last executing test programs: 46.56625232s ago: executing program 0 (id=14344): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100)) r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000000)={'ip_vti0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x1, 0x700, 0xbb02, 0x1, {{0x5, 0x4, 0x1, 0x7, 0x14, 0x65, 0x0, 0x3, 0x29, 0x0, @multicast2, @empty}}}}) 46.30124831s ago: executing program 0 (id=14347): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') readlinkat(r0, &(0x7f0000000180)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010) 45.952484095s ago: executing program 0 (id=14351): ioprio_set$uid(0x3, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) read$FUSE(r0, 0x0, 0x0) 45.553535898s ago: executing program 0 (id=14353): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) unshare(0x2a020400) setsockopt$sock_int(r0, 0x1, 0x2e, 0x0, 0x0) 45.141372818s ago: executing program 0 (id=14355): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000140)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x15}, 0x1c) setsockopt$inet6_int(r0, 0x84, 0x19, 0x0, 0x0) 44.110744218s ago: executing program 0 (id=14362): r0 = syz_io_uring_setup(0x5c23, &(0x7f0000000240)={0x0, 0x0, 0x13290}, &(0x7f0000000440)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_RENAMEAT={0x23, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='./file0/../file0\x00'}) io_uring_enter(r0, 0x1, 0x45d0, 0x1, 0x0, 0x1000000) 38.040587845s ago: executing program 2 (id=14410): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r1, 0x1, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0x44}}, 0x0) 37.69184506s ago: executing program 2 (id=14413): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7) 34.591827227s ago: executing program 2 (id=14432): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000005c0), 0x2c0842, 0x0) pwritev(r0, 0x0, 0x0, 0x20000002, 0x100000) 34.321112376s ago: executing program 2 (id=14434): r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, 0x0, 0x0) connect$pptp(r0, &(0x7f0000000040)={0x18, 0x2, {0x0, @private}}, 0x1e) 33.975174097s ago: executing program 2 (id=14436): r0 = add_key(&(0x7f0000000000)='cifs.idmap\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$setperm(0x5, r0, 0x20032111) keyctl$read(0xb, r0, 0x0, 0x0) 33.71605642s ago: executing program 2 (id=14437): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63c, 0x1, 0x2, 0xd59f83, 0x19f2, 0x3f, 0x19ef, 0x3, 0x4, 0x2800, 0x2800, 0x2, 0xba2, 0x0, 0x38, {0x8, 0xffffffff}, 0xd1, 0x9}}) 31.351168513s ago: executing program 4 (id=14448): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081) read$FUSE(r0, &(0x7f0000000ec0)={0x2020}, 0x2020) 30.185990586s ago: executing program 4 (id=14454): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="240000001a002102000000000000000081"], 0x24}}, 0x0) 29.702795935s ago: executing program 4 (id=14457): unshare(0x22020600) r0 = memfd_create(&(0x7f0000001440)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\xff\xff\x10\x04\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5U\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:Z>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262-\x00\x00\x00\x00\xc8X\xdaNz\x0eu\x8f\x01\x00\x00\x00\x80\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x00\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\xf1\x0e\xccq*\xabM\x97}\x18\x8c5\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[R\xc36b\xa2]\xed\xe8\xb0\xfa\"\xa2\xd27)\xd5yQ\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\x00\x00\x00\x00\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*\x7f]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9bW\x02\xd2K\xba8~\x83\x19\xfa\xf7\x9b\f\xfa\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x00P\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XIkh\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\x05\x00\x00\x00\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\xf6]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1l 1\x8d \xc1\xab\x19\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00KT2\x1b\x16=\x10\xd3\x9a\xf0\xb7;\xc0-\x9c\xac\xb9~\x9a\xdc\x15\x8d\xee*\x17\x82\x1e\xd2m+$\xb4\x8cOJ0\x85\x7f\xa0\x7f\xa8\xcc#\x0e\xa4\x86\x0fmO\xca\xa4\xd2\x9a\x16\xbb\x16\xb1\xd46l2ak[\xec\xe33\xae=\xaf\xffU)\x1fQ`\x81\xa2:\xf61\xafQ\xa6V-K;\xc50\n,\xb1j\x9b\x8f\xd0\xbd|\xbd\xb1+\x06\x98\xd4\x04\r!2\xe8\x16?H\x96\x182(\xcf\xf2\"\xf7.\x85\xc1-\xa3)|\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x5) fcntl$addseals(r0, 0x40a, 0x0) 29.314405428s ago: executing program 4 (id=14459): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x1, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000900)=@generic={&(0x7f0000000600)='./file0\x00'}, 0x18) 28.231478826s ago: executing program 4 (id=14462): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x0, 0x4, @loopback={0x0, 0xac141400}}, 0x1c) 25.911911458s ago: executing program 4 (id=14467): r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @mcast1}, 0x18) 14.622248184s ago: executing program 3 (id=14497): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000180)={0x80, 0x2b, 0x4}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000040)={0x80, 0x2b, 0x4}) 14.158183255s ago: executing program 3 (id=14499): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)={0x70, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x48, 0x8, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x3, 0x0, @local}}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x70}}, 0x0) 13.519870199s ago: executing program 3 (id=14501): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x3c}}, 0x0) 12.826255462s ago: executing program 3 (id=14504): openat$sndtimer(0xffffff9c, &(0x7f0000000140), 0x494080) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000002fc0)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000140)=[{&(0x7f00000011c0)="e6", 0x1}], 0x2, &(0x7f0000000300)=[@ip_retopts={{0x10}}], 0x10}}], 0x1, 0x0) 12.399629943s ago: executing program 3 (id=14506): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000cc0)='smaps_rollup\x00') close_range(r0, 0xffffffffffffffff, 0x0) 12.029406737s ago: executing program 3 (id=14508): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0xae0, 0x18300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @lowpan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x28000040) 3.91388368s ago: executing program 1 (id=14515): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x18, r1, 0x1, 0x0, 0x0, {0x8}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0) 3.545785558s ago: executing program 1 (id=14516): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000010200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x15, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 3.250140635s ago: executing program 1 (id=14517): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 1.162979799s ago: executing program 1 (id=14519): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0) 806.521098ms ago: executing program 1 (id=14520): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) ioctl$EXT4_IOC_MIGRATE(r1, 0xff0a) 0s ago: executing program 1 (id=14521): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x2101, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSMRRU(r0, 0x4004743b, 0x0) kernel console output (not intermixed with test programs): =1, Product=2, SerialNumber=3 [ 711.748712][ T8] usb 4-1: Product: syz [ 711.753913][ T8] usb 4-1: Manufacturer: syz [ 711.758752][ T8] usb 4-1: SerialNumber: syz [ 711.787262][ T8] r8152-cfgselector 4-1: Unknown version 0x0000 [ 711.793599][ T8] r8152-cfgselector 4-1: config 0 descriptor?? [ 711.839022][ T372] trusted_key: encrypted_key: master key parameter 'size=1 [ 711.839022][ T372] verification' is invalid [ 711.854285][ T5295] usb 2-1: Using ep0 maxpacket: 32 [ 711.953963][ T5295] usb 2-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb [ 711.975673][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 711.983913][ T5295] usb 2-1: Product: syz [ 711.988824][ T5295] usb 2-1: Manufacturer: syz [ 711.993467][ T5295] usb 2-1: SerialNumber: syz [ 712.003211][ T5295] usb 2-1: config 0 descriptor?? [ 712.230826][ T5295] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input92 [ 712.250272][ T8] r8152-cfgselector 4-1: USB disconnect, device number 25 [ 712.449686][ T5289] usb 2-1: USB disconnect, device number 14 [ 712.921054][ T409] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13275'. [ 713.194459][ T418] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13279'. [ 713.236184][ T418] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13279'. [ 713.819495][ T445] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13292'. [ 713.831725][ T446] netlink: 'syz.2.13290': attribute type 5 has an invalid length. [ 714.361385][ T475] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.13306'. [ 714.372054][ T475] openvswitch: netlink: Missing key (keys=400040, expected=200000) [ 714.655825][ T489] netlink: 'syz.1.13314': attribute type 1 has an invalid length. [ 715.194198][ T516] program syz.4.13327 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 715.836841][ T554] sctp: [Deprecated]: syz.4.13344 (pid 554) Use of struct sctp_assoc_value in delayed_ack socket option. [ 715.836841][ T554] Use struct sctp_sack_info instead [ 715.929954][ T558] netlink: 180 bytes leftover after parsing attributes in process `syz.3.13349'. [ 716.423704][ T586] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13361'. [ 716.574825][ T594] netlink: 16 bytes leftover after parsing attributes in process `syz.1.13365'. [ 716.625761][ T594] netlink: 16 bytes leftover after parsing attributes in process `syz.1.13365'. [ 716.696219][ T599] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13369'. [ 716.721287][ T599] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 717.147830][ T5293] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 717.448346][ T635] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 717.463422][ T5293] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 717.482799][ T5293] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895 [ 717.503795][ T5293] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 220 [ 717.519716][ T5293] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00 [ 717.529250][ T5293] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 717.537411][ T5293] usb 2-1: SerialNumber: syz [ 717.544178][ T5293] usb 2-1: config 0 descriptor?? [ 717.647224][ T610] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 717.688633][ T610] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 717.787271][ T5293] port100 2-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 718.011401][ T5293] usb 2-1: USB disconnect, device number 15 [ 718.270997][ T674] __nla_validate_parse: 1 callbacks suppressed [ 718.271021][ T674] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13404'. [ 718.286666][ T5289] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 718.464110][ T5289] usb 4-1: Using ep0 maxpacket: 16 [ 718.488899][ T683] libceph: resolve '0.' (ret=-3): failed [ 718.524961][ T5289] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 718.544194][ T5289] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 718.562301][ T5289] usb 4-1: Product: syz [ 718.566682][ T5289] usb 4-1: Manufacturer: syz [ 718.571370][ T5289] usb 4-1: SerialNumber: syz [ 718.609302][ T5289] r8152-cfgselector 4-1: Unknown version 0x0000 [ 718.616853][ T5289] r8152-cfgselector 4-1: config 0 descriptor?? [ 718.662725][ T689] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 718.959703][ T700] nft_compat: unsupported protocol 5 [ 719.127574][ T712] netlink: 132 bytes leftover after parsing attributes in process `syz.4.13423'. [ 719.281998][ T5305] r8152-cfgselector 4-1: USB disconnect, device number 26 [ 719.397560][ T722] usb usb1: usbfs: process 722 (syz.2.13427) did not claim interface 0 before use [ 720.130669][ T763] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13448'. [ 720.308408][ T774] netlink: 'syz.2.13453': attribute type 2 has an invalid length. [ 720.804424][ T8] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 720.957060][ T8] usb 4-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 720.971758][ T8] usb 4-1: New USB device strings: Mfr=128, Product=0, SerialNumber=0 [ 720.980188][ T8] usb 4-1: Manufacturer: syz [ 720.993567][ T8] usb 4-1: config 0 descriptor?? [ 721.015009][ T8] hub 4-1:0.0: bad descriptor, ignoring hub [ 721.022708][ T8] hub 4-1:0.0: probe with driver hub failed with error -5 [ 721.036200][ T8] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 721.051825][ T8] ftdi_sio ttyUSB0: unknown device type: 0xc698 [ 721.334910][ T8] usb 4-1: USB disconnect, device number 27 [ 721.341910][ T8] ftdi_sio 4-1:0.0: device disconnected [ 721.906933][ T835] netlink: 16 bytes leftover after parsing attributes in process `syz.1.13483'. [ 722.100220][ T845] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 722.554861][ T5289] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 722.774388][ T5289] usb 2-1: Using ep0 maxpacket: 16 [ 722.783086][ T5289] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has invalid wMaxPacketSize 0 [ 722.794933][ T5289] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 722.818046][ T5289] usb 2-1: config 0 interface 0 has no altsetting 0 [ 722.829559][ T5289] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 722.854588][ T5289] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.875799][ T5289] usb 2-1: Product: syz [ 722.881698][ T5289] usb 2-1: Manufacturer: syz [ 722.911258][ T5289] usb 2-1: SerialNumber: syz [ 722.922371][ T5289] usb 2-1: config 0 descriptor?? [ 722.948782][ T5289] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input93 [ 723.098712][ T900] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13508'. [ 723.175489][ T8] usb 2-1: USB disconnect, device number 16 [ 723.177324][ T57] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 723.380653][ T57] usb 4-1: Using ep0 maxpacket: 16 [ 723.388792][ T57] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 723.413015][ T57] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 723.451200][ T57] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 723.462018][ T57] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.505614][ T57] usb 4-1: config 0 descriptor?? [ 723.667856][ T8] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 723.834989][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 723.860143][ T8] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has invalid wMaxPacketSize 0 [ 723.870554][ T8] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 723.883959][ T8] usb 2-1: config 0 interface 0 has no altsetting 0 [ 723.907893][ T8] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 723.917379][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 723.927259][ T8] usb 2-1: Manufacturer:  [ 723.931745][ T8] usb 2-1: SerialNumber: syz [ 723.934997][ T57] elan 0003:04F3:0755.0002: item fetching failed at offset 1/5 [ 723.946062][ T8] usb 2-1: config 0 descriptor?? [ 723.966216][ T57] elan 0003:04F3:0755.0002: Hid Parse failed [ 723.984497][ T8] input:  as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input94 [ 723.992208][ T57] elan 0003:04F3:0755.0002: probe with driver elan failed with error -22 [ 724.133931][ T57] usb 4-1: USB disconnect, device number 28 [ 724.167729][ T8] usb 2-1: USB disconnect, device number 17 [ 724.323394][ T931] Cannot find del_set index 4 as target [ 724.879469][ T57] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 725.054142][ T57] usb 3-1: Using ep0 maxpacket: 32 [ 725.078999][ T57] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 725.105103][ T57] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 725.115261][ T57] usb 3-1: New USB device found, idVendor=046d, idProduct=ca04, bcdDevice= 0.00 [ 725.124449][ T57] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 725.162602][ T57] usb 3-1: config 0 descriptor?? [ 725.609104][ T57] logitech 0003:046D:CA04.0003: hidraw0: USB HID v0.00 Device [HID 046d:ca04] on usb-dummy_hcd.2-1/input0 [ 725.622430][ T57] logitech 0003:046D:CA04.0003: no inputs found [ 725.834705][ T57] usb 3-1: USB disconnect, device number 16 [ 726.128369][ T1008] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 726.627853][ T29] audit: type=1326 audit(1729570510.124:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1027 comm="syz.1.13558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000 [ 726.678200][ T29] audit: type=1326 audit(1729570510.164:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1027 comm="syz.1.13558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000 [ 726.710448][ T29] audit: type=1326 audit(1729570510.204:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1027 comm="syz.1.13558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=399 compat=1 ip=0xf7fd4579 code=0x7ffc0000 [ 726.741499][ T29] audit: type=1326 audit(1729570510.204:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1027 comm="syz.1.13558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000 [ 726.777832][ T29] audit: type=1326 audit(1729570510.204:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1027 comm="syz.1.13558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=400 compat=1 ip=0xf7fd4579 code=0x7ffc0000 [ 726.815818][ T29] audit: type=1326 audit(1729570510.204:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1027 comm="syz.1.13558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000 [ 726.840253][ T29] audit: type=1326 audit(1729570510.214:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1027 comm="syz.1.13558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x7ffc0000 [ 727.550915][ T1059] netlink: 56 bytes leftover after parsing attributes in process `syz.2.13571'. [ 727.745191][ T8] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 727.905725][ T8] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82 [ 727.920976][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 727.929595][ T1078] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 727.933071][ T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 727.947829][ T5295] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 728.026118][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 728.061123][ T8] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f [ 728.072131][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 728.082272][ T8] usb 4-1: Product: syz [ 728.086682][ T8] usb 4-1: Manufacturer: syz [ 728.091343][ T8] usb 4-1: SerialNumber: syz [ 728.098719][ T8] usb 4-1: config 0 descriptor?? [ 728.108280][ T8] redrat3 4-1:0.0: Couldn't find all endpoints [ 728.391182][ T8] usb 4-1: USB disconnect, device number 29 [ 728.715524][ T5295] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 728.854265][ T8] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 729.005607][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 729.007530][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 729.007564][ T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 729.007603][ T8] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82 [ 729.007636][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 729.007663][ T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 729.010358][ T8] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b [ 729.010395][ T8] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3 [ 729.010423][ T8] usb 4-1: Product: syz [ 729.010443][ T8] usb 4-1: Manufacturer: syz [ 729.010464][ T8] usb 4-1: SerialNumber: syz [ 729.015459][ T8] usb 4-1: config 0 descriptor?? [ 729.112280][ T8] usb 4-1: NFC: intf ffff888026731000 id ffffffff8f31b0a0 [ 729.140674][ T8] nfcmrvl 4-1:0.0: NFC: registered with nci successfully [ 729.214268][ T5295] usb 3-1: new full-speed USB device number 17 using dummy_hcd [ 729.332463][ T5289] usb 4-1: USB disconnect, device number 30 [ 729.333323][ T5289] usb 4-1: NFC: intf ffff888026731000 [ 729.368664][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 729.368709][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 729.368738][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 64 [ 729.368781][ T5295] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 729.368810][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 729.371072][ T5295] usb 3-1: config 0 descriptor?? [ 729.379385][ T1113] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 729.379645][ T1113] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 729.822217][ T1121] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.13598'. [ 729.822275][ T1121] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 729.887025][ T1123] program syz.4.13599 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 729.923008][ T5295] usb 3-1: USB disconnect, device number 17 [ 730.119354][ T1129] IPVS: Error connecting to the multicast addr [ 731.074179][ T57] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 731.144424][ T5289] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 731.254694][ T57] usb 2-1: Using ep0 maxpacket: 16 [ 731.276535][ T57] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.294910][ T57] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 731.304882][ T57] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 731.314297][ T5289] usb 4-1: Using ep0 maxpacket: 16 [ 731.317755][ T57] usb 2-1: config 0 interface 0 has no altsetting 0 [ 731.329752][ T57] usb 2-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00 [ 731.339412][ T57] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.347944][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.362010][ T57] usb 2-1: config 0 descriptor?? [ 731.368499][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 731.368535][ T5289] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 731.368581][ T5289] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 731.410907][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.426228][ T5289] usb 4-1: config 0 descriptor?? [ 731.444710][ T5237] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 731.767865][ T5295] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 731.809884][ T57] hid (null): no more usage index available [ 731.819405][ T57] hid-generic 0003:045E:05DA.0004: ignoring exceeding usage max [ 731.834727][ T57] hid-generic 0003:045E:05DA.0004: ignoring exceeding usage max [ 731.842579][ T57] hid-generic 0003:045E:05DA.0004: no more usage index available [ 731.857309][ T57] hid-generic 0003:045E:05DA.0004: item 0 4 2 2 parsing failed [ 731.858682][ T5289] microsoft 0003:045E:07DA.0005: unbalanced collection at end of report description [ 731.866353][ T57] hid-generic 0003:045E:05DA.0004: probe with driver hid-generic failed with error -22 [ 731.912036][ T5289] microsoft 0003:045E:07DA.0005: parse failed [ 731.935833][ T5289] microsoft 0003:045E:07DA.0005: probe with driver microsoft failed with error -22 [ 731.978015][ T5295] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 731.986540][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 731.998515][ T5295] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 732.015337][ T5295] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 732.023446][ T5295] usb 3-1: Manufacturer: syz [ 732.032346][ T5295] usb 3-1: config 0 descriptor?? [ 732.125322][ T57] usb 4-1: USB disconnect, device number 31 [ 732.136083][ T5295] rc_core: IR keymap rc-hauppauge not found [ 732.147870][ T5295] Registered IR keymap rc-empty [ 732.159593][ T5295] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 732.172124][ T5295] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input95 [ 732.241540][ T5289] usb 2-1: USB disconnect, device number 18 [ 732.345999][ T5293] usb 3-1: USB disconnect, device number 18 [ 733.815862][ T1248] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.13653'. [ 733.835048][ T1245] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.13653'. [ 734.357412][ T1276] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13665'. [ 734.554164][ T1285] kernel profiling enabled (shift: 7) [ 734.652703][ T1292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13673'. [ 735.007720][ T29] audit: type=1326 audit(1729570518.504:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1309 comm="syz.3.13682" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x0 [ 736.374741][ T5237] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 736.424288][ T5237] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 736.443677][ T5237] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 736.469622][ T5237] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 736.500867][ T5237] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 736.524978][ T5237] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 736.644163][ T5289] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 736.654193][ T5293] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 736.834105][ T5289] usb 4-1: Using ep0 maxpacket: 8 [ 736.839406][ T5293] usb 3-1: Using ep0 maxpacket: 8 [ 736.846994][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 736.860041][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 736.873332][ T1348] chnl_net:caif_netlink_parms(): no params data found [ 736.887605][ T5289] usb 4-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 736.897254][ T5293] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 736.909924][ T5293] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 736.924188][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 736.932658][ T5293] usb 3-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00 [ 736.949591][ T5289] usb 4-1: config 0 descriptor?? [ 736.955132][ T5293] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 736.986621][ T5293] usb 3-1: config 0 descriptor?? [ 737.221447][ T1348] bridge0: port 1(bridge_slave_0) entered blocking state [ 737.237420][ T1348] bridge0: port 1(bridge_slave_0) entered disabled state [ 737.245042][ T1348] bridge_slave_0: entered allmulticast mode [ 737.253384][ T1348] bridge_slave_0: entered promiscuous mode [ 737.266571][ T1348] bridge0: port 2(bridge_slave_1) entered blocking state [ 737.274166][ T1348] bridge0: port 2(bridge_slave_1) entered disabled state [ 737.281524][ T1348] bridge_slave_1: entered allmulticast mode [ 737.288744][ T1348] bridge_slave_1: entered promiscuous mode [ 737.378563][ T1348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 737.400019][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.405141][ T1348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 737.425943][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.445904][ T5293] hid (null): unknown global tag 0xe [ 737.451505][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.490674][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.512571][ T5293] semitek 0003:1EA7:0907.0007: unknown global tag 0xe [ 737.525526][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.532574][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.540589][ T5293] semitek 0003:1EA7:0907.0007: item 0 1 1 14 parsing failed [ 737.548604][ T5293] semitek 0003:1EA7:0907.0007: probe with driver semitek failed with error -22 [ 737.557841][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.580814][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.591398][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.599860][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.632110][ T5289] saitek 0003:06A3:0CCD.0006: unknown main item tag 0x0 [ 737.638184][ T1348] team0: Port device team_slave_0 added [ 737.657530][ T5289] saitek 0003:06A3:0CCD.0006: hidraw0: USB HID v0.00 Device [HID 06a3:0ccd] on usb-dummy_hcd.3-1/input0 [ 737.681211][ T5293] usb 3-1: USB disconnect, device number 19 [ 737.682959][ T1348] team0: Port device team_slave_1 added [ 737.710751][ T5289] usb 4-1: USB disconnect, device number 32 [ 737.769355][ T1348] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 737.778268][ T1348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 737.815241][ T1348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 737.853435][ T1348] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 737.880778][ T1348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 737.909797][ T1348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 738.055261][ T1348] hsr_slave_0: entered promiscuous mode [ 738.062205][ T1348] hsr_slave_1: entered promiscuous mode [ 738.069236][ T1348] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 738.103028][ T1348] Cannot create hsr debugfs directory [ 738.538565][ T1348] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.555865][ T53] Bluetooth: hci6: command tx timeout [ 738.750321][ T1348] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.884388][ T5289] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 738.945860][ T1348] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.046558][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 739.057856][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 739.079734][ T5289] usb 4-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 739.091895][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 739.108174][ T5289] usb 4-1: config 0 descriptor?? [ 739.257984][ T1348] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.342000][ T1418] netem: incorrect gi model size [ 739.365999][ T1418] netem: change failed [ 739.407274][ T5293] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 739.538052][ T5289] hid-rmi 0003:06CB:81A7.0008: unknown main item tag 0x0 [ 739.550270][ T5289] hid-rmi 0003:06CB:81A7.0008: item fetching failed at offset 2/5 [ 739.551397][ T1348] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 739.570441][ T1348] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 739.584808][ T5293] usb 2-1: Using ep0 maxpacket: 32 [ 739.597183][ T1348] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 739.610504][ T5289] hid-rmi 0003:06CB:81A7.0008: parse failed [ 739.621645][ T1348] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 739.625530][ T5293] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 739.644377][ T5289] hid-rmi 0003:06CB:81A7.0008: probe with driver hid-rmi failed with error -22 [ 739.664234][ T5293] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 739.682726][ T5293] usb 2-1: config 0 descriptor?? [ 739.702815][ T5293] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 739.755199][ T5289] usb 4-1: USB disconnect, device number 33 [ 739.874389][ T5295] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 739.921825][ T1348] 8021q: adding VLAN 0 to HW filter on device bond0 [ 739.942222][ T1348] 8021q: adding VLAN 0 to HW filter on device team0 [ 739.959107][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 739.966369][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 740.017108][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 740.024338][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 740.065813][ T5295] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 740.104780][ T5295] usb 3-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40 [ 740.118705][ T5295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 740.134651][ T1348] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 740.142445][ T5295] usb 3-1: Product: syz [ 740.149826][ T5295] usb 3-1: Manufacturer: syz [ 740.155850][ T5295] usb 3-1: SerialNumber: syz [ 740.178567][ T5295] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input96 [ 740.258373][ T1348] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 740.367799][ T1348] veth0_vlan: entered promiscuous mode [ 740.377221][ T5293] gspca_nw80x: reg_w err -71 [ 740.382144][ T5293] nw80x 2-1:0.0: probe with driver nw80x failed with error -71 [ 740.395152][ T5293] usb 2-1: USB disconnect, device number 19 [ 740.448672][ T1348] veth1_vlan: entered promiscuous mode [ 740.484587][ T4671] bcm5974 3-1:1.0: could not read from device [ 740.519714][ T5295] usb 3-1: USB disconnect, device number 20 [ 740.519782][ T4671] bcm5974 3-1:1.0: could not read from device [ 740.532993][ T4671] bcm5974 3-1:1.0: could not read from device [ 740.549560][ T1348] veth0_macvtap: entered promiscuous mode [ 740.560399][ T1348] veth1_macvtap: entered promiscuous mode [ 740.577897][ T1348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 740.588576][ T1348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.598704][ T1348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 740.609409][ T1348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.619416][ T1348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 740.629955][ T1348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.643469][ T1348] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 740.644778][ T53] Bluetooth: hci6: command tx timeout [ 740.655138][ T1348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 740.666638][ T1348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.676827][ T1348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 740.687577][ T1348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.697798][ T1348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 740.708556][ T1348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.718904][ T1348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 740.729688][ T1348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 740.740915][ T1348] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 740.788297][ T1348] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 740.799124][ T1348] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 740.817397][ T1348] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 740.834673][ T1348] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.056437][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 741.071081][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 741.183468][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 741.192848][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 741.235231][ T1441] netlink: 16090 bytes leftover after parsing attributes in process `syz.1.13739'. [ 742.053483][ T1477] netlink: 'syz.3.13754': attribute type 10 has an invalid length. [ 742.110523][ T1477] batman_adv: batadv0: Adding interface: team0 [ 742.137922][ T1477] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 742.224741][ T1477] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 742.294205][ T1478] netlink: 'syz.3.13754': attribute type 10 has an invalid length. [ 742.324746][ T1478] netlink: 2 bytes leftover after parsing attributes in process `syz.3.13754'. [ 742.369284][ T1478] team0: entered promiscuous mode [ 742.383605][ T1478] team_slave_0: entered promiscuous mode [ 742.395146][ T1478] team_slave_1: entered promiscuous mode [ 742.408622][ T1478] 8021q: adding VLAN 0 to HW filter on device team0 [ 742.426316][ T1478] batman_adv: batadv0: Interface activated: team0 [ 742.443937][ T1478] batman_adv: batadv0: Interface deactivated: team0 [ 742.487746][ T1478] batman_adv: batadv0: Removing interface: team0 [ 742.506476][ T1478] bridge0: port 3(team0) entered blocking state [ 742.516393][ T1478] bridge0: port 3(team0) entered disabled state [ 742.526410][ T1478] team0: entered allmulticast mode [ 742.550266][ T1478] team_slave_0: entered allmulticast mode [ 742.564426][ T1478] team_slave_1: entered allmulticast mode [ 742.588076][ T1478] bridge0: port 3(team0) entered blocking state [ 742.594542][ T1478] bridge0: port 3(team0) entered forwarding state [ 742.714215][ T53] Bluetooth: hci6: command tx timeout [ 743.346178][ T1525] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13776'. [ 743.444198][ T1525] netlink: 52 bytes leftover after parsing attributes in process `syz.3.13776'. [ 743.453336][ T1525] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13776'. [ 744.800251][ T53] Bluetooth: hci6: command tx timeout [ 745.474474][ T57] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 745.554142][ T5295] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 745.654354][ T57] usb 2-1: Using ep0 maxpacket: 8 [ 745.675044][ T57] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 745.683587][ T57] usb 2-1: config 179 has no interface number 0 [ 745.690060][ T57] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 745.701661][ T57] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 745.713051][ T57] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 745.724531][ T57] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 745.736248][ T57] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 745.749801][ T57] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 745.759543][ T57] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.775616][ T1585] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 745.805527][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 745.816612][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 745.826746][ T5295] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 745.841516][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.881115][ T5295] usb 3-1: config 0 descriptor?? [ 746.292818][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 746.301211][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 746.310284][ T5305] usb 2-1: USB disconnect, device number 20 [ 746.329813][ T5295] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0 [ 746.336921][ T5295] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0 [ 746.343939][ T5295] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0 [ 746.351033][ T5295] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0 [ 746.363535][ T5295] lg-g15 0003:046D:C222.0009: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.2-1/input0 [ 746.505896][ T1555] syz.0.13789 (1555): drop_caches: 1 [ 746.559758][ T5289] usb 3-1: USB disconnect, device number 21 [ 746.682029][ T1603] netlink: 'syz.0.13809': attribute type 10 has an invalid length. [ 746.769057][ T1603] batman_adv: batadv0: Adding interface: team0 [ 746.787299][ T1603] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 746.881617][ T1603] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 746.931608][ T1606] netlink: 'syz.0.13809': attribute type 10 has an invalid length. [ 746.967613][ T1606] netlink: 2 bytes leftover after parsing attributes in process `syz.0.13809'. [ 747.011732][ T1613] RDS: rds_bind could not find a transport for 100::, load rds_tcp or rds_rdma? [ 747.058810][ T1606] team0: entered promiscuous mode [ 747.063938][ T1606] team_slave_0: entered promiscuous mode [ 747.094442][ T1606] team_slave_1: entered promiscuous mode [ 747.113956][ T1606] 8021q: adding VLAN 0 to HW filter on device team0 [ 747.123544][ T1606] batman_adv: batadv0: Interface activated: team0 [ 747.131736][ T1606] batman_adv: batadv0: Interface deactivated: team0 [ 747.143111][ T1606] batman_adv: batadv0: Removing interface: team0 [ 747.177916][ T1606] bridge0: port 3(team0) entered blocking state [ 747.198157][ T1606] bridge0: port 3(team0) entered disabled state [ 747.248452][ T1606] team0: entered allmulticast mode [ 747.254318][ T1606] team_slave_0: entered allmulticast mode [ 747.260257][ T1606] team_slave_1: entered allmulticast mode [ 747.268561][ T1606] bridge0: port 3(team0) entered blocking state [ 747.275009][ T1606] bridge0: port 3(team0) entered forwarding state [ 747.365806][ T5305] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 747.446678][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.454367][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.574619][ T5305] usb 4-1: Using ep0 maxpacket: 16 [ 747.587757][ T5305] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 747.597958][ T5305] usb 4-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00 [ 747.608116][ T5305] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 747.619275][ T5305] usb 4-1: config 0 descriptor?? [ 748.056177][ T5305] lenovo 0003:17EF:60A3.000A: hidraw0: USB HID v0.00 Device [HID 17ef:60a3] on usb-dummy_hcd.3-1/input0 [ 748.268077][ T5289] usb 4-1: USB disconnect, device number 34 [ 748.528504][ T1647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13841'. [ 748.558369][ T3060] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 748.596300][ T3060] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 748.807693][ T3060] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 748.845821][ T3060] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 748.976571][ T1654] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13835'. [ 749.068100][ T5237] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 749.080197][ T5237] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 749.116884][ T3060] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.127393][ T3060] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 749.143110][ T5237] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 749.153319][ T5237] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 749.163747][ T5237] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 749.173520][ T5237] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 749.287334][ T3060] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.307992][ T3060] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 749.363928][ T1664] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 749.371790][ T1664] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 750.455127][ T29] audit: type=1800 audit(1729570533.944:545): pid=1699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.13852" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 750.667554][ T1704] netlink: 'syz.3.13853': attribute type 3 has an invalid length. [ 750.677500][ T1704] netlink: 'syz.3.13853': attribute type 1 has an invalid length. [ 750.694287][ T1704] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.13853'. [ 751.018056][ T1714] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13856'. [ 751.275049][ T5237] Bluetooth: hci4: command tx timeout [ 751.330840][ T3060] dvmrp6 (unregistering): left allmulticast mode [ 752.135180][ T3060] bond0 (unregistering): Released all slaves [ 752.397987][ T3060] bond1 (unregistering): Released all slaves [ 752.773775][ T3060] bond2 (unregistering): Released all slaves [ 753.237295][ T3060] bond3 (unregistering): Released all slaves [ 753.269506][ T3060] bond4 (unregistering): Released all slaves [ 753.355378][ T53] Bluetooth: hci4: command tx timeout [ 753.489878][ T3060] bond5 (unregistering): Released all slaves [ 753.508706][ T3060] bond6 (unregistering): Released all slaves [ 753.522977][ T3060] bond7 (unregistering): Released all slaves [ 753.554609][ T1660] chnl_net:caif_netlink_parms(): no params data found [ 753.579679][ T1720] netlink: 'syz.3.13859': attribute type 29 has an invalid length. [ 753.612901][ T3060] ÊüðÿG: left promiscuous mode [ 754.048967][ T1732] netlink: 'syz.4.13865': attribute type 29 has an invalid length. [ 754.092652][ T1735] netlink: 'syz.4.13865': attribute type 29 has an invalid length. [ 754.481997][ T1755] netlink: 36 bytes leftover after parsing attributes in process `syz.4.13873'. [ 754.529176][ T1755] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 754.562641][ T1755] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 754.591520][ T1660] bridge0: port 1(bridge_slave_0) entered blocking state [ 754.624167][ T1660] bridge0: port 1(bridge_slave_0) entered disabled state [ 754.631520][ T1660] bridge_slave_0: entered allmulticast mode [ 754.637561][ T53] Bluetooth: hci1: command 0x0406 tx timeout [ 754.665537][ T1660] bridge_slave_0: entered promiscuous mode [ 754.675076][ T1660] bridge0: port 2(bridge_slave_1) entered blocking state [ 754.704223][ T1660] bridge0: port 2(bridge_slave_1) entered disabled state [ 754.734352][ T1660] bridge_slave_1: entered allmulticast mode [ 754.775145][ T1660] bridge_slave_1: entered promiscuous mode [ 755.248107][ T1660] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 755.286621][ T1660] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 755.386736][ T1786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13881'. [ 755.436272][ T5237] Bluetooth: hci4: command tx timeout [ 755.640512][ T1660] team0: Port device team_slave_0 added [ 755.666676][ T1660] team0: Port device team_slave_1 added [ 755.891989][ T1660] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 755.944228][ T1660] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.003042][ T5305] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 756.040141][ T1660] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 756.174124][ T5305] usb 4-1: Using ep0 maxpacket: 16 [ 756.181000][ T5305] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 756.205014][ T5305] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 756.215017][ T5305] usb 4-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00 [ 756.224287][ T5305] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 756.234670][ T5305] usb 4-1: config 0 descriptor?? [ 756.259279][ T1660] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 756.284700][ T1660] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.340236][ T1660] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 756.658229][ T5305] bigben 0003:146B:0902.000B: unexpected rdesc, please submit for review [ 756.670789][ T5305] bigben 0003:146B:0902.000B: hidraw0: USB HID v0.00 Device [HID 146b:0902] on usb-dummy_hcd.3-1/input0 [ 756.683194][ T5305] bigben 0003:146B:0902.000B: missing HID_OUTPUT_REPORT 0 [ 756.690925][ T5305] bigben 0003:146B:0902.000B: no output report found [ 756.869475][ T5293] usb 4-1: USB disconnect, device number 35 [ 756.876021][ T1660] hsr_slave_0: entered promiscuous mode [ 756.906448][ T1660] hsr_slave_1: entered promiscuous mode [ 756.922191][ T1660] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 756.931727][ T1660] Cannot create hsr debugfs directory [ 757.017658][ T3060] hsr_slave_0: left promiscuous mode [ 757.044604][ T3060] hsr_slave_1: left promiscuous mode [ 757.091229][ T3060] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 757.109970][ T3060] batman_adv: batadv0: Removing interface: virt_wifi0 [ 757.514897][ T5237] Bluetooth: hci4: command tx timeout [ 757.551658][ T1841] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13899'. [ 757.589987][ T1841] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13899'. [ 759.285458][ T57] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 759.475819][ T57] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 759.488428][ T57] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 759.503957][ T57] usb 3-1: New USB device found, idVendor=048d, idProduct=ce50, bcdDevice= 0.00 [ 759.513594][ T57] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 759.540921][ T57] usb 3-1: config 0 descriptor?? [ 759.652388][ T1847] tipc: Started in network mode [ 759.660344][ T1847] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 759.696505][ T1847] tipc: Enabled bearer , priority 10 [ 759.993470][ T57] asus 0003:048D:CE50.000C: unknown main item tag 0xd [ 760.085179][ T57] asus 0003:048D:CE50.000C: hidraw0: USB HID v0.00 Device [HID 048d:ce50] on usb-dummy_hcd.2-1/input0 [ 760.097754][ T57] asus 0003:048D:CE50.000C: Asus input not registered [ 760.177191][ T57] asus 0003:048D:CE50.000C: probe with driver asus failed with error -12 [ 760.218302][ T57] usb 3-1: USB disconnect, device number 22 [ 760.796939][ T5293] tipc: Node number set to 15444650 [ 760.853561][ T3060] IPVS: stop unused estimator thread 0... [ 760.997809][ T29] audit: type=1326 audit(1729570544.484:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.021270][ T29] audit: type=1326 audit(1729570544.514:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.047030][ T29] audit: type=1326 audit(1729570544.544:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.070943][ T29] audit: type=1326 audit(1729570544.544:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.149967][ T29] audit: type=1326 audit(1729570544.544:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.273164][ T29] audit: type=1326 audit(1729570544.564:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=320 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.321566][ T29] audit: type=1326 audit(1729570544.564:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.359311][ T29] audit: type=1326 audit(1729570544.564:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1921 comm="syz.2.13932" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 761.408898][ T29] audit: type=1326 audit(1729570544.894:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1933 comm="syz.0.13936" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 761.445664][ T29] audit: type=1326 audit(1729570544.894:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1933 comm="syz.0.13936" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 762.041129][ T1660] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 762.108971][ T1660] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 762.180505][ T1660] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 762.237998][ T1660] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 762.515239][ T1660] 8021q: adding VLAN 0 to HW filter on device bond0 [ 762.576285][ T1660] 8021q: adding VLAN 0 to HW filter on device team0 [ 762.590874][T18294] bridge0: port 1(bridge_slave_0) entered blocking state [ 762.598083][T18294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 762.656232][T18294] bridge0: port 2(bridge_slave_1) entered blocking state [ 762.663443][T18294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 762.840535][ T1660] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 762.965670][ T1660] veth0_vlan: entered promiscuous mode [ 763.055781][ T1660] veth1_vlan: entered promiscuous mode [ 763.195758][ T1660] veth0_macvtap: entered promiscuous mode [ 763.207650][ T1660] veth1_macvtap: entered promiscuous mode [ 763.225300][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.235885][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.246032][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.257189][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.267275][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.278061][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.288189][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.299128][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.311380][ T1660] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 763.363567][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.400117][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.426824][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.449868][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.462149][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.479191][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.511197][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.593194][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.630706][ T1660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.643734][ T1660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.655584][ T1660] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 763.748829][ T1660] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.757915][ T1660] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.766784][ T1660] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.775633][ T1660] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.844399][ T2028] openvswitch: netlink: Actions may not be safe on all matching packets [ 764.094188][ T4019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.132704][ T4019] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.207293][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.215636][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.472073][ T2053] netlink: 'syz.1.13832': attribute type 10 has an invalid length. [ 764.517152][ T2053] batman_adv: batadv0: Adding interface: team0 [ 764.517179][ T2053] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 764.517212][ T2053] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 764.555970][ T2053] netlink: 'syz.1.13832': attribute type 10 has an invalid length. [ 764.556002][ T2053] netlink: 2 bytes leftover after parsing attributes in process `syz.1.13832'. [ 764.556186][ T2053] team0: entered promiscuous mode [ 764.556208][ T2053] team_slave_0: entered promiscuous mode [ 764.556358][ T2053] team_slave_1: entered promiscuous mode [ 764.557683][ T2053] 8021q: adding VLAN 0 to HW filter on device team0 [ 764.557969][ T2053] batman_adv: batadv0: Interface activated: team0 [ 764.558036][ T2053] batman_adv: batadv0: Interface deactivated: team0 [ 764.558068][ T2053] batman_adv: batadv0: Removing interface: team0 [ 764.606087][ T2053] bridge0: port 3(team0) entered blocking state [ 764.606161][ T2053] bridge0: port 3(team0) entered disabled state [ 764.606297][ T2053] team0: entered allmulticast mode [ 764.606365][ T2053] team_slave_0: entered allmulticast mode [ 764.606386][ T2053] team_slave_1: entered allmulticast mode [ 764.608323][ T2053] bridge0: port 3(team0) entered blocking state [ 764.608399][ T2053] bridge0: port 3(team0) entered forwarding state [ 765.309689][ T2081] binder: 2080:2081 ioctl c00c620f 20000240 returned -22 [ 765.375550][ T5295] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 765.534220][ T5295] usb 4-1: Using ep0 maxpacket: 8 [ 765.546006][ T5295] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 765.556180][ T5295] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 765.564826][ T5295] usb 4-1: Product: syz [ 765.569199][ T5295] usb 4-1: Manufacturer: syz [ 765.573845][ T5295] usb 4-1: SerialNumber: syz [ 765.584073][ T5295] usb 4-1: config 0 descriptor?? [ 765.683733][ T2094] netlink: 'syz.1.13986': attribute type 4 has an invalid length. [ 765.801288][ T5295] usb 4-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 766.208578][ T5295] usb write operation failed. (-71) [ 766.222913][ T5295] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 766.264649][ T5295] dvbdev: DVB: registering new adapter (Terratec H7) [ 766.284121][ T5295] usb 4-1: media controller created [ 766.299975][ T5295] usb read operation failed. (-71) [ 766.325420][ T5295] usb write operation failed. (-71) [ 766.337318][ T5295] dvb_usb_az6007 4-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 766.351137][ T5295] usb 4-1: USB disconnect, device number 36 [ 766.740881][ T2152] netlink: 24 bytes leftover after parsing attributes in process `syz.2.14001'. [ 767.237185][ T5295] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 767.394156][ T5295] usb 3-1: Using ep0 maxpacket: 16 [ 767.405238][ T5295] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 767.465009][ T5295] usb 3-1: config 0 has no interface number 0 [ 767.495125][ T5295] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 767.516038][ T5295] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 767.528213][ T5295] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 767.545759][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 767.553968][ T5295] usb 3-1: Product: syz [ 767.558322][ T5295] usb 3-1: SerialNumber: syz [ 767.592594][ T5295] usb 3-1: config 0 descriptor?? [ 767.605272][ T5295] cm109 3-1:0.8: invalid payload size 0, expected 4 [ 767.614574][ T5295] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input98 [ 767.881880][ C1] cm109_urb_ctl_callback: 160 callbacks suppressed [ 767.881913][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 767.896113][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 767.903558][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 767.910798][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 767.920188][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 767.927355][ T5295] usb 3-1: USB disconnect, device number 23 [ 767.928471][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 767.941409][ C1] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 767.974212][ T5295] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 768.144849][ T2224] fuse: Bad value for 'user_id' [ 768.149803][ T2224] fuse: Bad value for 'user_id' [ 768.196770][ T2225] netlink: 'syz.4.14020': attribute type 10 has an invalid length. [ 768.206529][ T2225] netlink: 2 bytes leftover after parsing attributes in process `syz.4.14020'. [ 768.216215][ T2225] team0: entered promiscuous mode [ 768.221699][ T2225] bridge0: port 1(team0) entered blocking state [ 768.229295][ T2225] bridge0: port 1(team0) entered disabled state [ 768.264271][ T2228] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14022'. [ 768.289353][ T2225] team0: entered allmulticast mode [ 768.939457][ T2255] netlink: 64 bytes leftover after parsing attributes in process `syz.0.14031'. [ 769.174361][ T2265] x_tables: ip_tables: udp match: only valid for protocol 17 [ 771.784123][ T5293] usb 2-1: new full-speed USB device number 21 using dummy_hcd [ 771.802705][ T2406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14081'. [ 772.374286][ T5295] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 772.584833][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 772.621486][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 772.672959][ T5295] usb 3-1: New USB device found, idVendor=056e, idProduct=00fd, bcdDevice= 0.00 [ 772.727632][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 772.781000][ T5295] usb 3-1: config 0 descriptor?? [ 773.335000][ T5295] elecom 0003:056E:00FD.000D: unknown main item tag 0x0 [ 773.420210][ T5295] elecom 0003:056E:00FD.000D: hidraw0: USB HID v0.00 Device [HID 056e:00fd] on usb-dummy_hcd.2-1/input0 [ 773.596556][ T5305] usb 3-1: USB disconnect, device number 24 [ 773.624590][T17190] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 773.806947][T17190] usb 4-1: Using ep0 maxpacket: 16 [ 773.824668][T17190] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 773.862500][T17190] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 773.891119][T17190] usb 4-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 773.919577][T17190] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 773.969769][T17190] usb 4-1: config 0 descriptor?? [ 774.440467][T17190] waterforce 0003:1044:7A4D.000E: unknown main item tag 0x0 [ 774.475332][T17190] waterforce 0003:1044:7A4D.000E: unknown main item tag 0x0 [ 774.501402][T17190] waterforce 0003:1044:7A4D.000E: unknown main item tag 0x0 [ 774.531337][T17190] waterforce 0003:1044:7A4D.000E: unknown main item tag 0x0 [ 774.588377][T17190] waterforce 0003:1044:7A4D.000E: hidraw0: USB HID v0.00 Device [HID 1044:7a4d] on usb-dummy_hcd.3-1/input0 [ 774.742231][T17190] waterforce 0003:1044:7A4D.000E: fw version request failed with -38 [ 774.810406][T17190] usb 4-1: USB disconnect, device number 37 [ 774.889100][ T2464] netlink: 'syz.2.14104': attribute type 10 has an invalid length. [ 775.800157][ T2464] batman_adv: batadv0: Adding interface: team0 [ 775.834101][ T2464] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 775.928470][ T2464] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 775.954243][ T5305] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 775.985043][ T2465] netlink: 'syz.2.14104': attribute type 10 has an invalid length. [ 776.006936][ T2465] netlink: 2 bytes leftover after parsing attributes in process `syz.2.14104'. [ 776.043527][ T2465] team0: entered promiscuous mode [ 776.053792][ T2465] team_slave_0: entered promiscuous mode [ 776.080669][ T2465] team_slave_1: entered promiscuous mode [ 776.111513][ T2465] 8021q: adding VLAN 0 to HW filter on device team0 [ 776.132897][ T2465] batman_adv: batadv0: Interface activated: team0 [ 776.139683][ T5305] usb 4-1: Using ep0 maxpacket: 16 [ 776.156756][ T5305] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 776.160318][ T5293] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 520, setting to 64 [ 776.177213][ T2465] batman_adv: batadv0: Interface deactivated: team0 [ 776.177253][ T2465] batman_adv: batadv0: Removing interface: team0 [ 776.187731][ T5305] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 776.215276][ T2465] bridge0: port 3(team0) entered blocking state [ 776.225967][ T2465] bridge0: port 3(team0) entered disabled state [ 776.228179][ T5293] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 776.232467][ T2465] team0: entered allmulticast mode [ 776.301788][ T2465] team_slave_0: entered allmulticast mode [ 776.318555][ T5305] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 776.344094][ T2465] team_slave_1: entered allmulticast mode [ 776.367468][ T2465] bridge0: port 3(team0) entered blocking state [ 776.373912][ T2465] bridge0: port 3(team0) entered forwarding state [ 776.389545][ T5305] usb 4-1: config 0 interface 0 has no altsetting 0 [ 776.413028][ T5305] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00 [ 776.453147][ T5305] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 776.507614][ T5305] usb 4-1: config 0 descriptor?? [ 777.002780][ T5305] hid-generic 0003:045E:05DA.000F: unbalanced collection at end of report description [ 777.063477][ T5305] hid-generic 0003:045E:05DA.000F: probe with driver hid-generic failed with error -22 [ 777.304395][ T2489] netlink: 'syz.2.14115': attribute type 3 has an invalid length. [ 777.319076][ T5305] usb 4-1: USB disconnect, device number 38 [ 777.613828][ T2496] netlink: 'syz.0.14117': attribute type 29 has an invalid length. [ 777.637986][ T2497] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14119'. [ 777.665672][ T2496] netlink: 'syz.0.14117': attribute type 29 has an invalid length. [ 779.886018][ T5293] usb 2-1: string descriptor 0 read error: -71 [ 779.904900][ T5293] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 779.944503][ T5293] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 780.201357][ T2552] netlink: 'syz.2.14144': attribute type 2 has an invalid length. [ 781.629951][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 781.629972][ T29] audit: type=1326 audit(1729570565.124:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 781.778085][ T29] audit: type=1326 audit(1729570565.174:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 781.800207][ C1] vkms_vblank_simulate: vblank timer overrun [ 781.949914][ T29] audit: type=1326 audit(1729570565.184:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 782.107712][ T29] audit: type=1326 audit(1729570565.184:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 782.243806][ T29] audit: type=1326 audit(1729570565.184:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 782.265931][ C1] vkms_vblank_simulate: vblank timer overrun [ 782.365135][ T29] audit: type=1326 audit(1729570565.194:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 782.448644][ T29] audit: type=1326 audit(1729570565.204:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=305 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 782.501312][ T29] audit: type=1326 audit(1729570565.204:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2591 comm="syz.3.14164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 782.643732][ T29] audit: type=1326 audit(1729570565.244:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2594 comm="syz.0.14166" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f12579 code=0x0 [ 782.665366][ C1] vkms_vblank_simulate: vblank timer overrun [ 782.920004][ T5293] usb 2-1: can't set config #1, error -71 [ 783.529263][ T2631] binder: 2629:2631 ioctl c0306201 200003c0 returned -22 [ 786.144610][ T2678] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14205'. [ 786.199359][ T4019] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 786.407524][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 786.417437][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 786.427010][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 786.440609][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 786.451216][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 786.458930][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 786.566160][ T5293] usb 2-1: USB disconnect, device number 21 [ 786.970205][ T2686] chnl_net:caif_netlink_parms(): no params data found [ 787.137034][ T2686] bridge0: port 1(bridge_slave_0) entered blocking state [ 787.154407][ T2686] bridge0: port 1(bridge_slave_0) entered disabled state [ 787.172681][ T2686] bridge_slave_0: entered allmulticast mode [ 787.186717][ T2686] bridge_slave_0: entered promiscuous mode [ 787.205775][ T2686] bridge0: port 2(bridge_slave_1) entered blocking state [ 787.213130][ T2686] bridge0: port 2(bridge_slave_1) entered disabled state [ 787.230972][ T2686] bridge_slave_1: entered allmulticast mode [ 787.242800][ T2686] bridge_slave_1: entered promiscuous mode [ 787.327429][ T2686] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 787.354923][ T2686] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 787.453969][ T2686] team0: Port device team_slave_0 added [ 787.478425][ T2686] team0: Port device team_slave_1 added [ 787.541850][ T2686] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 787.560821][ T2686] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 787.602421][ T2686] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 788.564655][ T5237] Bluetooth: hci1: command tx timeout [ 790.469398][ T4019] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.634402][ T5237] Bluetooth: hci1: command tx timeout [ 790.646423][ T2686] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 790.653520][ T2686] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 790.692991][ T2686] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 790.807793][ T2686] hsr_slave_0: entered promiscuous mode [ 790.829322][ T2686] hsr_slave_1: entered promiscuous mode [ 790.848381][ T2686] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 790.864402][ T2686] Cannot create hsr debugfs directory [ 791.702715][ T4019] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 792.714540][ T5237] Bluetooth: hci1: command tx timeout [ 792.807371][ T4019] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 794.269144][ T4019] team0: left allmulticast mode [ 794.284052][ T4019] team_slave_0: left allmulticast mode [ 794.290303][ T4019] team_slave_1: left allmulticast mode [ 794.325335][ T4019] bridge0: port 3(team0) entered disabled state [ 794.383605][ T4019] bridge_slave_1: left allmulticast mode [ 794.411986][ T4019] bridge_slave_1: left promiscuous mode [ 794.431989][ T4019] bridge0: port 2(bridge_slave_1) entered disabled state [ 794.481800][ T4019] bridge_slave_0: left allmulticast mode [ 794.503898][ T4019] bridge_slave_0: left promiscuous mode [ 794.524243][ T4019] bridge0: port 1(bridge_slave_0) entered disabled state [ 794.799723][ T5237] Bluetooth: hci1: command tx timeout [ 799.303503][ T4019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 799.359270][ T4019] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 799.380286][ T4019] bond0 (unregistering): Released all slaves [ 800.526494][ T4019] : left promiscuous mode [ 808.521835][ T2686] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 808.573752][ T2686] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 808.622262][ T2686] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 808.667097][ T2686] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 808.904624][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.911089][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.973932][ T2686] 8021q: adding VLAN 0 to HW filter on device bond0 [ 809.022662][ T2686] 8021q: adding VLAN 0 to HW filter on device team0 [ 809.087456][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 809.094646][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 809.188018][ T51] bridge0: port 2(bridge_slave_1) entered blocking state [ 809.195234][ T51] bridge0: port 2(bridge_slave_1) entered forwarding state [ 809.408796][ T2686] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 809.787272][ T2686] veth0_vlan: entered promiscuous mode [ 809.836112][ T2686] veth1_vlan: entered promiscuous mode [ 809.967340][ T2686] veth0_macvtap: entered promiscuous mode [ 810.016594][ T2686] veth1_macvtap: entered promiscuous mode [ 810.095208][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 810.136014][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.165903][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 810.194260][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.215553][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 810.235014][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.257394][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 810.279927][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.294259][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 810.316395][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.335891][ T2686] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 810.377429][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 810.402425][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.415800][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 810.437959][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.457850][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 810.476329][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.504199][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 810.524475][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.545011][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 810.570261][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.586824][ T2686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 810.609969][ T2686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 810.628413][ T2686] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 810.666276][ T2686] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.685105][ T2686] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.707369][ T2686] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.731019][ T2686] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.965609][ T4019] hsr_slave_0: left promiscuous mode [ 810.983500][ T4019] hsr_slave_1: left promiscuous mode [ 811.000835][ T4019] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 811.017848][ T4019] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 811.044780][ T4019] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 811.052282][ T4019] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 811.110530][ T4019] veth1_macvtap: left promiscuous mode [ 811.130173][ T4019] veth0_macvtap: left promiscuous mode [ 811.141562][ T4019] veth1_vlan: left promiscuous mode [ 811.154368][ T4019] veth0_vlan: left promiscuous mode [ 811.489279][ T4019] pim6reg (unregistering): left allmulticast mode [ 812.662871][ T4019] team_slave_1 (unregistering): left promiscuous mode [ 812.691836][ T4019] team0 (unregistering): Port device team_slave_1 removed [ 812.830361][ T4019] team_slave_0 (unregistering): left promiscuous mode [ 812.864859][ T4019] team0 (unregistering): Port device team_slave_0 removed [ 814.416869][T18288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 814.451387][T18288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 814.542962][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 814.558832][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 815.064329][ T57] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 815.231272][ T57] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 815.248543][ T57] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.271528][ T57] usb 4-1: config 0 descriptor?? [ 815.297372][ T57] cp210x 4-1:0.0: cp210x converter detected [ 815.726225][ T57] usb 4-1: cp210x converter now attached to ttyUSB0 [ 815.933393][ T5305] usb 4-1: USB disconnect, device number 39 [ 815.958568][ T5305] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 815.998456][ T5305] cp210x 4-1:0.0: device disconnected [ 819.045313][ T2898] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14230'. [ 819.099110][ T2898] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14230'. [ 820.532848][ T2936] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14249'. [ 821.024165][ T5295] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 821.198356][ T53] Bluetooth: hci5: command 0x0405 tx timeout [ 821.229031][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 821.284217][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 821.357589][ T5295] usb 3-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00 [ 821.404098][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 821.466622][ T5295] usb 3-1: config 0 descriptor?? [ 821.912819][ T5295] kye 0003:0458:501B.0010: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 821.925789][ T5295] kye 0003:0458:501B.0010: hidraw0: USB HID v0.00 Device [HID 0458:501b] on usb-dummy_hcd.2-1/input0 [ 821.925836][ T5295] kye 0003:0458:501B.0010: tablet-enabling feature report not found [ 821.925856][ T5295] kye 0003:0458:501B.0010: tablet enabling failed [ 822.152256][ T5295] usb 3-1: USB disconnect, device number 25 [ 823.012143][ T2977] netlink: 'syz.2.14266': attribute type 29 has an invalid length. [ 823.012178][ T2977] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14266'. [ 823.017082][ T2977] netlink: 'syz.2.14266': attribute type 29 has an invalid length. [ 823.017112][ T2977] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14266'. [ 824.101615][ T2998] netlink: 32 bytes leftover after parsing attributes in process `syz.3.14277'. [ 824.893570][ T5305] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 825.094916][ T5305] usb 4-1: Using ep0 maxpacket: 8 [ 825.101084][ T5305] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 825.101124][ T5305] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 825.101152][ T5305] usb 4-1: Product: syz [ 825.101172][ T5305] usb 4-1: Manufacturer: syz [ 825.101192][ T5305] usb 4-1: SerialNumber: syz [ 825.103296][ T5305] usb 4-1: config 0 descriptor?? [ 825.111090][ T5305] gspca_main: se401-2.14.0 probing 047d:5003 [ 825.324292][ T57] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 825.504351][ T57] usb 3-1: Using ep0 maxpacket: 8 [ 825.506689][ T57] usb 3-1: config 0 has an invalid interface number: 52 but max is 0 [ 825.506722][ T57] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 825.506748][ T57] usb 3-1: config 0 has no interface number 0 [ 825.506817][ T57] usb 3-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 825.506850][ T57] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 825.506883][ T57] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 825.506916][ T57] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 825.506980][ T57] usb 3-1: config 0 interface 52 has no altsetting 0 [ 825.507015][ T57] usb 3-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 825.507043][ T57] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 825.509841][ T57] usb 3-1: config 0 descriptor?? [ 825.552293][ T5305] gspca_se401: ExtraFeatures: 255 [ 825.552320][ T5305] gspca_se401: Too many frame sizes [ 825.743499][ T57] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input100 [ 825.783577][ T57] usb 4-1: USB disconnect, device number 40 [ 826.093865][ T57] usb 3-1: USB disconnect, device number 26 [ 826.093961][ C1] synaptics_usb 3-1:0.52: synusb_irq - usb_submit_urb failed with result: -19 [ 827.140931][ T29] audit: type=1326 audit(1729570610.634:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3029 comm="syz.3.14291" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x0 [ 827.470699][ T3039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14295'. [ 827.906587][ T3046] netlink: 3324 bytes leftover after parsing attributes in process `syz.0.14308'. [ 828.239976][ T3054] netlink: 'syz.3.14301': attribute type 11 has an invalid length. [ 828.896577][ T3074] netlink: 'syz.3.14310': attribute type 29 has an invalid length. [ 828.956329][ T3074] netlink: 'syz.3.14310': attribute type 29 has an invalid length. [ 829.991692][ T3096] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14322'. [ 830.049936][ T3096] netlink: 44 bytes leftover after parsing attributes in process `syz.2.14322'. [ 830.138743][ T3103] CUSE: DEVNAME unspecified [ 830.278405][ T5295] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 830.446900][ T5295] usb 4-1: Using ep0 maxpacket: 8 [ 830.477555][ T5295] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 830.582368][ T5295] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 830.632847][ T5295] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 830.682783][ T5295] usb 4-1: Product: syz [ 830.709966][ T5295] usb 4-1: Manufacturer: syz [ 830.743554][ T5295] usb 4-1: SerialNumber: syz [ 831.027207][ T5295] usb 4-1: Handspring Visor / Palm OS: port 0, is for unknown use [ 831.071948][ T5295] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 831.114300][ T5295] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2 [ 831.220832][ T5295] usb 4-1: palm_os_3_probe - error -71 getting bytes available request [ 831.278827][ T5295] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 831.338055][ T5295] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 831.392502][ T5295] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 831.445718][ T5295] usb 4-1: USB disconnect, device number 41 [ 831.505655][ T5295] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 831.598316][ T5295] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 831.657171][ T5295] visor 4-1:1.0: device disconnected [ 832.147437][ T5295] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 832.184686][ T5295] hid-generic 0000:0000:0000.0011: hidraw0: HID v0.00 Device [syz1] on syz0 [ 832.572793][ T29] audit: type=1326 audit(1729570616.054:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 832.710227][ T29] audit: type=1326 audit(1729570616.104:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 832.863407][ T29] audit: type=1326 audit(1729570616.104:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 833.024101][ T29] audit: type=1326 audit(1729570616.104:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 833.167792][ T29] audit: type=1326 audit(1729570616.104:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 833.316223][ T29] audit: type=1326 audit(1729570616.114:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=305 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 833.473367][ T29] audit: type=1326 audit(1729570616.114:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 833.614658][ T29] audit: type=1326 audit(1729570616.114:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3150 comm="syz.0.14347" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 834.869739][ T3186] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 836.058388][ T3212] netlink: 'syz.4.14374': attribute type 2 has an invalid length. [ 836.146337][ T3215] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 838.386104][ T5295] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 838.564137][ T5295] usb 2-1: Using ep0 maxpacket: 16 [ 838.582218][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 838.633070][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 838.694042][ T5295] usb 2-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 838.754579][ T5295] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 838.827599][ T5295] usb 2-1: config 0 descriptor?? [ 839.275054][ T5295] playstation 0003:054C:05C4.0012: unbalanced delimiter at end of report description [ 839.347147][ T5295] playstation 0003:054C:05C4.0012: Parse failed [ 839.404161][ T5295] playstation 0003:054C:05C4.0012: probe with driver playstation failed with error -22 [ 839.551516][ T5295] usb 2-1: USB disconnect, device number 22 [ 840.133462][ T3279] dvmrp6: entered allmulticast mode [ 840.166332][ T3280] pimreg: left allmulticast mode [ 840.214739][ T3280] dvmrp6: left allmulticast mode [ 841.576821][ T3303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14416'. [ 841.794103][ T5305] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 841.919456][ T3308] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14418'. [ 841.969209][ T3308] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14418'. [ 841.993407][ T5305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 842.024121][ T5305] usb 2-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 842.076376][ T5305] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 842.131537][ T5305] usb 2-1: config 0 descriptor?? [ 842.615068][ T5305] lenovo 0003:17EF:6047.0013: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.1-1/input0 [ 842.805680][ T5305] lenovo 0003:17EF:6047.0013: Failed to switch F7/9/11 mode: -71 [ 842.836366][ T5305] lenovo 0003:17EF:6047.0013: Failed to switch middle button: -71 [ 842.875523][ T5305] lenovo 0003:17EF:6047.0013: Fn-lock setting failed: -71 [ 842.911989][ T5305] lenovo 0003:17EF:6047.0013: Sensitivity setting failed: -71 [ 842.952165][ T5305] usb 2-1: USB disconnect, device number 23 [ 843.403328][ T29] audit: type=1400 audit(1729570626.894:577): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626200D3A02CE0B213EC78A7CE9AE50600E4EBC08727116666D121F8CC9C8F42A53EA359612E288C9F2953FEC644A165FE94D261EE817B543788F3BAED6AB141A9B8061C4414D646B68CCEDC534B04891946ABF6E84425E1ACC2F076F5D51EA6F745937ABBE7D0CCBE371B518C24BBF041F976277ECDEB3CE3D5E5EF73B6FA47BEA4E01601C1C626D6214BA3EC062B37250F7D6EC61311B972857831CAB3F87EC83E9B5BBB2933B9EA476F00D26DD16D5713C741F89257F22566D990626CED6B0AA8351222454B3E0FE985C7CE4EF380CF29293B3177F4BB75ADCC8DA8080E0457424A97712A5F849245FF1A5E6E62DC19D14 pid=3322 comm="syz.3.14425" [ 844.474399][ T5295] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 844.658085][ T5295] usb 2-1: config 0 has an invalid descriptor of length 78, skipping remainder of the config [ 844.680238][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 844.732650][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 34, changing to 9 [ 844.806078][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 26223, setting to 1024 [ 844.858839][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 844.951864][ T5295] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 844.984193][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 845.033509][ T5295] usb 2-1: Product: syz [ 845.064241][ T5295] usb 2-1: Manufacturer: syz [ 845.079337][ T5295] usb 2-1: SerialNumber: syz [ 845.105828][ T5295] usb 2-1: config 0 descriptor?? [ 845.153229][ T3333] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 845.186118][ T5295] garmin_gps 2-1:0.0: Garmin GPS usb/tty converter detected [ 845.245043][ T5295] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8 [ 845.291469][ T5295] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8 [ 845.584102][ T5295] usb 2-1: USB disconnect, device number 24 [ 845.624384][ T5295] garmin_gps 2-1:0.0: device disconnected [ 845.740913][ T3350] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14438'. [ 846.096623][ T53] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 846.115983][ T53] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 846.127015][ T53] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 846.135396][ T53] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 846.143801][ T53] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 846.153889][ T53] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 847.490181][ T3354] chnl_net:caif_netlink_parms(): no params data found [ 848.067703][ T3354] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.129968][ T3354] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.179654][ T3354] bridge_slave_0: entered allmulticast mode [ 848.225717][ T3354] bridge_slave_0: entered promiscuous mode [ 848.244737][ T53] Bluetooth: hci7: command tx timeout [ 848.291281][ T3354] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.345946][ T3354] bridge0: port 2(bridge_slave_1) entered disabled state [ 848.411245][ T3354] bridge_slave_1: entered allmulticast mode [ 848.465470][ T3354] bridge_slave_1: entered promiscuous mode [ 848.789611][ T3391] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14454'. [ 848.840916][ T3354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 848.965985][ T3354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 849.294951][ T3354] team0: Port device team_slave_0 added [ 849.385700][ T3354] team0: Port device team_slave_1 added [ 849.691160][ T3354] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 849.734353][ T3354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 849.879099][ T3354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 849.964136][ T3354] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 850.005535][ T3354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 850.161907][ T3354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 850.262424][ T3410] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 850.314498][ T53] Bluetooth: hci7: command tx timeout [ 850.632353][ T3354] hsr_slave_0: entered promiscuous mode [ 850.704571][ T3354] hsr_slave_1: entered promiscuous mode [ 850.757309][ T3354] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 850.784508][ T3354] Cannot create hsr debugfs directory [ 850.964195][ T5305] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 851.128692][ T5305] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 851.175111][ T5305] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 851.226516][ T5305] usb 4-1: New USB device found, idVendor=056a, idProduct=00bc, bcdDevice= 0.00 [ 851.286806][ T5305] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 851.345148][ T5305] usb 4-1: config 0 descriptor?? [ 851.861232][ T5305] wacom 0003:056A:00BC.0014: unknown main item tag 0x0 [ 851.912954][ T5305] wacom 0003:056A:00BC.0014: unknown main item tag 0x0 [ 851.974210][ T5305] wacom 0003:056A:00BC.0014: Unknown device_type for 'HID 056a:00bc'. Assuming pen. [ 852.011029][ T5305] wacom 0003:056A:00BC.0014: hidraw0: USB HID v0.00 Device [HID 056a:00bc] on usb-dummy_hcd.3-1/input0 [ 852.163711][ T5305] input: Wacom Intuos4 WL Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:00BC.0014/input/input101 [ 852.265276][ T3354] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 852.358128][ T5305] usb 4-1: USB disconnect, device number 42 [ 852.414072][ T53] Bluetooth: hci7: command tx timeout [ 853.064575][ T3347] syz.2.14437: vmalloc error: size 3268608, failed to allocated page array size 6384, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 853.164457][ T3347] CPU: 1 UID: 0 PID: 3347 Comm: syz.2.14437 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 853.175406][ T3347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 853.185514][ T3347] Call Trace: [ 853.188850][ T3347] [ 853.191831][ T3347] dump_stack_lvl+0x241/0x360 [ 853.196586][ T3347] ? __pfx_dump_stack_lvl+0x10/0x10 [ 853.201841][ T3347] ? __pfx__printk+0x10/0x10 [ 853.206488][ T3347] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 853.212963][ T3347] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 853.219532][ T3347] warn_alloc+0x278/0x410 [ 853.223912][ T3347] ? __pfx_warn_alloc+0x10/0x10 [ 853.228810][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 853.235021][ T3347] ? __get_vm_area_node+0x23d/0x270 [ 853.240284][ T3347] __vmalloc_node_range_noprof+0x691/0x13f0 [ 853.246255][ T3347] ? __kmalloc_cache_node_noprof+0x1d3/0x300 [ 853.252302][ T3347] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 853.258707][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 853.264927][ T3347] ? __get_vm_area_node+0x23d/0x270 [ 853.270196][ T3347] __vmalloc_node_range_noprof+0x59c/0x13f0 [ 853.276145][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 853.282362][ T3347] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 853.288167][ T3347] ? rcu_is_watching+0x15/0xb0 [ 853.292984][ T3347] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 853.299374][ T3347] ? rcu_is_watching+0x15/0xb0 [ 853.304197][ T3347] ? trace_kmalloc+0x1f/0xd0 [ 853.308843][ T3347] ? __kmalloc_node_noprof+0x247/0x440 [ 853.314348][ T3347] ? __kvmalloc_node_noprof+0x72/0x190 [ 853.319856][ T3347] __kvmalloc_node_noprof+0x142/0x190 [ 853.325297][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 853.331509][ T3347] __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 853.337555][ T3347] ? tpg_update_mv_step+0x361/0x4f0 [ 853.342822][ T3347] vivid_update_format_cap+0x133c/0x2090 [ 853.348527][ T3347] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 853.354567][ T3347] vivid_vid_cap_s_dv_timings+0x535/0x1230 [ 853.360458][ T3347] __video_do_ioctl+0xc23/0xdd0 [ 853.365386][ T3347] ? __pfx___video_do_ioctl+0x10/0x10 [ 853.370878][ T3347] ? __might_fault+0xc6/0x120 [ 853.375627][ T3347] video_usercopy+0x89b/0x1180 [ 853.380465][ T3347] ? __pfx___video_do_ioctl+0x10/0x10 [ 853.385898][ T3347] ? __pfx_video_usercopy+0x10/0x10 [ 853.391184][ T3347] ? __fget_files+0x29/0x470 [ 853.395841][ T3347] v4l2_ioctl+0x189/0x1e0 [ 853.400243][ T3347] v4l2_compat_ioctl32+0x1d7/0x260 [ 853.405414][ T3347] __se_compat_sys_ioctl+0x510/0xc90 [ 853.410767][ T3347] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 853.416657][ T3347] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 853.422716][ T3347] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 853.429116][ T3347] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 853.435804][ T3347] ? lockdep_hardirqs_on+0x99/0x150 [ 853.441066][ T3347] __do_fast_syscall_32+0xb4/0x110 [ 853.446236][ T3347] ? exc_page_fault+0x590/0x8c0 [ 853.451156][ T3347] do_fast_syscall_32+0x34/0x80 [ 853.456057][ T3347] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 853.462451][ T3347] RIP: 0023:0xf748d579 [ 853.466582][ T3347] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 853.486241][ T3347] RSP: 002b:00000000f577656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 853.494722][ T3347] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657 [ 853.502773][ T3347] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 853.510800][ T3347] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 853.518823][ T3347] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 853.526848][ T3347] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 853.534893][ T3347] [ 854.497231][ T53] Bluetooth: hci7: command tx timeout [ 854.691780][ T3347] Mem-Info: [ 854.701816][ T3347] active_anon:4342 inactive_anon:0 isolated_anon:0 [ 854.701816][ T3347] active_file:1229 inactive_file:3027 isolated_file:0 [ 854.701816][ T3347] unevictable:768 dirty:163 writeback:0 [ 854.701816][ T3347] slab_reclaimable:9774 slab_unreclaimable:114222 [ 854.701816][ T3347] mapped:30705 shmem:1263 pagetables:729 [ 854.701816][ T3347] sec_pagetables:0 bounce:0 [ 854.701816][ T3347] kernel_misc_reclaimable:0 [ 854.701816][ T3347] free:1285889 free_pcp:9060 free_cma:0 [ 854.834526][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 854.863711][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 854.872724][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 854.884460][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 854.892422][ T5237] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 854.900467][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 854.993853][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 855.031053][ T3347] Node 0 active_anon:17368kB inactive_anon:0kB active_file:4684kB inactive_file:12100kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:130788kB dirty:648kB writeback:0kB shmem:3516kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11152kB pagetables:3016kB sec_pagetables:0kB all_unreclaimable? no [ 855.238101][ T3347] Node 1 active_anon:0kB inactive_anon:0kB active_file:232kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:232kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 855.312987][ T3354] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 855.404557][ T3424] netlink: 56 bytes leftover after parsing attributes in process `syz.3.14471'. [ 855.413676][ T3424] tipc: Enabling of bearer <^dp:s> rejected, media not registered [ 855.457657][ T3347] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 855.884017][ T3347] lowmem_reserve[]: 0 2465 2466 0 0 [ 855.889467][ T3347] Node 0 DMA32 free:1229048kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:17728kB inactive_anon:0kB active_file:4560kB inactive_file:11576kB unevictable:1536kB writepending:652kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:1460kB local_pcp:808kB free_cma:0kB [ 856.210629][ T3347] lowmem_reserve[]: 0 0 0 0 0 [ 856.262144][ T3347] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:192kB inactive_anon:0kB active_file:124kB inactive_file:524kB unevictable:0kB writepending:4kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 856.401450][ T3426] chnl_net:caif_netlink_parms(): no params data found [ 856.467515][ T3347] lowmem_reserve[]: 0 0 0 0 0 [ 856.494131][ T3347] Node 1 Normal free:3888968kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:232kB inactive_file:8kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:35104kB local_pcp:17356kB free_cma:0kB [ 856.547059][ T3440] usb usb7: usbfs: interface 0 claimed by hub while 'syz.3.14477' resets device [ 856.654171][ T5305] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 856.715063][ T3347] lowmem_reserve[]: 0 0 0 0 0 [ 856.719935][ T3347] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 856.785616][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 856.800983][ T53] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 856.816034][ T53] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 856.824911][ T53] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 856.833536][ T53] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 856.842404][ T53] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 856.850427][ T53] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 856.859996][ T5305] usb 2-1: Using ep0 maxpacket: 16 [ 856.927344][ T5305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 856.945184][ T3347] Node 0 DMA32: 125*4kB (UME) 534*8kB (UME) 556*16kB (ME) 395*32kB (UME) 270*64kB (UME) 175*128kB (UME) 99*256kB (UM) 49*512kB (UM) 18*1024kB (ME) 6*2048kB (ME) 258*4096kB (M) = 1203908kB [ 856.997548][ T5305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 857.034630][ T5237] Bluetooth: hci2: command tx timeout [ 857.064472][ T5305] usb 2-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 857.087877][ T3347] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 857.120599][ T5305] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 857.164291][ T3347] Node 1 Normal: 5*4kB (U) 7*8kB (UME) 41*16kB (UE) 79*32kB (UE) 9*64kB (UE) 5*128kB (UE) 4*256kB (U) 5*512kB (UME) 4*1024kB (UME) 3*2048kB (ME) 945*4096kB (UM) = 3889020kB [ 857.207708][ T5305] usb 2-1: config 0 descriptor?? [ 857.265751][ T3347] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 857.330789][ T3347] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 857.404704][ T3347] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 857.428870][ T3426] bridge0: port 1(bridge_slave_0) entered blocking state [ 857.470062][ T3426] bridge0: port 1(bridge_slave_0) entered disabled state [ 857.478066][ T3347] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 857.524470][ T3426] bridge_slave_0: entered allmulticast mode [ 857.540844][ T3347] 5549 total pagecache pages [ 857.565974][ T3426] bridge_slave_0: entered promiscuous mode [ 857.572468][ T3347] 0 pages in swap cache [ 857.611852][ T3347] Free swap = 124348kB [ 857.633369][ T5305] uclogic 0003:28BD:0042.0015: interface is invalid, ignoring [ 857.644945][ T3347] Total swap = 124996kB [ 857.649174][ T3347] 2097051 pages RAM [ 857.681162][ T3426] bridge0: port 2(bridge_slave_1) entered blocking state [ 857.711744][ T3347] 0 pages HighMem/MovableOnly [ 857.744441][ T3426] bridge0: port 2(bridge_slave_1) entered disabled state [ 857.751793][ T3426] bridge_slave_1: entered allmulticast mode [ 857.764220][ T3347] 427076 pages reserved [ 857.771947][ T3347] 0 pages cma reserved [ 857.826343][ T3426] bridge_slave_1: entered promiscuous mode [ 857.903047][T17190] usb 2-1: USB disconnect, device number 25 [ 858.167999][ T3354] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 858.372948][ T3426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 858.493830][ T3426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 858.823330][ T3426] team0: Port device team_slave_0 added [ 858.955035][ T5237] Bluetooth: hci8: command tx timeout [ 859.118853][ T5237] Bluetooth: hci2: command tx timeout [ 859.198994][ T29] audit: type=1326 audit(1729570642.694:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 859.350411][ T29] audit: type=1326 audit(1729570642.694:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 859.467260][ T29] audit: type=1326 audit(1729570642.734:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 859.578679][ T29] audit: type=1326 audit(1729570642.734:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 859.705864][ T29] audit: type=1326 audit(1729570642.734:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 859.822961][ T29] audit: type=1326 audit(1729570642.784:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=225 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 859.944587][ T29] audit: type=1326 audit(1729570642.784:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 860.115631][ T29] audit: type=1326 audit(1729570642.784:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3462 comm="syz.1.14485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 860.200656][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 860.313135][ T3426] team0: Port device team_slave_1 added [ 860.488217][ T3466] netlink: 'syz.3.14486': attribute type 8 has an invalid length. [ 860.498531][ T3466] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 860.785008][ T5305] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 860.820594][ T3354] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 860.984233][ T5305] usb 2-1: Using ep0 maxpacket: 16 [ 861.007781][ T5305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 861.034427][ T5237] Bluetooth: hci8: command tx timeout [ 861.094325][ T5305] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 861.136825][ T5305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 861.167165][ T3426] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 861.187512][ T5305] usb 2-1: Product: syz [ 861.191769][ T5305] usb 2-1: Manufacturer: syz [ 861.198002][ T5237] Bluetooth: hci2: command tx timeout [ 861.218738][ T3426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 861.279320][ T5305] usb 2-1: SerialNumber: syz [ 861.315088][ T5305] usb 2-1: config 0 descriptor?? [ 861.404186][ T3426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 861.645593][ T5305] usb 2-1: Unknown endpoint type found, address 0x06 [ 861.689398][ T5305] usb 2-1: Not enough endpoints found in device, aborting! [ 861.902906][ T3426] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 861.930136][ T5305] usb 2-1: USB disconnect, device number 26 [ 861.974237][ T3426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 862.121710][ T3426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 862.161025][ T5237] Bluetooth: hci6: command 0x0406 tx timeout [ 862.646850][ T3426] hsr_slave_0: entered promiscuous mode [ 862.728367][ T3426] hsr_slave_1: entered promiscuous mode [ 862.794320][ T3426] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 862.801967][ T3426] Cannot create hsr debugfs directory [ 862.889008][ T3443] chnl_net:caif_netlink_parms(): no params data found [ 863.126317][ T53] Bluetooth: hci8: command tx timeout [ 863.291691][ T53] Bluetooth: hci2: command tx timeout [ 864.181095][ T3443] bridge0: port 1(bridge_slave_0) entered blocking state [ 864.238325][ T3443] bridge0: port 1(bridge_slave_0) entered disabled state [ 864.306976][ T3443] bridge_slave_0: entered allmulticast mode [ 864.344412][ T3443] bridge_slave_0: entered promiscuous mode [ 864.567925][ T3443] bridge0: port 2(bridge_slave_1) entered blocking state [ 864.624289][ T3443] bridge0: port 2(bridge_slave_1) entered disabled state [ 864.684212][ T3443] bridge_slave_1: entered allmulticast mode [ 864.751349][ T3443] bridge_slave_1: entered promiscuous mode [ 865.146826][ T3443] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 865.202161][ T53] Bluetooth: hci8: command tx timeout [ 865.319428][ T3354] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 865.415686][ T3354] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 865.487310][ T3443] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 865.686896][ T3354] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 865.742420][ T3354] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 866.491439][ T3443] team0: Port device team_slave_0 added [ 866.688151][ T12] team0: left allmulticast mode [ 866.693333][ T12] bridge0: port 1(team0) entered disabled state [ 867.094575][ T5305] usb 2-1: new full-speed USB device number 27 using dummy_hcd [ 867.296119][ T5305] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 867.318164][ T5305] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 867.378316][ T5305] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 867.445868][ T5305] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 867.494812][ T5305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 867.553525][ T5305] usb 2-1: Product: syz [ 867.568527][ T5305] usb 2-1: Manufacturer: syz [ 867.615188][ T5305] usb 2-1: SerialNumber: syz [ 868.129793][ T5305] usb 2-1: 0:2 : does not exist [ 868.145871][ T3347] warn_alloc: 1 callbacks suppressed [ 868.145894][ T3347] syz.2.14437: vmalloc error: size 3268608, failed to allocated page array size 6384, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 868.297986][ T3347] CPU: 1 UID: 0 PID: 3347 Comm: syz.2.14437 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 868.308844][ T3347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 868.318942][ T3347] Call Trace: [ 868.322256][ T3347] [ 868.325219][ T3347] dump_stack_lvl+0x241/0x360 [ 868.329937][ T3347] ? __pfx_dump_stack_lvl+0x10/0x10 [ 868.335169][ T3347] ? __pfx__printk+0x10/0x10 [ 868.339796][ T3347] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 868.346275][ T3347] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 868.352829][ T3347] warn_alloc+0x278/0x410 [ 868.357228][ T3347] ? __pfx_warn_alloc+0x10/0x10 [ 868.362148][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 868.368358][ T3347] ? __get_vm_area_node+0x23d/0x270 [ 868.373618][ T3347] __vmalloc_node_range_noprof+0x691/0x13f0 [ 868.379587][ T3347] ? __kmalloc_cache_node_noprof+0x1d3/0x300 [ 868.385626][ T3347] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 868.392013][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 868.398225][ T3347] ? __get_vm_area_node+0x23d/0x270 [ 868.403484][ T3347] __vmalloc_node_range_noprof+0x59c/0x13f0 [ 868.409421][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 868.415630][ T3347] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 868.421421][ T3347] ? rcu_is_watching+0x15/0xb0 [ 868.426230][ T3347] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 868.432615][ T3347] ? rcu_is_watching+0x15/0xb0 [ 868.437423][ T3347] ? trace_kmalloc+0x1f/0xd0 [ 868.442059][ T3347] ? __kmalloc_node_noprof+0x247/0x440 [ 868.447565][ T3347] ? __kvmalloc_node_noprof+0x72/0x190 [ 868.453075][ T3347] __kvmalloc_node_noprof+0x142/0x190 [ 868.458488][ T3347] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 868.464711][ T3347] __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 868.470753][ T3347] ? tpg_update_mv_step+0x361/0x4f0 [ 868.476022][ T3347] vivid_update_format_cap+0x133c/0x2090 [ 868.481731][ T3347] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 868.487776][ T3347] vivid_vid_cap_s_dv_timings+0x535/0x1230 [ 868.493656][ T3347] __video_do_ioctl+0xc23/0xdd0 [ 868.498585][ T3347] ? __pfx___video_do_ioctl+0x10/0x10 [ 868.504022][ T3347] ? __might_fault+0xc6/0x120 [ 868.508765][ T3347] video_usercopy+0x89b/0x1180 [ 868.513602][ T3347] ? __pfx___video_do_ioctl+0x10/0x10 [ 868.519036][ T3347] ? __pfx_video_usercopy+0x10/0x10 [ 868.524310][ T3347] ? __fget_files+0x29/0x470 [ 868.528970][ T3347] v4l2_ioctl+0x189/0x1e0 [ 868.533363][ T3347] v4l2_compat_ioctl32+0x1d7/0x260 [ 868.538537][ T3347] __se_compat_sys_ioctl+0x510/0xc90 [ 868.543888][ T3347] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 868.549762][ T3347] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 868.555805][ T3347] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 868.562197][ T3347] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 868.568841][ T3347] ? lockdep_hardirqs_on+0x99/0x150 [ 868.574101][ T3347] __do_fast_syscall_32+0xb4/0x110 [ 868.579272][ T3347] ? exc_page_fault+0x590/0x8c0 [ 868.584188][ T3347] do_fast_syscall_32+0x34/0x80 [ 868.589087][ T3347] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 868.595454][ T3347] RIP: 0023:0xf748d579 [ 868.599559][ T3347] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 868.619207][ T3347] RSP: 002b:00000000f577656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 868.627671][ T3347] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657 [ 868.635681][ T3347] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 868.643690][ T3347] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 868.651701][ T3347] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 868.659710][ T3347] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 868.667735][ T3347] [ 869.013522][ T5305] usb 2-1: USB disconnect, device number 27 [ 869.687163][ T3347] Mem-Info: [ 869.690439][ T3347] active_anon:4525 inactive_anon:0 isolated_anon:0 [ 869.690439][ T3347] active_file:1252 inactive_file:3034 isolated_file:0 [ 869.690439][ T3347] unevictable:768 dirty:226 writeback:0 [ 869.690439][ T3347] slab_reclaimable:9762 slab_unreclaimable:115697 [ 869.690439][ T3347] mapped:36381 shmem:1274 pagetables:729 [ 869.690439][ T3347] sec_pagetables:0 bounce:0 [ 869.690439][ T3347] kernel_misc_reclaimable:0 [ 869.690439][ T3347] free:1276081 free_pcp:8831 free_cma:0 [ 869.792133][ T3347] Node 0 active_anon:18100kB inactive_anon:0kB active_file:4776kB inactive_file:12128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:145292kB dirty:892kB writeback:0kB shmem:3560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11504kB pagetables:2916kB sec_pagetables:0kB all_unreclaimable? no [ 869.825736][ T3347] Node 1 active_anon:0kB inactive_anon:0kB active_file:232kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:232kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 869.856565][ T3347] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 869.884578][ T3347] lowmem_reserve[]: 0 2465 2466 0 0 [ 869.889905][ T3347] Node 0 DMA32 free:1198528kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:17896kB inactive_anon:0kB active_file:4652kB inactive_file:11604kB unevictable:1536kB writepending:888kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:1188kB local_pcp:128kB free_cma:0kB [ 869.920707][ T3347] lowmem_reserve[]: 0 0 0 0 0 [ 869.925586][ T3347] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:204kB inactive_anon:0kB active_file:124kB inactive_file:524kB unevictable:0kB writepending:4kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 869.952678][ T3347] lowmem_reserve[]: 0 0 0 0 0 [ 869.957516][ T3347] Node 1 Normal free:3890480kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:232kB inactive_file:8kB unevictable:1536kB writepending:12kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:33580kB local_pcp:16336kB free_cma:0kB [ 869.987764][ T3347] lowmem_reserve[]: 0 0 0 0 0 [ 869.992576][ T3347] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 870.005907][ T3347] Node 0 DMA32: 718*4kB (UME) 577*8kB (UME) 578*16kB (UME) 394*32kB (ME) 269*64kB (UME) 195*128kB (UME) 101*256kB (UM) 49*512kB (UM) 19*1024kB (UME) 7*2048kB (UME) 254*4096kB (M) = 1196640kB [ 870.025129][ T3347] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 870.036857][ T3347] Node 1 Normal: 5*4kB (U) 8*8kB (UME) 43*16kB (UE) 117*32kB (UE) 13*64kB (UE) 5*128kB (UE) 4*256kB (U) 5*512kB (UME) 4*1024kB (UME) 3*2048kB (ME) 945*4096kB (UM) = 3890532kB [ 870.054646][ T3347] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 870.064282][ T3347] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 870.073604][ T3347] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 870.083349][ T3347] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 870.093306][ T3347] 5560 total pagecache pages [ 870.098453][ T3347] 0 pages in swap cache [ 870.102648][ T3347] Free swap = 124348kB [ 870.106921][ T3347] Total swap = 124996kB [ 870.111110][ T3347] 2097051 pages RAM [ 870.115035][ T3347] 0 pages HighMem/MovableOnly [ 870.119739][ T3347] 427076 pages reserved [ 870.123918][ T3347] 0 pages cma reserved [ 870.715118][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.721646][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.174510][ T3521] openvswitch: netlink: Actions may not be safe on all matching packets [ 871.512144][ T3523] netlink: 'syz.1.14511': attribute type 2 has an invalid length. [ 872.424288][T17190] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 872.675132][T17190] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11 [ 872.724510][T17190] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 872.811268][ T53] Bluetooth: hci4: command 0x0406 tx timeout [ 872.824038][T17190] usb 2-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 872.885965][T17190] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 872.955484][T17190] usb 2-1: config 0 descriptor?? [ 873.488675][T17190] hid-steam 0003:28DE:1102.0016: unknown main item tag 0x0 [ 873.565458][T17190] hid-steam 0003:28DE:1102.0016: : USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0 [ 873.691253][T17190] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 873.732786][T17190] hid-steam 0003:28DE:1102.0016: Steam Controller 'XXXXXXXXXX' connected [ 873.776751][T17190] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 873.837434][T17190] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 873.877603][ T12] bond0 (unregistering): Released all slaves [ 873.918992][T17190] input: Steam Controller as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28DE:1102.0016/input/input104 [ 874.016021][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.084686][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.217361][T17190] hid-steam 0003:28DE:1102.0017: unknown main item tag 0x0 [ 874.294057][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.303519][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.394809][T17190] hid-steam 0003:28DE:1102.0017: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0 [ 874.491571][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.514425][T17190] usb 2-1: USB disconnect, device number 28 [ 874.585381][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.664219][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.714269][ T4671] hid-steam 0003:28DE:1102.0016: No HID_FEATURE_REPORT submitted - nothing to read [ 874.849533][T17190] hid-steam 0003:28DE:1102.0016: Steam Controller 'XXXXXXXXXX' disconnected [ 875.486880][ T12] bond1 (unregistering): Released all slaves [ 875.546229][ T12] bond2 (unregistering): Released all slaves [ 876.564476][ T12] bond3 (unregistering): Released all slaves [ 877.536178][ T12] bond4 (unregistering): Released all slaves [ 877.617067][ T12] bond5 (unregistering): Released all slaves [ 877.680873][ T3443] team0: Port device team_slave_1 added [ 878.824729][ T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 878.854353][ T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 878.863238][ T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 878.884675][ T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 878.893779][ T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 878.901332][ T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 879.925011][ T30] INFO: task syz.0.13546:989 blocked for more than 143 seconds. [ 879.932744][ T30] Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 879.964267][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 879.994532][ T30] task:syz.0.13546 state:D stack:26816 pid:989 tgid:987 ppid:5250 flags:0x20000004 [ 880.038875][ T30] Call Trace: [ 880.052533][ T30] [ 880.062975][ T30] __schedule+0x18af/0x4bd0 [ 880.147353][ T30] ? __pfx___schedule+0x10/0x10 [ 880.152319][ T30] ? __pfx_lock_release+0x10/0x10 [ 880.214281][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 880.258530][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 880.275868][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 880.281169][ T30] ? schedule+0x90/0x320 [ 880.304006][ T30] schedule+0x14b/0x320 [ 880.308273][ T30] schedule_preempt_disabled+0x13/0x30 [ 880.313806][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 880.364191][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 880.370209][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 880.404108][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 880.409254][ T30] down_write+0x1d7/0x220 [ 880.413646][ T30] ? __pfx_down_write+0x10/0x10 [ 880.454416][ T30] ? __pfx___might_resched+0x10/0x10 [ 880.459806][ T30] blkdev_fallocate+0x20e/0x490 [ 880.484986][ T30] vfs_fallocate+0x569/0x6e0 [ 880.489764][ T30] __se_compat_sys_ioctl+0x9c3/0xc90 [ 880.514230][ T30] ? __pfx___se_compat_sys_ioctl+0x10/0x10 [ 880.520162][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 880.569228][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 880.584116][ T30] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 880.590809][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 880.624212][ T30] __do_fast_syscall_32+0xb4/0x110 [ 880.629438][ T30] ? exc_page_fault+0x590/0x8c0 [ 880.664207][ T30] do_fast_syscall_32+0x34/0x80 [ 880.669185][ T30] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 880.704629][ T30] RIP: 0023:0xf7f0f579 [ 880.708788][ T30] RSP: 002b:00000000f569656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 880.764221][ T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000402c5839 [ 880.772312][ T30] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 880.804411][ T30] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 880.812482][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 880.858778][ T30] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 880.894290][ T30] [ 880.897496][ T30] [ 880.897496][ T30] Showing all locks held in the system: [ 880.940009][ T30] 5 locks held by kworker/u8:1/12: [ 880.948923][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 880.962469][ T53] Bluetooth: hci5: command tx timeout [ 880.994720][ T30] #1: ffffc90000117d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 881.024054][ T30] #2: ffffffff8fcc6350 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 881.033604][ T30] #3: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_exit_net+0xe1/0x7d0 [ 881.093992][ T30] #4: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: internal_dev_destroy+0xa9/0x120 [ 881.103808][ T30] 3 locks held by ksoftirqd/0/16: [ 881.154031][ T30] 3 locks held by kworker/1:0/25: [ 881.159143][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 881.194872][ T30] #1: ffffc900001f7d00 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 881.247584][ T30] #2: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_dp_masks_rebalance+0x2f/0xe0 [ 881.284240][ T30] 1 lock held by khungtaskd/30: [ 881.289179][ T30] #0: ffffffff8e937e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 881.324371][ T30] 3 locks held by kworker/u8:2/35: [ 881.329564][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 881.394102][ T30] #1: ffffc90000ab7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 881.424070][ T30] #2: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 881.433172][ T30] 3 locks held by kworker/u8:3/51: [ 881.474207][ T30] #0: ffff88814bf92948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 881.504201][ T30] #1: ffffc90000bc7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 881.544136][ T30] #2: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 881.573996][ T30] 3 locks held by kworker/1:1/57: [ 881.579098][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 881.634162][ T30] #1: ffffc9000122fd00 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 881.674435][ T30] #2: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_dp_masks_rebalance+0x2f/0xe0 [ 881.707195][ T30] 3 locks held by kworker/u8:8/4019: [ 881.712653][ T30] 1 lock held by dhcpcd/4900: [ 881.744241][ T30] #0: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1aa0 [ 881.753523][ T30] 2 locks held by getty/4990: [ 881.794133][ T30] #0: ffff88814c4c60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 881.827500][ T30] #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 881.862080][ T30] 3 locks held by kworker/1:6/5295: [ 881.882922][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 881.914498][ T30] #1: ffffc90004097d00 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 881.964539][ T30] #2: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_dp_masks_rebalance+0x2f/0xe0 [ 881.994243][ T30] 3 locks held by kworker/1:8/5305: [ 881.999523][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 882.053989][ T30] #1: ffffc90004107d00 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 882.104237][ T30] #2: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_dp_masks_rebalance+0x2f/0xe0 [ 882.134140][ T30] 3 locks held by kworker/1:4/17190: [ 882.139500][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 882.214285][ T30] #1: ffffc900162a7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 882.244216][ T30] #2: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 882.284229][ T30] 3 locks held by kworker/1:7/17191: [ 882.290199][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 882.326396][ T30] #1: ffffc90015da7d00 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 882.385990][ T30] #2: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_dp_masks_rebalance+0x2f/0xe0 [ 882.414306][ T30] 1 lock held by syz.2.12659/31615: [ 882.419579][ T30] #0: ffff888148d3e540 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490 [ 882.464079][ T30] 1 lock held by syz.0.13546/989: [ 882.469188][ T30] #0: ffff888148d3e540 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490 [ 882.517597][ T30] 2 locks held by syz.2.14437/3347: [ 882.522891][ T30] #0: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 882.574106][ T30] #1: ffffffff8e7d1e10 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 882.614231][ T30] 1 lock held by syz-executor/3354: [ 882.619509][ T30] #0: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 882.654076][ T30] 7 locks held by syz-executor/3426: [ 882.659439][ T30] #0: ffff88802e304420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 882.703988][ T30] #1: ffff88807fb3c488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500 [ 882.713912][ T30] #2: ffff888143bdf788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500 [ 882.774452][ T30] #3: ffffffff8f570e28 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 882.810320][ T30] #4: ffff88805eded0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 882.844140][ T30] #5: ffff88805edee250 (&devlink->lock_key#3){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 882.874301][ T30] #6: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 882.883339][ T30] 1 lock held by syz-executor/3443: [ 882.924196][ T30] #0: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 882.933738][ T30] 1 lock held by syz.3.14508/3516: [ 882.974158][ T30] #0: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 882.983270][ T30] 2 locks held by syz.1.14521/3551: [ 883.034388][ T30] #0: ffffffff8f4ba848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0 [ 883.043234][ T30] #1: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x789/0x1cd0 [ 883.052445][ T53] Bluetooth: hci5: command tx timeout [ 883.090994][ T30] 1 lock held by syz.1.14521/3555: [ 883.115758][ T30] #0: ffffffff8f4ba848 (ppp_mutex){+.+.}-{3:3}, at: ppp_compat_ioctl+0xa7/0x770 [ 883.144118][ T30] 2 locks held by syz-executor/3552: [ 883.149476][ T30] #0: ffffffff8fcc6350 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 883.190499][ T30] #1: ffffffff8fcd2e48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 883.224044][ T30] 3 locks held by kworker/1:2/3563: [ 883.229322][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 883.287517][ T30] #1: ffffc90003d4fd00 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 883.324618][ T30] #2: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_dp_masks_rebalance+0x2f/0xe0 [ 883.364212][ T30] 3 locks held by kworker/1:3/3564: [ 883.369498][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 883.418516][ T30] #1: ffffc9000bcffd00 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 883.474132][ T30] #2: ffffffff900068e8 (ovs_mutex){+.+.}-{3:3}, at: ovs_dp_masks_rebalance+0x2f/0xe0 [ 883.500485][ T30] [ 883.502887][ T30] ============================================= [ 883.502887][ T30] [ 883.554257][ T30] NMI backtrace for cpu 1 [ 883.558660][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 883.569195][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 883.579288][ T30] Call Trace: [ 883.582598][ T30] [ 883.585565][ T30] dump_stack_lvl+0x241/0x360 [ 883.590291][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 883.595530][ T30] ? __pfx__printk+0x10/0x10 [ 883.600173][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 883.605166][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 883.610666][ T30] ? _printk+0xd5/0x120 [ 883.614855][ T30] ? __pfx__printk+0x10/0x10 [ 883.619475][ T30] ? __wake_up_klogd+0xcc/0x110 [ 883.624370][ T30] ? __pfx__printk+0x10/0x10 [ 883.629010][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 883.634074][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 883.640177][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 883.646202][ T30] watchdog+0xff4/0x1040 [ 883.650491][ T30] ? watchdog+0x1ea/0x1040 [ 883.654955][ T30] ? __pfx_watchdog+0x10/0x10 [ 883.659679][ T30] kthread+0x2f0/0x390 [ 883.663780][ T30] ? __pfx_watchdog+0x10/0x10 [ 883.668497][ T30] ? __pfx_kthread+0x10/0x10 [ 883.673126][ T30] ret_from_fork+0x4b/0x80 [ 883.677585][ T30] ? __pfx_kthread+0x10/0x10 [ 883.682223][ T30] ret_from_fork_asm+0x1a/0x30 [ 883.687053][ T30] [ 883.691123][ T30] Sending NMI from CPU 1 to CPUs 0: [ 883.696825][ C0] NMI backtrace for cpu 0 [ 883.696842][ C0] CPU: 0 UID: 0 PID: 5289 Comm: kworker/0:5 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 883.696863][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 883.696876][ C0] Workqueue: events_long defense_work_handler [ 883.696908][ C0] RIP: 0010:unwind_next_frame+0x315/0x22d0 [ 883.696930][ C0] Code: 64 48 01 d2 48 01 f2 0f 84 42 01 00 00 48 8d 5a 04 4c 8d 72 05 48 89 d8 48 c1 e8 03 48 bd 00 00 00 00 00 fc ff df 0f b6 04 28 <84> c0 0f 85 58 18 00 00 4c 89 f0 48 c1 e8 03 0f b6 04 28 84 c0 0f [ 883.696946][ C0] RSP: 0018:ffffc90000006a30 EFLAGS: 00000a06 [ 883.696962][ C0] RAX: 0000000000000000 RBX: ffffffff90a73908 RCX: ffffffff90306c00 [ 883.696977][ C0] RDX: ffffffff90a73904 RSI: ffffffff90a73904 RDI: 0000000000000001 [ 883.696990][ C0] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffc90000006bf0 [ 883.697004][ C0] R10: ffffc90000006b50 R11: ffffffff818090c0 R12: 0000000000000000 [ 883.697017][ C0] R13: ffffc90000006b00 R14: ffffffff90a73909 R15: ffffffff81808ff7 [ 883.697032][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 883.697048][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 883.697061][ C0] CR2: 00000000f71d18e0 CR3: 000000000e734000 CR4: 00000000003526f0 [ 883.697078][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 883.697089][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 883.697102][ C0] Call Trace: [ 883.697108][ C0] [ 883.697117][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 883.697141][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 883.697171][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 883.697194][ C0] ? nmi_handle+0x2a/0x5a0 [ 883.697220][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 883.697251][ C0] ? nmi_handle+0x14f/0x5a0 [ 883.697269][ C0] ? nmi_handle+0x2a/0x5a0 [ 883.697289][ C0] ? unwind_next_frame+0x315/0x22d0 [ 883.697306][ C0] ? default_do_nmi+0x63/0x160 [ 883.697331][ C0] ? exc_nmi+0x123/0x1f0 [ 883.697353][ C0] ? end_repeat_nmi+0xf/0x53 [ 883.697372][ C0] ? stack_trace_save+0x117/0x1d0 [ 883.697395][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 883.697420][ C0] ? unwind_next_frame+0x315/0x22d0 [ 883.697438][ C0] ? unwind_next_frame+0x315/0x22d0 [ 883.697457][ C0] ? unwind_next_frame+0x315/0x22d0 [ 883.697474][ C0] [ 883.697481][ C0] [ 883.697492][ C0] ? stack_trace_save+0x118/0x1d0 [ 883.697514][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 883.697537][ C0] arch_stack_walk+0x11c/0x150 [ 883.697559][ C0] ? stack_trace_save+0x118/0x1d0 [ 883.697583][ C0] stack_trace_save+0x118/0x1d0 [ 883.697605][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 883.697625][ C0] ? stack_trace_save+0x118/0x1d0 [ 883.697647][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 883.697671][ C0] kasan_save_track+0x3f/0x80 [ 883.697714][ C0] __kasan_kmalloc+0x98/0xb0 [ 883.697733][ C0] __kmalloc_node_track_caller_noprof+0x225/0x440 [ 883.697759][ C0] ? __alloc_skb+0x1f3/0x440 [ 883.697778][ C0] ? __alloc_skb+0x1f3/0x440 [ 883.697796][ C0] kmalloc_reserve+0x111/0x2a0 [ 883.697815][ C0] __alloc_skb+0x1f3/0x440 [ 883.697835][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 883.697857][ C0] synproxy_send_client_synack+0x1ba/0xf30 [ 883.697886][ C0] ? kasan_quarantine_put+0xdc/0x230 [ 883.697905][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 883.697923][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 883.697952][ C0] ? synproxy_pernet+0x45/0x270 [ 883.697980][ C0] nft_synproxy_eval_v4+0x3ca/0x610 [ 883.698012][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 883.698041][ C0] ? nf_ip_checksum+0x13a/0x500 [ 883.698061][ C0] nft_synproxy_do_eval+0x362/0xa60 [ 883.698091][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 883.698118][ C0] ? validate_chain+0x11e/0x5920 [ 883.698140][ C0] ? __pfx_validate_chain+0x10/0x10 [ 883.698165][ C0] nft_do_chain+0x4ad/0x1da0 [ 883.698189][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 883.698206][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 883.698249][ C0] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 883.698271][ C0] nft_do_chain_inet+0x418/0x6b0 [ 883.698299][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 883.698325][ C0] ? ipt_do_table+0x312/0x1860 [ 883.698360][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 883.698387][ C0] nf_hook_slow+0xc3/0x220 [ 883.698411][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 883.698434][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 883.698456][ C0] NF_HOOK+0x29e/0x450 [ 883.698478][ C0] ? NF_HOOK+0x9a/0x450 [ 883.698498][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 883.698520][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 883.698544][ C0] ? ip_rcv_finish+0x406/0x560 [ 883.698566][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 883.698587][ C0] NF_HOOK+0x3a4/0x450 [ 883.698607][ C0] ? __lock_acquire+0x1384/0x2050 [ 883.698635][ C0] ? NF_HOOK+0x9a/0x450 [ 883.698655][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 883.698675][ C0] ? ip_rcv_core+0x801/0xd10 [ 883.698697][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 883.698721][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 883.698742][ C0] __netif_receive_skb+0x2bf/0x650 [ 883.698767][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 883.698793][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 883.698815][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 883.698842][ C0] ? __pfx_lock_release+0x10/0x10 [ 883.698869][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 883.698902][ C0] process_backlog+0x662/0x15b0 [ 883.698928][ C0] ? process_backlog+0x33b/0x15b0 [ 883.698956][ C0] ? __pfx_process_backlog+0x10/0x10 [ 883.698980][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 883.699010][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 883.699039][ C0] __napi_poll+0xcb/0x490 [ 883.699063][ C0] net_rx_action+0x89b/0x1240 [ 883.699097][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 883.699122][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 883.699164][ C0] handle_softirqs+0x2c5/0x980 [ 883.699191][ C0] ? do_softirq+0x11b/0x1e0 [ 883.699215][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 883.699248][ C0] do_softirq+0x11b/0x1e0 [ 883.699271][ C0] [ 883.699277][ C0] [ 883.699284][ C0] ? __pfx_do_softirq+0x10/0x10 [ 883.699308][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 883.699335][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 883.699362][ C0] ? rcu_is_watching+0x15/0xb0 [ 883.699383][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 883.699407][ C0] ? update_defense_level+0x122/0xcf0 [ 883.699433][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 883.699458][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 883.699482][ C0] ? update_defense_level+0x122/0xcf0 [ 883.699508][ C0] ? update_defense_level+0x122/0xcf0 [ 883.699534][ C0] update_defense_level+0x8ec/0xcf0 [ 883.699561][ C0] ? update_defense_level+0x122/0xcf0 [ 883.699586][ C0] ? __pfx_update_defense_level+0x10/0x10 [ 883.699617][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 883.699648][ C0] ? process_scheduled_works+0x976/0x1850 [ 883.699673][ C0] defense_work_handler+0x22/0xd0 [ 883.699699][ C0] process_scheduled_works+0xa63/0x1850 [ 883.699736][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 883.699765][ C0] ? assign_work+0x364/0x3d0 [ 883.699791][ C0] worker_thread+0x870/0xd30 [ 883.699821][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 883.699850][ C0] ? __kthread_parkme+0x169/0x1d0 [ 883.699878][ C0] ? __pfx_worker_thread+0x10/0x10 [ 883.699903][ C0] kthread+0x2f0/0x390 [ 883.699920][ C0] ? __pfx_worker_thread+0x10/0x10 [ 883.699945][ C0] ? __pfx_kthread+0x10/0x10 [ 883.699963][ C0] ret_from_fork+0x4b/0x80 [ 883.699988][ C0] ? __pfx_kthread+0x10/0x10 [ 883.700007][ C0] ret_from_fork_asm+0x1a/0x30 [ 883.700039][ C0] [ 885.254100][ T53] Bluetooth: hci5: command tx timeout [ 885.357186][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 885.364111][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 885.374655][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 885.384787][ T30] Call Trace: [ 885.388104][ T30] [ 885.391060][ T30] dump_stack_lvl+0x241/0x360 [ 885.395803][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 885.401056][ T30] ? __pfx__printk+0x10/0x10 [ 885.405680][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 885.411717][ T30] ? vscnprintf+0x5d/0x90 [ 885.416096][ T30] panic+0x349/0x880 [ 885.420030][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 885.426226][ T30] ? __pfx_panic+0x10/0x10 [ 885.430673][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 885.436089][ T30] ? __irq_work_queue_local+0x137/0x410 [ 885.441686][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 885.447101][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 885.453295][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 885.459494][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 885.465694][ T30] watchdog+0x1033/0x1040 [ 885.470068][ T30] ? watchdog+0x1ea/0x1040 [ 885.474542][ T30] ? __pfx_watchdog+0x10/0x10 [ 885.479265][ T30] kthread+0x2f0/0x390 [ 885.483367][ T30] ? __pfx_watchdog+0x10/0x10 [ 885.488101][ T30] ? __pfx_kthread+0x10/0x10 [ 885.492723][ T30] ret_from_fork+0x4b/0x80 [ 885.497185][ T30] ? __pfx_kthread+0x10/0x10 [ 885.501811][ T30] ret_from_fork_asm+0x1a/0x30 [ 885.506635][ T30] [ 885.510020][ T30] Kernel Offset: disabled [ 885.514357][ T30] Rebooting in 86400 seconds..