last executing test programs: 2m3.790011419s ago: executing program 1 (id=317): r0 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', 0x0}) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b942ee3}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_ext={0x1c, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000200)='GPL\x00', 0xf2, 0x0, 0x0, 0x41100, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2d18b, r2, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) 2m3.581575192s ago: executing program 1 (id=320): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 2m3.331983749s ago: executing program 1 (id=325): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a118001500060014ea000000120800030043000040a8002b000a", 0x35}], 0x1}, 0x20000880) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x8, 0x4, 0x0, 0x7ffc0005}]}) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe33) 2m2.906250109s ago: executing program 1 (id=333): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x0) 2m2.705218119s ago: executing program 1 (id=337): setuid(0xee01) r0 = syz_clone(0x2100, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) process_madvise(r1, 0x0, 0x0, 0x15, 0x0) 2m1.651595381s ago: executing program 1 (id=342): r0 = eventfd2(0x0, 0x0) io_setup(0x81, &(0x7f0000000400)=0x0) read$eventfd(r0, &(0x7f0000000080), 0x8) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1fd, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) 2m1.247911802s ago: executing program 32 (id=342): r0 = eventfd2(0x0, 0x0) io_setup(0x81, &(0x7f0000000400)=0x0) read$eventfd(r0, &(0x7f0000000080), 0x8) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1fd, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) 1m22.770523647s ago: executing program 5 (id=664): fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f00000000c0)={0x1, 0x2, 0x0, 0x8}) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6) sendto$inet(r0, 0x0, 0x0, 0x20000010, &(0x7f0000000540)={0x2, 0x400, @empty}, 0x10) 1m21.814046516s ago: executing program 5 (id=675): r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x3}}, {{0xa, 0x0, 0x8000000, @private2}}}, 0x108) setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) 1m21.620504909s ago: executing program 5 (id=677): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000040)={0x4, r0, 0x1}) ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, 0x0) 1m21.430275086s ago: executing program 5 (id=679): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000380)='./file0\x00', r0, 0x0, 0x40) 1m21.130326919s ago: executing program 5 (id=682): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x4044050}, 0x40) 1m20.354464148s ago: executing program 5 (id=690): r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14) syz_emit_ethernet(0x36, &(0x7f0000000680)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x4, 0x28, 0x66, 0x0, 0x2, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x10}}, {{0x4e24, 0x4e20, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x9, 0x21, 0x0, 0xfff}}}}}}, 0x0) 1m19.913836093s ago: executing program 33 (id=690): r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14) syz_emit_ethernet(0x36, &(0x7f0000000680)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x4, 0x28, 0x66, 0x0, 0x2, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x10}}, {{0x4e24, 0x4e20, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x9, 0x21, 0x0, 0xfff}}}}}}, 0x0) 36.546357255s ago: executing program 2 (id=1098): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x30, 0x25, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x640100fe, @local, {[@noop]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x60, {[@exp_fastopen={0xfe, 0x4}]}}}}}}}, 0x0) 36.435550578s ago: executing program 3 (id=1099): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') lchown(&(0x7f0000000040)='./file1\x00', 0xee01, 0xee01) lchown(&(0x7f00000004c0)='./file1\x00', 0xffffffffffffffff, 0x0) 36.326983542s ago: executing program 2 (id=1102): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000005d40)={0x2020}, 0x2020) pread64(r0, &(0x7f0000000000)=""/60, 0x3c, 0x7984e2f8) read$FUSE(r0, &(0x7f0000000100)={0x2020}, 0x2020) 36.193486654s ago: executing program 3 (id=1104): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb}, 0x3) ptrace(0x10, r0) ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28}) 36.15848781s ago: executing program 2 (id=1106): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xc, 0x4008031, 0xffffffffffffffff, 0x1000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) io_setup(0x7, 0x0) 35.71645786s ago: executing program 3 (id=1113): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth1_to_bond\x00'}) 35.479055221s ago: executing program 3 (id=1116): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x24, r1, 0x331, 0x70bd25, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004844}, 0x0) 35.265017669s ago: executing program 3 (id=1119): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000fb9900000008000300", @ANYRES32=r2, @ANYBLOB="0c00238006"], 0x28}, 0x1, 0x0, 0x0, 0x48041}, 0x40840) 35.043197436s ago: executing program 3 (id=1121): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @range={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 34.325318031s ago: executing program 2 (id=1126): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = mq_open(&(0x7f0000000380)='&\x00w\xb4N6Bf\xa9\xc2\xd0\b\x06L\xbbQ\xd6T\xe3+SD\xa8\x0f\xefwHw\xdab\xc4\x1a\xe55@hA5\xd6\xec.)\x8f}\xc5#L\x99\"\x84;{\xfa\x04~\xf1\x17\x1d\x90\x83\xfc\x1e\xae\xb0/(\xbb\xd3\xb7\xca\x13j\xab\xfa\xc5Mq\xb7ks\xe0 \x9d\xf8\x7f\x84b\xa4h\xeekc\xffZ\x9fg\x84lm\xd7F\x97\xdcX\xe3\x87\x18\x90\x03\x12^\xf2{\xf1\xbe\x12[~\xe7\xca\xe4\x13\xd6k\xa6\xf3v5F\xc9.\xce\x87z\xd4<\xa8\xba\xd0\x9c\ff\xe1\xe2\xf9\x18\xc0\xd0\xa1\x02K\xdd0x0, &(0x7f0000000200)=0x0) r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi0\x00', 0x802, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1}) io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 33.589055933s ago: executing program 0 (id=1133): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000540)={@private2, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, r1}) 33.563479474s ago: executing program 6 (id=1134): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setrlimit(0xb, 0x0) 33.237776245s ago: executing program 0 (id=1136): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r1 = socket$inet_sctp(0x2, 0x5, 0x84) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x4898, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 32.885484641s ago: executing program 2 (id=1138): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fanotify_init(0x4, 0x1000) fanotify_mark(r2, 0x1, 0x8000031, r1, 0x0) readv(r0, 0x0, 0x0) 32.804951882s ago: executing program 0 (id=1139): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r0, r2, 0x25, 0x4}, 0x14) 32.394368797s ago: executing program 0 (id=1141): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="2d09000000000000000002000000080002000000000008000100", @ANYRES32=0x0, @ANYBLOB='\b\x00\a'], 0x2c}}, 0x0) 32.102652768s ago: executing program 0 (id=1144): r0 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) sendmsg$inet_sctp(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@sndinfo={0x20, 0x84, 0x2, {0x4, 0x241, 0x0, 0x9}}], 0x20, 0x4048800}, 0x10) 30.958009912s ago: executing program 0 (id=1145): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000100)=ANY=[@ANYBLOB="020000000000000000000080"]) 30.829113812s ago: executing program 6 (id=1146): r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000300)={0xd, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f35006c090890e0878f0e1ac6e7049b336d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc10700000032d0ad7bc946813591bd8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xfffffffffffffddf, &(0x7f0000000000)=ANY=[]) syz_usb_control_io(r0, 0x0, 0x0) 30.462553616s ago: executing program 4 (id=1148): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000100), 0x68083, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000200)={0x10000003, "47a503000000080000002600000006008100000000ff000000000000a8db0700"}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000040)={0xc, "55780d4dc328000010c46fa9d1f5ffb92eafb6723b08000000172578e35bde00"}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x492, "3dd6d0c1a11354eb000014ffffffffffff00"}) 30.346889052s ago: executing program 4 (id=1149): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000180)=0x2, 0xf, 0x1) mbind(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4003, &(0x7f0000000180)=0x4, 0x9, 0x1) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) 28.564421672s ago: executing program 6 (id=1150): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'dummy0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@loopback, 0x0, r2}) 28.560202534s ago: executing program 4 (id=1151): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) r1 = syz_open_dev$dri(0x0, 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x2, [0x2], [0x2000], [0x7fffffff, 0x0, 0x0, 0x2], [0x400000000000001]}) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x6}) 28.354716103s ago: executing program 6 (id=1152): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) setxattr$trusted_overlay_origin(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x3) 28.31038257s ago: executing program 4 (id=1162): openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000002c0)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 28.116609912s ago: executing program 6 (id=1153): sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) close(r0) 19.543100203s ago: executing program 34 (id=1121): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @range={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 16.883156421s ago: executing program 35 (id=1138): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fanotify_init(0x4, 0x1000) fanotify_mark(r2, 0x1, 0x8000031, r1, 0x0) readv(r0, 0x0, 0x0) 16.875642619s ago: executing program 4 (id=1156): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={r1, 0x3761}, 0x8) 15.553497601s ago: executing program 36 (id=1145): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000100)=ANY=[@ANYBLOB="020000000000000000000080"]) 15.524957809s ago: executing program 4 (id=1158): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x34, r2, 0x5, 0x4000, 0xfffffffd, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0xc}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 12.543884349s ago: executing program 37 (id=1153): sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) close(r0) 0s ago: executing program 38 (id=1158): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x34, r2, 0x5, 0x4000, 0xfffffffd, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0xc}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.60' (ED25519) to the list of known hosts. [ 91.394102][ T5802] cgroup: Unknown subsys name 'net' [ 91.642593][ T5802] cgroup: Unknown subsys name 'cpuset' [ 91.676561][ T5802] cgroup: Unknown subsys name 'rlimit' [ 91.970426][ T31] cfg80211: failed to load regulatory.db Setting up swapspace version 1, size = 127995904 bytes [ 93.682172][ T5802] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 96.682218][ T5816] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 96.701301][ T5816] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 96.704632][ T5816] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 96.726440][ T5816] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 96.727788][ T5816] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 96.729293][ T5816] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 96.746013][ T5816] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 96.757045][ T5816] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.777500][ T5816] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 96.784645][ T5828] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 96.785989][ T5816] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.792018][ T5828] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 96.792703][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 96.793207][ T5822] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 96.798772][ T5828] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 96.810048][ T5829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 96.833987][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 96.835086][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.836248][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 96.836688][ T5822] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.947885][ T59] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 96.950061][ T59] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 96.950908][ T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 96.953098][ T59] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 96.953935][ T59] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 97.930540][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 97.982871][ T5815] chnl_net:caif_netlink_parms(): no params data found [ 98.001124][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 98.138592][ T5813] chnl_net:caif_netlink_parms(): no params data found [ 98.377544][ T5814] chnl_net:caif_netlink_parms(): no params data found [ 98.846909][ T5822] Bluetooth: hci1: command tx timeout [ 98.846914][ T59] Bluetooth: hci3: command tx timeout [ 98.925983][ T5822] Bluetooth: hci0: command tx timeout [ 99.017541][ T5822] Bluetooth: hci2: command tx timeout [ 99.039346][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.046705][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.047530][ T5825] bridge_slave_0: entered allmulticast mode [ 99.051149][ T5825] bridge_slave_0: entered promiscuous mode [ 99.086884][ T5822] Bluetooth: hci4: command tx timeout [ 99.297784][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.297931][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.298132][ T5825] bridge_slave_1: entered allmulticast mode [ 99.300953][ T5825] bridge_slave_1: entered promiscuous mode [ 99.428260][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.428412][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.428610][ T5815] bridge_slave_0: entered allmulticast mode [ 99.431336][ T5815] bridge_slave_0: entered promiscuous mode [ 99.434696][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.434846][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.435035][ T5831] bridge_slave_0: entered allmulticast mode [ 99.439698][ T5831] bridge_slave_0: entered promiscuous mode [ 99.638271][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.638420][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.638593][ T5815] bridge_slave_1: entered allmulticast mode [ 99.640712][ T5815] bridge_slave_1: entered promiscuous mode [ 99.641669][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.641855][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.641996][ T5831] bridge_slave_1: entered allmulticast mode [ 99.643850][ T5831] bridge_slave_1: entered promiscuous mode [ 99.848575][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.848720][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.848925][ T5813] bridge_slave_0: entered allmulticast mode [ 99.851793][ T5813] bridge_slave_0: entered promiscuous mode [ 100.073172][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.073428][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.073564][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.073798][ T5813] bridge_slave_1: entered allmulticast mode [ 100.084435][ T5813] bridge_slave_1: entered promiscuous mode [ 100.306056][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.306177][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.306375][ T5814] bridge_slave_0: entered allmulticast mode [ 100.309131][ T5814] bridge_slave_0: entered promiscuous mode [ 100.317856][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.415067][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.427760][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.430119][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.430267][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.430460][ T5814] bridge_slave_1: entered allmulticast mode [ 100.433739][ T5814] bridge_slave_1: entered promiscuous mode [ 100.606163][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.608873][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.783638][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.926316][ T5822] Bluetooth: hci1: command tx timeout [ 100.936408][ T5822] Bluetooth: hci3: command tx timeout [ 101.002650][ T5825] team0: Port device team_slave_0 added [ 101.005895][ T5822] Bluetooth: hci0: command tx timeout [ 101.013113][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.085947][ T5822] Bluetooth: hci2: command tx timeout [ 101.166176][ T5822] Bluetooth: hci4: command tx timeout [ 101.172311][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.174686][ T5825] team0: Port device team_slave_1 added [ 101.259925][ T5815] team0: Port device team_slave_0 added [ 101.262815][ T5831] team0: Port device team_slave_0 added [ 101.268393][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.697719][ T5815] team0: Port device team_slave_1 added [ 101.699778][ T5831] team0: Port device team_slave_1 added [ 101.840692][ T5813] team0: Port device team_slave_0 added [ 102.048209][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.048224][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.048244][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.051673][ T5813] team0: Port device team_slave_1 added [ 102.223750][ T5814] team0: Port device team_slave_0 added [ 102.224992][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.225009][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.225039][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.340767][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.340787][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.340807][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.342067][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.342083][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.342112][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.344706][ T5814] team0: Port device team_slave_1 added [ 102.498397][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.498416][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.498446][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.500134][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.500150][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.500180][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.731388][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.731408][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.731428][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.855476][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.855491][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.855511][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.861344][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.861365][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.861398][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.998831][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.998852][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.998872][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.007223][ T59] Bluetooth: hci1: command tx timeout [ 103.007336][ T5822] Bluetooth: hci3: command tx timeout [ 103.087561][ T5822] Bluetooth: hci0: command tx timeout [ 103.166160][ T5822] Bluetooth: hci2: command tx timeout [ 103.247212][ T5822] Bluetooth: hci4: command tx timeout [ 103.285181][ T5825] hsr_slave_0: entered promiscuous mode [ 103.293108][ T5825] hsr_slave_1: entered promiscuous mode [ 103.471140][ T5815] hsr_slave_0: entered promiscuous mode [ 103.472168][ T5815] hsr_slave_1: entered promiscuous mode [ 103.472973][ T5815] debugfs: 'hsr0' already exists in 'hsr' [ 103.473055][ T5815] Cannot create hsr debugfs directory [ 103.484588][ T5831] hsr_slave_0: entered promiscuous mode [ 103.496832][ T5831] hsr_slave_1: entered promiscuous mode [ 103.497867][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 103.497897][ T5831] Cannot create hsr debugfs directory [ 104.048014][ T5813] hsr_slave_0: entered promiscuous mode [ 104.049959][ T5813] hsr_slave_1: entered promiscuous mode [ 104.050977][ T5813] debugfs: 'hsr0' already exists in 'hsr' [ 104.051003][ T5813] Cannot create hsr debugfs directory [ 104.301574][ T5814] hsr_slave_0: entered promiscuous mode [ 104.302580][ T5814] hsr_slave_1: entered promiscuous mode [ 104.303292][ T5814] debugfs: 'hsr0' already exists in 'hsr' [ 104.303315][ T5814] Cannot create hsr debugfs directory [ 105.085891][ T59] Bluetooth: hci1: command tx timeout [ 105.085941][ T5822] Bluetooth: hci3: command tx timeout [ 105.165878][ T5822] Bluetooth: hci0: command tx timeout [ 105.246025][ T5822] Bluetooth: hci2: command tx timeout [ 105.326226][ T5822] Bluetooth: hci4: command tx timeout [ 105.925401][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 105.968432][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.011908][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.078787][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.192828][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.250992][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.290496][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.341746][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.511027][ T5813] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 106.556108][ T5813] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 106.627615][ T5813] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 106.672677][ T5813] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 106.811960][ T5814] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 106.880056][ T5814] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 106.930503][ T5814] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 106.989764][ T5814] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.179008][ T5815] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 107.227023][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.230117][ T5815] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 107.280277][ T5815] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 107.318722][ T5815] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 107.443291][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.462041][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.519085][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.519978][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.572557][ T3031] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.572784][ T3031] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.633836][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.693612][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.693844][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.710720][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.768608][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.768746][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.858783][ T5813] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.905093][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.919132][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.919354][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.987637][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.987793][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.113960][ T5814] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.173202][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.205429][ T3031] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.205958][ T3031] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.262169][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.262326][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.372805][ T5815] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.451674][ T990] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.451907][ T990] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.534199][ T3604] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.534416][ T3604] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.678731][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.831145][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.132675][ T5825] veth0_vlan: entered promiscuous mode [ 109.224963][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.244694][ T5825] veth1_vlan: entered promiscuous mode [ 109.332362][ T5831] veth0_vlan: entered promiscuous mode [ 109.340777][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.410927][ T5831] veth1_vlan: entered promiscuous mode [ 109.513091][ T5825] veth0_macvtap: entered promiscuous mode [ 109.553536][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.554648][ T5825] veth1_macvtap: entered promiscuous mode [ 109.623960][ T5813] veth0_vlan: entered promiscuous mode [ 109.709309][ T5831] veth0_macvtap: entered promiscuous mode [ 109.727522][ T5814] veth0_vlan: entered promiscuous mode [ 109.744939][ T5813] veth1_vlan: entered promiscuous mode [ 109.758286][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.768751][ T5831] veth1_macvtap: entered promiscuous mode [ 109.837895][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.853937][ T5814] veth1_vlan: entered promiscuous mode [ 109.932149][ T67] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.956938][ T67] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.969513][ T67] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.974392][ T67] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.989115][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.030175][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.132934][ T37] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.180566][ T37] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.184586][ T5813] veth0_macvtap: entered promiscuous mode [ 110.216586][ T37] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.224590][ T37] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.327179][ T5813] veth1_macvtap: entered promiscuous mode [ 110.329978][ T5814] veth0_macvtap: entered promiscuous mode [ 110.432818][ T5814] veth1_macvtap: entered promiscuous mode [ 110.622451][ T990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.622474][ T990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.663190][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.720251][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.729346][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.792269][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.792291][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.802324][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.834095][ T5815] veth0_vlan: entered promiscuous mode [ 110.869404][ T3604] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.872429][ T3604] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.896479][ T3604] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.913663][ T3604] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.913687][ T3604] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.965004][ T37] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.988547][ T37] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.992617][ T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.995584][ T5815] veth1_vlan: entered promiscuous mode [ 111.015626][ T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.020081][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.020107][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.110747][ T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.643736][ T5936] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 111.678792][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.678818][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.708947][ T5815] veth0_macvtap: entered promiscuous mode [ 111.862480][ T5815] veth1_macvtap: entered promiscuous mode [ 111.875313][ T3604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.875336][ T3604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.020284][ T1342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.020308][ T1342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.065233][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.186021][ T3604] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.186044][ T3604] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.195604][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.267025][ T57] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.287608][ T57] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.288699][ T3031] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.288968][ T3031] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.830333][ T5949] netlink: 'syz.0.10': attribute type 1 has an invalid length. [ 112.830602][ T5949] netlink: 72 bytes leftover after parsing attributes in process `syz.0.10'. [ 112.830624][ T5949] netlink: 97 bytes leftover after parsing attributes in process `syz.0.10'. [ 112.997371][ T3031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.997393][ T3031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.200588][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.200612][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.234492][ T5974] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 114.234524][ T5974] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 114.254372][ T5974] vhci_hcd vhci_hcd.0: Device attached [ 114.536115][ T5906] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 114.539628][ T1213] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 114.735797][ T1213] usb 1-1: Using ep0 maxpacket: 16 [ 114.757759][ T1213] usb 1-1: config 0 has no interfaces? [ 114.757802][ T1213] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 114.757829][ T1213] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.802226][ T1213] usb 1-1: config 0 descriptor?? [ 115.059291][ T44] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 115.060342][ T5658] usb 1-1: USB disconnect, device number 2 [ 115.098142][ T5980] vhci_hcd: connection closed [ 115.108079][ T37] vhci_hcd: stop threads [ 115.108572][ T37] vhci_hcd: release socket [ 115.131931][ T37] vhci_hcd: disconnect device [ 115.167964][ T5906] vhci_hcd: vhci_device speed not set [ 115.216183][ T44] usb 2-1: Using ep0 maxpacket: 8 [ 115.231271][ T44] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 115.231304][ T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.231326][ T44] usb 2-1: Product: syz [ 115.231342][ T44] usb 2-1: Manufacturer: syz [ 115.231358][ T44] usb 2-1: SerialNumber: syz [ 115.274388][ T44] usb 2-1: config 0 descriptor?? [ 115.537954][ T44] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 115.941372][ T6004] vcan0: tx drop: invalid da for name 0x00000000000000c7 [ 116.149428][ T44] usb write operation failed. (-71) [ 116.191663][ T44] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 116.192597][ T44] dvbdev: DVB: registering new adapter (Terratec H7) [ 116.192686][ T44] usb 2-1: media controller created [ 116.226137][ T44] usb read operation failed. (-71) [ 116.228063][ T44] usb write operation failed. (-71) [ 116.269713][ T44] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 116.290475][ T44] usb 2-1: USB disconnect, device number 2 [ 116.426491][ T6010] netlink: 'syz.3.33': attribute type 13 has an invalid length. [ 117.497663][ T6010] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.498929][ T6010] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.777547][ T6010] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 118.835458][ T6010] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 119.347853][ T6064] netlink: 165 bytes leftover after parsing attributes in process `syz.1.51'. [ 120.224326][ T2143] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.257911][ T2143] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.264439][ T2143] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.264492][ T2143] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.667392][ T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1) [ 120.697074][ T6082] netlink: 4 bytes leftover after parsing attributes in process `syz.3.58'. [ 120.972567][ T6084] program syz.1.59 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 121.478806][ T5991] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 121.640825][ T5991] usb 3-1: config 0 has no interfaces? [ 121.645345][ T5991] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 121.645379][ T5991] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.645402][ T5991] usb 3-1: Product: syz [ 121.645418][ T5991] usb 3-1: Manufacturer: syz [ 121.645434][ T5991] usb 3-1: SerialNumber: syz [ 121.745083][ T5991] usb 3-1: config 0 descriptor?? [ 122.126233][ T6092] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.129987][ T6055] usb 3-1: USB disconnect, device number 2 [ 122.522649][ T6123] netlink: 76 bytes leftover after parsing attributes in process `syz.3.74'. [ 122.817783][ T6055] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 122.980115][ T6055] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 122.980179][ T6055] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 122.980205][ T6055] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 122.980250][ T6055] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 122.980275][ T6055] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.084648][ T6055] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 123.105820][ T5991] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 123.198568][ T6130] netlink: 80 bytes leftover after parsing attributes in process `syz.1.77'. [ 123.255900][ T5991] usb 5-1: Using ep0 maxpacket: 8 [ 123.265024][ T5991] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 123.265057][ T5991] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.465074][ T5991] pvrusb2: Hardware description: Terratec Grabster AV400 [ 123.465099][ T5991] pvrusb2: ********** [ 123.465107][ T5991] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 123.465119][ T5991] pvrusb2: Important functionality might not be entirely working. [ 123.465129][ T5991] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 123.465141][ T5991] pvrusb2: ********** [ 123.612474][ T6142] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 123.621954][ T38] audit: type=1326 audit(1759200072.152:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6140 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c16eceec9 code=0x7ffc0000 [ 123.638048][ T6055] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 123.643870][ T38] audit: type=1326 audit(1759200072.182:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6140 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c16eceec9 code=0x7ffc0000 [ 123.643933][ T38] audit: type=1326 audit(1759200072.182:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6140 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c16eceec9 code=0x7ffc0000 [ 123.643984][ T38] audit: type=1326 audit(1759200072.182:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6140 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c16eceec9 code=0x7ffc0000 [ 123.644033][ T38] audit: type=1326 audit(1759200072.182:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6140 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c16eceec9 code=0x7ffc0000 [ 123.688561][ T38] audit: type=1326 audit(1759200072.182:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6140 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f2c16eceec9 code=0x7ffc0000 [ 123.688629][ T38] audit: type=1326 audit(1759200072.212:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6140 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c16eceec9 code=0x7ffc0000 [ 123.712468][ T6055] usb 1-1: USB disconnect, device number 3 [ 123.824761][ T2364] pvrusb2: Invalid write control endpoint [ 123.962825][ T6016] usb 5-1: USB disconnect, device number 2 [ 124.292667][ T2364] pvrusb2: Invalid write control endpoint [ 124.292684][ T2364] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 124.292695][ T2364] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 124.292704][ T2364] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 124.292716][ T2364] pvrusb2: Device being rendered inoperable [ 124.304924][ T6153] loop7: detected capacity change from 0 to 7 [ 124.353787][ T2364] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 124.353854][ T2364] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 124.410597][ T2364] pvrusb2: Attached sub-driver cx25840 [ 124.410614][ T2364] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 124.410625][ T2364] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 124.482775][ T6153] Dev loop7: unable to read RDB block 7 [ 124.482826][ T6153] loop7: AHDI p1 p2 [ 124.482859][ T6153] loop7: partition table partially beyond EOD, truncated [ 124.483549][ T6153] loop7: p1 start 1702000233 is beyond EOD, truncated [ 125.845894][ T5991] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 126.002880][ T5991] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 126.002998][ T5991] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.034528][ T5991] usb 3-1: config 0 descriptor?? [ 126.070814][ T6200] loop8: detected capacity change from 0 to 8 [ 126.089198][ T5991] cp210x 3-1:0.0: cp210x converter detected [ 126.097019][ T6200] Dev loop8: unable to read RDB block 8 [ 126.097081][ T6200] loop8: unable to read partition table [ 126.097556][ T6200] loop8: partition table beyond EOD, truncated [ 126.097593][ T6200] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 126.456982][ T6202] IPVS: persistence engine module ip_vs_pe_ not found [ 126.676826][ T6198] netlink: 'syz.4.107': attribute type 18 has an invalid length. [ 126.709077][ T5991] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 126.709134][ T5991] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 126.757346][ T5991] usb 3-1: cp210x converter now attached to ttyUSB0 [ 126.776686][ T5991] usb 3-1: USB disconnect, device number 3 [ 126.812241][ T5991] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 126.826530][ T5991] cp210x 3-1:0.0: device disconnected [ 127.094354][ T6216] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 127.094354][ T6216] The task syz.3.112 (6216) triggered the difference, watch for misbehavior. [ 128.986286][ T5999] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 129.148507][ T5999] usb 5-1: config 0 has an invalid interface number: 128 but max is 0 [ 129.148539][ T5999] usb 5-1: config 0 has no interface number 0 [ 129.158015][ T5999] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 129.158053][ T5999] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.158077][ T5999] usb 5-1: Product: syz [ 129.158095][ T5999] usb 5-1: Manufacturer: syz [ 129.158113][ T5999] usb 5-1: SerialNumber: syz [ 129.191191][ T5999] usb 5-1: config 0 descriptor?? [ 129.633128][ T5999] usb 5-1: Firmware: major: 225, minor: 107, hardware type: RZUSB (3) [ 129.866027][ T5999] usb 5-1: failed to fetch extended address, random address set [ 130.121846][ T5999] usb 5-1: USB disconnect, device number 3 [ 130.891352][ T6282] Zero length message leads to an empty skb [ 131.488451][ T5822] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 131.488560][ T5822] Bluetooth: hci4: Injecting HCI hardware error event [ 131.490766][ T59] Bluetooth: hci4: hardware error 0x00 [ 132.349838][ T6313] netlink: 8 bytes leftover after parsing attributes in process `syz.4.150'. [ 133.810937][ T59] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 135.387162][ T6391] Bluetooth: MGMT ver 1.23 [ 136.024999][ T6409] netlink: 36 bytes leftover after parsing attributes in process `syz.0.194'. [ 136.058710][ T6411] netlink: 'syz.3.195': attribute type 6 has an invalid length. [ 136.230168][ T6416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.197'. [ 136.596376][ T6427] warning: `syz.0.201' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 136.837383][ T6433] batadv0: entered promiscuous mode [ 137.101152][ T6442] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 137.101199][ T6442] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 138.059264][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.059370][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.244672][ T6471] sctp: [Deprecated]: syz.2.221 (pid 6471) Use of int in maxseg socket option. [ 138.244672][ T6471] Use struct sctp_assoc_value instead [ 138.545948][ T5999] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 138.715972][ T5999] usb 4-1: Using ep0 maxpacket: 8 [ 138.737010][ T5999] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 138.737133][ T5999] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.737157][ T5999] usb 4-1: Product: syz [ 138.737174][ T5999] usb 4-1: Manufacturer: syz [ 138.737190][ T5999] usb 4-1: SerialNumber: syz [ 138.767990][ T5999] usb 4-1: config 0 descriptor?? [ 139.017716][ T5999] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 139.181701][ T6483] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 139.586518][ T6489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.230'. [ 139.593772][ T6489] netlink: 8 bytes leftover after parsing attributes in process `syz.0.230'. [ 139.617498][ T5999] gspca_sunplus: reg_w_riv err -71 [ 139.617613][ T5999] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 139.637997][ T5999] usb 4-1: USB disconnect, device number 2 [ 139.910400][ T6495] netlink: 'syz.2.233': attribute type 49 has an invalid length. [ 140.126154][ T6499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.234'. [ 140.126189][ T6499] netlink: 20 bytes leftover after parsing attributes in process `syz.2.234'. [ 141.914757][ T6545] netlink: 52 bytes leftover after parsing attributes in process `syz.1.253'. [ 142.517279][ T5991] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 142.631208][ T6559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.260'. [ 142.631424][ T6559] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 142.631457][ T6559] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 142.675762][ T5991] usb 4-1: Using ep0 maxpacket: 32 [ 142.678011][ T5991] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 142.678039][ T5991] usb 4-1: config 0 has no interface number 0 [ 142.678092][ T5991] usb 4-1: config 0 interface 184 has no altsetting 0 [ 142.683478][ T5991] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 142.683509][ T5991] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.683531][ T5991] usb 4-1: Product: syz [ 142.683547][ T5991] usb 4-1: Manufacturer: syz [ 142.683570][ T5991] usb 4-1: SerialNumber: syz [ 142.751391][ T5991] usb 4-1: config 0 descriptor?? [ 142.769182][ T5991] smsc75xx v1.0.0 [ 143.085841][ T5822] Bluetooth: hci3: command 0x0406 tx timeout [ 143.093636][ T38] audit: type=1326 audit(1759200347.637:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 143.093694][ T38] audit: type=1326 audit(1759200347.637:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 143.093741][ T38] audit: type=1326 audit(1759200347.637:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 143.094366][ T38] audit: type=1326 audit(1759200347.637:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 143.094920][ T38] audit: type=1326 audit(1759200347.637:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 143.094972][ T38] audit: type=1326 audit(1759200347.637:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 143.098600][ T38] audit: type=1326 audit(1759200347.637:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 143.109960][ T38] audit: type=1326 audit(1759200347.647:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 143.110028][ T38] audit: type=1326 audit(1759200347.657:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 143.110079][ T38] audit: type=1326 audit(1759200347.657:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6564 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 143.215752][ T5892] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 143.391024][ T5892] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 143.391053][ T5892] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 143.398898][ T5892] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 143.417330][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.417357][ T5892] usb 2-1: Product: syz [ 143.417372][ T5892] usb 2-1: Manufacturer: syz [ 143.417388][ T5892] usb 2-1: SerialNumber: syz [ 143.486716][ T6055] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 143.600599][ T5991] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71 [ 143.600634][ T5991] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 143.601930][ T5991] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 143.601958][ T5991] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 143.601980][ T5991] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 143.602006][ T5991] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 143.605541][ T5991] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71 [ 143.675828][ T6055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16, setting to 8 [ 143.675859][ T6055] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 143.675899][ T6055] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice= 0.00 [ 143.675920][ T6055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.735516][ T5892] usb 2-1: 0:2 : does not exist [ 143.744184][ T6055] usb 5-1: config 0 descriptor?? [ 143.745451][ T6567] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 143.762895][ T5892] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 143.763185][ T5991] usb 4-1: USB disconnect, device number 3 [ 143.847453][ T5892] usb 2-1: USB disconnect, device number 3 [ 144.194102][ T6055] apple 0003:05AC:0219.0001: unknown main item tag 0x0 [ 144.194153][ T6055] apple 0003:05AC:0219.0001: unknown main item tag 0x0 [ 144.194185][ T6055] apple 0003:05AC:0219.0001: unknown main item tag 0x0 [ 144.194216][ T6055] apple 0003:05AC:0219.0001: unknown main item tag 0x0 [ 144.194246][ T6055] apple 0003:05AC:0219.0001: unknown main item tag 0x0 [ 144.194277][ T6055] apple 0003:05AC:0219.0001: unknown main item tag 0x0 [ 144.194307][ T6055] apple 0003:05AC:0219.0001: unknown main item tag 0x0 [ 144.297690][ T6055] apple 0003:05AC:0219.0001: hidraw0: USB HID vff.fa Device [HID 05ac:0219] on usb-dummy_hcd.4-1/input0 [ 144.403191][ T5892] usb 5-1: USB disconnect, device number 4 [ 145.200746][ T6595] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 145.471567][ T6609] program syz.4.281 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 146.167449][ T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 146.315848][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 146.318649][ T10] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 146.318677][ T10] usb 4-1: config 0 has no interface number 0 [ 146.322532][ T10] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 146.322563][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.322586][ T10] usb 4-1: Product: syz [ 146.322689][ T10] usb 4-1: Manufacturer: syz [ 146.322706][ T10] usb 4-1: SerialNumber: syz [ 146.401313][ T10] usb 4-1: config 0 descriptor?? [ 146.420237][ T10] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 146.686240][ T10] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 146.735231][ T10] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 147.076713][ C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 147.083268][ T6017] usb 4-1: USB disconnect, device number 4 [ 147.118436][ T6017] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 147.137924][ T6017] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 147.138690][ T6017] quatech2 4-1:0.51: device disconnected [ 147.545826][ T10] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 147.661150][ T6653] ======================================================= [ 147.661150][ T6653] WARNING: The mand mount option has been deprecated and [ 147.661150][ T6653] and is ignored by this kernel. Remove the mand [ 147.661150][ T6653] option from the mount to silence this warning. [ 147.661150][ T6653] ======================================================= [ 147.696811][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 147.706533][ T10] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 147.706566][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.739269][ T10] usb 3-1: config 0 descriptor?? [ 147.973587][ T10] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 147.991579][ T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 147.993265][ T10] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 147.993327][ T10] usb 3-1: media controller created [ 148.136669][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 148.285844][ T10] az6027: usb out operation failed. (-71) [ 148.293879][ T10] az6027: usb out operation failed. (-71) [ 148.293900][ T10] stb0899_attach: Driver disabled by Kconfig [ 148.293911][ T10] az6027: no front-end attached [ 148.293911][ T10] [ 148.298617][ T10] az6027: usb out operation failed. (-71) [ 148.298651][ T10] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 148.331663][ T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5 [ 148.358066][ T10] dvb-usb: schedule remote query interval to 400 msecs. [ 148.358093][ T10] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 148.372108][ T10] usb 3-1: USB disconnect, device number 4 [ 148.389132][ T6669] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 148.734691][ T10] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 148.780327][ T6675] netlink: 8 bytes leftover after parsing attributes in process `syz.1.312'. [ 149.012435][ T59] Bluetooth: hci3: command 0x0406 tx timeout [ 149.597259][ T6707] C: renamed from team_slave_0 (while UP) [ 149.653508][ T6707] netlink: 144 bytes leftover after parsing attributes in process `syz.1.325'. [ 149.653536][ T6707] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 150.099867][ T6724] netlink: 'syz.0.336': attribute type 14 has an invalid length. [ 150.304797][ T158] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.304879][ T158] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.304928][ T158] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.304968][ T158] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.202969][ T10] IPVS: starting estimator thread 0... [ 151.336178][ T6740] IPVS: using max 7 ests per chain, 16800 per kthread [ 151.773077][ T37] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.233464][ T37] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.274765][ T5822] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 152.315671][ T5822] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 152.323812][ T5822] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 152.333866][ T5822] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 152.347275][ T5822] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 152.365532][ T5999] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 152.405622][ T6017] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 152.543445][ T5999] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 152.543478][ T5999] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 152.543499][ T5999] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 152.543555][ T5999] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 152.543584][ T5999] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 152.569842][ T5999] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 152.569876][ T5999] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 152.569898][ T5999] usb 4-1: Product: syz [ 152.569913][ T5999] usb 4-1: Manufacturer: syz [ 152.588324][ T6017] usb 5-1: Using ep0 maxpacket: 32 [ 152.635291][ T6017] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 152.635321][ T6017] usb 5-1: config 0 has no interface number 0 [ 152.659539][ T6017] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 152.659573][ T6017] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.659596][ T6017] usb 5-1: Product: syz [ 152.659612][ T6017] usb 5-1: Manufacturer: syz [ 152.659628][ T6017] usb 5-1: SerialNumber: syz [ 152.701662][ T6017] usb 5-1: config 0 descriptor?? [ 152.711819][ T5999] cdc_wdm 4-1:1.0: skipping garbage [ 152.711841][ T5999] cdc_wdm 4-1:1.0: skipping garbage [ 152.772242][ T37] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.842418][ T5999] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 152.842465][ T5999] cdc_wdm 4-1:1.0: Unknown control protocol [ 152.903234][ T10] usb 4-1: USB disconnect, device number 5 [ 152.985753][ T6017] radio-si470x 5-1:0.35: this is not a si470x device. [ 153.000948][ T6772] Illegal XDP return value 4294967274 on prog (id 41) dev N/A, expect packet loss! [ 153.017043][ T6017] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 153.031749][ T6773] input: syz0 as /devices/virtual/input/input6 [ 153.201205][ T37] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.245703][ T6017] radio-raremono 5-1:0.35: V4L2 device registered as radio48 [ 153.449650][ T6055] usb 5-1: USB disconnect, device number 5 [ 153.452408][ T6055] radio-raremono 5-1:0.35: Thanko's Raremono disconnected [ 153.754983][ T37] bridge_slave_1: left allmulticast mode [ 153.755108][ T37] bridge_slave_1: left promiscuous mode [ 153.757981][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.851383][ T37] bridge_slave_0: left allmulticast mode [ 153.851419][ T37] bridge_slave_0: left promiscuous mode [ 153.851779][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.953747][ T6792] mmap: syz.0.368 (6792) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 154.444495][ T5822] Bluetooth: hci0: command tx timeout [ 154.541299][ T6806] input: syz0 as /devices/virtual/input/input7 [ 155.160193][ T6816] block nbd0: server does not support multiple connections per device. [ 155.162114][ T6816] block nbd0: shutting down sockets [ 155.474016][ T5991] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 155.628293][ T5991] usb 4-1: Using ep0 maxpacket: 16 [ 155.631806][ T5991] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.631843][ T5991] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 155.631860][ T5991] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.638939][ T5991] usb 4-1: config 0 descriptor?? [ 156.060521][ T5991] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 156.491411][ T5994] usb 4-1: USB disconnect, device number 6 [ 156.523407][ T5822] Bluetooth: hci0: command tx timeout [ 156.744215][ T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 156.816295][ T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 156.858557][ T37] bond0 (unregistering): Released all slaves [ 156.938561][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.4.378'. [ 156.975769][ T6828] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.977881][ T6828] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.478408][ T6845] netlink: 277 bytes leftover after parsing attributes in process `syz.3.393'. [ 157.793129][ T6762] chnl_net:caif_netlink_parms(): no params data found [ 157.835758][ T6849] netlink: 12 bytes leftover after parsing attributes in process `syz.4.395'. [ 157.965311][ T6855] loop8: detected capacity change from 0 to 7 [ 157.973455][ T6855] Dev loop8: unable to read RDB block 7 [ 157.973512][ T6855] loop8: unable to read partition table [ 157.973771][ T6855] loop8: partition table beyond EOD, truncated [ 157.973792][ T6855] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– ) failed (rc=-5) [ 158.454044][ T6868] 9p: Unknown access argument 18446744073709551615: -34 [ 158.613265][ T5822] Bluetooth: hci0: command tx timeout [ 158.649198][ T6875] netlink: 28 bytes leftover after parsing attributes in process `syz.2.408'. [ 158.649226][ T6875] netlink: 12 bytes leftover after parsing attributes in process `syz.2.408'. [ 158.742237][ T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 158.902086][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 158.904549][ T10] usb 4-1: config 0 interface 0 has no altsetting 0 [ 158.904593][ T10] usb 4-1: New USB device found, idVendor=0dfc, idProduct=0101, bcdDevice= 0.00 [ 158.904620][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.946898][ T10] usb 4-1: config 0 descriptor?? [ 158.966885][ T6881] process 'syz.4.411' launched './file1' with NULL argv: empty string added [ 159.399339][ T10] hid (null): bogus close delimiter [ 159.440094][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440137][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440168][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440199][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440229][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440259][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440289][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440318][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440348][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.440378][ T10] hid-generic 0003:0DFC:0101.0003: unknown main item tag 0x0 [ 159.524925][ T10] hid-generic 0003:0DFC:0101.0003: item 0 4 0 9 parsing failed [ 159.525856][ T10] hid-generic 0003:0DFC:0101.0003: probe with driver hid-generic failed with error -22 [ 159.617195][ T10] usb 4-1: USB disconnect, device number 7 [ 159.862234][ T6762] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.862385][ T6762] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.862643][ T6762] bridge_slave_0: entered allmulticast mode [ 159.871787][ T6762] bridge_slave_0: entered promiscuous mode [ 160.054691][ T6908] program syz.0.422 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.072571][ T37] hsr_slave_0: left promiscuous mode [ 160.113615][ T37] hsr_slave_1: left promiscuous mode [ 160.116127][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 160.116223][ T37] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 160.181719][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.181755][ T37] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 160.414829][ T37] batadv0: left promiscuous mode [ 160.415125][ T37] veth1_macvtap: left promiscuous mode [ 160.415323][ T37] veth0_macvtap: left promiscuous mode [ 160.415654][ T37] veth1_vlan: left promiscuous mode [ 160.415988][ T37] veth0_vlan: left promiscuous mode [ 160.682814][ T5822] Bluetooth: hci0: command tx timeout [ 161.111135][ T5994] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 161.262403][ T5994] usb 1-1: too many configurations: 52, using maximum allowed: 8 [ 161.323153][ T5994] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 161.323187][ T5994] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.323208][ T5994] usb 1-1: Product: syz [ 161.323223][ T5994] usb 1-1: Manufacturer: syz [ 161.323237][ T5994] usb 1-1: SerialNumber: syz [ 161.626713][ T5994] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 161.626776][ T5994] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 161.626800][ T5994] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 161.687656][ T5994] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 161.737484][ T5994] usb 1-1: USB disconnect, device number 4 [ 162.480525][ T5994] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 162.643056][ T5994] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.643113][ T5994] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 162.643139][ T5994] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.651577][ T5994] usb 1-1: config 0 descriptor?? [ 163.070634][ T5994] kovaplus 0003:1E7D:2D50.0004: item fetching failed at offset 1/3 [ 163.071460][ T5994] kovaplus 0003:1E7D:2D50.0004: parse failed [ 163.071536][ T5994] kovaplus 0003:1E7D:2D50.0004: probe with driver kovaplus failed with error -22 [ 163.326542][ T10] usb 1-1: USB disconnect, device number 5 [ 163.520777][ T37] team0 (unregistering): Port device team_slave_1 removed [ 163.750671][ T37] team0 (unregistering): Port device C removed [ 164.419440][ T6055] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 164.569468][ T6055] usb 1-1: Using ep0 maxpacket: 8 [ 164.577313][ T6055] usb 1-1: config index 0 descriptor too short (expected 30, got 18) [ 164.581759][ T6055] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 164.581794][ T6055] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.581818][ T6055] usb 1-1: Product: syz [ 164.581834][ T6055] usb 1-1: Manufacturer: syz [ 164.581852][ T6055] usb 1-1: SerialNumber: syz [ 164.593619][ T6055] usb 1-1: config 0 descriptor?? [ 164.625180][ T6055] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 164.625253][ T6055] usb 1-1: setting power ON [ 164.630284][ T6055] dvb-usb: bulk message failed: -22 (2/0) [ 164.638019][ T6055] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 164.641490][ T6055] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 164.641578][ T6055] usb 1-1: media controller created [ 164.709006][ T6055] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 164.745533][ T6055] usb 1-1: selecting invalid altsetting 6 [ 164.745559][ T6055] usb 1-1: digital interface selection failed (-22) [ 164.745585][ T6055] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 164.746840][ T6055] usb 1-1: setting power OFF [ 164.747082][ T6055] dvb-usb: bulk message failed: -22 (2/0) [ 164.747101][ T6055] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 164.747114][ T6055] (NULL device *): no alternate interface [ 164.827166][ T6055] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 164.832833][ T6055] usb 1-1: USB disconnect, device number 6 [ 165.431698][ T6949] netlink: 56 bytes leftover after parsing attributes in process `syz.0.442'. [ 165.708914][ T6055] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 165.861794][ T6055] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 165.861824][ T6055] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 165.863644][ T6055] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 165.863673][ T6055] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 165.863695][ T6055] usb 1-1: SerialNumber: syz [ 166.093918][ T6055] usb 1-1: 0:2 : does not exist [ 166.117067][ T6055] usb 1-1: USB disconnect, device number 7 [ 166.259675][ T6762] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.259898][ T6762] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.260155][ T6762] bridge_slave_1: entered allmulticast mode [ 166.262454][ T6762] bridge_slave_1: entered promiscuous mode [ 166.562759][ T6762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.567344][ T6762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.004294][ T6762] team0: Port device team_slave_0 added [ 167.028777][ T6762] team0: Port device team_slave_1 added [ 167.852967][ T6762] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.852987][ T6762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.853028][ T6762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 168.041056][ T6762] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 168.041076][ T6762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.041106][ T6762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.380225][ T7002] Bluetooth: MGMT ver 1.23 [ 168.602203][ T6762] hsr_slave_0: entered promiscuous mode [ 168.613679][ T6762] hsr_slave_1: entered promiscuous mode [ 168.614789][ T6762] debugfs: 'hsr0' already exists in 'hsr' [ 168.614816][ T6762] Cannot create hsr debugfs directory [ 169.981042][ T6762] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 170.080760][ T6762] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 170.146650][ T6762] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 170.273963][ T7037] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.275545][ T7037] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.320130][ T6762] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 170.765251][ T6762] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.822036][ T6762] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.846154][ T5999] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 170.901532][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.901831][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.963531][ T990] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.963685][ T990] bridge0: port 2(bridge_slave_1) entered forwarding state [ 171.006690][ T5999] usb 3-1: Using ep0 maxpacket: 16 [ 171.009414][ T5999] usb 3-1: config 0 interface 0 has no altsetting 0 [ 171.009448][ T5999] usb 3-1: New USB device found, idVendor=0dfc, idProduct=0101, bcdDevice= 0.00 [ 171.009467][ T5999] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.050024][ T5999] usb 3-1: config 0 descriptor?? [ 171.515517][ T5999] hid (null): bogus close delimiter [ 171.550224][ T5999] hid_parser_main: 624 callbacks suppressed [ 171.550253][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550287][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550317][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550346][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550375][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550404][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550433][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550462][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550491][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.550520][ T5999] hid-generic 0003:0DFC:0101.0005: unknown main item tag 0x0 [ 171.648702][ T5999] hid-generic 0003:0DFC:0101.0005: item 0 4 0 9 parsing failed [ 171.649597][ T5999] hid-generic 0003:0DFC:0101.0005: probe with driver hid-generic failed with error -22 [ 171.683081][ T7076] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.496'. [ 171.739154][ T5991] usb 3-1: USB disconnect, device number 5 [ 171.880711][ T6762] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.800808][ T6762] veth0_vlan: entered promiscuous mode [ 172.814197][ T7100] syz.2.504 (7100) used greatest stack depth: 18872 bytes left [ 172.830178][ T6762] veth1_vlan: entered promiscuous mode [ 172.967226][ T6762] veth0_macvtap: entered promiscuous mode [ 172.983922][ T6762] veth1_macvtap: entered promiscuous mode [ 173.044768][ T6762] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.116944][ T6762] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.186239][ T990] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.207851][ T990] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.230536][ T990] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.265507][ T990] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.361930][ T7120] netlink: 'syz.4.511': attribute type 3 has an invalid length. [ 173.434923][ T5994] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 173.594959][ T5994] usb 4-1: Using ep0 maxpacket: 8 [ 173.602735][ T5994] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 173.602771][ T5994] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.602794][ T5994] usb 4-1: Product: syz [ 173.602810][ T5994] usb 4-1: Manufacturer: syz [ 173.602826][ T5994] usb 4-1: SerialNumber: syz [ 173.652062][ T5994] usb 4-1: config 0 descriptor?? [ 173.671179][ T5994] gspca_main: se401-2.14.0 probing 047d:5003 [ 173.824906][ T6055] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 173.877443][ T7128] tun0: tun_chr_ioctl cmd 1074025677 [ 173.878142][ T7128] tun0: linktype set to 776 [ 173.883821][ T1342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.883843][ T1342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.995036][ T6055] usb 5-1: Using ep0 maxpacket: 16 [ 174.000942][ T6055] usb 5-1: config 0 interface 0 has no altsetting 0 [ 174.001050][ T6055] usb 5-1: New USB device found, idVendor=0dfc, idProduct=0101, bcdDevice= 0.00 [ 174.001077][ T6055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.072117][ T5994] gspca_se401: Frame size: 115x0 bayer [ 174.072138][ T5994] gspca_se401: Frame size: 0x0 1/16th janggu [ 174.072151][ T5994] gspca_se401: Frame size: 0x0 1/16th janggu [ 174.101758][ T6055] usb 5-1: config 0 descriptor?? [ 174.272384][ T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.272406][ T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.315840][ T5994] input: se401 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input8 [ 174.386965][ T5994] usb 4-1: USB disconnect, device number 8 [ 174.599077][ T6055] hid (null): bogus close delimiter [ 174.663797][ T6055] hid-generic 0003:0DFC:0101.0006: item 0 4 0 9 parsing failed [ 174.665361][ T6055] hid-generic 0003:0DFC:0101.0006: probe with driver hid-generic failed with error -22 [ 174.785669][ T6055] usb 5-1: USB disconnect, device number 6 [ 174.889572][ T7150] netlink: 8 bytes leftover after parsing attributes in process `syz.2.522'. [ 174.946111][ T7150] netlink: 8 bytes leftover after parsing attributes in process `syz.2.522'. [ 175.639749][ T7173] netlink: 'syz.3.533': attribute type 3 has an invalid length. [ 175.936208][ T7184] netlink: 36 bytes leftover after parsing attributes in process `syz.3.538'. [ 176.343527][ T5994] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 176.493457][ T5994] usb 1-1: Using ep0 maxpacket: 16 [ 176.497907][ T5994] usb 1-1: config 0 interface 0 has no altsetting 0 [ 176.497951][ T5994] usb 1-1: New USB device found, idVendor=0dfc, idProduct=0101, bcdDevice= 0.00 [ 176.497977][ T5994] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.504901][ T5994] usb 1-1: config 0 descriptor?? [ 176.980668][ T5994] hid (null): bogus close delimiter [ 177.009673][ T5994] hid_parser_main: 1256 callbacks suppressed [ 177.009700][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009736][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009775][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009806][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009835][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009865][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009896][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009926][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009952][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.009980][ T5994] hid-generic 0003:0DFC:0101.0007: unknown main item tag 0x0 [ 177.111134][ T5994] hid-generic 0003:0DFC:0101.0007: item 0 4 0 9 parsing failed [ 177.114228][ T5994] hid-generic 0003:0DFC:0101.0007: probe with driver hid-generic failed with error -22 [ 177.170894][ T5994] usb 1-1: USB disconnect, device number 8 [ 178.201142][ T38] kauditd_printk_skb: 187 callbacks suppressed [ 178.201163][ T38] audit: type=1326 audit(1759200638.749:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0829eec9 code=0x7ffc0000 [ 178.201208][ T38] audit: type=1326 audit(1759200638.749:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0829eec9 code=0x7ffc0000 [ 178.242656][ T38] audit: type=1326 audit(1759200638.759:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 178.242731][ T38] audit: type=1326 audit(1759200638.769:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 178.242787][ T38] audit: type=1326 audit(1759200638.769:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 178.242843][ T38] audit: type=1326 audit(1759200638.769:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 178.253662][ T38] audit: type=1326 audit(1759200638.809:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 178.254738][ T38] audit: type=1326 audit(1759200638.809:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 178.256822][ T38] audit: type=1326 audit(1759200638.809:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 178.258755][ T38] audit: type=1326 audit(1759200638.809:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7241 comm="syz.3.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fda0823af79 code=0x7ffc0000 [ 179.082074][ T5994] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 179.262916][ T5994] usb 1-1: Using ep0 maxpacket: 32 [ 179.272713][ T5994] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 179.272754][ T5994] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 179.272783][ T5994] usb 1-1: config 0 interface 0 has no altsetting 0 [ 179.282694][ T5994] usb 1-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 179.282732][ T5994] usb 1-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0 [ 179.282757][ T5994] usb 1-1: Product: syz [ 179.290141][ T5994] usb 1-1: config 0 descriptor?? [ 179.777167][ T5994] waterforce 0003:1044:7A4D.0008: item fetching failed at offset 2/5 [ 179.778022][ T5994] waterforce 0003:1044:7A4D.0008: hid parse failed with -22 [ 179.778138][ T5994] waterforce 0003:1044:7A4D.0008: probe with driver waterforce failed with error -22 [ 179.811838][ T5991] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 179.898283][ T7271] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 179.898315][ T7271] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 179.962202][ T5991] usb 3-1: Using ep0 maxpacket: 32 [ 179.969469][ T5991] usb 3-1: config 0 has an invalid interface number: 184 but max is 0 [ 179.969501][ T5991] usb 3-1: config 0 has no interface number 0 [ 179.969559][ T5991] usb 3-1: config 0 interface 184 has no altsetting 0 [ 179.970910][ T9] usb 1-1: USB disconnect, device number 9 [ 179.973185][ T5991] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 179.973216][ T5991] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.973239][ T5991] usb 3-1: Product: syz [ 179.973255][ T5991] usb 3-1: Manufacturer: syz [ 179.973271][ T5991] usb 3-1: SerialNumber: syz [ 180.011633][ T10] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 180.077819][ T5991] usb 3-1: config 0 descriptor?? [ 180.088631][ T5991] smsc75xx v1.0.0 [ 180.188686][ T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 180.188713][ T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 180.212601][ T10] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 180.212698][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.212721][ T10] usb 5-1: Product: syz [ 180.212738][ T10] usb 5-1: Manufacturer: syz [ 180.212755][ T10] usb 5-1: SerialNumber: syz [ 180.488532][ T10] usb 5-1: 0:2 : does not exist [ 180.553248][ T10] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 180.693336][ T10] usb 5-1: USB disconnect, device number 7 [ 180.927152][ T5991] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71 [ 180.927186][ T5991] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 180.927733][ T5991] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 180.927760][ T5991] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 180.927781][ T5991] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 180.927802][ T5991] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 180.928114][ T5991] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71 [ 181.005439][ T5991] usb 3-1: USB disconnect, device number 6 [ 181.131111][ T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 181.281108][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 181.289958][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.290011][ T10] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 181.290044][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.333207][ T10] usb 1-1: config 0 descriptor?? [ 181.794223][ T10] mcp2221 0003:04D8:00DD.0009: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 182.222671][ T10] usb 1-1: USB disconnect, device number 10 [ 182.969188][ T7307] loop7: detected capacity change from 0 to 7 [ 182.997835][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.719119][ T38] kauditd_printk_skb: 133 callbacks suppressed [ 183.719141][ T38] audit: type=1326 audit(1759200644.271:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0829eec9 code=0x7ffc0000 [ 183.719195][ T38] audit: type=1326 audit(1759200644.271:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7329 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda0829eec9 code=0x7ffc0000 [ 184.369443][ T6055] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 184.521925][ T6055] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 184.521957][ T6055] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 184.521979][ T6055] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 184.522034][ T6055] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 184.522064][ T6055] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 184.527123][ T6055] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 184.527158][ T6055] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 184.527182][ T6055] usb 5-1: Product: syz [ 184.527198][ T6055] usb 5-1: Manufacturer: syz [ 184.583580][ T6055] cdc_wdm 5-1:1.0: skipping garbage [ 184.583605][ T6055] cdc_wdm 5-1:1.0: skipping garbage [ 184.638324][ T6055] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 184.638348][ T6055] cdc_wdm 5-1:1.0: Unknown control protocol [ 184.715891][ T7351] syz_tun: entered allmulticast mode [ 184.717351][ T7350] syz_tun: left allmulticast mode [ 184.813409][ T5994] usb 5-1: USB disconnect, device number 8 [ 185.062038][ T38] audit: type=1326 audit(1759200645.622:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7360 comm="syz.2.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f61deec9 code=0x7ffc0000 [ 185.149081][ T10] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 185.301943][ T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 185.301973][ T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 185.305064][ T10] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 185.305093][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.305115][ T10] usb 4-1: Product: syz [ 185.305131][ T10] usb 4-1: Manufacturer: syz [ 185.305147][ T10] usb 4-1: SerialNumber: syz [ 185.583246][ T10] usb 4-1: 0:2 : does not exist [ 185.594507][ T10] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 185.654798][ T10] usb 4-1: USB disconnect, device number 9 [ 185.708551][ T38] audit: type=1326 audit(1759200646.262:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7373 comm="syz.4.617" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fed5f41eec9 code=0x0 [ 186.568977][ T7399] netlink: 132 bytes leftover after parsing attributes in process `syz.3.629'. [ 186.790196][ T6017] usb 1-1: new full-speed USB device number 11 using dummy_hcd [ 186.893124][ T7409] capability: warning: `syz.2.633' uses 32-bit capabilities (legacy support in use) [ 186.951484][ T6017] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 186.951517][ T6017] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 186.951541][ T6017] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 186.951565][ T6017] usb 1-1: config 1 has no interface number 0 [ 186.951623][ T6017] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 186.951653][ T6017] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 186.951700][ T6017] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 186.951726][ T6017] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.060551][ T6017] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 187.218023][ T1213] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 187.378029][ T6055] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 187.380080][ T1213] usb 6-1: Using ep0 maxpacket: 16 [ 187.407166][ T1213] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.407223][ T1213] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 187.407247][ T1213] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.438129][ T1213] usb 6-1: config 0 descriptor?? [ 187.547878][ T6055] usb 5-1: Using ep0 maxpacket: 32 [ 187.553097][ T6055] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 187.553193][ T6055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.602217][ T6055] usb 5-1: config 0 descriptor?? [ 187.650294][ T6017] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [ 187.832776][ T6055] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 187.870832][ T6055] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 187.872562][ T10] usb 1-1: USB disconnect, device number 11 [ 187.875961][ T6055] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 187.876018][ T6055] usb 5-1: media controller created [ 187.887134][ T10] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 187.936294][ T1213] mcp2221 0003:04D8:00DD.000A: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 187.956184][ T6055] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 188.042690][ T6055] az6027: usb out operation failed. (-71) [ 188.043265][ T6055] az6027: usb out operation failed. (-71) [ 188.043279][ T6055] stb0899_attach: Driver disabled by Kconfig [ 188.043291][ T6055] az6027: no front-end attached [ 188.043291][ T6055] [ 188.043708][ T6055] az6027: usb out operation failed. (-71) [ 188.043723][ T6055] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 188.046907][ T6055] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9 [ 188.102645][ T6055] dvb-usb: schedule remote query interval to 400 msecs. [ 188.102669][ T6055] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 188.105544][ T6055] usb 5-1: USB disconnect, device number 9 [ 188.252454][ T6055] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 188.350233][ T1213] usb 6-1: USB disconnect, device number 2 [ 188.638737][ T7434] sctp: [Deprecated]: syz.3.644 (pid 7434) Use of struct sctp_assoc_value in delayed_ack socket option. [ 188.638737][ T7434] Use struct sctp_sack_info instead [ 189.121467][ T7450] tap0: tun_chr_ioctl cmd 1074025675 [ 189.121493][ T7450] tap0: persist disabled [ 190.068746][ T1213] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 190.216639][ T1213] usb 5-1: Using ep0 maxpacket: 16 [ 190.228992][ T1213] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.229053][ T1213] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 190.229082][ T1213] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.263852][ T1213] usb 5-1: config 0 descriptor?? [ 190.546797][ T7489] capability: warning: `syz.0.668' uses deprecated v2 capabilities in a way that may be insecure [ 190.715982][ T1213] mcp2221 0003:04D8:00DD.000B: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 191.130781][ T1213] usb 5-1: USB disconnect, device number 10 [ 193.086236][ T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.194838][ T6017] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 193.346650][ T6017] usb 3-1: Using ep0 maxpacket: 16 [ 193.349700][ T6017] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.349754][ T6017] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 193.349780][ T6017] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.364568][ T7547] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 193.405958][ T6017] usb 3-1: config 0 descriptor?? [ 193.554609][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 193.573773][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 193.576454][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 193.596545][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 193.600094][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 193.690781][ T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.882580][ T6017] mcp2221 0003:04D8:00DD.000C: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0 [ 194.052514][ T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.322463][ T6017] usb 3-1: USB disconnect, device number 7 [ 194.405153][ T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.848488][ T7578] comedi comedi3: comedi_config --init_data is deprecated [ 195.105610][ T7586] netlink: 'syz.3.713': attribute type 2 has an invalid length. [ 195.269441][ T13] bridge_slave_1: left allmulticast mode [ 195.269478][ T13] bridge_slave_1: left promiscuous mode [ 195.269746][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.395627][ T13] bridge_slave_0: left allmulticast mode [ 195.395663][ T13] bridge_slave_0: left promiscuous mode [ 195.395930][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.703771][ T59] Bluetooth: hci0: command tx timeout [ 195.723773][ T6016] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 195.878565][ T6016] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 195.878599][ T6016] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.885508][ T6016] usb 3-1: config 0 descriptor?? [ 195.894518][ T6016] cp210x 3-1:0.0: cp210x converter detected [ 196.300041][ T6016] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 196.307926][ T6016] usb 3-1: cp210x converter now attached to ttyUSB0 [ 196.515857][ T6016] usb 3-1: USB disconnect, device number 8 [ 196.542997][ T6016] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 196.713880][ T6016] cp210x 3-1:0.0: device disconnected [ 197.483802][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.544909][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.588722][ T13] bond0 (unregistering): Released all slaves [ 197.798819][ T59] Bluetooth: hci0: command tx timeout [ 197.802305][ T7548] chnl_net:caif_netlink_parms(): no params data found [ 198.754200][ T7548] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.757256][ T7548] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.757513][ T7548] bridge_slave_0: entered allmulticast mode [ 198.760328][ T7548] bridge_slave_0: entered promiscuous mode [ 198.814189][ T7548] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.814471][ T7548] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.814810][ T7548] bridge_slave_1: entered allmulticast mode [ 198.819891][ T7548] bridge_slave_1: entered promiscuous mode [ 199.122199][ T13] hsr_slave_0: left promiscuous mode [ 199.142347][ T13] hsr_slave_1: left promiscuous mode [ 199.145053][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 199.145086][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 199.193338][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 199.193372][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 199.271805][ T13] veth1_macvtap: left promiscuous mode [ 199.272063][ T13] veth0_macvtap: left promiscuous mode [ 199.272265][ T13] veth1_vlan: left promiscuous mode [ 199.272402][ T13] veth0_vlan: left promiscuous mode [ 199.467098][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.467225][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.861886][ T59] Bluetooth: hci0: command tx timeout [ 201.572033][ T13] team0 (unregistering): Port device team_slave_1 removed [ 201.791872][ T13] team0 (unregistering): Port device team_slave_0 removed [ 201.940895][ T59] Bluetooth: hci0: command tx timeout [ 204.093412][ T7548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.124522][ T7548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.296454][ T7548] team0: Port device team_slave_0 added [ 204.301250][ T7548] team0: Port device team_slave_1 added [ 204.513575][ T7548] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.513650][ T7548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.513681][ T7548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.516284][ T7548] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.516300][ T7548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.516329][ T7548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.761184][ T7548] hsr_slave_0: entered promiscuous mode [ 204.762694][ T7548] hsr_slave_1: entered promiscuous mode [ 204.763770][ T7548] debugfs: 'hsr0' already exists in 'hsr' [ 204.763797][ T7548] Cannot create hsr debugfs directory [ 205.397195][ T7548] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 205.424328][ T7548] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 205.475955][ T7548] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 205.515552][ T7548] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 205.673611][ T7548] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.702455][ T7548] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.720840][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.721069][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.731691][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.733338][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.059259][ T7548] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.434047][ T7548] veth0_vlan: entered promiscuous mode [ 206.447047][ T7548] veth1_vlan: entered promiscuous mode [ 206.496118][ T7548] veth0_macvtap: entered promiscuous mode [ 206.513191][ T7548] veth1_macvtap: entered promiscuous mode [ 206.537468][ T7548] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.552953][ T7548] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.565466][ T1342] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.565731][ T1342] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.566003][ T1342] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.566049][ T1342] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.809895][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.809917][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.864323][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.864348][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.409118][ T6055] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 207.579217][ T6055] usb 7-1: Using ep0 maxpacket: 16 [ 207.599652][ T6055] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.599705][ T6055] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 207.599730][ T6055] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.605551][ T6055] usb 7-1: config 0 descriptor?? [ 208.123450][ T6055] mcp2221 0003:04D8:00DD.000D: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0 [ 208.360961][ T38] audit: type=1326 audit(1759200668.934:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 208.362553][ T38] audit: type=1326 audit(1759200668.934:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 208.365548][ T38] audit: type=1326 audit(1759200668.934:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 208.366099][ T38] audit: type=1326 audit(1759200668.934:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 208.372861][ T38] audit: type=1326 audit(1759200668.934:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f08031f5d67 code=0x7ffc0000 [ 208.375261][ T38] audit: type=1326 audit(1759200668.944:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 208.375351][ T38] audit: type=1326 audit(1759200668.944:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f08031f5d67 code=0x7ffc0000 [ 208.375408][ T38] audit: type=1326 audit(1759200668.944:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f080319af79 code=0x7ffc0000 [ 208.375458][ T38] audit: type=1326 audit(1759200668.944:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 208.375513][ T38] audit: type=1326 audit(1759200668.944:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7670 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08031feec9 code=0x7ffc0000 [ 208.620721][ T6017] usb 7-1: USB disconnect, device number 2 [ 208.966232][ T7687] netlink: 'syz.0.747': attribute type 1 has an invalid length. [ 208.966257][ T7687] netlink: 144 bytes leftover after parsing attributes in process `syz.0.747'. [ 208.966287][ T7687] netlink: 28 bytes leftover after parsing attributes in process `syz.0.747'. [ 209.869688][ T59] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260 [ 210.926363][ T7737] syz.4.770 (7737) used greatest stack depth: 17960 bytes left [ 211.727338][ T7754] program syz.4.776 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 212.328227][ T7767] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 213.095402][ T7788] netlink: 'syz.3.789': attribute type 4 has an invalid length. [ 213.255886][ T7791] netlink: 148 bytes leftover after parsing attributes in process `syz.4.791'. [ 214.213020][ T7825] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.809'. [ 214.269299][ T7829] netlink: 'syz.6.810': attribute type 1 has an invalid length. [ 214.269327][ T7829] netlink: 'syz.6.810': attribute type 1 has an invalid length. [ 214.269343][ T7829] netlink: 160 bytes leftover after parsing attributes in process `syz.6.810'. [ 214.269376][ T7829] netlink: 'syz.6.810': attribute type 1 has an invalid length. [ 214.269390][ T7829] netlink: 12 bytes leftover after parsing attributes in process `syz.6.810'. [ 214.351760][ T7831] netlink: 64 bytes leftover after parsing attributes in process `syz.4.811'. [ 214.827140][ T7852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.821'. [ 214.827171][ T7852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.821'. [ 214.933063][ T59] Bluetooth: hci0: unexpected Set CIG Parameters response data [ 215.162415][ T7865] netlink: 104 bytes leftover after parsing attributes in process `syz.3.827'. [ 215.342974][ T7869] netlink: 24 bytes leftover after parsing attributes in process `syz.3.829'. [ 215.730583][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 215.885227][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 215.887593][ T9] usb 5-1: config 0 has an invalid interface number: 12 but max is 0 [ 215.887621][ T9] usb 5-1: config 0 has no interface number 0 [ 215.887676][ T9] usb 5-1: config 0 interface 12 has no altsetting 0 [ 215.892964][ T9] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 215.892995][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.893017][ T9] usb 5-1: Product: syz [ 215.893033][ T9] usb 5-1: Manufacturer: syz [ 215.893049][ T9] usb 5-1: SerialNumber: syz [ 215.926060][ T9] usb 5-1: config 0 descriptor?? [ 216.273498][ T6016] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 216.426994][ T6016] usb 7-1: config 128 has an invalid interface number: 72 but max is 0 [ 216.427026][ T6016] usb 7-1: config 128 has no interface number 0 [ 216.427087][ T6016] usb 7-1: config 128 interface 72 has no altsetting 0 [ 216.430825][ T6016] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=e9.21 [ 216.430858][ T6016] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.430880][ T6016] usb 7-1: Product: syz [ 216.430897][ T6016] usb 7-1: Manufacturer: syz [ 216.430912][ T6016] usb 7-1: SerialNumber: syz [ 216.775997][ T6016] usb 7-1: USB disconnect, device number 3 [ 216.776260][ T9] f81534 5-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71 [ 216.776326][ T9] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71 [ 216.776346][ T9] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 216.776440][ T9] f81534 5-1:0.12: probe with driver f81534 failed with error -71 [ 216.887886][ T9] usb 5-1: USB disconnect, device number 11 [ 217.284530][ T7908] ipvlan2: entered promiscuous mode [ 217.288893][ T7908] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 217.289895][ T7908] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 217.536218][ T7911] netlink: 'syz.6.849': attribute type 1 has an invalid length. [ 217.536247][ T7911] netlink: 172 bytes leftover after parsing attributes in process `syz.6.849'. [ 217.797223][ T6055] hid_parser_main: 625 callbacks suppressed [ 217.797250][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797285][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797316][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797346][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797375][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797405][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797435][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797464][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797494][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.797523][ T6055] hid-generic 00A0:0008:0003.000E: unknown main item tag 0x0 [ 217.917047][ T6055] hid-generic 00A0:0008:0003.000E: hidraw0: HID v0.05 Device [syz1] on syz0 [ 218.191093][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.0.858'. [ 218.972228][ T59] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 218.972540][ T59] Bluetooth: hci0: Injecting HCI hardware error event [ 218.977132][ T59] Bluetooth: hci0: hardware error 0x00 [ 219.412891][ T5822] Bluetooth: hci0: unexpected event for opcode 0x1004 [ 219.993015][ T7997] vivid-006: disconnect [ 219.997904][ T7996] vivid-006: reconnect [ 220.491559][ T6055] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 220.651500][ T6055] usb 7-1: Using ep0 maxpacket: 16 [ 220.660737][ T6055] usb 7-1: config 0 has an invalid interface number: 214 but max is 0 [ 220.660770][ T6055] usb 7-1: config 0 has no interface number 0 [ 220.660822][ T6055] usb 7-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 220.668165][ T6055] usb 7-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 220.668199][ T6055] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.668222][ T6055] usb 7-1: Product: syz [ 220.668239][ T6055] usb 7-1: Manufacturer: syz [ 220.668255][ T6055] usb 7-1: SerialNumber: syz [ 220.734276][ T6055] usb 7-1: config 0 descriptor?? [ 221.212673][ T59] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 221.382339][ T6055] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.214/input/input11 [ 221.558815][ T10] usb 7-1: USB disconnect, device number 4 [ 221.829996][ T8031] netlink: 12 bytes leftover after parsing attributes in process `syz.3.903'. [ 222.021974][ T59] Bluetooth: hci2: command 0x0406 tx timeout [ 222.021989][ T5818] Bluetooth: hci1: command 0x0406 tx timeout [ 222.193735][ T6055] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 222.371387][ T6055] usb 5-1: Using ep0 maxpacket: 8 [ 222.379437][ T6055] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 222.379467][ T6055] usb 5-1: config 0 has no interfaces? [ 222.379500][ T6055] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 222.379526][ T6055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.427594][ T6055] usb 5-1: config 0 descriptor?? [ 222.659257][ T6055] usb 5-1: USB disconnect, device number 12 [ 223.009363][ T8067] netlink: 'syz.2.920': attribute type 1 has an invalid length. [ 223.009448][ T8067] netlink: 160 bytes leftover after parsing attributes in process `syz.2.920'. [ 223.050379][ T1213] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 223.207122][ T1213] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 223.207155][ T1213] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 223.207181][ T1213] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 223.207206][ T1213] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 223.207249][ T1213] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 223.207287][ T1213] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.215617][ T1213] usb 4-1: config 0 descriptor?? [ 223.394552][ T8072] sock: sock_set_timeout: `syz.2.922' (pid 8072) tries to set negative timeout [ 223.436426][ T1213] hdpvr 4-1:0.0: firmware version 0x0 dated [ 223.436451][ T1213] hdpvr 4-1:0.0: untested firmware, the driver might not work. [ 223.603463][ T38] kauditd_printk_skb: 1 callbacks suppressed [ 223.603482][ T38] audit: type=1326 audit(1759200940.183:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8073 comm="syz.2.923" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fa2f61d5d67 code=0x0 [ 223.914642][ T1213] hdpvr 4-1:0.0: Could not setup controls [ 223.920590][ T1213] hdpvr 4-1:0.0: registering videodev failed [ 223.946132][ T1213] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -71 [ 223.985293][ T1213] usb 4-1: USB disconnect, device number 10 [ 224.191110][ T8090] support for cryptoloop has been removed. Use dm-crypt instead. [ 224.246881][ T8093] netlink: 8 bytes leftover after parsing attributes in process `syz.4.932'. [ 224.601337][ T8104] tipc: Started in network mode [ 224.601371][ T8104] tipc: Node identity ac14140f, cluster identity 4711 [ 224.623631][ T8104] tipc: New replicast peer: 255.255.255.255 [ 224.649432][ T8104] tipc: Enabled bearer , priority 10 [ 224.668198][ T8104] netlink: 12 bytes leftover after parsing attributes in process `syz.2.938'. [ 225.012392][ T8116] netlink: 4 bytes leftover after parsing attributes in process `syz.2.941'. [ 225.749552][ T6016] tipc: Node number set to 2886997007 [ 226.194983][ T8149] netlink: 8 bytes leftover after parsing attributes in process `syz.6.958'. [ 226.195024][ T8149] netlink: 4 bytes leftover after parsing attributes in process `syz.6.958'. [ 226.906273][ T8178] netlink: 56 bytes leftover after parsing attributes in process `syz.2.971'. [ 227.029985][ T8182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.973'. [ 227.200276][ T5994] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 227.271706][ T8194] netlink: 'syz.3.979': attribute type 3 has an invalid length. [ 227.380439][ T5994] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 227.380468][ T5994] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 227.382012][ T5994] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 227.382041][ T5994] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 227.382064][ T5994] usb 3-1: SerialNumber: syz [ 227.664110][ T5994] usb 3-1: 0:2 : does not exist [ 227.701073][ T5994] usb 3-1: USB disconnect, device number 9 [ 228.148777][ T8218] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.988'. [ 228.547399][ T6055] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 228.597330][ T9] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 228.697228][ T6055] usb 4-1: Using ep0 maxpacket: 32 [ 228.699759][ T6055] usb 4-1: config 0 has an invalid interface number: 12 but max is 0 [ 228.699788][ T6055] usb 4-1: config 0 has no interface number 0 [ 228.699844][ T6055] usb 4-1: config 0 interface 12 has no altsetting 0 [ 228.702927][ T6055] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 228.702956][ T6055] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.702978][ T6055] usb 4-1: Product: syz [ 228.702994][ T6055] usb 4-1: Manufacturer: syz [ 228.703009][ T6055] usb 4-1: SerialNumber: syz [ 228.754223][ T9] usb 7-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 228.754296][ T9] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 228.754324][ T9] usb 7-1: config 4 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0 [ 228.754353][ T9] usb 7-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xDC, changing to 0x8C [ 228.754385][ T9] usb 7-1: config 4 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 243 [ 228.763348][ T9] usb 7-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41 [ 228.763386][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.763489][ T9] usb 7-1: Product: syz [ 228.763612][ T9] usb 7-1: Manufacturer: syz [ 228.763632][ T9] usb 7-1: SerialNumber: syz [ 228.801537][ T8224] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 228.817701][ T9] usb 7-1: ucan: probing device on interface #0 [ 228.817736][ T9] usb 7-1: ucan: invalid out_ep MaxPacketSize [ 228.817756][ T9] usb 7-1: ucan: probe failed; try to update the device firmware [ 228.839242][ T6055] usb 4-1: config 0 descriptor?? [ 229.012069][ T9] usb 7-1: USB disconnect, device number 5 [ 229.710644][ T6055] f81534 4-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71 [ 229.710704][ T6055] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71 [ 229.710722][ T6055] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 229.710821][ T6055] f81534 4-1:0.12: probe with driver f81534 failed with error -71 [ 229.768791][ T6055] usb 4-1: USB disconnect, device number 11 [ 230.726446][ T8292] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1021'. [ 230.925500][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 231.094420][ T38] audit: type=1326 audit(1759200947.677:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8305 comm="syz.2.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f61deec9 code=0x7ffc0000 [ 231.095149][ T38] audit: type=1326 audit(1759200947.677:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8305 comm="syz.2.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa2f61deec9 code=0x7ffc0000 [ 231.158023][ T38] audit: type=1326 audit(1759200947.737:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8305 comm="syz.2.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f61deec9 code=0x7ffc0000 [ 231.158081][ T38] audit: type=1326 audit(1759200947.747:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8305 comm="syz.2.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f61deec9 code=0x7ffc0000 [ 231.234722][ T8311] ip6_vti0: entered allmulticast mode [ 231.237354][ T8310] ip6_vti0: left allmulticast mode [ 232.074805][ T38] audit: type=1326 audit(1759200948.647:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8342 comm="syz.6.1044" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f83cc03eec9 code=0x0 [ 233.383148][ T8376] netlink: 132 bytes leftover after parsing attributes in process `syz.6.1060'. [ 233.668966][ T8382] tun0: tun_chr_ioctl cmd 1074025677 [ 233.669124][ T8382] tun0: linktype set to 776 [ 234.454407][ T6055] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 234.616863][ T6055] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.616900][ T6055] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.616949][ T6055] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 234.616972][ T6055] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.674568][ T6055] usb 3-1: config 0 descriptor?? [ 234.792151][ T8420] netlink: 'syz.4.1083': attribute type 3 has an invalid length. [ 235.110162][ T6055] hid_parser_main: 5 callbacks suppressed [ 235.110192][ T6055] isku 0003:1E7D:319C.000F: unknown main item tag 0x0 [ 235.110228][ T6055] isku 0003:1E7D:319C.000F: unknown main item tag 0x0 [ 235.151361][ T6055] isku 0003:1E7D:319C.000F: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0 [ 235.402066][ T8430] usb usb1: usbfs: process 8430 (syz.0.1086) did not claim interface 4 before use [ 235.555563][ T5999] usb 3-1: USB disconnect, device number 10 [ 236.166031][ T8448] sctp: [Deprecated]: syz.6.1094 (pid 8448) Use of struct sctp_assoc_value in delayed_ack socket option. [ 236.166031][ T8448] Use struct sctp_sack_info instead [ 236.753401][ T8476] macvlan0: entered promiscuous mode [ 236.773521][ T8476] netlink: 'syz.4.1108': attribute type 1 has an invalid length. [ 236.773546][ T8476] netlink: 'syz.4.1108': attribute type 2 has an invalid length. [ 237.052420][ T8483] tap0: tun_chr_ioctl cmd 1074025675 [ 237.052445][ T8483] tap0: persist disabled [ 242.260488][ T9] usb 7-1: new full-speed USB device number 6 using dummy_hcd [ 242.429354][ T9] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 242.429386][ T9] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 242.429410][ T9] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 242.429433][ T9] usb 7-1: config 1 has no interface number 0 [ 242.429489][ T9] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 242.429519][ T9] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 242.429566][ T9] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 242.429591][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.558846][ T9] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 243.196405][ T9] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now attached [ 243.521979][ T9] usb 7-1: USB disconnect, device number 6 [ 243.525987][ T9] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 254.305870][ T5830] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 254.322856][ T5830] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 254.326944][ T5830] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 254.363933][ T5830] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 254.372236][ T5830] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 255.274550][ T8574] chnl_net:caif_netlink_parms(): no params data found [ 256.473628][ T5822] Bluetooth: hci5: command tx timeout [ 256.726054][ T5830] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 256.729637][ T5830] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 256.730990][ T5830] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 256.759718][ T5830] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 256.760618][ T5830] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 258.217384][ T5830] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 258.236079][ T5830] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 258.239087][ T5830] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 258.240482][ T5830] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 258.241677][ T5830] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 258.552506][ T5822] Bluetooth: hci5: command tx timeout [ 258.872412][ T5822] Bluetooth: hci6: command tx timeout [ 260.312068][ T5822] Bluetooth: hci7: command tx timeout [ 260.632171][ T5822] Bluetooth: hci5: command tx timeout [ 260.954365][ T5822] Bluetooth: hci6: command tx timeout [ 261.093006][ T5830] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 261.098539][ T5830] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 261.099840][ T5830] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 261.102447][ T5830] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 261.121277][ T5830] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 261.531652][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.531744][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.391380][ T5830] Bluetooth: hci7: command tx timeout [ 262.710505][ T5830] Bluetooth: hci5: command tx timeout [ 263.030250][ T5830] Bluetooth: hci6: command tx timeout [ 263.190395][ T5830] Bluetooth: hci8: command tx timeout [ 264.470051][ T5830] Bluetooth: hci7: command tx timeout [ 265.109367][ T5830] Bluetooth: hci6: command tx timeout [ 265.269298][ T5830] Bluetooth: hci8: command tx timeout [ 266.548736][ T5830] Bluetooth: hci7: command tx timeout [ 267.348192][ T5830] Bluetooth: hci8: command tx timeout [ 269.437021][ T5830] Bluetooth: hci8: command tx timeout [ 273.201273][ T5822] Bluetooth: hci3: command 0x0406 tx timeout [ 274.167434][ T5818] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 274.188093][ T5818] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 274.191939][ T5818] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 274.193694][ T5818] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 274.221087][ T5818] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 316.469002][ T59] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 316.489395][ T59] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 316.491522][ T59] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 316.493133][ T59] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 316.516241][ T59] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 316.881921][ T5829] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 316.905045][ T5829] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 316.906369][ T5829] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 316.907650][ T5829] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 316.908501][ T5829] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 317.805188][ T5131] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 317.826591][ T5131] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 317.828849][ T5131] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 317.830295][ T5131] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 317.831909][ T5131] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 321.353548][ T5828] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 321.372048][ T5828] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 321.373841][ T5828] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 321.375231][ T5828] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 321.376199][ T5828] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 322.294994][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.295079][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 334.223922][ T5829] Bluetooth: hci12: command tx timeout [ 334.225838][ T5828] Bluetooth: hci13: command tx timeout [ 335.369443][ T5131] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 335.372491][ T5131] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 335.388382][ T5131] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 335.401085][ T5131] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 335.401935][ T5131] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 336.275179][ T5131] Bluetooth: hci10: command tx timeout [ 336.275617][ T5131] Bluetooth: hci12: command tx timeout [ 336.275702][ T5131] Bluetooth: hci13: command tx timeout [ 336.275799][ T5131] Bluetooth: hci11: command tx timeout [ 336.275957][ T5131] Bluetooth: hci9: command tx timeout [ 337.473107][ T5131] Bluetooth: hci14: command tx timeout [ 338.352608][ T5822] Bluetooth: hci9: command tx timeout [ 338.352644][ T5822] Bluetooth: hci13: command tx timeout [ 338.352668][ T5822] Bluetooth: hci12: command tx timeout [ 338.352691][ T5822] Bluetooth: hci10: command tx timeout [ 338.361997][ T5131] Bluetooth: hci11: command tx timeout [ 339.552040][ T5131] Bluetooth: hci14: command tx timeout [ 340.431519][ T5829] Bluetooth: hci10: command tx timeout [ 340.431555][ T5829] Bluetooth: hci12: command tx timeout [ 340.431578][ T5829] Bluetooth: hci13: command tx timeout [ 340.431601][ T5829] Bluetooth: hci9: command tx timeout [ 340.434789][ T5131] Bluetooth: hci11: command tx timeout [ 341.631024][ T5131] Bluetooth: hci14: command tx timeout [ 342.510541][ T5822] Bluetooth: hci9: command tx timeout [ 342.510577][ T5822] Bluetooth: hci10: command tx timeout [ 342.510635][ T5131] Bluetooth: hci11: command tx timeout [ 343.710171][ T5131] Bluetooth: hci14: command tx timeout [ 376.934987][ T5829] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 376.970934][ T5829] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 376.972298][ T5829] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 376.989349][ T5829] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 376.990168][ T5829] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 379.052262][ T5829] Bluetooth: hci15: command tx timeout [ 380.622853][ T5131] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 380.643241][ T5131] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 380.645608][ T5131] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 380.647244][ T5131] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 380.648996][ T5131] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 380.737943][ T5829] Bluetooth: hci7: command 0x0406 tx timeout [ 380.737988][ T5829] Bluetooth: hci6: command 0x0406 tx timeout [ 380.738018][ T5829] Bluetooth: hci5: command 0x0406 tx timeout [ 380.853468][ T5829] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 380.875751][ T5829] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 380.877069][ T5829] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 380.902821][ T5829] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 380.903656][ T5829] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 381.131351][ T5829] Bluetooth: hci15: command tx timeout [ 382.218671][ T5820] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 382.239008][ T5820] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 382.240564][ T5820] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 382.241874][ T5820] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 382.252366][ T5820] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 383.210272][ T5829] Bluetooth: hci15: command tx timeout [ 383.736882][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.736970][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.297838][ T8628] Bluetooth: hci15: command tx timeout [ 385.788673][ T8628] Bluetooth: hci8: command 0x0406 tx timeout [ 395.415558][ T8631] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 395.444622][ T8631] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 395.449151][ T8631] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 395.450786][ T8631] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 395.451693][ T8631] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 398.412078][ T39] INFO: task syz.0.1145:8553 blocked for more than 143 seconds. [ 398.412120][ T39] Not tainted syzkaller #0 [ 398.412133][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 398.412147][ T39] task:syz.0.1145 state:D stack:25128 pid:8553 tgid:8553 ppid:5831 task_flags:0x400040 flags:0x00004004 [ 398.441497][ T39] Call Trace: [ 398.441512][ T39] [ 398.441528][ T39] __schedule+0x16f3/0x4c20 [ 398.441610][ T39] ? __lock_acquire+0xab9/0xd20 [ 398.441645][ T39] ? __pfx___schedule+0x10/0x10 [ 398.441699][ T39] ? schedule+0x91/0x360 [ 398.441737][ T39] schedule+0x165/0x360 [ 398.441775][ T39] schedule_timeout+0x9a/0x270 [ 398.441810][ T39] ? __pfx_schedule_timeout+0x10/0x10 [ 398.441859][ T39] ? _raw_spin_unlock_irq+0x23/0x50 [ 398.441881][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 398.441901][ T39] ? wait_for_completion+0x267/0x5d0 [ 398.441940][ T39] wait_for_completion+0x2bf/0x5d0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 398.441991][ T39] ? __pfx_wait_for_completion+0x10/0x10 [ 398.442030][ T39] ? __raw_spin_lock_init+0x45/0x100 [ 398.442069][ T39] rcu_barrier+0x463/0x570 [ 398.442107][ T39] kvm_mmu_uninit_vm+0x53/0x90 [ 398.442136][ T39] kvm_arch_destroy_vm+0x23d/0x280 [ 398.461519][ T39] kvm_put_kvm+0xf8e/0x1670 [ 398.461573][ T39] ? __pfx_kvm_vm_release+0x10/0x10 [ 398.461607][ T39] kvm_vm_release+0x46/0x50 [ 398.461639][ T39] __fput+0x45b/0xa80 [ 398.461678][ T39] task_work_run+0x1d4/0x260 [ 398.461708][ [ 398.461708][ T39] ? __pfx_task_work_run+0x10/0x10 [ 398.461739][ T39] ? exit_to_user_mode_loop+0x40/0x110 [ 398.461777][ T39] exit_to_user_mode_loop+0xec/0x110 [ 398.461812][ T39] do_syscall_64+0x2bd/0x3b0 [ 398.461837][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 398.461859][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.461884][ T39] ? clear_bhb_loop+0x60/0xb0 [ 398.461914][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.461938][ T39] RIP: 0033:0x7f08031feec9 [ 398.461972][ T39] RSP: 002b:00007ffee985dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 398.461997][ T39] RAX: 0000000000000000 RBX: 000000000003b013 RCX: 00007f08031feec9 [ 398.462013][ T39] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 398.462027][ T39] RBP: 00007f0803457da0 R08: 0000000000000001 R09: 00000004e985df5f [ 398.462044][ T39] R10: 0000001b2f020000 R11: 0000000000000246 R12: 00007f0803455fac [ 398.462061][ T39] R13: 00007f0803455fa0 R14: ffffffffffffffff R15: 00007ffee985dd80 [ 398.462097][ T39] [ 398.581324][ T39] [ 398.581324][ T39] Showing all locks held in the system: [ 398.581342][ T39] 3 locks held by kworker/0:0/9: [ 398.581358][ T39] #0: ffff888019498538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.581435][ T39] #1: ffffc900000e7bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.581497][ T39] #2: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 398.581558][ T39] 3 locks held by kworker/0:1/10: [ 398.581571][ T39] #0: ffff888019499938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.581635][ T39] #1: ffffc900000f7bc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.581698][ T39] #2: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf30 [ 398.581755][ T39] 4 locks held by pr/legacy/17: [ 398.581770][ T39] 2 locks held by rcuc/1/28: [ 398.581783][ T39] 7 locks held by ktimers/1/29: [ 398.581796][ T39] 2 locks held by ksoftirqd/1/30: [ 398.581809][ T39] #0: ffffffff8d24a6a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 398.581869][ T39] #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 398.581932][ T39] 4 locks held by kworker/1:0/31: [ 398.581945][ T39] #0: ffff888019499938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.582007][ T39] #1: ffffc90000a5fbc0 ((work_completion)(&(&tbl->gc_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.582278][ T39] #2: ffffffff8d24a6a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 398.582344][ T39] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 398.582410][ T39] 1 lock held by khungtaskd/39: [ 398.582423][ T39] #0: ffffffff8d3a9d40 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 398.582485][ T39] 5 locks held by kworker/u9:0/59: [ 398.582498][ T39] #0: ffff888049c38938 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.582561][ T39] #1: ffffc9000125fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.582625][ T39] #2: ffff88805e880e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 398.582685][ T39] #3: ffff88805e8800a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 398.582739][ T39] #4: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 398.582794][ T39] 3 locks held by kworker/u8:4/67: [ 398.582807][ T39] #0: ffff88814d2ab938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.582870][ T39] #1: ffffc9000152fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.582934][ T39] #2: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 398.583001][ T39] 3 locks held by kworker/u8:5/158: [ 398.583012][ T39] #0: ffff888019481138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.583068][ T39] #1: ffffc90003ac7bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.583131][ T39] #2: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 398.583195][ T39] 2 locks held by kworker/0:2/1213: [ 398.583208][ T39] #0: ffff888019498538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.583277][ T39] #1: ffffc90004ecfbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.583353][ T39] 4 locks held by kworker/u9:1/5131: [ 398.583367][ T39] #0: ffff88804f140138 ((wq_completion)hci16#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.583436][ T39] #1: ffffc9000fff7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.583499][ T39] #2: ffff88807ca240a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 398.583561][ T39] #3: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 398.583625][ T39] 2 locks held by getty/5578: [ 398.583639][ T39] #0: ffff88823bf740a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 398.583695][ T39] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 398.583760][ T39] 1 lock held by syz-executor/5802: [ 398.583774][ T39] 6 locks held by kworker/u9:3/5818: [ 398.583787][ T39] #0: ffff88803bbb7938 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.583850][ T39] #1: ffffc90004cdfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.583913][ T39] #2: ffff88804fb8ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 398.583972][ T39] #3: ffff88804fb8c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 398.584025][ T39] #4: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 398.584077][ T39] #5: ffff88803d7b4b58 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680 [ 398.584139][ T39] 4 locks held by kworker/u9:4/5820: [ 398.584152][ T39] #0: ffff888096b0d138 ((wq_completion)hci18#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.584219][ T39] #1: ffffc90004cffbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.584288][ T39] #2: ffff8880969700a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 398.584350][ T39] #3: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 398.584413][ T39] 4 locks held by kworker/u9:5/5822: [ 398.584426][ T39] #0: ffff888096670138 ((wq_completion)hci17#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.584494][ T39] #1: ffffc90004d1fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.584557][ T39] #2: ffff88807e1a00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 398.584620][ T39] #3: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 398.584684][ T39] 5 locks held by kworker/u9:6/5828: [ 398.584698][ T39] #0: ffff88805dc12938 ((wq_completion)hci7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.584759][ T39] #1: ffffc90004d5fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.584822][ T39] #2: ffff888038ecce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 398.584881][ T39] #3: ffff888038ecc0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 398.584934][ T39] #4: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 398.584988][ T39] 5 locks held by kworker/u9:7/5829: [ 398.585001][ T39] #0: ffff888030711938 ((wq_completion)hci8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.585063][ T39] #1: ffffc90004d6fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.585125][ T39] #2: ffff8880235e0e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 398.585184][ T39] #3: ffff8880235e00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 398.585236][ T39] #4: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 398.585296][ T39] 4 locks held by kworker/u9:8/5830: [ 398.585309][ T39] #0: ffff888028c84138 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.585370][ T39] #1: ffffc90004d7fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.585433][ T39] #2: ffff888059914e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 398.585491][ T39] #3: ffff8880599140a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 398.585551][ T39] 2 locks held by kworker/1:7/5994: [ 398.585565][ T39] 2 locks held by kworker/1:8/5995: [ 398.585580][ T39] 3 locks held by kworker/1:13/6055: [ 398.585596][ T39] 1 lock held by syz.0.1145/8553: [ 398.585609][ T39] #0: ffffffff8d3af6f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 398.585668][ T39] 2 locks held by syz-executor/8574: [ 398.585681][ T39] #0: ffffffff8ddce360 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 398.585740][ T39] #1: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 398.585807][ T39] 1 lock held by syz-executor/8582: [ 398.585820][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.585880][ T39] 2 locks held by syz.4.1158/8586: [ 398.585892][ T39] #0: ffffffff8e6cc300 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 398.585947][ T39] #1: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5f/0x930 [ 398.586009][ T39] 1 lock held by dhcpcd/8587: [ 398.586022][ T39] #0: ffff88804a244378 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 398.586089][ T39] 1 lock held by syz-executor/8588: [ 398.586103][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.586161][ T39] 1 lock held by dhcpcd/8590: [ 398.586174][ T39] #0: ffff88803dd8a2f8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 398.586240][ T39] 1 lock held by dhcpcd/8591: [ 398.586260][ T39] #0: ffff88803dd8d078 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 398.586327][ T39] 1 lock held by dhcpcd/8592: [ 398.586340][ T39] #0: ffff88803dd8bcf8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 398.586406][ T39] 1 lock held by dhcpcd/8593: [ 398.586419][ T39] #0: ffff88803dd888f8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 398.586485][ T39] 1 lock held by dhcpcd/8594: [ 398.586498][ T39] #0: ffff88803dd89c78 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 398.586565][ T39] 1 lock held by syz-executor/8596: [ 398.586578][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.586637][ T39] 1 lock held by syz-executor/8599: [ 398.586651][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.586709][ T39] 1 lock held by syz-executor/8603: [ 398.586722][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.586781][ T39] 1 lock held by syz-executor/8605: [ 398.586795][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.586853][ T39] 1 lock held by syz-executor/8608: [ 398.586867][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.586926][ T39] 1 lock held by syz-executor/8611: [ 398.586940][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.586999][ T39] 1 lock held by syz-executor/8614: [ 398.587012][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.587072][ T39] 1 lock held by syz-executor/8617: [ 398.587086][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.587145][ T39] 1 lock held by syz-executor/8621: [ 398.587159][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.587219][ T39] 1 lock held by syz-executor/8623: [ 398.587231][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.587296][ T39] 1 lock held by syz-executor/8626: [ 398.587310][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.587368][ T39] 4 locks held by kworker/u9:9/8628: [ 398.587382][ T39] #0: ffff88803950c138 ((wq_completion)hci19#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 398.587449][ T39] #1: ffffc90004d0fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 398.587512][ T39] #2: ffff8880af4c80a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 398.587573][ T39] #3: ffffffff8e7cdd98 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 398.587637][ T39] 1 lock held by syz-executor/8630: [ 398.587651][ T39] #0: ffffffff8e6662f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 398.587711][ T39] [ 398.587718][ T39] ============================================= [ 398.587718][ T39] [ 398.587743][ T39] NMI backtrace for cpu 0 [ 398.587772][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 398.587802][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 398.587817][ T39] Call Trace: [ 398.587826][ T39] [ 398.587837][ T39] dump_stack_lvl+0x189/0x250 [ 398.587877][ T39] ? __pfx_dump_stack_lvl+0x10/0x10 [ 398.587914][ T39] ? __pfx__printk+0x10/0x10 [ 398.587957][ T39] nmi_cpu_backtrace+0x39e/0x3d0 [ 398.587993][ T39] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 398.588028][ T39] ? __pfx__printk+0x10/0x10 [ 398.588062][ T39] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 398.588096][ T39] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 398.588131][ T39] watchdog+0xf93/0xfe0 [ 398.588170][ T39] ? watchdog+0x1de/0xfe0 [ 398.588208][ T39] kthread+0x711/0x8a0 [ 398.588232][ T39] ? __pfx_watchdog+0x10/0x10 [ 398.588270][ T39] ? __pfx_kthread+0x10/0x10 [ 398.588297][ T39] ? __pfx_kthread+0x10/0x10 [ 398.588319][ T39] ret_from_fork+0x436/0x7d0 [ 398.588354][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 398.588393][ T39] ? __switch_to_asm+0x39/0x70 [ 398.588416][ T39] ? __switch_to_asm+0x33/0x70 [ 398.588439][ T39] ? __pfx_kthread+0x10/0x10 [ 398.588461][ T39] ret_from_fork_asm+0x1a/0x30 [ 398.588502][ T39] [ 398.588511][ T39] Sending NMI from CPU 0 to CPUs 1: [ 398.588541][ C1] NMI backtrace for cpu 1 [ 398.588558][ C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 398.588592][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 398.588604][ C1] RIP: 0010:lock_acquire+0xcd/0x360 [ 398.588642][ C1] Code: 0f 85 eb 00 00 00 65 48 8b 04 25 08 b0 7f 91 83 b8 1c 0b 00 00 00 0f 85 d5 00 00 00 48 c7 44 24 30 00 00 00 00 9c 8f 44 24 30 <4c> 89 74 24 10 4d 89 fe 4c 8b 7c 24 30 fa 48 c7 c7 94 6f bc 8c e8 [ 398.588659][ C1] RSP: 0018:ffffc90000a3e998 EFLAGS: 00000246 [ 398.588676][ C1] RAX: ffff88801c2a9dc0 RBX: 0000000000000000 RCX: 11471b755aa88500 [ 398.588691][ C1] RDX: 0000000000000000 RSI: ffffffff81721182 RDI: 1ffffffff1a753a8 [ 398.588704][ C1] RBP: ffffffff81721165 R08: 0000000000000000 R09: 0000000000000000 [ 398.588716][ C1] R10: ffffc90000a3eb58 R11: ffffffff81a94d40 R12: 0000000000000002 [ 398.588730][ C1] R13: ffffffff8d3a9d40 R14: 0000000000000000 R15: 0000000000000000 [ 398.588742][ C1] FS: 0000000000000000(0000) GS:ffff888127125000(0000) knlGS:0000000000000000 [ 398.588758][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 398.588771][ C1] CR2: 00007f3635ea7ff8 CR3: 000000000d1a6000 CR4: 00000000003526f0 [ 398.588788][ C1] Call Trace: [ 398.588795][ C1] [ 398.588807][ C1] ? unwind_next_frame+0xa5/0x2390 [ 398.588835][ C1] ? nft_synproxy_do_eval+0x345/0x570 [ 398.588858][ C1] ? unwind_next_frame+0xa5/0x2390 [ 398.588886][ C1] unwind_next_frame+0xc2/0x2390 [ 398.588913][ C1] ? unwind_next_frame+0xa5/0x2390 [ 398.588945][ C1] ? unwind_next_frame+0xa5/0x2390 [ 398.588974][ C1] ? nft_synproxy_eval_v4+0x376/0x560 [ 398.589005][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 398.589029][ C1] arch_stack_walk+0x11c/0x150 [ 398.589050][ C1] ? nft_synproxy_do_eval+0x345/0x570 [ 398.589075][ C1] stack_trace_save+0x9c/0xe0 [ 398.589097][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 398.589117][ C1] ? kasan_record_aux_stack+0xbd/0xd0 [ 398.589138][ C1] ? nft_synproxy_eval_v4+0x376/0x560 [ 398.589159][ C1] ? nft_synproxy_do_eval+0x345/0x570 [ 398.589180][ C1] ? nft_do_chain+0x409/0x1920 [ 398.589203][ C1] ? __lock_acquire+0xab9/0xd20 [ 398.589228][ C1] kasan_save_track+0x3e/0x80 [ 398.589252][ C1] ? kasan_save_track+0x3e/0x80 [ 398.589274][ C1] ? kasan_save_free_info+0x46/0x50 [ 398.589292][ C1] ? __kasan_slab_free+0x5b/0x80 [ 398.589315][ C1] ? kmem_cache_free+0x195/0x510 [ 398.589342][ C1] ? skb_release_data+0x62d/0x7c0 [ 398.589361][ C1] ? consume_skb+0x9e/0xf0 [ 398.589377][ C1] ? nft_synproxy_eval_v4+0x376/0x560 [ 398.589398][ C1] ? nft_synproxy_do_eval+0x345/0x570 [ 398.589447][ C1] kasan_save_free_info+0x46/0x50 [ 398.589467][ C1] __kasan_slab_free+0x5b/0x80 [ 398.589492][ C1] ? skb_release_data+0x62d/0x7c0 [ 398.589509][ C1] kmem_cache_free+0x195/0x510 [ 398.589542][ C1] skb_release_data+0x62d/0x7c0 [ 398.589567][ C1] consume_skb+0x9e/0xf0 [ 398.589585][ C1] nft_synproxy_eval_v4+0x376/0x560 [ 398.589611][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 398.589635][ C1] ? nf_ip_checksum+0x13c/0x510 [ 398.589660][ C1] nft_synproxy_do_eval+0x345/0x570 [ 398.589681][ C1] ? unwind_next_frame+0xa5/0x2390 [ 398.589712][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 398.589744][ C1] nft_do_chain+0x409/0x1920 [ 398.589775][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 398.589819][ C1] nft_do_chain_inet+0x25d/0x340 [ 398.589840][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 398.589862][ C1] ? __lock_acquire+0xab9/0xd20 [ 398.589894][ C1] ? NF_HOOK+0x9a/0x3a0 [ 398.589923][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 398.589945][ C1] nf_hook_slow+0xc2/0x220 [ 398.589978][ C1] NF_HOOK+0x206/0x3a0 [ 398.590013][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 398.590041][ C1] ? NF_HOOK+0x9a/0x3a0 [ 398.590068][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 398.590094][ C1] ? ip_rcv_finish_core+0xda3/0x1c00 [ 398.590124][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 398.590154][ C1] ? skb_dst+0x4f/0xd0 [ 398.590182][ C1] ? ip_local_deliver+0x12a/0x1b0 [ 398.590212][ C1] NF_HOOK+0x30c/0x3a0 [ 398.590240][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 398.590269][ C1] ? NF_HOOK+0x9a/0x3a0 [ 398.590296][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 398.590325][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 398.590359][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 398.590385][ C1] __netif_receive_skb+0x143/0x380 [ 398.590410][ C1] ? rt_spin_unlock+0x65/0x80 [ 398.590438][ C1] ? process_backlog+0x27b/0x900 [ 398.590465][ C1] process_backlog+0x31e/0x900 [ 398.590500][ C1] __napi_poll+0xb6/0x540 [ 398.590529][ C1] net_rx_action+0x707/0xe00 [ 398.590567][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 398.590616][ C1] handle_softirqs+0x22f/0x710 [ 398.590646][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 398.590678][ C1] run_ktimerd+0xcf/0x190 [ 398.590705][ C1] ? __pfx_run_ktimerd+0x10/0x10 [ 398.590734][ C1] ? preempt_schedule_thunk+0x16/0x30 [ 398.590758][ C1] ? smpboot_thread_fn+0x5f4/0xa60 [ 398.590784][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 398.590808][ C1] smpboot_thread_fn+0x542/0xa60 [ 398.590834][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 398.590864][ C1] kthread+0x711/0x8a0 [ 398.590883][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 398.590909][ C1] ? __pfx_kthread+0x10/0x10 [ 398.590928][ C1] ? __pfx_kthread+0x10/0x10 [ 398.590946][ C1] ret_from_fork+0x436/0x7d0 [ 398.590973][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 398.591010][ C1] ? __switch_to_asm+0x39/0x70 [ 398.591029][ C1] ? __switch_to_asm+0x33/0x70 [ 398.591047][ C1] ? __pfx_kthread+0x10/0x10 [ 398.591074][ C1] ret_from_fork_asm+0x1a/0x30 [ 398.591103][ C1] [ 398.591545][ T39] Kernel panic - not syncing: hung_task: blocked tasks [ 398.591567][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 398.591594][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 398.591608][ T39] Call Trace: [ 398.591616][ T39] [ 398.591626][ T39] dump_stack_lvl+0x99/0x250 [ 398.591663][ T39] ? __asan_memcpy+0x40/0x70 [ 398.591689][ T39] ? __pfx_dump_stack_lvl+0x10/0x10 [ 398.591725][ T39] ? __pfx__printk+0x10/0x10 [ 398.591769][ T39] vpanic+0x281/0x750 [ 398.591795][ T39] ? __pfx_vpanic+0x10/0x10 [ 398.591817][ T39] ? __x2apic_send_IPI_mask+0x1e4/0x260 [ 398.591843][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 398.591877][ T39] panic+0xb9/0xc0 [ 398.591900][ T39] ? __pfx_panic+0x10/0x10 [ 398.591926][ T39] ? irq_work_queue+0xc3/0x140 [ 398.591963][ T39] ? nmi_trigger_cpumask_backtrace+0x234/0x300 [ 398.591999][ T39] watchdog+0xfd2/0xfe0 [ 398.592037][ T39] ? watchdog+0x1de/0xfe0 [ 398.592079][ T39] kthread+0x711/0x8a0 [ 398.592110][ T39] ? __pfx_watchdog+0x10/0x10 [ 398.592140][ T39] ? __pfx_kthread+0x10/0x10 [ 398.592167][ T39] ? __pfx_kthread+0x10/0x10 [ 398.592191][ T39] ret_from_fork+0x436/0x7d0 [ 398.592226][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 398.592274][ T39] ? __switch_to_asm+0x39/0x70 [ 398.592297][ T39] ? __switch_to_asm+0x33/0x70 [ 398.592320][ T39] ? __pfx_kthread+0x10/0x10 [ 398.592343][ T39] ret_from_fork_asm+0x1a/0x30 [ 398.592383][ T39] [ 398.592664][ T39] Kernel Offset: disabled