'hsr' [ 1367.466682][ T1261] Cannot create hsr debugfs directory [ 1368.113020][ T1355] netlink: 36 bytes leftover after parsing attributes in process `syz.3.12298'. [ 1368.132557][ T1146] hsr_slave_0: left promiscuous mode [ 1368.143573][ T1146] hsr_slave_1: left promiscuous mode [ 1368.164529][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1368.189825][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1368.216639][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1368.238820][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1368.299481][ T1146] veth1_macvtap: left promiscuous mode [ 1368.305189][ T1146] veth0_macvtap: left promiscuous mode [ 1368.315502][ T1146] veth1_vlan: left promiscuous mode [ 1368.325683][ T1146] veth0_vlan: left promiscuous mode [ 1368.590941][T32670] Bluetooth: hci2: command tx timeout [ 1368.986306][ T1378] netlink: 48 bytes leftover after parsing attributes in process `syz.0.12304'. [ 1369.929978][ T1146] team0 (unregistering): Port device team_slave_1 removed [ 1370.017111][ T1146] team0 (unregistering): Port device team_slave_0 removed [ 1370.246072][ T1390] loop5: detected capacity change from 0 to 7 [ 1370.491030][ T989] Dev loop5: unable to read RDB block 7 [ 1370.496967][ T989] loop5: unable to read partition table [ 1370.503062][ T989] loop5: partition table beyond EOD, truncated [ 1370.666634][T32670] Bluetooth: hci2: command tx timeout [ 1370.744582][ T1390] Dev loop5: unable to read RDB block 7 [ 1370.757253][ T1390] loop5: unable to read partition table [ 1370.811354][ T1390] loop5: partition table beyond EOD, truncated [ 1370.830618][ T1390] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1372.222995][ T1422] netlink: 48 bytes leftover after parsing attributes in process `syz.3.12319'. [ 1372.282947][ T1261] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1372.383170][ T1261] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1372.431086][ T1261] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1372.479023][ T1261] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1372.746203][T32670] Bluetooth: hci2: command tx timeout [ 1372.791317][ T1261] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1372.818157][ T1261] 8021q: adding VLAN 0 to HW filter on device team0 [ 1372.852689][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 1372.859998][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1372.919337][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 1372.926615][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1374.320509][ T1261] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1374.485106][ T1261] veth0_vlan: entered promiscuous mode [ 1374.522748][ T1261] veth1_vlan: entered promiscuous mode [ 1374.697461][ T1261] veth0_macvtap: entered promiscuous mode [ 1374.727960][ T1261] veth1_macvtap: entered promiscuous mode [ 1374.773723][ T1261] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1374.827703][ T1261] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1374.866258][ T1146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1374.875391][ T1146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1374.916051][ T1146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1374.937180][ T1146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1375.739481][T30958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1375.768970][T30958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1375.954138][T30958] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1375.962599][T30958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1387.480520][ T1739] loop5: detected capacity change from 0 to 7 [ 1387.796498][ T1739] Dev loop5: unable to read RDB block 7 [ 1387.818116][ T1739] loop5: unable to read partition table [ 1387.824233][ T1739] loop5: partition table beyond EOD, truncated [ 1387.834630][ T1739] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1387.994726][ T1754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12442'. [ 1388.205736][ T1760] TCP: TCP_TX_DELAY enabled [ 1388.305497][ T1754] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1388.338558][ T1754] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1388.368642][ T1754] bond0 (unregistering): Released all slaves [ 1396.815988][ T1916] tmpfs: Unknown parameter 'h' [ 1414.885609][T22536] Bluetooth: hci4: command 0x0406 tx timeout [ 1423.052082][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.058541][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1432.073882][ T2685] loop5: detected capacity change from 0 to 7 [ 1432.379204][ T2685] Dev loop5: unable to read RDB block 7 [ 1432.387258][ T2685] loop5: unable to read partition table [ 1432.398875][ T2685] loop5: partition table beyond EOD, truncated [ 1432.412212][ T2685] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1434.119450][T32670] Bluetooth: hci2: connection err: -111 [ 1435.405757][ T2817] netlink: 'syz.3.12908': attribute type 1 has an invalid length. [ 1440.471709][T22536] Bluetooth: hci0: command 0x0406 tx timeout [ 1451.237781][ T30] audit: type=1326 audit(1763163905.500:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.333116][ T30] audit: type=1326 audit(1763163905.500:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.391120][ T30] audit: type=1326 audit(1763163905.530:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.419563][ T30] audit: type=1326 audit(1763163905.530:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.442533][ T30] audit: type=1326 audit(1763163905.530:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.465908][ T30] audit: type=1326 audit(1763163905.530:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.490436][ T30] audit: type=1326 audit(1763163905.530:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.516581][ T30] audit: type=1326 audit(1763163905.530:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.547126][ T30] audit: type=1326 audit(1763163905.530:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1451.573280][ T30] audit: type=1326 audit(1763163905.530:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3324 comm="syz.2.13147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1456.637329][ T3464] netlink: 56 bytes leftover after parsing attributes in process `syz.2.13211'. [ 1457.044117][ T3472] kvm: pic: non byte write [ 1466.621147][ T3681] netlink: 16 bytes leftover after parsing attributes in process `syz.3.13311'. [ 1466.630345][ T3681] ip6gre0: entered promiscuous mode [ 1466.637556][ T3681] ip6gre0: entered allmulticast mode [ 1466.794987][ T3691] netlink: 56 bytes leftover after parsing attributes in process `syz.3.13316'. [ 1467.491077][ T3735] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13338'. [ 1475.507510][ T3957] netlink: 'syz.3.13447': attribute type 4 has an invalid length. [ 1475.522206][ T3957] netlink: 17 bytes leftover after parsing attributes in process `syz.3.13447'. [ 1476.299359][T22536] Bluetooth: hci1: command 0x0406 tx timeout [ 1484.457292][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.464101][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1484.809734][ T4237] netlink: 16 bytes leftover after parsing attributes in process `syz.2.13584'. [ 1486.538817][T22536] Bluetooth: hci2: command 0x0406 tx timeout [ 1487.431642][ T4301] lec:lec_atm_send: lec0: Unknown message type -1 [ 1487.554213][ T4282] lec:lec_atm_close: lec0: Shut down! [ 1488.597909][ T5910] lec:lec_start_xmit: lec0:No lecd attached [ 1489.295096][ T4373] lec:lec_atm_send: lec0: Unknown message type -1 [ 1489.443312][ T4356] lec:lec_atm_close: lec0: Shut down! [ 1490.468115][ T4412] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 1493.284222][ T4472] lec:lec_atm_close: lec0: Shut down! [ 1496.963599][ T4556] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13708'. [ 1498.762513][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5490 ms [ 1498.771083][ C1] lec:lec_tx_timeout: lec0 [ 1498.775958][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1501.543442][ T4687] mmap: syz.1.13764 (4687) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 1503.608777][ T4753] udevd[4753]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 1503.800134][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5030 ms [ 1503.808195][ C1] lec:lec_tx_timeout: lec0 [ 1503.812793][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1504.027427][T32670] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1504.046728][T32670] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1504.055079][T32670] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1504.064583][T32670] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1504.072592][T32670] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1504.690230][ T4766] chnl_net:caif_netlink_parms(): no params data found [ 1504.968289][ T3520] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.113033][ T3520] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.147091][ T4766] bridge0: port 1(bridge_slave_0) entered blocking state [ 1505.154567][ T4766] bridge0: port 1(bridge_slave_0) entered disabled state [ 1505.169599][ T4766] bridge_slave_0: entered allmulticast mode [ 1505.177654][ T4766] bridge_slave_0: entered promiscuous mode [ 1505.191876][ T4766] bridge0: port 2(bridge_slave_1) entered blocking state [ 1505.199221][ T4766] bridge0: port 2(bridge_slave_1) entered disabled state [ 1505.207858][ T4766] bridge_slave_1: entered allmulticast mode [ 1505.220592][ T4766] bridge_slave_1: entered promiscuous mode [ 1505.308596][ T3520] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.360425][ T4766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1505.403765][ T3520] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.444316][ T4766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1505.533801][ T4766] team0: Port device team_slave_0 added [ 1505.556502][ T4766] team0: Port device team_slave_1 added [ 1505.647155][ T4766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1505.661370][ T4766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1505.699081][ T4766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1505.731747][ T4766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1505.738727][ T4766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1505.789217][ T4766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1506.002790][ T4766] hsr_slave_0: entered promiscuous mode [ 1506.023279][ T4766] hsr_slave_1: entered promiscuous mode [ 1506.040038][ T4766] debugfs: 'hsr0' already exists in 'hsr' [ 1506.045822][ T4766] Cannot create hsr debugfs directory [ 1506.119088][T22536] Bluetooth: hci3: command tx timeout [ 1506.235048][ T3520] bridge_slave_1: left allmulticast mode [ 1506.253786][ T3520] bridge_slave_1: left promiscuous mode [ 1506.264152][ T3520] bridge0: port 2(bridge_slave_1) entered disabled state [ 1506.290119][ T3520] bridge_slave_0: left allmulticast mode [ 1506.306111][ T3520] bridge_slave_0: left promiscuous mode [ 1506.316481][ T3520] bridge0: port 1(bridge_slave_0) entered disabled state [ 1507.089424][ T3520] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1507.101115][ T3520] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1507.120711][ T3520] bond0 (unregistering): Released all slaves [ 1508.208861][T22536] Bluetooth: hci3: command tx timeout [ 1508.225663][ T3520] hsr_slave_0: left promiscuous mode [ 1508.245556][ T3520] hsr_slave_1: left promiscuous mode [ 1508.279100][ T3520] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1508.299397][ T3520] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1508.328885][ T3520] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1508.336308][ T3520] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1508.462425][ T3520] veth1_macvtap: left promiscuous mode [ 1508.468204][ T3520] veth0_macvtap: left promiscuous mode [ 1508.474125][ T3520] veth1_vlan: left promiscuous mode [ 1508.487868][ T3520] veth0_vlan: left promiscuous mode [ 1508.817507][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1508.825553][ C1] lec:lec_tx_timeout: lec0 [ 1508.830267][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1510.276894][T22536] Bluetooth: hci3: command tx timeout [ 1510.409519][ T3520] team0 (unregistering): Port device team_slave_1 removed [ 1510.568394][ T3520] team0 (unregistering): Port device team_slave_0 removed [ 1512.355869][T22536] Bluetooth: hci3: command tx timeout [ 1512.558817][ T4766] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1512.593480][ T4766] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1512.641150][ T4766] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1512.669672][ T4766] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1512.952317][ T4766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1513.009095][ T4766] 8021q: adding VLAN 0 to HW filter on device team0 [ 1513.068802][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1513.076099][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1513.107954][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1513.115162][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1513.735351][ T4766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1513.834969][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1513.843067][ C1] lec:lec_tx_timeout: lec0 [ 1513.847835][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1513.853649][ T4766] veth0_vlan: entered promiscuous mode [ 1513.909764][ T4766] veth1_vlan: entered promiscuous mode [ 1514.034228][ T4766] veth0_macvtap: entered promiscuous mode [ 1514.078527][ T4766] veth1_macvtap: entered promiscuous mode [ 1514.123956][ T4766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1514.177389][ T4766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1514.255559][ T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1514.296378][ T50] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1514.361451][ T50] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1514.392930][ T50] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1514.565551][ T3520] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1514.597497][ T3520] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1514.660692][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1514.676612][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1518.852454][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1518.860493][ C1] lec:lec_tx_timeout: lec0 [ 1518.865097][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1520.305560][ T5128] fuseblk: Bad value for 'fd' [ 1521.130806][T22536] Bluetooth: hci0: Invalid handle: 0x20c9 > 0x0eff [ 1522.306169][ T5179] fuseblk: Bad value for 'fd' [ 1523.869947][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1523.878078][ C1] lec:lec_tx_timeout: lec0 [ 1523.882990][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1528.887505][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1528.895611][ C1] lec:lec_tx_timeout: lec0 [ 1528.900226][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1531.383281][T22536] Bluetooth: hci3: ACL packet too small [ 1532.315901][T17222] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 1532.497745][T17222] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1532.525689][T17222] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1532.546003][T17222] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1532.575685][T17222] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1532.584755][T17222] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1532.608456][T17222] usb 2-1: config 0 descriptor?? [ 1533.030262][T17222] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1533.904968][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1533.913175][ C1] lec:lec_tx_timeout: lec0 [ 1533.917816][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1534.590076][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 1534.590092][ T30] audit: type=1326 audit(1763163988.891:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1534.657456][ T30] audit: type=1326 audit(1763163988.891:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1534.686893][ T30] audit: type=1326 audit(1763163988.891:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1534.709914][ T30] audit: type=1326 audit(1763163988.891:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1534.733963][ T30] audit: type=1326 audit(1763163988.891:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1534.758546][ T30] audit: type=1326 audit(1763163988.931:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1534.783860][ T30] audit: type=1326 audit(1763163988.931:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1534.806512][ T30] audit: type=1326 audit(1763163988.931:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5556 comm="syz.3.14071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1535.107837][ T5870] usb 2-1: USB disconnect, device number 47 [ 1538.922428][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1538.930510][ C1] lec:lec_tx_timeout: lec0 [ 1538.935558][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1541.207473][ T5709] lec:lec_atm_close: lec0: Shut down! [ 1541.824945][ T5752] netlink: 14601 bytes leftover after parsing attributes in process `syz.3.14151'. [ 1541.972100][ T5760] netlink: 'syz.1.14155': attribute type 6 has an invalid length. [ 1542.447852][ T5784] ieee802154 phy0 wpan0: encryption failed: -22 [ 1545.867266][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1545.873983][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1545.886394][ T5771] Set syz1 is full, maxelem 65536 reached [ 1546.738586][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5540 ms [ 1546.746708][ C1] lec:lec_tx_timeout: lec0 [ 1546.751442][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1547.762243][ T30] audit: type=1326 audit(1763164002.078:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5892 comm="syz.3.14214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1547.828122][ T30] audit: type=1326 audit(1763164002.078:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5892 comm="syz.3.14214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1547.908040][ T30] audit: type=1326 audit(1763164002.118:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5894 comm="syz.2.14215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1547.958030][ T30] audit: type=1326 audit(1763164002.118:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5894 comm="syz.2.14215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1548.017928][ T30] audit: type=1326 audit(1763164002.118:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5894 comm="syz.2.14215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1548.078091][ T30] audit: type=1326 audit(1763164002.118:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5894 comm="syz.2.14215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1548.137901][ T30] audit: type=1326 audit(1763164002.118:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5894 comm="syz.2.14215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f855238f6c9 code=0x7ffc0000 [ 1548.179949][ T30] audit: type=1326 audit(1763164002.128:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5892 comm="syz.3.14214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1548.227886][ T30] audit: type=1326 audit(1763164002.168:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5892 comm="syz.3.14214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60af8f6c9 code=0x7ffc0000 [ 1548.325326][ T30] audit: type=1326 audit(1763164002.168:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5897 comm="syz.3.14214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd60afc1f85 code=0x7ffc0000 [ 1548.413716][ T5915] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14224'. [ 1550.042598][ T5823] Set syz1 is full, maxelem 65536 reached [ 1551.776095][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5030 ms [ 1551.784211][ C1] lec:lec_tx_timeout: lec0 [ 1551.789059][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1553.296936][ T6008] netlink: 'syz.0.14264': attribute type 39 has an invalid length. [ 1556.793477][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1556.801599][ C1] lec:lec_tx_timeout: lec0 [ 1556.806255][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1557.243426][ T6106] program syz.1.14310 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1557.885796][ T6123] netlink: 'syz.1.14319': attribute type 4 has an invalid length. [ 1559.706946][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 1559.706963][ T30] audit: type=1326 audit(1763164014.024:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379718f6c9 code=0x7ffc0000 [ 1560.141675][ T30] audit: type=1326 audit(1763164014.024:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379718f6c9 code=0x7ffc0000 [ 1560.165877][ T30] audit: type=1326 audit(1763164014.034:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379718f6c9 code=0x7ffc0000 [ 1560.188847][ T30] audit: type=1326 audit(1763164014.034:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f379718f6c9 code=0x7ffc0000 [ 1560.212844][ T30] audit: type=1326 audit(1763164014.054:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379718f6c9 code=0x7ffc0000 [ 1560.235470][ T30] audit: type=1326 audit(1763164014.134:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379718f6c9 code=0x7ffc0000 [ 1560.258181][ T30] audit: type=1326 audit(1763164014.134:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f379718f703 code=0x7ffc0000 [ 1560.282158][ T30] audit: type=1326 audit(1763164014.134:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f379718f787 code=0x7ffc0000 [ 1560.304760][ T30] audit: type=1326 audit(1763164014.134:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3797146b3d code=0x7ffc0000 [ 1560.327864][ T30] audit: type=1326 audit(1763164014.134:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.0.14339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f37971c3e09 code=0x7ffc0000 [ 1561.810989][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1561.819188][ C1] lec:lec_tx_timeout: lec0 [ 1561.824042][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1564.067219][ T6290] vcan0: tx drop: invalid da for name 0x0000000000000002 [ 1564.316017][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802d323800: rx timeout, send abort [ 1564.355032][ T6305] $Hÿ: renamed from bond0 (while UP) [ 1564.365992][ T6305] $Hÿ: entered promiscuous mode [ 1564.372760][ T6305] bond_slave_0: entered promiscuous mode [ 1564.378614][ T6305] bond_slave_1: entered promiscuous mode [ 1564.816416][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802d320c00: rx timeout, send abort [ 1564.825180][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802d323800: abort rx timeout. Force session deactivation [ 1565.324567][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802d320c00: abort rx timeout. Force session deactivation [ 1566.828489][ C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms [ 1566.836618][ C1] lec:lec_tx_timeout: lec0 [ 1566.841339][ C1] lec:lec_start_xmit: lec0:No lecd attached [ 1568.403520][ T6412] netlink: 40 bytes leftover after parsing attributes in process `syz.1.14439'. [ 1570.188436][ T6477] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000017: 0000 [#1] SMP KASAN PTI [ 1570.200454][ T6477] KASAN: null-ptr-deref in range [0x00000000000000b8-0x00000000000000bf] [ 1570.208886][ T6477] CPU: 1 UID: 0 PID: 6477 Comm: syz.0.14475 Not tainted syzkaller #0 PREEMPT(full) [ 1570.218244][ T6477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1570.228288][ T6477] RIP: 0010:put_pid_ns+0x37/0x2a0 [ 1570.233314][ T6477] Code: 53 48 89 fb e8 0a ba 03 00 48 85 db 0f 84 e8 00 00 00 49 bc 00 00 00 00 00 fc ff df 4c 8d b3 d0 00 00 00 4d 89 f5 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 f7 e8 f9 12 6a 00 4d 8b 3e 31 ff 4c [ 1570.252915][ T6477] RSP: 0018:ffffc9000b89fcd0 EFLAGS: 00010206 [ 1570.258973][ T6477] RAX: ffffffff81be2646 RBX: ffffffffffffffea RCX: 0000000000080000 [ 1570.266933][ T6477] RDX: ffffc9000d341000 RSI: 000000000000282d RDI: 000000000000282e [ 1570.274893][ T6477] RBP: 0000000000000000 R08: ffffffff8fbf6d77 R09: 1ffffffff1f7edae [ 1570.282872][ T6477] R10: dffffc0000000000 R11: fffffbfff1f7edaf R12: dffffc0000000000 [ 1570.290850][ T6477] R13: 0000000000000017 R14: 00000000000000ba R15: ffff88805f2b5b58 [ 1570.298818][ T6477] FS: 00007f379806a6c0(0000) GS:ffff888125b78000(0000) knlGS:0000000000000000 [ 1570.307747][ T6477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1570.314317][ T6477] CR2: 000000110c33c864 CR3: 000000001f768000 CR4: 00000000003526f0 [ 1570.322283][ T6477] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083 [ 1570.330333][ T6477] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1570.338296][ T6477] Call Trace: [ 1570.341573][ T6477] [ 1570.344497][ T6477] nsproxy_free+0x20f/0x7c0 [ 1570.348991][ T6477] create_new_namespaces+0x47a/0x540 [ 1570.354263][ T6477] unshare_nsproxy_namespaces+0x11c/0x170 [ 1570.359972][ T6477] ksys_unshare+0x4c8/0x8c0 [ 1570.364465][ T6477] ? __pfx_ksys_unshare+0x10/0x10 [ 1570.369479][ T6477] __x64_sys_unshare+0x38/0x50 [ 1570.374239][ T6477] do_syscall_64+0xfa/0xfa0 [ 1570.378827][ T6477] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1570.384884][ T6477] ? clear_bhb_loop+0x60/0xb0 [ 1570.389547][ T6477] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1570.395428][ T6477] RIP: 0033:0x7f379718f6c9 [ 1570.399848][ T6477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1570.419452][ T6477] RSP: 002b:00007f379806a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1570.427875][ T6477] RAX: ffffffffffffffda RBX: 00007f37973e5fa0 RCX: 00007f379718f6c9 [ 1570.435845][ T6477] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400 [ 1570.443811][ T6477] RBP: 00007f3797211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1570.451774][ T6477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1570.459751][ T6477] R13: 00007f37973e6038 R14: 00007f37973e5fa0 R15: 00007ffc31675478 [ 1570.467739][ T6477] [ 1570.470768][ T6477] Modules linked in: [ 1570.476954][ T6477] ---[ end trace 0000000000000000 ]--- [ 1570.507651][ T6477] RIP: 0010:put_pid_ns+0x37/0x2a0 [ 1570.515074][ T6477] Code: 53 48 89 fb e8 0a ba 03 00 48 85 db 0f 84 e8 00 00 00 49 bc 00 00 00 00 00 fc ff df 4c 8d b3 d0 00 00 00 4d 89 f5 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 f7 e8 f9 12 6a 00 4d 8b 3e 31 ff 4c [ 1570.538281][ T6477] RSP: 0018:ffffc9000b89fcd0 EFLAGS: 00010206 [ 1570.544499][ T6477] RAX: ffffffff81be2646 RBX: ffffffffffffffea RCX: 0000000000080000 [ 1570.552753][ T6477] RDX: ffffc9000d341000 RSI: 000000000000282d RDI: 000000000000282e [ 1570.563813][ T6477] RBP: 0000000000000000 R08: ffffffff8fbf6d77 R09: 1ffffffff1f7edae [ 1570.572598][ T6477] R10: dffffc0000000000 R11: fffffbfff1f7edaf R12: dffffc0000000000 [ 1570.582944][ T6477] R13: 0000000000000017 R14: 00000000000000ba R15: ffff88805f2b5b58 [ 1570.592239][ T6477] FS: 00007f379806a6c0(0000) GS:ffff888125a78000(0000) knlGS:0000000000000000 [ 1570.602605][ T6477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1570.609623][ T6477] CR2: 00000000000000da CR3: 000000001f768000 CR4: 00000000003526f0 [ 1570.617914][ T6477] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083 [ 1570.626038][ T6477] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1570.634366][ T6477] Kernel panic - not syncing: Fatal exception [ 1570.640885][ T6477] Kernel Offset: disabled [ 1570.645202][ T6477] Rebooting in 86400 seconds..