last executing test programs: 4m59.515957384s ago: executing program 1 (id=1452): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x8000000000000003, {}, 0xfd}, 0x18) write$bt_hci(r0, &(0x7f0000000500)=ANY=[], 0x7) 4m59.267082568s ago: executing program 1 (id=1458): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) epoll_create(0x0) 4m58.221135279s ago: executing program 1 (id=1468): munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0xfc, 0x7, 0x8, 0x1}, 0x10) sendmmsg(r0, &(0x7f0000007800)=[{{0x0, 0x0, &(0x7f0000000500)=[{0x0}, {&(0x7f0000001c00)="9e3a18381927e24062c83029ef13a9de36aa68265996f884ef191048e6ee845be5a2eba657fa489ab6e211718d8e591da7c3cb4f7f89e40741cacc8145cc29c4d1fa3d6e15873a0f3c5df4c8c16a84ff9ca998bada9153cbdf62192ad3bef58264f45c7281f0f23baf606f239c3a0459af043f63d793cf3ecc8aa65bf15fe41f7d879505af50f206b8452b5cc9942939d1d52b41ae01a5b32f2d226df644e4d7b93145411f281c443434b3a82c4909bd421ce7b406452dcaca19b9ec7e32845e51537b0540151a4a20f4ca2313412e37a47ec9fca80ea384c59808788899523acb4cfbbe29e51916c9f5e29e16ee10749ada1ee13af0c75633856e540bd47b0f87e8b207076044628d0e9a6d0db337c008642e7cb8d39c7a64f3767292a3c37576d615b9d90930a165edb8405071ae87b11398724c345c032ac68a306996af584496b1233d55c8e7cf8d69faff00f9d79fa849ca368df79b3770b22f8ab2e3f53c91f50dc5969cf2bba9e5b3f62b59d3e4ff9e5b249c72d168a5ad2807849770c2978a1ba40d9d7e0a1c38bfd604ba1083a3ce9b49288b03a9f5f83eb7e87231e0e5c93c7b5a4903a54cfca4d7a643ec4d0dcd02a11850642e57fac283af7cbc964b6e7bf21f532b2265202dd2cad336eea300c21b21f1e3f007cbf57d932f849e9620a7f1da8ae8000f7a86f31fae1f0bc0753e226e670f43023f64d7253b945ffb53d4d94c9f4e4a05b6f17626caf47eb6dd2bb7b0dd57adc5bbbd67f63c742c646ea98550f9531c83f2eadf42f751165b40fe146a7ebff9601583d09636bf650cbe6165d360f12d48487b94b980aef28f3ee501d594f1503e0f1274bbfd9711b7e163f118ce5a636799a24334911a9fa4b84ea4be1a8b0ccbf1cca27b873e75cfa5f5556d3729b379163bb760a13e348ee609a48915de49d79d7d8cffc88b0ac012e3228337c8619ebeb9a93be80eda789fa4cecf262966be77d063cd29a7e0aa804ef2945400c49e7b96fc87092cc0d5ae450ec25d20b6c9c0128cb7e951bd83a8af130e27aa281c639489a7cd005acad8cea8978eb916227c70cbd8f66850510195673fb39b43f6ab6cade1e37db047af5a190617696803f13423fb851c47fabb1d40d2fbfe4c77e9ceff952ee0f2f66117b828d4beec24fb7b84317dc29d121a69e32d8047b5dbfe2b71e10bd19a84edf9512d2994769b9c54500fc80897a5964546453821ffeaab1dc5ab7c06fb40349a368e92334ddad92c4606a908f0b45d9157d4608079c40c413e510338510d41f22ab27162f03ea980d167b9e5d5e5b1245f6c71e56bb2d29d7e85d76834538b48711a1e6f3813ce496c8c3024a0d085653a6ac2e2d24b726efbbca10da67f05a5eb6565bca572c6821b94f8cbc34af05253ab40683cef88961646c76cf48b1ef1d79e11d1a0215a1a7dfbd9ade6", 0x401}], 0x2}}], 0x1, 0x0) 4m57.312019853s ago: executing program 1 (id=1491): socket(0xa, 0x3, 0x87) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$PROG_BIND_MAP(0x23, 0x0, 0x0) 4m57.27732216s ago: executing program 1 (id=1492): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 4m57.200301313s ago: executing program 1 (id=1493): r0 = epoll_create1(0x0) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000780)={0x10000008}) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 4m42.193158229s ago: executing program 32 (id=1493): r0 = epoll_create1(0x0) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000780)={0x10000008}) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 4m31.195921611s ago: executing program 4 (id=1798): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000200), 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x90}, 0x1c) 4m31.027900473s ago: executing program 4 (id=1801): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000440)={0x2710, 0x4, 0x3000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0xffffffffffff0000, r2}) 4m30.836954262s ago: executing program 4 (id=1806): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x43, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, [@tail_call, @btf_id={0x18, 0x1, 0x3, 0x0, 0x4}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x400}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6fb}, @func={0x85, 0x0, 0x1, 0x0, 0x9}, @call={0x85, 0x0, 0x0, 0x3}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x7}, @ringbuf_query, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xc802}}, @exit, @exit, @alu={0x3, 0x0, 0x2, 0x0, 0xb, 0xffffffffffffffc4, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @jmp={0x5, 0x1, 0xd, 0xa, 0x8, 0xffffffffffffffc0}, @tail_call, @map_idx={0x18, 0x6, 0x5, 0x0, 0xe}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xe}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}}]}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94) r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0) 4m30.675590224s ago: executing program 4 (id=1818): creat(&(0x7f00000002c0)='./file0\x00', 0x1) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x20000000000000b2, 0x1, r0}}, 0x40) 4m30.567896054s ago: executing program 4 (id=1810): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 4m30.476924272s ago: executing program 4 (id=1811): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x200006, 0x8, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getpgid(0xffffffffffffffff) 4m15.370345264s ago: executing program 33 (id=1811): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x200006, 0x8, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getpgid(0xffffffffffffffff) 38.75988784s ago: executing program 6 (id=5653): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) symlinkat(&(0x7f00000001c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00') r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) renameat2(0xffffffffffffff9c, &(0x7f00000008c0)='./file6\x00', r0, &(0x7f0000000000)='./file7\x00', 0x0) 38.667133322s ago: executing program 6 (id=5657): utimes(0x0, &(0x7f00000000c0)={{0x7, 0xa000000000}, {0x8000000000000000}}) syz_open_procfs(0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0x4f, 0x0, &(0x7f0000000040)="0202030786dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1000}, 0x3a) 38.295870683s ago: executing program 6 (id=5664): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) setresuid(0x0, 0xee00, 0xffffffffffffffff) r0 = io_uring_setup(0xaae, &(0x7f00000003c0)={0x0, 0xffffeffa, 0x800, 0x7, 0x2}) setrlimit(0x40000000000008, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 37.99589289s ago: executing program 6 (id=5668): r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000000d00), 0xf000, 0x10002, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x110, 0x3, &(0x7f0000000100), 0x4) 35.455469561s ago: executing program 0 (id=5717): ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, 0x0, &(0x7f0000000000)) 35.219575483s ago: executing program 0 (id=5723): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000000580)="6187558fb3", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="c599f26acbf5efeccdda010d4e28e7fa6f35fdd93640489e689f168c7d9bd73236f9a09191b4619f91cf3dff1cba66b98083396a5e45ea629956e8cb5de42008a4ea079e7fc1cb5220f066029011daf8d363c5af0ca703b531c929e143c8d2cba1311f015097e6fa502e", 0x6a}, {&(0x7f0000000200)="dba994a7c935d599ca1145bf4187d4811f36e6ae57ecac0a4bee21", 0x1b}, {&(0x7f00000002c0)="5ef10802af", 0x5}, {&(0x7f0000000340)="bc958990ea043131cdd0b15201b35cabc21ef193a6de699d28cfa542cb037675ecdb1a26ffe2768c63b048", 0x2b}], 0x4}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000006c0)="7957bb61271ff9f247a65bc1de701cb2c85d3d93562a1e01bc315aca940ec9ea272c860a6b77782aeb22e6a8f64ca3b214a0b5f41167eadfea98a75fd1dc4ba76c79f38f5792c86adb392a3ff2116a981ef408c5c92e6b6168b1a40d3db38e67aa8689e050caa97b866d4e3886f1e08c4d959be48594df83907e75", 0x7b}, {&(0x7f0000000740)="845869477f1d67911dee28799d1398c621f0610dee3530230514b0d8055597f0b8a812b1bfdbe708e2daec", 0x2b}], 0x2}}], 0x3, 0xc004) sendmmsg$unix(r1, &(0x7f0000000840)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}], 0x1, 0x0) 35.084645466s ago: executing program 0 (id=5726): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000080)={0x0, 0x0}, 0x10) 34.908197078s ago: executing program 0 (id=5729): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x20) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) renameat2(r0, &(0x7f0000000100)='./file0\x00', r0, &(0x7f00000001c0)='./file2\x00', 0x0) 34.723978279s ago: executing program 6 (id=5733): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0x4, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000080)={0x0}) 34.716315357s ago: executing program 0 (id=5734): ioctl$COMEDI_BUFINFO(0xffffffffffffffff, 0xc02c640e, &(0x7f0000000000)={0x0, 0x80000003, 0x3, 0x4a0a, 0x8, 0x81, 0x80000000}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 34.653927702s ago: executing program 3 (id=5736): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000200)={0xc, r1}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x1, r1, 0x0, 0xffffffffffffffff, 0x5}) ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f00000000c0)={0x28}) 34.470037679s ago: executing program 3 (id=5740): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) write(r0, &(0x7f0000000300)="2cd889f0", 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x54, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = getpid() bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000040)=[0x4], 0x0, 0x0, 0x1, 0x0, r2}}, 0x40) 33.969370925s ago: executing program 0 (id=5751): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000040)={r2, @in={{0xa, 0x4, @multicast1}}, 0xffff}, 0x90) 33.653013121s ago: executing program 34 (id=5751): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000040)={r2, @in={{0xa, 0x4, @multicast1}}, 0xffff}, 0x90) 33.59992804s ago: executing program 3 (id=5757): r0 = syz_io_uring_setup(0x2b06, &(0x7f0000000040), &(0x7f0000ffd000), &(0x7f0000ffe000)) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000380)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x3, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x90) io_uring_register$IORING_REGISTER_FILES(r0, 0x14, &(0x7f00000003c0), 0x2) r1 = syz_io_uring_setup(0x1ec3, &(0x7f0000000080)={0x0, 0x6a5f, 0x0, 0x1, 0x386}, &(0x7f0000000000), &(0x7f0000000500)) io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f0000000840)=[{0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1, 0x0, 0x0, 0x0}], 0x2) 33.599598345s ago: executing program 6 (id=5758): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @multicast}, 0x10) 33.419120356s ago: executing program 3 (id=5761): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0) 32.871867005s ago: executing program 3 (id=5765): r0 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) recvfrom(r0, 0x0, 0x0, 0x41, &(0x7f0000000380)=@qipcrtr={0x2a, 0x3, 0x7ffe}, 0x80) 32.810899032s ago: executing program 5 (id=5766): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x800) recvmmsg(r1, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/70, 0x46}, {0x0}], 0x2}, 0x2}], 0x1, 0x40000060, 0x0) 32.587031494s ago: executing program 3 (id=5767): r0 = socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x87}}, @call={0x85, 0x0, 0x0, 0xa0}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) syz_emit_ethernet(0x4e, &(0x7f0000000040)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x18, 0x3a, 0xff, @local, @mcast2, {[], @mld={0x84, 0x0, 0x0, 0x5, 0xc0, @empty}}}}}}, 0x0) 32.467678791s ago: executing program 5 (id=5768): r0 = syz_open_dev$loop(&(0x7f00000005c0), 0xffff, 0x109041) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000000c0)={r1, 0x1000, {0x2a00, 0x80010000, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac1000", "90be6c09306003d8006000", [0x0, 0x2]}}) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 31.702811877s ago: executing program 5 (id=5773): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x2, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={r2, 0x6}, 0x8) 31.383667337s ago: executing program 5 (id=5777): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = socket(0x2b, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000000, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000140)={@mcast1, 0x8000000, 0x0, 0xff, 0x500, 0x4}, 0x20) 31.276890096s ago: executing program 5 (id=5779): syz_clone3(&(0x7f000000dd80)={0xa00400, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0) acct(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x42, 0x0) acct(&(0x7f00000000c0)='./bus\x00') 30.85598503s ago: executing program 5 (id=5785): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r0 = eventfd2(0x0, 0x0) io_setup(0x6, &(0x7f0000000180)=0x0) ioprio_set$uid(0x3, 0x0, 0x0) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x5, r0, 0x0, 0x0, 0xc, 0x0, 0x1, r0}]) 18.585628436s ago: executing program 35 (id=5758): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @multicast}, 0x10) 17.544986946s ago: executing program 36 (id=5767): r0 = socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x87}}, @call={0x85, 0x0, 0x0, 0xa0}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) syz_emit_ethernet(0x4e, &(0x7f0000000040)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x18, 0x3a, 0xff, @local, @mcast2, {[], @mld={0x84, 0x0, 0x0, 0x5, 0xc0, @empty}}}}}}, 0x0) 15.81510793s ago: executing program 37 (id=5785): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r0 = eventfd2(0x0, 0x0) io_setup(0x6, &(0x7f0000000180)=0x0) ioprio_set$uid(0x3, 0x0, 0x0) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x5, r0, 0x0, 0x0, 0xc, 0x0, 0x1, r0}]) 301.433309ms ago: executing program 2 (id=6328): r0 = creat(&(0x7f0000000080)='./file0\x00', 0x8d) close(r0) r1 = socket$tipc(0x1e, 0x5, 0x0) listen(r1, 0x7) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 245.449805ms ago: executing program 2 (id=6329): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc) sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc040ff0b, &(0x7f0000000180)) 155.860352ms ago: executing program 2 (id=6330): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newchain={0x24, 0x64, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {0x8, 0x7}, {0xe, 0xfff1}}}, 0x24}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtaction={0x64, 0x30, 0x505, 0x0, 0x25dfdbf9, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x7}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x64}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 144.940927ms ago: executing program 2 (id=6331): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x4, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x0, 0x4000000, 0x8}, 0x3c) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0x0, 0x4, 0xfffffffe}, 0x3c) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ff1f4d7ed79c31e2e0f1da00000000230000002000", 0x3e1f}, 0x3c) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000180)={@private=0xa010102, @multicast2, 0x0, "941621a61c5815f4678d8fd403f2f30229a88d74d71fd55708016d20fd419884", 0x0, 0x1}, 0x3c) 94.015795ms ago: executing program 2 (id=6332): r0 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r1, 0xc01064c8, &(0x7f0000000200)={0x2, 0x0, &(0x7f0000000300)=[0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f00000003c0)={&(0x7f0000001280), 0x0, r2, 0x0, '\x00', 0x1ffffffffffffd64, 0x20}) 0s ago: executing program 2 (id=6333): r0 = fsopen(&(0x7f0000000140)='tracefs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00') kernel console output (not intermixed with test programs): ridge0: port 2(bridge_slave_1) entered blocking state [ 269.416083][T10299] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.416281][T10299] bridge_slave_1: entered allmulticast mode [ 269.453396][T10299] bridge_slave_1: entered promiscuous mode [ 269.775858][T10299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 269.817059][ T5810] Bluetooth: hci4: command tx timeout [ 269.835810][T10299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 270.174039][T10299] team0: Port device team_slave_0 added [ 270.253849][T10299] team0: Port device team_slave_1 added [ 270.634834][ T58] bridge_slave_1: left allmulticast mode [ 270.634863][ T58] bridge_slave_1: left promiscuous mode [ 270.635117][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.719446][ T58] bridge_slave_0: left allmulticast mode [ 270.719474][ T58] bridge_slave_0: left promiscuous mode [ 270.719714][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.987219][ T1587] usb 6-1: USB disconnect, device number 5 [ 270.995235][ T1587] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 271.127441][ T1587] cp210x 6-1:0.0: device disconnected [ 271.464463][ C0] vkms_vblank_simulate: vblank timer overrun [ 271.906972][ T5810] Bluetooth: hci4: command tx timeout [ 272.045597][ C0] vkms_vblank_simulate: vblank timer overrun [ 272.196895][ C0] vkms_vblank_simulate: vblank timer overrun [ 272.280566][ C0] vkms_vblank_simulate: vblank timer overrun [ 273.607031][ T5899] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 273.641004][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 273.718839][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 273.750977][ T58] bond0 (unregistering): Released all slaves [ 273.757035][ T5899] usb 6-1: Using ep0 maxpacket: 8 [ 273.772241][ T5899] usb 6-1: config 0 has no interfaces? [ 273.774698][ T5899] usb 6-1: New USB device found, idVendor=0582, idProduct=e6ca, bcdDevice=d3.0b [ 273.774726][ T5899] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.774746][ T5899] usb 6-1: Product: syz [ 273.774763][ T5899] usb 6-1: Manufacturer: syz [ 273.774771][ T5899] usb 6-1: SerialNumber: syz [ 273.793107][ T5899] usb 6-1: config 0 descriptor?? [ 273.850535][T10299] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 273.850546][T10299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 273.850560][T10299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.906593][T10299] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.906610][T10299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 273.906636][T10299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 273.979311][ T5810] Bluetooth: hci4: command tx timeout [ 274.031377][ T1843] usb 6-1: USB disconnect, device number 6 [ 274.229879][ T58] IPVS: stopping master sync thread 9725 ... [ 274.231748][T10299] hsr_slave_0: entered promiscuous mode [ 274.233002][T10299] hsr_slave_1: entered promiscuous mode [ 274.234048][T10299] debugfs: 'hsr0' already exists in 'hsr' [ 274.235499][T10299] Cannot create hsr debugfs directory [ 275.610106][ T58] hsr_slave_0: left promiscuous mode [ 275.646794][ T58] hsr_slave_1: left promiscuous mode [ 275.647840][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 275.647870][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 275.698441][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 275.698465][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 275.832621][ T58] veth0_macvtap: left allmulticast mode [ 275.834073][ T58] veth1_macvtap: left promiscuous mode [ 275.834177][ T58] veth0_macvtap: left promiscuous mode [ 275.836304][ T58] veth0_vlan: left promiscuous mode [ 278.477403][ T58] team0 (unregistering): Port device team_slave_1 removed [ 278.707444][ T58] team0 (unregistering): Port device team_slave_0 removed [ 280.945996][T10485] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2056'. [ 281.069737][T10503] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 281.069762][T10503] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 281.085359][T10502] bond0: option packets_per_slave: invalid value (18446744072268814746) [ 281.085384][T10502] bond0: option packets_per_slave: allowed values 0 - 65535 [ 281.149534][T10503] vhci_hcd vhci_hcd.0: Device attached [ 281.157014][T10507] syz.3.2074 (10507) used greatest stack depth: 17968 bytes left [ 281.416986][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 281.426774][ T5891] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 281.634370][ T5810] Bluetooth: hci2: unexpected event for opcode 0x1003 [ 281.918465][T10299] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 282.407159][T10299] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 282.540632][T10299] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 282.620230][T10553] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2088'. [ 282.641993][T10299] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 282.690655][T10553] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2088'. [ 282.975066][T10299] 8021q: adding VLAN 0 to HW filter on device bond0 [ 283.079421][T10299] 8021q: adding VLAN 0 to HW filter on device team0 [ 283.088174][ T1908] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.088407][ T1908] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.110430][ T1908] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.110637][ T1908] bridge0: port 2(bridge_slave_1) entered forwarding state [ 283.401946][T10587] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.2099'. [ 283.814644][T10299] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 283.936380][T10601] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2104'. [ 284.050671][T10603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2105'. [ 284.117150][T10504] vhci_hcd: connection reset by peer [ 284.146717][ T43] vhci_hcd: stop threads [ 284.148872][ T43] vhci_hcd: release socket [ 284.169209][ T43] vhci_hcd: disconnect device [ 284.248193][T10612] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2108'. [ 284.252062][T10612] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2108'. [ 284.440158][T10620] sock: sock_set_timeout: `syz.5.2111' (pid 10620) tries to set negative timeout [ 284.549293][T10619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2109'. [ 284.580953][T10299] veth0_vlan: entered promiscuous mode [ 284.630881][T10299] veth1_vlan: entered promiscuous mode [ 284.689189][T10299] veth0_macvtap: entered promiscuous mode [ 284.706424][T10299] veth1_macvtap: entered promiscuous mode [ 284.757998][T10299] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 284.796445][T10299] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.836557][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.837970][T10628] netlink: 7 bytes leftover after parsing attributes in process `syz.0.2114'. [ 284.838385][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.848097][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.862378][ T58] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.310598][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.310619][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.391767][ T1908] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.391787][ T1908] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.656993][ T5810] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 285.657324][ T5810] Bluetooth: hci2: Injecting HCI hardware error event [ 285.663824][ T5810] Bluetooth: hci2: hardware error 0x00 [ 285.854664][T10662] loop4: detected capacity change from 0 to 1 [ 285.873424][T10662] Dev loop4: unable to read RDB block 1 [ 285.873472][T10662] loop4: unable to read partition table [ 285.873675][T10662] loop4: partition table beyond EOD, truncated [ 285.873693][T10662] loop_reread_partitions: partition scan of loop4 (被x^> ) failed (rc=-5) [ 286.055156][ T37] audit: type=1800 audit(1764161021.369:192): pid=10669 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.2142" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0 [ 286.508581][T10686] __nla_validate_parse: 1 callbacks suppressed [ 286.508601][T10686] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2139'. [ 286.508624][T10686] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2139'. [ 286.527050][ T5891] vhci_hcd: vhci_device speed not set [ 286.742389][T10695] program syz.0.2143 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 287.012982][T10707] tun0: tun_chr_ioctl cmd 2148553947 [ 287.125592][T10710] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2152'. [ 287.211177][T10710] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2152'. [ 287.818511][ T5810] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 289.159639][T10783] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2182'. [ 289.169647][ T983] kernel read not supported for file /newroot/12 (pid: 983 comm: kworker/0:2) [ 289.935940][T10818] netlink: 'syz.6.2199': attribute type 25 has an invalid length. [ 289.935961][T10818] netlink: 'syz.6.2199': attribute type 7 has an invalid length. [ 289.935974][T10818] netlink: 'syz.6.2199': attribute type 1 has an invalid length. [ 289.935986][T10818] netlink: 156 bytes leftover after parsing attributes in process `syz.6.2199'. [ 289.975591][T10818] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.199839][ T5916] kernel read not supported for file /dsp (pid: 5916 comm: kworker/1:5) [ 290.447291][ T37] audit: type=1326 audit(1764161025.769:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.447341][ T37] audit: type=1326 audit(1764161025.779:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.476267][ T37] audit: type=1326 audit(1764161025.799:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.496774][ T37] audit: type=1326 audit(1764161025.809:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.496830][ T37] audit: type=1326 audit(1764161025.819:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.496873][ T37] audit: type=1326 audit(1764161025.819:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.499035][ T37] audit: type=1326 audit(1764161025.829:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.502368][ T37] audit: type=1326 audit(1764161025.829:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 290.503489][ T37] audit: type=1326 audit(1764161025.829:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10835 comm="syz.6.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 291.077159][T10863] netlink: 'syz.0.2218': attribute type 1 has an invalid length. [ 291.077179][T10863] netlink: 'syz.0.2218': attribute type 7 has an invalid length. [ 291.077191][T10863] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2218'. [ 291.161518][T10862] bridge0: entered promiscuous mode [ 291.161800][T10862] macvlan2: entered promiscuous mode [ 291.774012][T10884] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2229'. [ 291.846807][T10886] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2229'. [ 292.413512][T10913] netlink: 312 bytes leftover after parsing attributes in process `syz.3.2242'. [ 292.572591][T10920] program syz.5.2246 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 292.863855][T10930] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2251'. [ 297.107096][T11053] netlink: 'syz.5.2306': attribute type 2 has an invalid length. [ 297.852084][T11074] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2315'. [ 298.178390][T11077] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2313'. [ 298.530872][T11099] netlink: 'syz.0.2324': attribute type 30 has an invalid length. [ 298.642106][T11099] bond1: option arp_missed_max: invalid value (0) [ 298.642132][T11099] bond1: option arp_missed_max: allowed values 1 - 255 [ 298.674325][T11099] bond1 (unregistering): Released all slaves [ 298.737402][T11101] netlink: 16390 bytes leftover after parsing attributes in process `syz.2.2326'. [ 299.079967][ T5916] kernel read not supported for file /dsp (pid: 5916 comm: kworker/1:5) [ 299.682401][T11162] ptrace attach of "./syz-executor exec"[6849] was attempted by "./syz-executor exec"[11162] [ 300.123428][T11182] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2364'. [ 301.002382][T11194] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2369'. [ 301.002448][T11194] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2369'. [ 301.245619][T11202] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2373'. [ 301.331324][T11209] input: syz0 as /devices/virtual/input/input26 [ 301.648405][ T983] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 301.800990][ T983] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 301.801018][ T983] usb 4-1: config 0 has no interface number 0 [ 301.806844][ T49] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 301.829380][ T983] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 301.829410][ T983] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.829428][ T983] usb 4-1: Product: syz [ 301.829441][ T983] usb 4-1: Manufacturer: syz [ 301.829455][ T983] usb 4-1: SerialNumber: syz [ 301.868799][ T983] usb 4-1: config 0 descriptor?? [ 301.958263][ T49] usb 3-1: Using ep0 maxpacket: 16 [ 301.964248][ T49] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 301.964278][ T49] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 301.964298][ T49] usb 3-1: Product: syz [ 301.964312][ T49] usb 3-1: Manufacturer: syz [ 301.964325][ T49] usb 3-1: SerialNumber: syz [ 302.006136][ T49] usb 3-1: config 0 descriptor?? [ 302.092467][ T983] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 302.124522][ T983] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 302.124887][ T983] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 302.124942][ T983] usb 4-1: media controller created [ 302.193580][ T983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 302.339830][ T49] usb 3-1: USB disconnect, device number 18 [ 302.388864][T11248] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2393'. [ 303.339798][ T983] i2c i2c-1: ec100: i2c rd failed=-110 reg=33 [ 303.420975][ T983] usb 4-1: USB disconnect, device number 20 [ 304.207358][ T5899] hid_parser_main: 73 callbacks suppressed [ 304.207381][ T5899] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 304.238197][ T5899] hid-generic 0000:0000:0000.0013: hidraw0: HID v0.00 Device [syz1] on syz0 [ 304.302108][T11290] program syz.6.2412 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 304.523189][T11303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2417'. [ 304.554890][T11303] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2417'. [ 304.947502][T11320] sctp: [Deprecated]: syz.5.2423 (pid 11320) Use of int in max_burst socket option. [ 304.947502][T11320] Use struct sctp_assoc_value instead [ 305.495376][T11345] netlink: 136 bytes leftover after parsing attributes in process `syz.3.2436'. [ 305.725853][T11358] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.2452'. [ 305.936924][ T49] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 306.103782][ T49] usb 7-1: Using ep0 maxpacket: 32 [ 306.109259][ T49] usb 7-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 306.109288][ T49] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.109307][ T49] usb 7-1: Product: syz [ 306.109320][ T49] usb 7-1: Manufacturer: syz [ 306.109333][ T49] usb 7-1: SerialNumber: syz [ 306.120092][ T49] usb 7-1: config 0 descriptor?? [ 306.362020][ T49] RobotFuzz Open Source InterFace, OSIF 7-1:0.0: version d4.15 found at bus 007 address 002 [ 306.592906][T11355] i2c i2c-1: adapter quirk: no zero length (addr 0x0001, size 0, read) [ 306.595275][ T49] usb 7-1: USB disconnect, device number 2 [ 307.232027][T11406] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2463'. [ 307.661616][ T49] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 307.824790][ T49] usb 6-1: unable to get BOS descriptor or descriptor too short [ 307.826723][ T49] usb 6-1: not running at top speed; connect to a high speed hub [ 307.847470][ T49] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 307.847495][ T49] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 307.878868][ T49] usb 6-1: string descriptor 0 read error: -22 [ 307.879021][ T49] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 307.879045][ T49] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.914512][ T49] usb 6-1: 0:2 : does not exist [ 307.948492][T11423] input: syz0 as /devices/virtual/input/input27 [ 308.943980][ T49] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 308.961918][ T49] usb 6-1: 5:0: failed to get current value for ch 1 (-22) [ 309.211679][ T49] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 309.224498][ T49] usb 6-1: USB disconnect, device number 7 [ 309.616774][ T1587] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 309.624930][T11472] batadv_slave_1: entered promiscuous mode [ 309.646919][T11471] batadv_slave_1: left promiscuous mode [ 309.789507][ T1587] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 309.789541][ T1587] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 309.791486][ T1587] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 309.791513][ T1587] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 309.791534][ T1587] usb 4-1: Manufacturer: syz [ 309.804846][ T1587] usb 4-1: config 0 descriptor?? [ 310.538147][T11492] netlink: 'syz.0.2498': attribute type 5 has an invalid length. [ 310.538173][T11492] netlink: 'syz.0.2498': attribute type 1 has an invalid length. [ 310.732887][T11495] loop8: detected capacity change from 0 to 8 [ 310.812765][T11495] Dev loop8: unable to read RDB block 8 [ 310.812809][T11495] loop8: unable to read partition table [ 310.812999][T11495] loop8: partition table beyond EOD, truncated [ 310.813015][T11495] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 310.836859][ T1587] uclogic 0003:256C:006D.0014: failed retrieving string descriptor #100: -71 [ 310.836919][ T1587] uclogic 0003:256C:006D.0014: failed retrieving pen parameters: -71 [ 310.836936][ T1587] uclogic 0003:256C:006D.0014: failed probing pen v1 parameters: -71 [ 310.836985][ T1587] uclogic 0003:256C:006D.0014: failed probing parameters: -71 [ 310.837087][ T1587] uclogic 0003:256C:006D.0014: probe with driver uclogic failed with error -71 [ 310.847090][ T1587] usb 4-1: USB disconnect, device number 21 [ 311.196803][ T49] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 311.572816][ T49] usb 6-1: unable to get BOS descriptor or descriptor too short [ 311.574491][ T49] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 311.574527][ T49] usb 6-1: can't read configurations, error -71 [ 311.610378][ T5891] kernel write not supported for file /uinput (pid: 5891 comm: kworker/0:6) [ 311.715631][T11517] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2510'. [ 311.733286][T11517] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2510'. [ 312.016213][T11534] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2516'. [ 312.016240][T11534] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2516'. [ 312.016254][T11534] netlink: 58 bytes leftover after parsing attributes in process `syz.6.2516'. [ 312.051915][T11530] IPVS: Scheduler module ip_vs_sip not found [ 312.219236][T11543] tap0: tun_chr_ioctl cmd 1074025678 [ 312.219258][T11543] tap0: group set to 21 [ 312.388049][T11548] syzkaller1: entered promiscuous mode [ 312.388075][T11548] syzkaller1: entered allmulticast mode [ 312.855085][T11552] bond1: option arp_interval: invalid value (18446744071815993582) [ 312.862612][T11552] bond1: option arp_interval: allowed values 0 - 2147483647 [ 312.921653][T11552] bond1 (unregistering): Released all slaves [ 313.724549][T11605] program syz.0.2547 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 313.977275][T11619] netlink: 212892 bytes leftover after parsing attributes in process `syz.0.2553'. [ 314.242061][T11633] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2561'. [ 314.822108][T11669] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2578'. [ 314.901301][ C0] vkms_vblank_simulate: vblank timer overrun [ 315.303343][T11692] dummy0: entered promiscuous mode [ 315.303592][T11692] macsec1: entered allmulticast mode [ 315.303606][T11692] dummy0: entered allmulticast mode [ 315.349728][T11692] dummy0: left allmulticast mode [ 315.349868][T11692] dummy0: left promiscuous mode [ 317.261153][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.456783][ T49] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 317.607125][ T49] usb 7-1: Using ep0 maxpacket: 32 [ 317.614805][ T49] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 317.614838][ T49] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 317.614874][ T49] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 317.614897][ T49] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.670185][ T49] usb 7-1: config 0 descriptor?? [ 317.719515][T11787] syzkaller1: entered promiscuous mode [ 317.719540][T11787] syzkaller1: entered allmulticast mode [ 318.085447][T11797] tipc: Started in network mode [ 318.085464][T11797] tipc: Node identity , cluster identity 4711 [ 318.085478][T11797] tipc: Failed to obtain node identity [ 318.085507][T11797] tipc: Enabling of bearer rejected, failed to enable media [ 318.113931][ T49] koneplus 0003:1E7D:2D51.0015: invalid report_count -220209195 [ 318.113946][ T49] koneplus 0003:1E7D:2D51.0015: item 0 4 1 9 parsing failed [ 318.114455][ T49] koneplus 0003:1E7D:2D51.0015: parse failed [ 318.114493][ T49] koneplus 0003:1E7D:2D51.0015: probe with driver koneplus failed with error -22 [ 318.291419][ T5891] usb 7-1: USB disconnect, device number 3 [ 318.991417][ C1] vkms_vblank_simulate: vblank timer overrun [ 319.304437][T11857] input: syz1 as /devices/virtual/input/input29 [ 319.987650][ C1] vkms_vblank_simulate: vblank timer overrun [ 320.101646][ T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.645807][ T5812] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 320.663197][ T5812] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 320.664902][ T5812] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 320.670305][ T5812] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 320.671154][ T5812] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 321.061247][ T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.216788][ T1587] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 321.366813][ T1587] usb 7-1: Using ep0 maxpacket: 16 [ 321.373828][ T1587] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 321.373859][ T1587] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.373880][ T1587] usb 7-1: config 0 interface 0 has no altsetting 0 [ 321.373909][ T1587] usb 7-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 321.373927][ T1587] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.429538][ T1587] usb 7-1: config 0 descriptor?? [ 321.730195][ T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.852577][ T1587] hid (null): invalid report_size 1862211083 [ 321.852604][ T1587] hid (null): unknown global tag 0xd [ 321.852696][ T1587] hid (null): unknown global tag 0xc [ 321.878933][ T1587] hid (null): unknown global tag 0xe [ 321.879083][ T1587] hid (null): unknown global tag 0xc [ 321.879096][ T1587] hid (null): unknown global tag 0xaf [ 321.879131][ T1587] hid (null): unknown global tag 0xc [ 321.879193][ T1587] hid (null): unknown global tag 0xc [ 321.879203][ T1587] hid (null): report_id 0 is invalid [ 321.879231][ T1587] hid (null): unknown global tag 0xc [ 321.879242][ T1587] hid (null): invalid report_count 2075266327 [ 321.879254][ T1587] hid (null): unknown global tag 0xd [ 321.884940][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.884976][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885004][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885031][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885058][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885085][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885111][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885138][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885165][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.885191][ T1587] cougar 0003:060B:500A.0016: unknown main item tag 0x0 [ 321.886102][ T1587] cougar 0003:060B:500A.0016: unexpected long global item [ 322.012091][ T1587] cougar 0003:060B:500A.0016: parse failed [ 322.012200][ T1587] cougar 0003:060B:500A.0016: probe with driver cougar failed with error -22 [ 322.137804][ T1587] usb 7-1: USB disconnect, device number 4 [ 322.266236][ T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.552381][T11970] netlink: 'syz.0.2725': attribute type 3 has an invalid length. [ 322.552402][T11970] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2725'. [ 322.776936][ T5810] Bluetooth: hci1: command tx timeout [ 323.035596][T11909] chnl_net:caif_netlink_parms(): no params data found [ 323.224222][ T13] bridge_slave_1: left allmulticast mode [ 323.224248][ T13] bridge_slave_1: left promiscuous mode [ 323.224494][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.362444][ T13] bridge_slave_0: left allmulticast mode [ 323.362481][ T13] bridge_slave_0: left promiscuous mode [ 323.362749][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.491635][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 323.491652][ T37] audit: type=1326 audit(1764161058.819:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.494983][ T37] audit: type=1326 audit(1764161058.819:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.495272][ T37] audit: type=1326 audit(1764161058.819:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.496114][ T37] audit: type=1326 audit(1764161058.819:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.496391][ T37] audit: type=1326 audit(1764161058.819:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.613620][ T37] audit: type=1326 audit(1764161058.939:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.613936][ T37] audit: type=1326 audit(1764161058.939:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.614864][ T37] audit: type=1326 audit(1764161058.939:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.615123][ T37] audit: type=1326 audit(1764161058.939:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.615427][ T37] audit: type=1326 audit(1764161058.939:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12009 comm="syz.6.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 323.856924][ T1587] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 324.023186][ T1587] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 324.023231][ T1587] usb 4-1: New USB device found, idVendor=18d1, idProduct=503c, bcdDevice= 0.00 [ 324.023255][ T1587] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.030533][ T1587] usb 4-1: config 0 descriptor?? [ 324.475085][ T1587] hid-generic 0003:18D1:503C.0017: hidraw0: USB HID v10.00 Device [HID 18d1:503c] on usb-dummy_hcd.3-1/input0 [ 324.655693][ T5891] usb 4-1: USB disconnect, device number 22 [ 324.856823][ T5810] Bluetooth: hci1: command tx timeout [ 325.472635][T12066] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2768'. [ 325.772726][ C1] vkms_vblank_simulate: vblank timer overrun [ 325.997356][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 326.057919][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 326.100050][ T13] bond0 (unregistering): Released all slaves [ 326.437053][ C1] vkms_vblank_simulate: vblank timer overrun [ 326.936818][ T5810] Bluetooth: hci1: command tx timeout [ 327.008641][T11909] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.008848][T11909] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.009096][T11909] bridge_slave_0: entered allmulticast mode [ 327.014445][T11909] bridge_slave_0: entered promiscuous mode [ 327.051987][T11909] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.052268][T11909] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.052520][T11909] bridge_slave_1: entered allmulticast mode [ 327.073320][T11909] bridge_slave_1: entered promiscuous mode [ 327.686812][ T31] usb 4-1: new full-speed USB device number 23 using dummy_hcd [ 327.843055][ T31] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 327.843089][ T31] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 327.843141][ T31] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 327.843163][ T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.885212][ T31] usb 4-1: config 0 descriptor?? [ 327.895687][ T31] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 327.895739][ T31] dvb-usb: bulk message failed: -22 (3/0) [ 327.939900][ T31] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 327.947328][ T31] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 327.947386][ T31] usb 4-1: media controller created [ 327.970478][ T31] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 328.005314][ T31] dvb-usb: bulk message failed: -22 (6/0) [ 328.005391][ T31] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 328.031547][ T31] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input30 [ 328.050732][ T31] dvb-usb: schedule remote query interval to 150 msecs. [ 328.050756][ T31] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 328.207230][T11909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 328.211678][T11909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 328.225352][ T1587] dvb-usb: bulk message failed: -22 (1/0) [ 328.225382][ T1587] dvb-usb: error while querying for an remote control event. [ 328.376830][ T31] dvb-usb: bulk message failed: -22 (1/0) [ 328.376859][ T31] dvb-usb: error while querying for an remote control event. [ 328.464318][T11909] team0: Port device team_slave_0 added [ 328.546870][ T31] dvb-usb: bulk message failed: -22 (1/0) [ 328.546902][ T31] dvb-usb: error while querying for an remote control event. [ 328.575833][ T31] usb 4-1: USB disconnect, device number 23 [ 328.641620][ T31] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 328.666850][ T13] hsr_slave_0: left promiscuous mode [ 328.708189][ T13] hsr_slave_1: left promiscuous mode [ 328.709177][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 328.709200][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 328.780635][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 328.780662][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 328.899163][ T13] veth1_macvtap: left promiscuous mode [ 328.899283][ T13] veth0_macvtap: left promiscuous mode [ 328.899558][ T13] veth1_vlan: left promiscuous mode [ 328.899742][ T13] veth0_vlan: left promiscuous mode [ 329.016876][ T5810] Bluetooth: hci1: command tx timeout [ 329.470173][ C1] vkms_vblank_simulate: vblank timer overrun [ 332.218055][ T13] team0 (unregistering): Port device team_slave_1 removed [ 332.568234][ T13] team0 (unregistering): Port device team_slave_0 removed [ 335.420334][T11909] team0: Port device team_slave_1 added [ 335.492293][T12321] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2892'. [ 335.492413][T12321] netlink: 'syz.3.2892': attribute type 1 has an invalid length. [ 335.775723][T11909] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 335.775739][T11909] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 335.775762][T11909] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 335.824386][T11909] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 335.824413][T11909] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 335.824437][T11909] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 335.876806][ T5891] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 336.062322][ T5891] usb 7-1: too many endpoints for config 0 interface 0 altsetting 1: 254, using maximum allowed: 30 [ 336.062371][ T5891] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 253, changing to 11 [ 336.062398][ T5891] usb 7-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 336.062429][ T5891] usb 7-1: config 0 interface 0 has no altsetting 0 [ 336.062464][ T5891] usb 7-1: New USB device found, idVendor=056a, idProduct=0039, bcdDevice= 0.00 [ 336.062486][ T5891] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.107257][ T5891] usb 7-1: config 0 descriptor?? [ 336.192032][T12451] snd_dummy snd_dummy.0: control 6:65278:0:syz0:-259 is already present [ 336.384402][T11909] hsr_slave_0: entered promiscuous mode [ 336.385674][T11909] hsr_slave_1: entered promiscuous mode [ 336.386554][T11909] debugfs: 'hsr0' already exists in 'hsr' [ 336.386576][T11909] Cannot create hsr debugfs directory [ 336.760277][ T5891] usb 7-1: USB disconnect, device number 5 [ 337.079713][T12484] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2970'. [ 337.095800][T12488] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2972'. [ 337.096458][T12488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2972'. [ 337.859985][T12501] tun0: tun_chr_ioctl cmd 2148553947 [ 338.582243][T12548] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3003'. [ 338.582279][T12548] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3003'. [ 338.754160][ T1843] kernel read not supported for file /newroot/578 (pid: 1843 comm: kworker/0:3) [ 338.976087][T11909] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 339.028418][T11909] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 339.124759][T11909] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 339.197219][T11909] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 339.591987][T11909] 8021q: adding VLAN 0 to HW filter on device bond0 [ 339.626984][T11909] 8021q: adding VLAN 0 to HW filter on device team0 [ 339.645586][ T1172] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.645810][ T1172] bridge0: port 1(bridge_slave_0) entered forwarding state [ 339.673765][ T1172] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.674866][ T1172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 340.411253][T11909] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 340.670514][T12620] batadv_slave_1: entered promiscuous mode [ 340.674472][T12617] batadv_slave_1: left promiscuous mode [ 341.191854][T11909] veth0_vlan: entered promiscuous mode [ 341.204367][T11909] veth1_vlan: entered promiscuous mode [ 341.296106][T11909] veth0_macvtap: entered promiscuous mode [ 341.315255][T11909] veth1_macvtap: entered promiscuous mode [ 341.370043][T11909] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 341.393224][T11909] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 341.412071][ T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.430705][ T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.436523][ T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.446365][ T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.819223][ T5891] kernel read not supported for file /dsp (pid: 5891 comm: kworker/0:6) [ 341.824647][T12659] netlink: 'syz.0.3047': attribute type 25 has an invalid length. [ 341.824669][T12659] netlink: 'syz.0.3047': attribute type 7 has an invalid length. [ 341.824681][T12659] netlink: 'syz.0.3047': attribute type 1 has an invalid length. [ 341.824694][T12659] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3047'. [ 341.824796][T12659] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.863062][ T4500] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.863079][ T4500] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.995828][ T1172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.995849][ T1172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.204946][T12711] syzkaller1: entered promiscuous mode [ 343.204972][T12711] syzkaller1: entered allmulticast mode [ 343.381202][T12715] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 343.957408][T12748] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3087'. [ 344.756814][T12791] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3108'. [ 345.357780][ T37] kauditd_printk_skb: 53 callbacks suppressed [ 345.357797][ T37] audit: type=1326 audit(1764161080.689:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.357844][ T37] audit: type=1326 audit(1764161080.689:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.362950][ T37] audit: type=1326 audit(1764161080.689:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.365982][ T37] audit: type=1326 audit(1764161080.689:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.408449][ T37] audit: type=1326 audit(1764161080.719:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.416041][ T37] audit: type=1326 audit(1764161080.739:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.416090][ T37] audit: type=1326 audit(1764161080.739:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.416130][ T37] audit: type=1326 audit(1764161080.739:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.416168][ T37] audit: type=1326 audit(1764161080.739:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.416206][ T37] audit: type=1326 audit(1764161080.739:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12817 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 345.852182][T12836] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 345.928912][ T31] IPVS: starting estimator thread 0... [ 346.016866][T12841] IPVS: using max 8 ests per chain, 19200 per kthread [ 346.135059][T12850] netlink: 'syz.6.3137': attribute type 2 has an invalid length. [ 346.315613][T12858] input: syz1 as /devices/virtual/input/input32 [ 346.446751][ T31] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 346.599218][ T31] usb 6-1: Using ep0 maxpacket: 32 [ 346.601786][ T31] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 346.601810][ T31] usb 6-1: config 0 has no interface number 0 [ 346.605294][ T31] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 346.605323][ T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 346.605342][ T31] usb 6-1: Product: syz [ 346.605357][ T31] usb 6-1: Manufacturer: syz [ 346.605370][ T31] usb 6-1: SerialNumber: syz [ 346.671977][ T31] usb 6-1: config 0 descriptor?? [ 346.681546][T12869] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3155'. [ 346.696169][ T31] smsc95xx v2.0.0 [ 347.488800][ T31] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 347.691862][ T31] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 347.692186][ T31] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 347.730845][ T31] usb 6-1: USB disconnect, device number 10 [ 347.793114][T12904] netlink: 16390 bytes leftover after parsing attributes in process `syz.6.3163'. [ 348.829995][T12952] ptrace attach of "./syz-executor exec"[5805] was attempted by "./syz-executor exec"[12952] [ 349.053118][T12963] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3189'. [ 349.779439][T12997] input: syz0 as /devices/virtual/input/input33 [ 350.110152][T13011] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3212'. [ 350.472539][T13032] loop8: detected capacity change from 0 to 8 [ 350.500488][T13032] Dev loop8: unable to read RDB block 8 [ 350.500535][T13032] loop8: unable to read partition table [ 350.500749][T13032] loop8: partition table beyond EOD, truncated [ 350.500767][T13032] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 350.764210][T13043] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 350.886754][ T31] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 351.051387][ T31] usb 7-1: Using ep0 maxpacket: 16 [ 351.062186][ T31] usb 7-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 351.062222][ T31] usb 7-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 351.062242][ T31] usb 7-1: Product: syz [ 351.062256][ T31] usb 7-1: Manufacturer: syz [ 351.062270][ T31] usb 7-1: SerialNumber: syz [ 351.108415][ T31] usb 7-1: config 0 descriptor?? [ 351.148524][T13052] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 351.364119][ T31] usb 7-1: USB disconnect, device number 6 [ 351.453552][T13068] program syz.3.3243 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 352.764532][T13117] sctp: [Deprecated]: syz.3.3267 (pid 13117) Use of int in max_burst socket option. [ 352.764532][T13117] Use struct sctp_assoc_value instead [ 352.855733][ T983] hid_parser_main: 73 callbacks suppressed [ 352.855757][ T983] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0 [ 352.886497][ T983] hid-generic 0000:0000:0000.0019: hidraw0: HID v0.00 Device [syz1] on syz0 [ 352.968854][T13126] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.3273'. [ 353.287870][T13138] netlink: 136 bytes leftover after parsing attributes in process `syz.5.3278'. [ 355.337056][ T5890] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 355.498780][ T5890] usb 7-1: unable to get BOS descriptor or descriptor too short [ 355.500016][ T5890] usb 7-1: not running at top speed; connect to a high speed hub [ 355.509172][ T5890] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 355.509198][ T5890] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 355.513871][ T5890] usb 7-1: string descriptor 0 read error: -22 [ 355.514014][ T5890] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 355.514037][ T5890] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.543755][ T5890] usb 7-1: 0:2 : does not exist [ 356.233915][T13264] loop8: detected capacity change from 0 to 8 [ 356.255386][T13264] Dev loop8: unable to read RDB block 8 [ 356.255437][T13264] loop8: unable to read partition table [ 356.255663][T13264] loop8: partition table beyond EOD, truncated [ 356.255682][T13264] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 356.300699][T13266] netlink: 'syz.3.3335': attribute type 5 has an invalid length. [ 356.300718][T13266] netlink: 'syz.3.3335': attribute type 1 has an invalid length. [ 356.517938][ T983] kernel write not supported for file /uinput (pid: 983 comm: kworker/0:2) [ 356.599510][T13278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3342'. [ 356.600804][T13278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3342'. [ 356.640629][ T5890] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5) [ 356.646983][ T5890] usb 7-1: 5:0: failed to get current value for ch 1 (-22) [ 356.684181][ T5890] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5) [ 356.691872][ T5890] usb 7-1: USB disconnect, device number 7 [ 359.145966][T13362] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 359.380282][T13370] netlink: 92 bytes leftover after parsing attributes in process `syz.3.3385'. [ 359.380345][T13370] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3385'. [ 359.598379][T13380] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3389'. [ 359.598404][T13380] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3389'. [ 359.628814][T13382] input: syz0 as /devices/virtual/input/input34 [ 359.864203][ C1] vkms_vblank_simulate: vblank timer overrun [ 360.057281][T13395] netlink: 212892 bytes leftover after parsing attributes in process `syz.5.3394'. [ 361.761890][T13468] overlayfs: failed lookup in lower (newroot/66, name='file0', err=-40): overlapping layers [ 363.636361][T13549] loop8: detected capacity change from 0 to 7 [ 363.655228][T13549] Dev loop8: unable to read RDB block 7 [ 363.655275][T13549] loop8: unable to read partition table [ 363.655509][T13549] loop8: partition table beyond EOD, truncated [ 363.655526][T13549] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 364.323894][T13587] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3497'. [ 365.301967][ T58] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.688728][ T5812] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 365.692970][ T5812] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 365.698865][ T5812] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 365.703369][ T5812] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 365.706312][ T5812] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 365.752528][ T58] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.125503][ T58] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.532384][ T58] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.374828][ T58] bridge_slave_1: left allmulticast mode [ 367.374855][ T58] bridge_slave_1: left promiscuous mode [ 367.375116][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.468585][ T58] bridge_slave_0: left allmulticast mode [ 367.468610][ T58] bridge_slave_0: left promiscuous mode [ 367.470494][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.817748][ T5810] Bluetooth: hci2: command tx timeout [ 369.650796][ T983] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 369.796787][ T983] usb 7-1: Using ep0 maxpacket: 8 [ 369.823470][ T983] usb 7-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 369.823496][ T983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.823515][ T983] usb 7-1: Product: syz [ 369.823524][ T983] usb 7-1: Manufacturer: syz [ 369.823531][ T983] usb 7-1: SerialNumber: syz [ 369.826509][ T983] usb 7-1: config 0 descriptor?? [ 369.883833][ T983] gspca_main: se401-2.14.0 probing 047d:5003 [ 369.897105][ T5810] Bluetooth: hci2: command tx timeout [ 370.287729][ T983] gspca_se401: Too many frame sizes [ 370.307312][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 370.367615][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 370.411926][ T58] bond0 (unregistering): Released all slaves [ 370.498721][ T31] usb 7-1: USB disconnect, device number 8 [ 370.613584][T13634] chnl_net:caif_netlink_parms(): no params data found [ 370.640967][ T58] tipc: Disabling bearer [ 370.641542][ T58] tipc: Left network mode [ 370.839731][ T58] IPVS: stopping master sync thread 8341 ... [ 371.270292][T13634] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.270408][T13634] bridge0: port 1(bridge_slave_0) entered disabled state [ 371.270653][T13634] bridge_slave_0: entered allmulticast mode [ 371.299201][T13634] bridge_slave_0: entered promiscuous mode [ 371.323903][T13634] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.324029][T13634] bridge0: port 2(bridge_slave_1) entered disabled state [ 371.324325][T13634] bridge_slave_1: entered allmulticast mode [ 371.330489][T13634] bridge_slave_1: entered promiscuous mode [ 371.977211][ T5810] Bluetooth: hci2: command tx timeout [ 372.038621][ C1] vkms_vblank_simulate: vblank timer overrun [ 372.050992][T13634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 372.077589][T13634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 372.710169][T13831] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3593'. [ 372.945190][T13634] team0: Port device team_slave_0 added [ 373.146854][ T58] hsr_slave_0: left promiscuous mode [ 373.188221][ T58] hsr_slave_1: left promiscuous mode [ 373.191590][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 373.191615][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 373.248577][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 373.248603][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 373.348304][T13861] syz.5.3612 (13861) used greatest stack depth: 17904 bytes left [ 373.424789][ T58] veth0_macvtap: left allmulticast mode [ 373.424969][ T58] veth1_macvtap: left promiscuous mode [ 373.425066][ T58] veth0_macvtap: left promiscuous mode [ 373.425452][ T58] veth1_vlan: left promiscuous mode [ 373.425633][ T58] veth0_vlan: left promiscuous mode [ 373.969918][ C1] vkms_vblank_simulate: vblank timer overrun [ 374.057080][ T5810] Bluetooth: hci2: command tx timeout [ 374.787695][ C1] vkms_vblank_simulate: vblank timer overrun [ 375.322507][ C1] vkms_vblank_simulate: vblank timer overrun [ 375.388238][ C1] vkms_vblank_simulate: vblank timer overrun [ 376.120233][ C1] vkms_vblank_simulate: vblank timer overrun [ 376.528955][ T58] team0 (unregistering): Port device team_slave_1 removed [ 376.817417][ T58] team0 (unregistering): Port device team_slave_0 removed [ 378.704574][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.968915][T13634] team0: Port device team_slave_1 added [ 379.399637][T14026] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3689'. [ 379.556050][T14026] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3689'. [ 379.557933][T13634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 379.557948][T13634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 379.557973][T13634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 379.560372][T13634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 379.560385][T13634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 379.560410][T13634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 379.969759][T13634] hsr_slave_0: entered promiscuous mode [ 379.971062][T13634] hsr_slave_1: entered promiscuous mode [ 379.971979][T13634] debugfs: 'hsr0' already exists in 'hsr' [ 379.972001][T13634] Cannot create hsr debugfs directory [ 380.426837][ T1587] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 380.576725][ T1587] usb 6-1: Using ep0 maxpacket: 16 [ 380.589091][ T1587] usb 6-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 380.589122][ T1587] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.589142][ T1587] usb 6-1: Product: syz [ 380.589155][ T1587] usb 6-1: Manufacturer: syz [ 380.589169][ T1587] usb 6-1: SerialNumber: syz [ 380.627121][ T1587] usb 6-1: config 0 descriptor?? [ 380.631318][ T1587] ums-onetouch 6-1:0.0: USB Mass Storage device detected [ 380.840156][ T5899] usb 6-1: USB disconnect, device number 11 [ 381.803482][T13634] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 381.865501][T13634] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 381.906079][T13634] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 381.955536][T13634] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 382.004046][T14106] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3724'. [ 382.206050][T13634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 382.247418][T13634] 8021q: adding VLAN 0 to HW filter on device team0 [ 382.275458][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 382.285979][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 382.310094][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 382.310238][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 383.052815][ T5891] kernel read not supported for file /newroot/109 (pid: 5891 comm: kworker/0:6) [ 383.180676][T13634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 383.302215][T13634] veth0_vlan: entered promiscuous mode [ 383.331081][T13634] veth1_vlan: entered promiscuous mode [ 383.412174][T13634] veth0_macvtap: entered promiscuous mode [ 383.431453][T13634] veth1_macvtap: entered promiscuous mode [ 383.513004][T13634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 383.552381][T13634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 383.571826][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.590720][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.591621][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.629384][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.994282][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 383.994303][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 384.188049][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 384.188069][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 384.441391][T14193] netlink: 16390 bytes leftover after parsing attributes in process `syz.0.3760'. [ 384.895290][T14210] netlink: 'syz.3.3768': attribute type 2 has an invalid length. [ 385.110062][T14224] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 385.296928][T14233] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3789'. [ 385.684783][ T37] kauditd_printk_skb: 1 callbacks suppressed [ 385.684800][ T37] audit: type=1326 audit(1764161121.009:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.685838][ T37] audit: type=1326 audit(1764161121.009:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.712759][T14253] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3786'. [ 385.766760][ T37] audit: type=1326 audit(1764161121.089:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.787236][ T37] audit: type=1326 audit(1764161121.109:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.787287][ T37] audit: type=1326 audit(1764161121.119:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.794263][ T37] audit: type=1326 audit(1764161121.119:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.794312][ T37] audit: type=1326 audit(1764161121.119:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.794358][ T37] audit: type=1326 audit(1764161121.119:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.806418][ T37] audit: type=1326 audit(1764161121.129:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 385.806471][ T37] audit: type=1326 audit(1764161121.129:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14250 comm="syz.3.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 386.145865][T14264] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 386.303032][T14270] o2cb: This node has not been configured. [ 386.303048][T14270] o2cb: Cluster check failed. Fix errors before retrying. [ 386.303098][T14270] (syz.0.3799,14270,0):user_dlm_register:674 ERROR: status = -22 [ 386.303122][T14270] (syz.0.3799,14270,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 386.696827][ T5810] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 386.697137][ T5810] Bluetooth: hci1: Injecting HCI hardware error event [ 386.702146][ T5810] Bluetooth: hci1: hardware error 0x00 [ 386.824143][ T5891] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0 [ 386.863175][ T5891] hid-generic 0000:0000:0000.001A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 387.552164][T14315] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3817'. [ 387.554664][T14315] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3817'. [ 388.659730][T14370] loop8: detected capacity change from 0 to 8 [ 388.661968][T14370] Dev loop8: unable to read RDB block 8 [ 388.662013][T14370] loop8: unable to read partition table [ 388.662243][T14370] loop8: partition table beyond EOD, truncated [ 388.662260][T14370] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 388.848610][T14378] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3848'. [ 388.853180][T14378] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3848'. [ 389.017592][ T5810] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 389.930961][T14421] input: syz1 as /devices/virtual/input/input37 [ 390.336958][T14443] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3879'. [ 390.426935][ T31] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 390.486999][ T49] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 390.532756][T14456] loop8: detected capacity change from 0 to 8 [ 390.533940][T14456] Dev loop8: unable to read RDB block 8 [ 390.533983][T14456] loop8: unable to read partition table [ 390.534218][T14456] loop8: partition table beyond EOD, truncated [ 390.534236][T14456] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 390.581180][ T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 390.581214][ T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 390.582759][ T31] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 390.582786][ T31] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 390.582806][ T31] usb 6-1: Manufacturer: syz [ 390.598658][ T31] usb 6-1: config 0 descriptor?? [ 390.671074][ T49] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 390.671160][ T49] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 390.671183][ T49] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 390.671225][ T49] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 390.671247][ T49] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 390.725052][ T49] usb 7-1: config 0 descriptor?? [ 391.016843][ T5810] Bluetooth: hci3: command 0x0406 tx timeout [ 391.177866][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.177959][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.177986][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.178014][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.178038][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.178118][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.178145][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.178172][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.178200][ T49] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 391.695331][ T49] plantronics 0003:047F:FFFF.001C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 391.702788][ T49] usb 7-1: USB disconnect, device number 9 [ 391.837768][ T31] uclogic 0003:256C:006D.001B: failed retrieving string descriptor #100: -71 [ 391.837829][ T31] uclogic 0003:256C:006D.001B: failed retrieving pen parameters: -71 [ 391.837847][ T31] uclogic 0003:256C:006D.001B: failed probing pen v1 parameters: -71 [ 391.837909][ T31] uclogic 0003:256C:006D.001B: failed probing parameters: -71 [ 391.838011][ T31] uclogic 0003:256C:006D.001B: probe with driver uclogic failed with error -71 [ 391.859116][ T31] usb 6-1: USB disconnect, device number 12 [ 395.000210][T14607] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.011307][T14607] bridge0: port 2(bridge_slave_1) entered disabled state [ 396.610264][ T983] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 396.760806][ T983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 396.760841][ T983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 396.760880][ T983] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 396.760903][ T983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.804956][T14691] loop8: detected capacity change from 0 to 7 [ 396.810379][T14691] Dev loop8: unable to read RDB block 7 [ 396.810424][T14691] loop8: unable to read partition table [ 396.810650][T14691] loop8: partition table beyond EOD, truncated [ 396.811889][T14691] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 396.844024][ T983] usb 7-1: config 0 descriptor?? [ 397.302376][ T983] hid_parser_main: 6 callbacks suppressed [ 397.302399][ T983] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 397.302432][ T983] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 397.302461][ T983] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 397.302487][ T983] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 397.302511][ T983] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 397.366058][ T983] cm6533_jd 0003:0D8C:0022.001D: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.6-1/input0 [ 397.600453][ T983] usb 7-1: USB disconnect, device number 10 [ 399.279212][T14823] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.4057'. [ 399.391081][T14829] input: syz1 as /devices/virtual/input/input38 [ 400.048347][T14854] block device autoloading is deprecated and will be removed. [ 401.363436][T14907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4093'. [ 401.809306][T14935] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4109'. [ 402.126844][ T983] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 402.281900][ T983] usb 7-1: config index 0 descriptor too short (expected 45, got 36) [ 402.281966][ T983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 402.281992][ T983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 402.282014][ T983] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 402.282051][ T983] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 402.282080][ T983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.319991][ T983] usb 7-1: config 0 descriptor?? [ 402.782017][ T983] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 402.782067][ T983] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 402.782095][ T983] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 402.782122][ T983] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 402.782149][ T983] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 402.782176][ T983] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 402.796391][ T983] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 403.032820][ T5891] usb 7-1: USB disconnect, device number 11 [ 403.333016][T15011] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4145'. [ 403.401351][T15011] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 403.471072][T15016] sctp: [Deprecated]: syz.5.4147 (pid 15016) Use of struct sctp_assoc_value in delayed_ack socket option. [ 403.471072][T15016] Use struct sctp_sack_info instead [ 403.471682][T15016] sctp: [Deprecated]: syz.5.4147 (pid 15016) Use of struct sctp_assoc_value in delayed_ack socket option. [ 403.471682][T15016] Use struct sctp_sack_info instead [ 403.723364][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 403.723382][ T37] audit: type=1326 audit(1764161139.049:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.724035][ T37] audit: type=1326 audit(1764161139.049:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.724081][ T37] audit: type=1326 audit(1764161139.049:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.724918][ T37] audit: type=1326 audit(1764161139.049:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.724965][ T37] audit: type=1326 audit(1764161139.049:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.725005][ T37] audit: type=1326 audit(1764161139.049:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.725505][ T37] audit: type=1326 audit(1764161139.049:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.887621][ T37] audit: type=1326 audit(1764161139.049:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.887673][ T37] audit: type=1326 audit(1764161139.069:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 403.888031][ T37] audit: type=1326 audit(1764161139.219:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15028 comm="syz.6.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed7095f749 code=0x7ffc0000 [ 404.097112][T15011] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 404.578675][T15052] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4165'. [ 404.578708][T15052] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4165'. [ 406.179214][ T5891] usb 6-1: new full-speed USB device number 13 using dummy_hcd [ 406.198202][T15115] pimreg: tun_chr_ioctl cmd 2147767520 [ 406.198551][T15115] pimreg: tun_chr_ioctl cmd 1074025680 [ 406.339119][ T5891] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 406.339154][ T5891] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 406.339198][ T5891] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 406.339221][ T5891] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.345748][T15105] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 406.345952][T15105] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 406.375351][ T5891] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 406.644276][ T5891] usb 6-1: USB disconnect, device number 13 [ 407.343785][T15153] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 407.497223][ T5891] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 407.572442][T15160] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4217'. [ 407.652305][ T5891] usb 7-1: config 16 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 110 [ 407.652336][ T5891] usb 7-1: config 16 has an invalid descriptor of length 109, skipping remainder of the config [ 407.652356][ T5891] usb 7-1: config 16 has no interfaces? [ 407.652386][ T5891] usb 7-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 407.652409][ T5891] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.911478][ T1843] usb 7-1: USB disconnect, device number 12 [ 407.977347][ T5890] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 408.126797][ T5890] usb 6-1: Using ep0 maxpacket: 8 [ 408.129129][ T5890] usb 6-1: config 0 has no interfaces? [ 408.129164][ T5890] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 408.129187][ T5890] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.156501][ T5890] usb 6-1: config 0 descriptor?? [ 408.598847][T15164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 408.599843][T15164] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 408.602180][ T5891] usb 6-1: USB disconnect, device number 14 [ 409.188548][T15209] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4240'. [ 409.188585][T15209] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4240'. [ 409.280573][T15209] geneve2: entered promiscuous mode [ 409.280598][T15209] geneve2: entered allmulticast mode [ 409.563177][T15222] vcan0: tx drop: invalid da for name 0x00000000000000f0 [ 409.871013][T15237] @: renamed from bond_slave_0 (while UP) [ 410.166748][ T31] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 410.319027][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 410.319077][ T31] usb 4-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00 [ 410.319100][ T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.324250][ T31] usb 4-1: config 0 descriptor?? [ 410.535206][T15270] netlink: 240 bytes leftover after parsing attributes in process `syz.6.4264'. [ 410.752675][ T31] kye 0003:0458:0153.001F: collection stack underflow [ 410.752709][ T31] kye 0003:0458:0153.001F: item 0 4 0 12 parsing failed [ 410.753515][ T31] kye 0003:0458:0153.001F: parse failed [ 410.753591][ T31] kye 0003:0458:0153.001F: probe with driver kye failed with error -22 [ 410.978246][ T5890] usb 4-1: USB disconnect, device number 24 [ 412.057322][ T1587] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 412.086953][ T5891] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 412.211754][ T1587] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 412.211786][ T1587] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 412.211809][ T1587] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 412.211850][ T1587] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 412.211871][ T1587] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.258774][ T5891] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 412.258830][ T5891] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 412.260194][ T5891] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 412.260218][ T5891] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 412.260237][ T5891] usb 6-1: Manufacturer: syz [ 412.311094][ T1587] usb 7-1: config 0 descriptor?? [ 412.318231][ T5891] usb 6-1: config 0 descriptor?? [ 412.426745][ T5891] rc_core: IR keymap rc-hauppauge not found [ 412.426766][ T5891] Registered IR keymap rc-empty [ 412.430618][ T5891] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 412.434287][ T5891] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input39 [ 412.541274][ C0] igorplugusb 6-1:0.0: Error: urb status = -32 [ 412.585932][ T5891] usb 6-1: USB disconnect, device number 15 [ 412.736096][ T1587] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x6 [ 412.761613][ T1587] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 413.518862][ T5890] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 413.538675][ T5890] hid-generic 0000:0000:0000.0021: hidraw1: HID v0.00 Device [syz1] on syz0 [ 414.813586][ T49] usb 7-1: USB disconnect, device number 13 [ 414.850813][T15470] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4361'. [ 414.850840][T15470] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4361'. [ 415.360117][T15494] loop4: detected capacity change from 0 to 1 [ 415.363683][T15494] Dev loop4: unable to read RDB block 1 [ 415.363729][T15494] loop4: unable to read partition table [ 415.363960][T15494] loop4: partition table beyond EOD, truncated [ 415.363977][T15494] loop_reread_partitions: partition scan of loop4 (被x^> ) failed (rc=-5) [ 415.692879][ T37] kauditd_printk_skb: 5 callbacks suppressed [ 415.692898][ T37] audit: type=1800 audit(1764161150.999:305): pid=15511 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.4383" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0 [ 416.275558][T15537] o2cb: This node has not been configured. [ 416.275573][T15537] o2cb: Cluster check failed. Fix errors before retrying. [ 416.275598][T15537] (syz.3.4393,15537,0):user_dlm_register:674 ERROR: status = -22 [ 416.275622][T15537] (syz.3.4393,15537,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 417.323317][T15592] netlink: 'syz.5.4418': attribute type 1 has an invalid length. [ 417.323342][T15592] netlink: 'syz.5.4418': attribute type 7 has an invalid length. [ 417.323356][T15592] netlink: 144 bytes leftover after parsing attributes in process `syz.5.4418'. [ 418.198268][T15620] program syz.3.4432 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 418.521910][ T5890] IPVS: starting estimator thread 0... [ 418.528850][T15641] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 418.617010][T15645] IPVS: using max 9 ests per chain, 21600 per kthread [ 419.040558][T15655] bond1: option arp_interval: invalid value (18446744071815993582) [ 419.040688][T15655] bond1: option arp_interval: allowed values 0 - 2147483647 [ 419.074110][T15655] bond1 (unregistering): Released all slaves [ 419.284153][T15668] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4452'. [ 419.577246][ T5812] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 419.580966][ T5812] Bluetooth: hci4: Injecting HCI hardware error event [ 419.585589][ T5812] Bluetooth: hci4: hardware error 0x00 [ 419.666744][ T5891] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 419.816934][ T5891] usb 4-1: Using ep0 maxpacket: 16 [ 419.823090][ T5891] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 419.823120][ T5891] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 419.823138][ T5891] usb 4-1: Product: syz [ 419.823151][ T5891] usb 4-1: Manufacturer: syz [ 419.823165][ T5891] usb 4-1: SerialNumber: syz [ 419.827024][ T5891] usb 4-1: config 0 descriptor?? [ 420.119222][ T1587] usb 4-1: USB disconnect, device number 25 [ 420.221275][T15692] input: syz0 as /devices/virtual/input/input40 [ 421.173091][T15734] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4494'. [ 421.366514][T15740] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4484'. [ 421.381316][T15740] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4484'. [ 421.643871][ T5891] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 421.674656][ T5891] hid-generic 0000:0000:0000.0022: hidraw0: HID v0.00 Device [syz1] on syz0 [ 421.737178][ T5812] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 421.896435][T15758] loop8: detected capacity change from 0 to 8 [ 421.921332][T15758] Dev loop8: unable to read RDB block 8 [ 421.921393][T15758] loop8: unable to read partition table [ 421.921637][T15758] loop8: partition table beyond EOD, truncated [ 421.921657][T15758] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 423.831165][T15850] overlayfs: failed lookup in lower (newroot/128, name='file0', err=-40): overlapping layers [ 424.214129][ T37] audit: type=1326 audit(1764161159.539:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15872 comm="syz.3.4549" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x0 [ 424.550216][T15892] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 424.666785][ T1587] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 424.823369][ T1587] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 424.823396][ T1587] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 424.823415][ T1587] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 424.823463][ T1587] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 424.823488][ T1587] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 424.826845][ T1587] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 424.826873][ T1587] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 424.826892][ T1587] usb 7-1: Product: syz [ 424.826905][ T1587] usb 7-1: Manufacturer: syz [ 424.846505][ T1587] cdc_wdm 7-1:1.0: skipping garbage [ 424.846524][ T1587] cdc_wdm 7-1:1.0: skipping garbage [ 424.863989][ T1587] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 424.864025][ T1587] cdc_wdm 7-1:1.0: Unknown control protocol [ 426.231457][T15967] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4593'. [ 427.270691][ T49] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 427.422423][ T49] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 427.422455][ T49] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 427.443455][ T49] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 427.443485][ T49] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 427.443506][ T49] usb 6-1: Manufacturer: syz [ 427.465095][ T49] usb 6-1: config 0 descriptor?? [ 427.482314][ T983] usb 7-1: USB disconnect, device number 14 [ 428.235707][T16067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4638'. [ 428.275558][T16069] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4640'. [ 428.347481][ T49] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0023/input/input41 [ 428.443134][ T49] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0023/input/input42 [ 428.466744][ T1587] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 428.496988][ T49] input: syz Touch Strip as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0023/input/input43 [ 428.535946][ T49] input: syz Dial as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0023/input/input44 [ 428.572849][ T49] uclogic 0003:256C:006D.0023: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.5-1/input0 [ 428.588577][ T49] usb 6-1: USB disconnect, device number 16 [ 428.616966][ T1587] usb 4-1: Using ep0 maxpacket: 32 [ 428.629325][ T1587] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 428.629353][ T1587] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 428.629372][ T1587] usb 4-1: Product: syz [ 428.629385][ T1587] usb 4-1: Manufacturer: syz [ 428.629398][ T1587] usb 4-1: SerialNumber: syz [ 428.645625][ T1587] usb 4-1: config 0 descriptor?? [ 428.697327][ T1587] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 429.009862][T16093] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4652'. [ 429.195731][T16093] bond1: Invalid ad_actor_system MAC address. [ 429.195753][T16093] bond1: option ad_actor_system: invalid value (6543) [ 429.302222][T16093] bond1 (unregistering): Released all slaves [ 429.695335][ T1587] gspca_ov534_9: reg_w failed -71 [ 429.976852][ T1587] gspca_ov534_9: Unknown sensor 0000 [ 429.977045][ T1587] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22 [ 429.983113][ T1587] usb 4-1: USB disconnect, device number 26 [ 431.868328][T16204] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4701'. [ 432.232143][T16221] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4710'. [ 434.244688][T16317] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 434.931468][T16349] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4768'. [ 435.247298][ T983] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 435.306865][ T5891] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 435.332741][T16367] sctp: [Deprecated]: syz.0.4778 (pid 16367) Use of struct sctp_assoc_value in delayed_ack socket option. [ 435.332741][T16367] Use struct sctp_sack_info instead [ 435.426747][ T983] usb 6-1: Using ep0 maxpacket: 16 [ 435.429605][ T983] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 435.429644][ T983] usb 6-1: config 0 interface 0 has no altsetting 0 [ 435.432690][ T983] usb 6-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20 [ 435.432715][ T983] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.432734][ T983] usb 6-1: Product: syz [ 435.432748][ T983] usb 6-1: Manufacturer: syz [ 435.432762][ T983] usb 6-1: SerialNumber: syz [ 435.502283][ T983] usb 6-1: config 0 descriptor?? [ 435.506747][ T5891] usb 4-1: Using ep0 maxpacket: 8 [ 435.520366][ T5891] usb 4-1: config 0 has no interfaces? [ 435.520403][ T5891] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 435.520482][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.557825][ T5891] usb 4-1: config 0 descriptor?? [ 435.671658][T16377] input: syz1 as /devices/virtual/input/input45 [ 435.671693][T16377] input: failed to attach handler leds to device input45, error: -6 [ 435.819550][ T983] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input46 [ 436.065845][T16356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 436.066268][T16356] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 436.119996][ T1843] usb 4-1: USB disconnect, device number 27 [ 436.132846][ T983] rc_core: IR keymap rc-imon-pad not found [ 436.132924][ T983] Registered IR keymap rc-empty [ 436.135917][ T983] imon 6-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 436.135938][ T983] imon 6-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 436.201681][ T983] rc rc0: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 436.253018][ T983] input: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input47 [ 436.284995][ T983] imon 6-1:0.0: iMON device (15c2:0041, intf0) on usb<6:17> initialized [ 436.342838][ C0] imon 6-1:0.0: imon imon_incoming_packet: invalid incoming packet size (len = 0, intf0) [ 436.543090][ C0] imon 6-1:0.0: imon usb_rx_callback_intf0: status(-71) [ 436.543786][ T5891] usb 6-1: USB disconnect, device number 17 [ 436.649169][ T37] audit: type=1400 audit(1764161171.949:307): lsm=SMACK fn=smack_inet_conn_request action=denied subject="?" object="_" requested=w pid=16406 comm="syz.0.4796" saddr=100.1.1.1 daddr=172.20.20.170 dest=20002 netif=wpan0 [ 436.913066][ T37] audit: type=1326 audit(1764161172.239:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.915754][ T37] audit: type=1326 audit(1764161172.239:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.919441][ T37] audit: type=1326 audit(1764161172.239:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.919738][ T37] audit: type=1326 audit(1764161172.249:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.920255][ T37] audit: type=1326 audit(1764161172.249:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.920524][ T37] audit: type=1326 audit(1764161172.249:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.920775][ T37] audit: type=1326 audit(1764161172.249:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.921301][ T37] audit: type=1326 audit(1764161172.249:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 436.921561][ T37] audit: type=1326 audit(1764161172.249:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f246e70f749 code=0x7ffc0000 [ 437.411216][T16435] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4807'. [ 437.990737][ T5891] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 438.148080][ T5891] usb 6-1: Using ep0 maxpacket: 8 [ 438.180054][ T5891] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 438.180127][ T5891] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 438.180151][ T5891] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 438.180174][ T5891] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 438.180198][ T5891] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 438.180241][ T5891] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 438.180263][ T5891] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.467136][ T5891] usb 6-1: GET_CAPABILITIES returned 0 [ 438.467184][ T5891] usbtmc 6-1:16.0: can't read capabilities [ 438.679510][ T5891] usb 6-1: USB disconnect, device number 18 [ 440.152499][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.567191][T16567] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 440.861594][T16588] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4878'. [ 440.900112][T16586] can0: slcan on ttyS3. [ 441.682800][T16579] can0 (unregistered): slcan off ttyS3. [ 442.314820][T16664] sctp: [Deprecated]: syz.3.4915 (pid 16664) Use of int in maxseg socket option. [ 442.314820][T16664] Use struct sctp_assoc_value instead [ 442.466864][ T983] usb 7-1: new full-speed USB device number 15 using dummy_hcd [ 442.619137][ T983] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 442.619173][ T983] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 442.619216][ T983] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 442.619238][ T983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.626197][T16659] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 442.626385][T16659] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 442.688880][ T983] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 442.880039][ T1587] usb 7-1: USB disconnect, device number 15 [ 443.605878][ T37] kauditd_printk_skb: 14 callbacks suppressed [ 443.605896][ T37] audit: type=1326 audit(1764161178.929:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.606192][ T37] audit: type=1326 audit(1764161178.929:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.606458][ T37] audit: type=1326 audit(1764161178.929:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.607649][ T37] audit: type=1326 audit(1764161178.939:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.608071][ T37] audit: type=1326 audit(1764161178.939:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.608110][ T37] audit: type=1326 audit(1764161178.939:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.608547][ T37] audit: type=1326 audit(1764161178.939:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.609282][ T37] audit: type=1326 audit(1764161178.939:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.609323][ T37] audit: type=1326 audit(1764161178.939:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.609876][ T37] audit: type=1326 audit(1764161178.939:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16700 comm="syz.5.4940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 443.747322][T16703] netlink: 312 bytes leftover after parsing attributes in process `syz.5.4930'. [ 446.812163][ T5891] kernel write not supported for file bpf-prog (pid: 5891 comm: kworker/0:6) [ 446.902854][T16836] overlayfs: workdir and upperdir must reside under the same mount [ 449.863801][T16915] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 449.884341][T16915] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 450.942437][ T43] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.960928][ T43] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.961036][ T43] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.961072][ T43] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 451.215475][T17010] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5074'. [ 451.596792][ T5890] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 451.751775][ T5890] usb 4-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69 [ 451.751806][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.751825][ T5890] usb 4-1: Product: syz [ 451.751838][ T5890] usb 4-1: Manufacturer: syz [ 451.751852][ T5890] usb 4-1: SerialNumber: syz [ 451.789550][ T5890] usb 4-1: config 0 descriptor?? [ 451.792634][ T5890] hub 4-1:0.0: bad descriptor, ignoring hub [ 451.792670][ T5890] hub 4-1:0.0: probe with driver hub failed with error -5 [ 452.011440][ T5890] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state. [ 452.027617][ T5890] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 452.032873][ T5890] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo) [ 452.032937][ T5890] usb 4-1: media controller created [ 452.111817][ T5890] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 452.314564][ T5890] DVB: Unable to find symbol dib7000p_attach() [ 452.314580][ T5890] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo' [ 452.406751][ T5890] rc_core: IR keymap rc-dib0700-rc5 not found [ 452.406772][ T5890] Registered IR keymap rc-empty [ 452.407116][ T5890] dvb-usb: could not initialize remote control. [ 452.407126][ T5890] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected. [ 452.793005][T17078] input: syz0 as /devices/virtual/input/input50 [ 453.724068][T17105] bridge0: port 3(gretap0) entered blocking state [ 453.724301][T17105] bridge0: port 3(gretap0) entered disabled state [ 453.724957][T17105] gretap0: entered allmulticast mode [ 453.771254][T17105] gretap0: entered promiscuous mode [ 453.788962][T17105] bridge0: port 3(gretap0) entered blocking state [ 453.789159][T17105] bridge0: port 3(gretap0) entered forwarding state [ 454.155811][T17123] input: syz1 as /devices/virtual/input/input51 [ 454.155856][T17123] input: failed to attach handler leds to device input51, error: -6 [ 454.687164][ T5890] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 454.850049][ T5890] usb 6-1: config 0 has no interfaces? [ 454.854136][ T5890] usb 6-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72 [ 454.854218][ T5890] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 454.854238][ T5890] usb 6-1: Product: syz [ 454.854252][ T5890] usb 6-1: Manufacturer: syz [ 454.854266][ T5890] usb 6-1: SerialNumber: syz [ 454.914551][ T5890] usb 6-1: config 0 descriptor?? [ 455.185071][ T1587] usb 6-1: USB disconnect, device number 19 [ 456.776820][ T5812] Bluetooth: hci3: command 0x0406 tx timeout [ 456.777052][ T49] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 456.777071][ T49] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 456.832779][T17228] netlink: 'syz.0.5159': attribute type 7 has an invalid length. [ 457.755420][T17261] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5173'. [ 457.785748][ T1587] usb 4-1: USB disconnect, device number 28 [ 457.950340][ T1587] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected. [ 458.266723][ T31] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 458.428482][ T1587] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 458.447365][ T31] usb 6-1: Using ep0 maxpacket: 8 [ 458.453128][ T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 458.453159][ T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 458.453180][ T31] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 458.453218][ T31] usb 6-1: New USB device found, idVendor=057e, idProduct=201e, bcdDevice= 0.00 [ 458.453240][ T31] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 458.482071][ T31] usb 6-1: config 0 descriptor?? [ 458.576823][ T1587] usb 4-1: Using ep0 maxpacket: 8 [ 458.704079][ T1587] usb 4-1: unable to get BOS descriptor or descriptor too short [ 458.705049][ T1587] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 458.705104][ T1587] usb 4-1: can't read configurations, error -71 [ 458.971667][ T31] nintendo 0003:057E:201E.0024: item fetching failed at offset 5/7 [ 458.972445][ T31] nintendo 0003:057E:201E.0024: HID parse failed [ 459.004964][ T31] nintendo 0003:057E:201E.0024: probe - fail = -22 [ 459.005088][ T31] nintendo 0003:057E:201E.0024: probe with driver nintendo failed with error -22 [ 459.169906][ T5890] usb 6-1: USB disconnect, device number 20 [ 459.799481][T17351] vxcan1: tx address claim with dlc 0 [ 459.941739][T17361] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5206'. [ 460.536873][ T5810] Bluetooth: hci2: command 0x0405 tx timeout [ 460.538601][ T49] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 460.538620][ T49] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 461.128665][T17423] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5230'. [ 461.128692][T17423] block nbd2: Unsupported socket: should be TCP or UNIX. [ 461.666873][ T37] kauditd_printk_skb: 4 callbacks suppressed [ 461.666890][ T37] audit: type=1326 audit(1764161196.979:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17450 comm="syz.5.5242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 461.668410][ T37] audit: type=1326 audit(1764161196.999:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17450 comm="syz.5.5242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 461.668455][ T37] audit: type=1326 audit(1764161196.999:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17450 comm="syz.5.5242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 461.668493][ T37] audit: type=1326 audit(1764161196.999:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17450 comm="syz.5.5242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 461.668531][ T37] audit: type=1326 audit(1764161196.999:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17450 comm="syz.5.5242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 462.167562][T17476] team_slave_0: entered promiscuous mode [ 462.167632][T17476] team_slave_1: entered promiscuous mode [ 462.169294][T17476] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 462.658540][T17509] sit0: entered promiscuous mode [ 462.700701][T17511] sctp: [Deprecated]: syz.0.5270 (pid 17511) Use of int in max_burst socket option deprecated. [ 462.700701][T17511] Use struct sctp_assoc_value instead [ 462.704214][T17509] netlink: 'syz.5.5267': attribute type 1 has an invalid length. [ 462.704234][T17509] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5267'. [ 462.707820][T17513] netem: invalid attributes len -22 [ 462.707833][T17513] netem: change failed [ 463.065188][T17530] netlink: 'syz.5.5279': attribute type 3 has an invalid length. [ 463.065209][T17530] netlink: 92 bytes leftover after parsing attributes in process `syz.5.5279'. [ 463.270592][T17540] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5285'. [ 464.029705][T17570] sctp: [Deprecated]: syz.3.5294 (pid 17570) Use of struct sctp_assoc_value in delayed_ack socket option. [ 464.029705][T17570] Use struct sctp_sack_info instead [ 464.029924][T17570] sctp: [Deprecated]: syz.3.5294 (pid 17570) Use of struct sctp_assoc_value in delayed_ack socket option. [ 464.029924][T17570] Use struct sctp_sack_info instead [ 467.216789][ T49] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 467.370298][ T49] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.370330][ T49] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 467.370352][ T49] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 467.370393][ T49] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 467.370416][ T49] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.375451][ T49] usb 6-1: config 0 descriptor?? [ 467.785131][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785166][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785188][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785211][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785236][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785260][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785284][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785309][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785334][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.785358][ T49] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 467.814077][ T49] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 468.049525][ T5890] usb 6-1: USB disconnect, device number 21 [ 468.400947][T17782] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5381'. [ 469.246716][ T49] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 469.406420][T17843] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 469.408452][T17843] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 469.410046][ T49] usb 6-1: Using ep0 maxpacket: 8 [ 469.418415][ T49] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 469.418471][ T49] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 469.418493][ T49] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 469.418516][ T49] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 469.418538][ T49] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 469.418578][ T49] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 469.418599][ T49] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 471.219182][ T5890] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 471.366858][ T5890] usb 4-1: Using ep0 maxpacket: 32 [ 471.369143][ T5890] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 471.369168][ T5890] usb 4-1: config 0 has no interface number 0 [ 471.372169][ T5890] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 471.372195][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.372214][ T5890] usb 4-1: Product: syz [ 471.372227][ T5890] usb 4-1: Manufacturer: syz [ 471.372241][ T5890] usb 4-1: SerialNumber: syz [ 471.430509][ T5890] usb 4-1: config 0 descriptor?? [ 471.435961][ T5890] smsc95xx v2.0.0 [ 472.056894][ T983] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 472.097011][ T1843] usb 6-1: USB disconnect, device number 22 [ 472.219517][ T983] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.219810][ T983] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 472.219836][ T983] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 472.225122][ T983] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 472.225205][ T983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.225227][ T983] usb 7-1: Product: syz [ 472.225239][ T983] usb 7-1: Manufacturer: syz [ 472.225251][ T983] usb 7-1: SerialNumber: syz [ 472.326200][T17977] netlink: 'syz.5.5472': attribute type 1 has an invalid length. [ 472.326223][T17977] netlink: 'syz.5.5472': attribute type 2 has an invalid length. [ 472.455279][ T5890] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000034: -71 [ 472.455308][ T5890] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_DATA [ 472.456048][ T5890] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 472.497099][ T5890] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 472.522789][ T5890] usb 4-1: USB disconnect, device number 31 [ 472.535129][T17967] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22 [ 472.537775][T17985] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5476'. [ 473.144071][T17967] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22 [ 473.262489][T18014] loop2: detected capacity change from 0 to 7 [ 473.270745][T18014] Dev loop2: unable to read RDB block 7 [ 473.270791][T18014] loop2: unable to read partition table [ 473.271009][T18014] loop2: partition table beyond EOD, truncated [ 473.271027][T18014] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 473.348099][ T983] cdc_ncm 7-1:1.0: bind() failure [ 473.363979][ T983] cdc_ncm 7-1:1.1: probe with driver cdc_ncm failed with error -71 [ 473.364957][ T983] cdc_mbim 7-1:1.1: probe with driver cdc_mbim failed with error -71 [ 473.379320][ T983] usbtest 7-1:1.1: probe with driver usbtest failed with error -71 [ 473.396091][ T983] usb 7-1: USB disconnect, device number 16 [ 473.441172][T18020] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 473.505199][ T37] audit: type=1326 audit(1764161208.829:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18021 comm="syz.5.5494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 473.505282][ T37] audit: type=1326 audit(1764161208.829:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18021 comm="syz.5.5494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 473.508773][ T37] audit: type=1326 audit(1764161208.829:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18021 comm="syz.5.5494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 473.520169][ T37] audit: type=1326 audit(1764161208.839:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18021 comm="syz.5.5494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 474.122401][T18047] bridge0: entered promiscuous mode [ 474.122854][T18047] macsec1: entered promiscuous mode [ 474.124750][T18047] bridge0: port 3(macsec1) entered blocking state [ 474.129473][T18047] bridge0: port 3(macsec1) entered disabled state [ 474.129692][T18047] macsec1: entered allmulticast mode [ 474.129707][T18047] bridge0: entered allmulticast mode [ 474.180796][T18047] macsec1: left allmulticast mode [ 474.180820][T18047] bridge0: left allmulticast mode [ 474.211409][T18047] bridge0: left promiscuous mode [ 476.137638][T18120] loop8: detected capacity change from 0 to 8 [ 476.145850][T18120] Dev loop8: unable to read RDB block 8 [ 476.145897][T18120] loop8: unable to read partition table [ 476.146131][T18120] loop8: partition table beyond EOD, truncated [ 476.146149][T18120] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 476.541419][T18131] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 477.416692][T18158] tipc: Started in network mode [ 477.416723][T18158] tipc: Node identity ac14142f, cluster identity 4711 [ 477.417198][T18158] tipc: New replicast peer: 0.0.0.0 [ 477.430508][T18158] tipc: Enabled bearer , priority 10 [ 477.430872][T18163] tipc: New replicast peer: 2001:0000:0000:0000:0000:0000:0000:0002 [ 477.634479][T18186] loop5: detected capacity change from 0 to 7 [ 477.640936][T18186] Dev loop5: unable to read RDB block 7 [ 477.640980][T18186] loop5: unable to read partition table [ 477.641200][T18186] loop5: partition table beyond EOD, truncated [ 477.641217][T18186] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5) [ 477.724833][T18187] netlink: 'syz.5.5570': attribute type 29 has an invalid length. [ 477.724856][T18187] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5570'. [ 478.056745][ T1843] usb 6-1: new full-speed USB device number 23 using dummy_hcd [ 478.176738][ T49] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 478.244076][ T1843] usb 6-1: config 150 has an invalid interface number: 204 but max is 2 [ 478.244104][ T1843] usb 6-1: config 150 has 2 interfaces, different from the descriptor's value: 3 [ 478.244133][ T1843] usb 6-1: config 150 has no interface number 0 [ 478.244181][ T1843] usb 6-1: config 150 interface 204 has no altsetting 0 [ 478.279501][ T1843] usb 6-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 478.279530][ T1843] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.279550][ T1843] usb 6-1: Product: syz [ 478.279563][ T1843] usb 6-1: Manufacturer: syz [ 478.279578][ T1843] usb 6-1: SerialNumber: syz [ 478.336757][ T49] usb 7-1: Using ep0 maxpacket: 16 [ 478.341949][ T49] usb 7-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 478.341977][ T49] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.358198][ T49] usb 7-1: config 0 descriptor?? [ 478.372673][ T49] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 478.537067][ T5899] tipc: Node number set to 2886997039 [ 478.556208][ T1843] xr_serial 6-1:150.204: skipping garbage [ 478.556265][ T1843] xr_serial 6-1:150.204: xr_serial converter detected [ 479.158274][ T1843] xr_serial ttyUSB0: Failed to set reg 0x0d: -71 [ 479.158335][ T1843] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 479.165630][ T1843] usb 6-1: USB disconnect, device number 23 [ 479.191332][ T1843] xr_serial 6-1:150.204: device disconnected [ 479.382505][ T49] gspca_sonixj: reg_w1 err -71 [ 479.396810][ T49] sonixj 7-1:0.0: probe with driver sonixj failed with error -71 [ 479.403964][ T49] usb 7-1: USB disconnect, device number 17 [ 482.389798][T18396] IPVS: Scheduler module ip_vs_sip not found [ 482.390045][T18401] IPVS: length: 141 != 8 [ 483.140965][T18433] trusted_key: syz.3.5686 sent an empty control message without MSG_MORE. [ 483.622722][T18449] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 485.877097][ C1] vkms_vblank_simulate: vblank timer overrun [ 485.981914][ C1] vkms_vblank_simulate: vblank timer overrun [ 486.127843][ C1] vkms_vblank_simulate: vblank timer overrun [ 486.575492][ C1] vkms_vblank_simulate: vblank timer overrun [ 486.705436][ T1172] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.829784][T18582] batadv_slave_1: entered promiscuous mode [ 486.830456][T18592] tipc: Started in network mode [ 486.830483][T18592] tipc: Node identity ac14140f, cluster identity 4711 [ 486.830818][T18592] tipc: New replicast peer: 255.255.255.83 [ 486.831071][T18592] tipc: Enabled bearer , priority 10 [ 486.881549][T18578] batadv_slave_1: left promiscuous mode [ 487.083173][ T37] audit: type=1326 audit(1764161222.229:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18593 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 487.083241][ T37] audit: type=1326 audit(1764161222.229:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18593 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 487.083284][ T37] audit: type=1326 audit(1764161222.229:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18593 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 487.083325][ T37] audit: type=1326 audit(2000000000.000:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18593 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 487.083366][ T37] audit: type=1326 audit(2000000000.000:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18593 comm="syz.5.5762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d28a5f749 code=0x7ffc0000 [ 487.351007][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 487.375444][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 487.385197][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 487.398618][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 487.403375][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 487.457778][ T5812] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 487.458200][ T5812] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 487.458605][ T5812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 487.459802][ T5812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 487.461258][ T5812] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 487.759653][T18607] loop5: detected capacity change from 0 to 4487 [ 487.776809][T18607] loop5: detected capacity change from 4487 to 4823 [ 489.215765][ T5890] Process accounting resumed [ 489.253419][T18638] Process accounting resumed [ 489.496795][ T5812] Bluetooth: hci0: command tx timeout [ 491.576836][ T5812] Bluetooth: hci0: command tx timeout [ 493.656836][ T5812] Bluetooth: hci0: command tx timeout [ 495.736755][ T5812] Bluetooth: hci0: command tx timeout [ 501.581282][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.158222][ T5810] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 502.191484][ T5810] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 502.192964][ T5810] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 502.194225][ T5810] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 502.195081][ T5810] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 503.353277][ T5812] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 503.377366][ T5812] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 503.379940][ T5812] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 503.381622][ T5812] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 503.382601][ T5812] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 504.298427][ T5812] Bluetooth: hci5: command tx timeout [ 505.110280][ T5810] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 505.132576][ T5810] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 505.134019][ T5810] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 505.135641][ T5810] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 505.136441][ T5810] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 505.416885][ T5810] Bluetooth: hci6: command tx timeout [ 506.376982][ T5810] Bluetooth: hci5: command tx timeout [ 507.177373][ T5810] Bluetooth: hci7: command tx timeout [ 507.498208][ T5810] Bluetooth: hci6: command tx timeout [ 508.456970][ T5810] Bluetooth: hci5: command tx timeout [ 509.257189][ T5810] Bluetooth: hci7: command tx timeout [ 509.576674][ T5810] Bluetooth: hci6: command tx timeout [ 510.537984][ T5810] Bluetooth: hci5: command tx timeout [ 511.336766][ T5812] Bluetooth: hci7: command tx timeout [ 511.656983][ T5812] Bluetooth: hci6: command tx timeout [ 513.416758][ T5812] Bluetooth: hci7: command tx timeout [ 547.156142][ T5810] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 547.176959][ T5810] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 547.178476][ T5810] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 547.179769][ T5810] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 547.180613][ T5810] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 549.256791][ T5810] Bluetooth: hci8: command tx timeout [ 551.336671][ T5810] Bluetooth: hci8: command tx timeout [ 553.416694][ T5810] Bluetooth: hci8: command tx timeout [ 555.496679][ T5810] Bluetooth: hci8: command tx timeout [ 562.205198][ T5812] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 562.223864][ T5812] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 562.225313][ T5812] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 562.242779][ T5812] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 562.243556][ T5812] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 563.023722][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.202908][ T5812] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 563.217015][ T5812] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 563.219178][ T5812] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 563.237206][ T5812] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 563.257174][ T5812] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 564.296791][ T5810] Bluetooth: hci9: command tx timeout [ 565.194435][ T5812] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 565.220771][ T5812] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 565.224120][ T5812] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 565.225904][ T5812] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 565.249042][ T5812] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 565.336752][ T5810] Bluetooth: hci10: command tx timeout [ 566.378601][ T5810] Bluetooth: hci9: command tx timeout [ 567.337227][ T5810] Bluetooth: hci11: command tx timeout [ 567.416829][ T5810] Bluetooth: hci10: command tx timeout [ 568.456697][ T5810] Bluetooth: hci9: command tx timeout [ 569.417268][ T5810] Bluetooth: hci11: command tx timeout [ 569.496695][ T5810] Bluetooth: hci10: command tx timeout [ 570.536703][ T5810] Bluetooth: hci9: command tx timeout [ 571.497274][ T5810] Bluetooth: hci11: command tx timeout [ 571.576746][ T5810] Bluetooth: hci10: command tx timeout [ 573.577157][ T5810] Bluetooth: hci11: command tx timeout [ 591.916543][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 591.916567][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P29 [ 591.916591][ C1] rcu: (detected by 1, t=10502 jiffies, g=66849, q=52332 ncpus=2) [ 591.916611][ C1] task:ktimers/1 state:R running task stack:22584 pid:29 tgid:29 ppid:2 task_flags:0x4208040 flags:0x00080000 [ 591.916667][ C1] Call Trace: [ 591.916680][ C1] [ 591.916690][ C1] sched_show_task+0x49d/0x630 [ 591.916793][ C1] ? __pfx_sched_show_task+0x10/0x10 [ 591.916805][ C1] ? rcu_dump_cpu_stacks+0x79/0x4e0 [ 591.916839][ C1] ? wq_watchdog_touch+0xef/0x180 [ 591.916863][ C1] print_other_cpu_stall+0xf78/0x1340 [ 591.916890][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 591.916922][ C1] rcu_sched_clock_irq+0xa47/0x11b0 [ 591.916933][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 591.916953][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 591.916975][ C1] update_process_times+0x235/0x2d0 [ 591.916994][ C1] tick_nohz_handler+0x39a/0x520 [ 591.917018][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 591.917031][ C1] __hrtimer_run_queues+0x506/0xd40 [ 591.917064][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 591.917081][ C1] ? read_tsc+0x9/0x20 [ 591.917109][ C1] hrtimer_interrupt+0x45d/0xa90 [ 591.917148][ C1] __sysvec_apic_timer_interrupt+0x10b/0x410 [ 591.917175][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 591.917304][ C1] [ 591.917308][ C1] [ 591.917314][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 591.917373][ C1] RIP: 0010:advance_sched+0x212/0xc90 [ 591.917454][ C1] Code: 06 00 00 e8 70 d1 e0 f8 eb 05 e8 69 d1 e0 f8 49 8d 5c 24 f8 48 89 d9 48 c1 e9 03 48 b8 00 00 00 00 00 fc ff df 48 89 4c 24 58 <80> 3c 01 00 74 08 48 89 df e8 e0 8f 42 f9 48 89 5c 24 60 48 8b 1b [ 591.917462][ C1] RSP: 0018:ffffc90000a3f8d0 EFLAGS: 00000a02 [ 591.917471][ C1] RAX: dffffc0000000000 RBX: ffff88803b2d84b8 RCX: 1ffff1100765b097 [ 591.917478][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100 [ 591.917484][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100 [ 591.917489][ C1] R10: dffffc0000000000 R11: fffffbfff1dac84f R12: ffff88803b2d84c0 [ 591.917495][ C1] R13: ffff88803b2d8000 R14: ffff88803b2d84b0 R15: ffff88805c482000 [ 591.917514][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 591.917571][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 591.917588][ C1] ? __pfx_advance_sched+0x10/0x10 [ 591.917597][ C1] __hrtimer_run_queues+0x552/0xd40 [ 591.917619][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 591.917630][ C1] ? ktime_get_update_offsets_now+0x3b2/0x3d0 [ 591.917646][ C1] hrtimer_run_softirq+0x1a3/0x2e0 [ 591.917658][ C1] handle_softirqs+0x22f/0x710 [ 591.917674][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 591.917690][ C1] run_ktimerd+0xcf/0x190 [ 591.917701][ C1] ? __pfx_run_ktimerd+0x10/0x10 [ 591.917718][ C1] ? schedule+0x91/0x360 [ 591.917733][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 591.917744][ C1] smpboot_thread_fn+0x542/0xa60 [ 591.917756][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 591.917771][ C1] kthread+0x711/0x8a0 [ 591.917786][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 591.917796][ C1] ? __pfx_kthread+0x10/0x10 [ 591.917806][ C1] ? rt_spin_unlock+0x150/0x200 [ 591.917819][ C1] ? rt_spin_unlock+0x161/0x200 [ 591.917828][ C1] ? __pfx_kthread+0x10/0x10 [ 591.917840][ C1] ret_from_fork+0x4bc/0x870 [ 591.917852][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 591.917866][ C1] ? __switch_to_asm+0x39/0x70 [ 591.917887][ C1] ? __switch_to_asm+0x33/0x70 [ 591.917895][ C1] ? __pfx_kthread+0x10/0x10 [ 591.917908][ C1] ret_from_fork_asm+0x1a/0x30 [ 591.917925][ C1] [ 607.235794][ T5812] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 607.537170][ T5812] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 607.637896][ T5812] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 607.656600][ T5812] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 607.657409][ T5812] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 609.736946][ T5121] Bluetooth: hci12: command tx timeout [ 611.180787][ T5810] Bluetooth: hci0: command 0x0406 tx timeout [ 611.816911][ T5810] Bluetooth: hci12: command tx timeout [ 613.896764][ T5810] Bluetooth: hci12: command tx timeout [ 615.977243][ T5810] Bluetooth: hci12: command tx timeout