last executing test programs: 1m19.39358622s ago: executing program 3 (id=343): setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0) unshare(0x22020600) r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1) fsmount(r0, 0x0, 0x0) 1m19.165577908s ago: executing program 3 (id=345): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32=r1, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0) 1m18.945217215s ago: executing program 3 (id=350): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8, '\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b'}}}]}, 0x48}}, 0x0) 1m18.798962592s ago: executing program 3 (id=352): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m18.625450142s ago: executing program 3 (id=354): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000020000000900010073797a300000000020000000000c01080000000000000000020000000900010073797a310000000014000000020a01020000000000000000000000002c000000180a01"], 0xa8}}, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1m17.882102829s ago: executing program 3 (id=362): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x400000b6, 0x0, 0x9}]}) 1m17.457051924s ago: executing program 32 (id=362): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x400000b6, 0x0, 0x9}]}) 3.119065889s ago: executing program 5 (id=1540): r0 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) syz_usb_disconnect(r0) ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0x7) 2.794741693s ago: executing program 4 (id=1547): r0 = msgget$private(0x0, 0x790) msgsnd(r0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0) msgsnd(r0, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0) msgctl$IPC_RMID(r0, 0x0) 2.499749575s ago: executing program 4 (id=1553): r0 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0xfffffffa, 0xb, 0x4}) r1 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000180)=@userptr={0xfffffff4, 0xb, 0x4, 0x4000, 0x8, {}, {0x4, 0x8, 0x1, 0x9e, 0x6, 0x9, "f3ce2199"}, 0x0, 0x2, {0x0}}) 2.29110826s ago: executing program 4 (id=1556): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x4, @loopback, 0x5}]}, &(0x7f0000000440)=0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000540)={r1, 0x2}, 0x8) 2.104573397s ago: executing program 4 (id=1559): r0 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0xd, 0xc, "41a0a18ef515814e914ddb349f24d2d4fdf2029d4ea0d5c318c72a7f44575de5928931313688f80c00e226d5f9de71854d921504681829ab9aea7bb39083bd3e", "b52d2e8698032804ba481f878cc65fac11ec880364f7acb23df30827152197f46a9f88676e0b06b603b41a00352efa0e1e53c5153c1a7cc757f3186cc14548be", "8b65cc03d13d051bee0900000006000800f15bc5104e6a8500000055b2a07060", [0x895, 0x4bd]}) 1.938495904s ago: executing program 4 (id=1562): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010) 1.65412711s ago: executing program 1 (id=1568): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000300)={0xc, r1}) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000000000000000000000e6"]) 1.591179168s ago: executing program 1 (id=1570): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x2071c20, 0x0) 1.569336447s ago: executing program 4 (id=1571): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ff000040720501cb6526010203010902120001000000000904"], 0x0) syz_usb_control_io$uac1(r0, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x4, @lang_id={0xffffffffffffffd4, 0x3, 0x200a}}}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000f00)={0x24, 0x0, &(0x7f0000000d80)={0x0, 0x3, 0x4, @lang_id={0xd, 0x3, 0x2c01}}, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, &(0x7f0000000900)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) 1.441756884s ago: executing program 5 (id=1574): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000200)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB='b *:'], 0x8) 1.441061303s ago: executing program 1 (id=1575): r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1) readv(r0, &(0x7f00000006c0)=[{&(0x7f00000017c0)=""/4096, 0x1000}], 0x1) 1.29419239s ago: executing program 5 (id=1578): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x28, r1, 0x1, 0x3, 0x0, {{0xa}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48881}, 0x40) 1.293522453s ago: executing program 1 (id=1579): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0a00fe1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b4090a79507df79f298129da487130d5f24b46001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad379e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488a010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7962b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac2bba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f407000000000000006d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab669ab377e4c2422a47e9ffe2d4a2d32f7528751313694bf57704400b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6940b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d30902208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c8000000000000003a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f000000000facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f296115d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc05000000000000006c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a4619a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806b90cc39c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d3133319e069f9648a2ff93060ff073b3a113e47e447c030931651dd315003b7a6a47c912853826c4c65433a2bb560ae99ec4b227eda2e63a1cb1a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e5f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec90f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754c68b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8adbd2c2604eab3a62a28611da1dae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412cbbdebae06edb51a134301d2627d4927287daf9dcae6720334862d3a18094f1edd9e350337cbb804004d1755cfe7d7fa01872fb99815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2b63a6038ab5546ba1e5ad6a329f2c627100e0442f865fc6c179ad3edcb6b000000000000000b0000000000000000ac192d48d76e2a8cae83ae850f73fdfbaca81b6b7b1a0d7b517f41fbd46aa24b0f4b8e0202e3a580947f1925ba4de097e8dcb6bd7f686322b45d4a544ca1e83b592d4a6d46d0a0dc39634550bc77d4cabba01b283082e66778de7c61a1a36838d36c2f8e58cef603770ee3d6a9625be0bc21d2be2da69ac9e9c5e88278d39239501b465102ad16d651ea8bb8cee35527c1ad42ac6a565e449929ccb4469bdd6824b64e13579b7188566e735200000000000000000094e05bcda1e96e4c33ccf6d74046e45bafe9d512c43a3e485dedad9a38b34f7fcd00fafcc25dc36716f0e21e0632425b7a1c1a6bc15c3fc07d914c88103411d8d2b77b72a796fd3aaa7ea493c7bc43e63b2b0d05ad5682121682096b224933fa20255d58a680cc2ec200"/3002], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x39) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000800)="d2ffdd934517f3e145fa02e086dd", 0x0, 0x1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.200707911s ago: executing program 5 (id=1581): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0xc8, 0x24, 0xf0b, 0x0, 0x1000000, {0x0, 0x0, 0x12, r1, {0x0, 0x300}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x98, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x0, 0x0, 0x0, 0xd645, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffff]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x24, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x3f0000}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xbff3}]}]}, @TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8, 0xb, 0x4}]}}]}, 0xc8}, 0x1, 0x7a00}, 0x0) 1.117553309s ago: executing program 1 (id=1583): r0 = socket$inet_sctp(0x2, 0x5, 0x84) listen(r0, 0xbabc) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000002c0)=0x400, 0x4) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000ac0)=0x5, 0x4) 1.046232462s ago: executing program 0 (id=1584): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14c}}) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x7f1, 0x84, 0xefcc, 0x10b, 0x5, "f06fca79266e82a74b6c5e443a04683cc267a0", 0x6, 0xc}) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000100)) 939.061641ms ago: executing program 1 (id=1586): syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f4, 0x2) syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r0, @ANYRES64=r0], 0x0) 938.725282ms ago: executing program 5 (id=1587): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x1c, r0, 0x10ada85e65c25359, 0x70bd29, 0x8000000, {{0x6b}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x800) 842.26854ms ago: executing program 2 (id=1588): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1c0000005e007f029ea69801d76ab059d261de06fe3114ed3a886ea2", 0x1c}], 0x1}, 0x0) 831.497858ms ago: executing program 0 (id=1589): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2082) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0x7}, 'port0\x00', 0x44, 0xa04f2, 0x10000000, 0x8000008, 0x3, 0x4, 0x80000001}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000004c0)={0x800100, 0x1, 0x200, 0x8, 0x3ff, 0x6}) 774.155995ms ago: executing program 5 (id=1590): r0 = open(&(0x7f0000000080)='./file0\x00', 0x48141, 0x0) fcntl$setlease(r0, 0x400, 0x1) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x20001, 0x0) fcntl$getflags(r0, 0x401) 701.492554ms ago: executing program 0 (id=1591): r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'tunl0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x4}, @IFLA_IPTUN_PMTUDISC={0x5, 0xa, 0x2}]}}}]}, 0x44}}, 0x0) 700.814662ms ago: executing program 2 (id=1592): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000080095000040"]) 606.147619ms ago: executing program 0 (id=1593): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000) madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19) syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) 535.789242ms ago: executing program 2 (id=1594): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@gettaction={0x48, 0x32, 0x400, 0x70bd2a, 0x25cfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4000009}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81f7}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040810) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000304000000d9ff00000000000400", @ANYRES32=r1, @ANYBLOB="60bc010004a701003c00128009000100626f6e64000000002c"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) 418.75002ms ago: executing program 2 (id=1595): r0 = socket$phonet(0x23, 0x2, 0x1) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3000000, 0x1012, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2000007, 0x12, r1, 0x12574000) 313.309306ms ago: executing program 2 (id=1596): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = epoll_create1(0x0) unshare(0x2a000400) epoll_pwait(r0, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffff3, 0x0, 0x0) 92.32719ms ago: executing program 0 (id=1597): unshare(0x24020400) r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4) setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040), 0x4) 14.854163ms ago: executing program 2 (id=1598): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmsg$kcm(r1, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x2a}, {&(0x7f0000001680)="094fb143daa9baa36aaa2cca06886c533118e0", 0x13}], 0x3}, 0x0) 0s ago: executing program 0 (id=1599): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x7) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.149' (ED25519) to the list of known hosts. [ 84.072782][ T5822] cgroup: Unknown subsys name 'net' [ 84.211635][ T5822] cgroup: Unknown subsys name 'cpuset' [ 84.220746][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.989842][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 89.831479][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 89.860714][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.866501][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.869498][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 89.875883][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.883936][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.892662][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 89.898057][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 89.912093][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.919620][ T5845] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 89.928487][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 89.938618][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.946884][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 89.959356][ T5851] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.967624][ T5851] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.969270][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.975777][ T5851] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.990032][ T5853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.990449][ T5851] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.005203][ T5854] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.006648][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.013392][ T5851] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.025170][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.027696][ T5851] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.044213][ T5851] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.712961][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 90.819004][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 90.952729][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 91.002598][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 91.046888][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 91.163639][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.171111][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.179044][ T5833] bridge_slave_0: entered allmulticast mode [ 91.186402][ T5833] bridge_slave_0: entered promiscuous mode [ 91.239894][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.247107][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.255047][ T5833] bridge_slave_1: entered allmulticast mode [ 91.262525][ T5833] bridge_slave_1: entered promiscuous mode [ 91.313691][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.320927][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.328407][ T5834] bridge_slave_0: entered allmulticast mode [ 91.335797][ T5834] bridge_slave_0: entered promiscuous mode [ 91.385544][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.393018][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.401011][ T5834] bridge_slave_1: entered allmulticast mode [ 91.408698][ T5834] bridge_slave_1: entered promiscuous mode [ 91.445553][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.496681][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.504028][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.514842][ T5835] bridge_slave_0: entered allmulticast mode [ 91.522620][ T5835] bridge_slave_0: entered promiscuous mode [ 91.533261][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.570575][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.578038][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.585250][ T5847] bridge_slave_0: entered allmulticast mode [ 91.593331][ T5847] bridge_slave_0: entered promiscuous mode [ 91.601879][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.609865][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.617092][ T5847] bridge_slave_1: entered allmulticast mode [ 91.625543][ T5847] bridge_slave_1: entered promiscuous mode [ 91.647568][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.654755][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.662776][ T5835] bridge_slave_1: entered allmulticast mode [ 91.670697][ T5835] bridge_slave_1: entered promiscuous mode [ 91.707497][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.714746][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.724923][ T5837] bridge_slave_0: entered allmulticast mode [ 91.732484][ T5837] bridge_slave_0: entered promiscuous mode [ 91.758747][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.784707][ T5833] team0: Port device team_slave_0 added [ 91.791030][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.798641][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.805868][ T5837] bridge_slave_1: entered allmulticast mode [ 91.813607][ T5837] bridge_slave_1: entered promiscuous mode [ 91.837850][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.852339][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.863584][ T5833] team0: Port device team_slave_1 added [ 91.911889][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.926475][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.928320][ T9] cfg80211: failed to load regulatory.db [ 91.957992][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.988044][ T5846] Bluetooth: hci1: command tx timeout [ 92.004611][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.068321][ T51] Bluetooth: hci2: command tx timeout [ 92.070109][ T5846] Bluetooth: hci4: command tx timeout [ 92.079492][ T51] Bluetooth: hci0: command tx timeout [ 92.087083][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.094302][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.121036][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.135392][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.147520][ T5846] Bluetooth: hci3: command tx timeout [ 92.156506][ T5847] team0: Port device team_slave_0 added [ 92.166742][ T5847] team0: Port device team_slave_1 added [ 92.177689][ T5834] team0: Port device team_slave_0 added [ 92.186788][ T5835] team0: Port device team_slave_0 added [ 92.193773][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.201201][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.227433][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.290444][ T5834] team0: Port device team_slave_1 added [ 92.299203][ T5835] team0: Port device team_slave_1 added [ 92.338936][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.345925][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.372638][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.415086][ T5837] team0: Port device team_slave_0 added [ 92.421994][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.429201][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.455661][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.468401][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.475403][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.501638][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.565923][ T5837] team0: Port device team_slave_1 added [ 92.587749][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.594902][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.621382][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.642843][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.650203][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.676461][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.689497][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.696531][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.722675][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.740354][ T5833] hsr_slave_0: entered promiscuous mode [ 92.747093][ T5833] hsr_slave_1: entered promiscuous mode [ 92.770861][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.778076][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.805007][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.892934][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.900432][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.926754][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.972376][ T5835] hsr_slave_0: entered promiscuous mode [ 92.980180][ T5835] hsr_slave_1: entered promiscuous mode [ 92.986823][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.994725][ T5835] Cannot create hsr debugfs directory [ 93.033155][ T5847] hsr_slave_0: entered promiscuous mode [ 93.039863][ T5847] hsr_slave_1: entered promiscuous mode [ 93.048079][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.055705][ T5847] Cannot create hsr debugfs directory [ 93.075801][ T5834] hsr_slave_0: entered promiscuous mode [ 93.082505][ T5834] hsr_slave_1: entered promiscuous mode [ 93.089148][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.096738][ T5834] Cannot create hsr debugfs directory [ 93.235058][ T5837] hsr_slave_0: entered promiscuous mode [ 93.241971][ T5837] hsr_slave_1: entered promiscuous mode [ 93.248420][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.256014][ T5837] Cannot create hsr debugfs directory [ 93.784431][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 93.800804][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 93.813948][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.836235][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.898515][ T5834] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 93.940239][ T5834] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 93.953284][ T5834] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 93.967607][ T5834] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 94.036376][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 94.056061][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 94.068200][ T5846] Bluetooth: hci1: command tx timeout [ 94.095104][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 94.110705][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 94.147573][ T5846] Bluetooth: hci0: command tx timeout [ 94.153117][ T5846] Bluetooth: hci2: command tx timeout [ 94.158855][ T51] Bluetooth: hci4: command tx timeout [ 94.227907][ T5846] Bluetooth: hci3: command tx timeout [ 94.258639][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.271446][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 94.289234][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.324365][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.358439][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.409795][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 94.438270][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 94.452656][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 94.463741][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 94.494406][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.514966][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.554113][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.561520][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.616744][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.635454][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.642667][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.676498][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.683731][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.694479][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.701674][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.757012][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.798459][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.824405][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.832067][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.845685][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.852899][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.904821][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 95.020934][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.055495][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.155910][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.204871][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.212200][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.263708][ T4486] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.270922][ T4486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.314009][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.376858][ T4486] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.384106][ T4486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.435894][ T4486] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.443106][ T4486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.475324][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.554130][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.583260][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 95.688378][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.796169][ T5833] veth0_vlan: entered promiscuous mode [ 95.861463][ T5833] veth1_vlan: entered promiscuous mode [ 95.903328][ T5847] veth0_vlan: entered promiscuous mode [ 96.014112][ T5847] veth1_vlan: entered promiscuous mode [ 96.066177][ T5833] veth0_macvtap: entered promiscuous mode [ 96.122640][ T5833] veth1_macvtap: entered promiscuous mode [ 96.150867][ T5846] Bluetooth: hci1: command tx timeout [ 96.166555][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.228998][ T5846] Bluetooth: hci0: command tx timeout [ 96.234496][ T5846] Bluetooth: hci2: command tx timeout [ 96.240329][ T51] Bluetooth: hci4: command tx timeout [ 96.264437][ T5847] veth0_macvtap: entered promiscuous mode [ 96.296882][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.309150][ T5846] Bluetooth: hci3: command tx timeout [ 96.331897][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.342917][ T5847] veth1_macvtap: entered promiscuous mode [ 96.370080][ T5833] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.380067][ T5833] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.390275][ T5833] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.399962][ T5833] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.436093][ T5835] veth0_vlan: entered promiscuous mode [ 96.456622][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.479448][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.496609][ T5835] veth1_vlan: entered promiscuous mode [ 96.505956][ T5834] veth0_vlan: entered promiscuous mode [ 96.530562][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.545457][ T5847] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.556680][ T5847] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.566512][ T5847] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.575655][ T5847] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.602352][ T5834] veth1_vlan: entered promiscuous mode [ 96.706378][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.726634][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.753180][ T5835] veth0_macvtap: entered promiscuous mode [ 96.804662][ T5834] veth0_macvtap: entered promiscuous mode [ 96.819580][ T5835] veth1_macvtap: entered promiscuous mode [ 96.845013][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.863497][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.875815][ T5834] veth1_macvtap: entered promiscuous mode [ 96.884967][ T5837] veth0_vlan: entered promiscuous mode [ 96.941798][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.949312][ T5837] veth1_vlan: entered promiscuous mode [ 96.962266][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.972694][ T3480] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.974043][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.993488][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.000881][ T3480] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.034096][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.066920][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.097971][ T5834] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.106744][ T5834] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.121084][ T5834] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.130070][ T5834] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.151101][ T5835] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.160575][ T5835] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.169801][ T5835] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.172221][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.179584][ T5835] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.241751][ T5837] veth0_macvtap: entered promiscuous mode [ 97.255740][ T5837] veth1_macvtap: entered promiscuous mode [ 97.505936][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.571575][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.599060][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.639395][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.713139][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.742368][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.761719][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.795466][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.875307][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.913322][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.030331][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.042379][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.194953][ T1003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.227154][ T1003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.241664][ T5846] Bluetooth: hci1: command tx timeout [ 98.256980][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.282646][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.307277][ T5846] Bluetooth: hci0: command tx timeout [ 98.319603][ T5846] Bluetooth: hci2: command tx timeout [ 98.325156][ T51] Bluetooth: hci4: command tx timeout [ 98.387896][ T51] Bluetooth: hci3: command tx timeout [ 98.455457][ T5975] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 98.605239][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.641687][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.419724][ T5997] Illegal XDP return value 4294967294 on prog (id 5) dev N/A, expect packet loss! [ 101.230832][ T6042] loop8: detected capacity change from 0 to 7 [ 101.269700][ T6042] Dev loop8: unable to read RDB block 7 [ 101.282805][ T6042] loop8: unable to read partition table [ 101.303476][ T6042] loop8: partition table beyond EOD, truncated [ 101.310200][ T6042] loop_reread_partitions: partition scan of loop8 (被x) failed (rc=-5) [ 101.556363][ T5841] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 101.750099][ T5841] usb 5-1: Using ep0 maxpacket: 16 [ 101.769146][ T5841] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.803234][ T5841] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.837903][ T5841] usb 5-1: config 0 interface 0 has no altsetting 0 [ 101.852976][ T5841] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 101.875456][ T5841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.925171][ T5841] usb 5-1: config 0 descriptor?? [ 102.173474][ T6044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 102.213506][ T6044] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 102.312829][ T6071] capability: warning: `syz.0.55' uses deprecated v2 capabilities in a way that may be insecure [ 102.366518][ T30] audit: type=1400 audit(1752260116.163:2): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=wx pid=6070 comm="syz.0.55" name="12" dev="tmpfs" ino=73 [ 102.473937][ T5841] hid (null): unknown global tag 0xd [ 102.501111][ T5841] hid (null): unknown global tag 0xd [ 102.510371][ T5841] hid (null): report_id 1847273988 is invalid [ 102.522282][ T6077] loop8: detected capacity change from 0 to 1 [ 102.525999][ T5841] hid (null): report_id 60295 is invalid [ 102.567316][ T6077] Dev loop8: unable to read RDB block 1 [ 102.573140][ T6077] loop8: unable to read partition table [ 102.584065][ T6079] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 102.604323][ T6077] loop8: partition table beyond EOD, truncated [ 102.623442][ T6077] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 102.688917][ T5841] usb 5-1: USB disconnect, device number 2 [ 103.106654][ T6089] process 'syz.0.64' launched '/dev/fd/3' with NULL argv: empty string added [ 104.537453][ T5841] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 104.729409][ T5841] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 104.748125][ T5841] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.779815][ T5841] usb 4-1: config 0 descriptor?? [ 104.804747][ T5841] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 105.157246][ T5979] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 105.331254][ T5979] usb 2-1: Using ep0 maxpacket: 16 [ 105.345014][ T6159] tun0: tun_chr_ioctl cmd 2148553947 [ 105.356521][ T5979] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7 [ 105.380546][ T5979] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f [ 105.390363][ T5979] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.398676][ T5979] usb 2-1: Product: syz [ 105.399866][ T5841] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 105.403096][ T5979] usb 2-1: Manufacturer: syz [ 105.418094][ T5979] usb 2-1: SerialNumber: syz [ 105.430492][ T5979] usb 2-1: config 0 descriptor?? [ 105.442936][ T5979] hub 2-1:0.0: bad descriptor, ignoring hub [ 105.449094][ T5979] hub 2-1:0.0: probe with driver hub failed with error -5 [ 105.449131][ T5841] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 105.461288][ T5979] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 105.635194][ T5841] usb 4-1: USB disconnect, device number 2 [ 106.091923][ T5827] usb 2-1: USB disconnect, device number 2 [ 107.382129][ T6208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.116'. [ 107.899641][ T5841] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 108.113679][ T5841] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 108.142226][ T5841] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 108.171849][ T5841] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 108.187906][ T5841] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 108.205048][ T5841] usb 3-1: SerialNumber: syz [ 108.461448][ T5841] usb 3-1: 0:2 : does not exist [ 108.537820][ T5841] usb 3-1: USB disconnect, device number 2 [ 108.602652][ T6169] udevd[6169]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 108.747275][ T5827] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 108.912713][ T5827] usb 1-1: Using ep0 maxpacket: 32 [ 108.925492][ T5827] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 108.958149][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.988949][ T5827] usb 1-1: config 0 descriptor?? [ 109.196626][ T6257] tap0: tun_chr_ioctl cmd 2147767506 [ 109.257440][ T5827] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 109.290111][ T5827] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 109.327909][ T5827] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 109.345726][ T5827] usb 1-1: media controller created [ 109.436897][ T6264] vivid-000: ================= START STATUS ================= [ 109.459431][ T6264] vivid-000: Test Pattern: 75% Colorbar [ 109.465250][ T6264] vivid-000: Fill Percentage of Frame: 100 [ 109.474153][ T5827] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 109.506820][ T6264] vivid-000: Horizontal Movement: No Movement [ 109.514848][ T6264] vivid-000: Vertical Movement: No Movement [ 109.521182][ T6264] vivid-000: OSD Text Mode: All [ 109.547180][ T6264] vivid-000: Show Border: false [ 109.557208][ T6264] vivid-000: Show Square: false [ 109.562225][ T6264] vivid-000: Sensor Flipped Horizontally: false [ 109.604187][ T6264] vivid-000: Sensor Flipped Vertically: false [ 109.610982][ T6264] vivid-000: Insert SAV Code in Image: false [ 109.617713][ T6264] vivid-000: Insert EAV Code in Image: false [ 109.625506][ T6264] vivid-000: Insert Video Guard Band: false [ 109.631793][ T6264] vivid-000: Reduced Framerate: false [ 109.638398][ T6264] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 109.672180][ T6264] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 109.699373][ T6264] vivid-000: Enable Capture Cropping: true grabbed [ 109.724624][ T6264] vivid-000: Enable Capture Composing: true grabbed [ 109.754125][ T6264] vivid-000: Enable Capture Scaler: true grabbed [ 109.776236][ T6264] vivid-000: Timestamp Source: End of Frame [ 109.796710][ T6264] vivid-000: Colorspace: sRGB [ 109.836346][ T6264] vivid-000: Transfer Function: Default [ 109.864355][ T6264] vivid-000: Y'CbCr Encoding: Default [ 109.900337][ T6264] vivid-000: HSV Encoding: Hue 0-179 [ 109.909692][ T6264] vivid-000: Quantization: Default [ 109.915004][ T6264] vivid-000: Apply Alpha To Red Only: false [ 109.951080][ T5827] az6027: usb out operation failed. (-71) [ 109.971944][ T5827] stb0899_attach: Driver disabled by Kconfig [ 109.978367][ T6264] vivid-000: Standard Aspect Ratio: 4x3 [ 109.983990][ T6264] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 109.994895][ T5827] az6027: no front-end attached [ 109.994895][ T5827] [ 110.002576][ T6264] vivid-000: DV Timings: 640x480p59 inactive [ 110.008901][ T5827] az6027: usb out operation failed. (-71) [ 110.014944][ T5827] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 110.025237][ T6264] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 110.038950][ T5827] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input5 [ 110.050745][ T6264] vivid-000: Maximum EDID Blocks: 2 [ 110.056042][ T6264] vivid-000: Limited RGB Range (16-235): false [ 110.076129][ T5827] dvb-usb: schedule remote query interval to 400 msecs. [ 110.083533][ T6264] vivid-000: Rx RGB Quantization Range: Automatic [ 110.096833][ T5827] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 110.145020][ T6264] vivid-000: Power Present: 0x00000001 [ 110.153389][ T6264] tpg source WxH: 320x240 (Y'CbCr) [ 110.162543][ T5827] usb 1-1: USB disconnect, device number 2 [ 110.178814][ T6264] tpg field: 1 [ 110.189494][ T6264] tpg crop: (0,0)/320x240 [ 110.225648][ T6264] tpg compose: (0,0)/320x240 [ 110.238208][ T6264] tpg colorspace: 8 [ 110.280625][ T6264] tpg transfer function: 0/2 [ 110.285310][ T6264] tpg Y'CbCr encoding: 0/1 [ 110.327296][ T6264] tpg quantization: 0/2 [ 110.331801][ T6264] tpg RGB range: 0/2 [ 110.339924][ T6264] vivid-000: ================== END STATUS ================== [ 110.394412][ T5827] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 110.504997][ T6287] warning: `syz.3.151' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 110.915446][ T6297] netlink: 8 bytes leftover after parsing attributes in process `syz.2.157'. [ 112.242150][ T6346] Zero length message leads to an empty skb [ 112.262468][ T6340] netlink: 48 bytes leftover after parsing attributes in process `syz.4.176'. [ 112.655345][ T6356] netlink: 164 bytes leftover after parsing attributes in process `syz.1.182'. [ 112.687760][ T5841] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 112.867843][ T5841] usb 5-1: Using ep0 maxpacket: 32 [ 112.888192][ T5841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.930678][ T5841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 112.961479][ T5841] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 112.996218][ T5841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.036039][ T6366] sp0: Synchronizing with TNC [ 113.052039][ T5841] usb 5-1: config 0 descriptor?? [ 113.086661][ T5841] hub 5-1:0.0: USB hub found [ 113.314100][ T5841] hub 5-1:0.0: config failed, can't read hub descriptor (err -90) [ 113.547261][ T5841] usbhid 5-1:0.0: can't add hid device: -71 [ 113.557299][ T5841] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 113.626373][ T5841] usb 5-1: USB disconnect, device number 3 [ 113.664156][ T6389] netlink: 256 bytes leftover after parsing attributes in process `syz.1.198'. [ 113.684360][ T6387] ======================================================= [ 113.684360][ T6387] WARNING: The mand mount option has been deprecated and [ 113.684360][ T6387] and is ignored by this kernel. Remove the mand [ 113.684360][ T6387] option from the mount to silence this warning. [ 113.684360][ T6387] ======================================================= [ 113.695065][ T6389] netlink: 72 bytes leftover after parsing attributes in process `syz.1.198'. [ 114.028089][ T5938] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 114.108782][ T6403] blkio.reset_stats is deprecated [ 114.228306][ T5938] usb 4-1: config 0 has an invalid interface number: 104 but max is 0 [ 114.254921][ T5938] usb 4-1: config 0 has no interface number 0 [ 114.286329][ T5938] usb 4-1: config 0 interface 104 has no altsetting 0 [ 114.304166][ T5938] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9 [ 114.323066][ T5938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.357224][ T5938] usb 4-1: Product: syz [ 114.361583][ T5938] usb 4-1: Manufacturer: syz [ 114.366223][ T5938] usb 4-1: SerialNumber: syz [ 114.428380][ T5938] usb 4-1: config 0 descriptor?? [ 114.485903][ T5938] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 114.549664][ T6414] loop2: detected capacity change from 0 to 7 [ 114.590748][ T6169] Dev loop2: unable to read RDB block 7 [ 114.596442][ T6169] loop2: unable to read partition table [ 114.614709][ T6169] loop2: partition table beyond EOD, truncated [ 114.645685][ T5938] gspca_vc032x: reg_r err -71 [ 114.651206][ T6414] Dev loop2: unable to read RDB block 7 [ 114.661834][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.671290][ T6414] loop2: unable to read partition table [ 114.678254][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.684037][ T6414] loop2: partition table beyond EOD, truncated [ 114.693058][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.698934][ T6414] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 114.718183][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.723726][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.739243][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.759950][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.765316][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.811487][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.816856][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.855965][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.897156][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.902525][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.948578][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 114.975581][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 115.004590][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 115.021210][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 115.026663][ T5938] gspca_vc032x: I2c Bus Busy Wait 00 [ 115.057205][ T5938] gspca_vc032x: Unknown sensor... [ 115.062388][ T5938] vc032x 4-1:0.104: probe with driver vc032x failed with error -22 [ 115.111762][ T5938] usb 4-1: USB disconnect, device number 3 [ 115.207618][ T5841] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 115.379282][ T5841] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 115.387743][ T5841] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.432646][ T5841] usb 5-1: config 0 has no interface number 0 [ 115.456174][ T5841] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 115.497705][ T5841] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 115.529830][ T5841] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 115.539300][ T5841] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.550180][ T5841] usb 5-1: Product: syz [ 115.566979][ T5841] usb 5-1: Manufacturer: syz [ 115.575188][ T5841] usb 5-1: SerialNumber: syz [ 115.601140][ T5841] usb 5-1: config 0 descriptor?? [ 116.267386][ T5841] usb 5-1: USB disconnect, device number 4 [ 116.710245][ T5903] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 116.727172][ T30] audit: type=1326 audit(1752260130.523:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6464 comm="syz.2.232" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb245b8e929 code=0x0 [ 116.879713][ T6467] Bluetooth: MGMT ver 1.23 [ 116.906781][ T6467] Bluetooth: hci0: load_link_keys: too big key_count value 2816 [ 116.981186][ T5903] usb 1-1: Using ep0 maxpacket: 16 [ 117.045607][ T5903] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 117.077248][ T5903] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=222 [ 117.125989][ T5903] usb 1-1: SerialNumber: syz [ 117.158176][ T5903] usb 1-1: config 0 descriptor?? [ 117.238658][ T5903] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 117.278239][ T5903] usb 1-1: Detected FT232A [ 117.299109][ T5903] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 117.482265][ T5903] usb 1-1: USB disconnect, device number 3 [ 117.521891][ T5903] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 117.598001][ T5903] ftdi_sio 1-1:0.0: device disconnected [ 118.820506][ T6516] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 119.126084][ T6526] netlink: 20 bytes leftover after parsing attributes in process `syz.4.258'. [ 119.156966][ T5827] kernel write not supported for file /snd/seq (pid: 5827 comm: kworker/0:3) [ 121.368654][ T6585] loop4: detected capacity change from 0 to 524255232 [ 121.460899][ T6585] loop4: detected capacity change from 524255232 to 524287936 [ 123.349766][ T5827] kernel read not supported for file /dsp1 (pid: 5827 comm: kworker/0:3) [ 123.530770][ T6646] kvm: kvm [6643]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000001b) [ 125.164437][ T6697] netlink: 8 bytes leftover after parsing attributes in process `syz.3.337'. [ 125.221681][ T6697] netlink: 12 bytes leftover after parsing attributes in process `syz.3.337'. [ 125.367345][ T5827] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 125.551011][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.562401][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 125.582451][ T5827] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 125.602030][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.655547][ T5827] usb 5-1: config 0 descriptor?? [ 125.919432][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 126.115541][ T5827] sony 0003:054C:024B.0002: unexpected long global item [ 126.138320][ T6723] netlink: 60 bytes leftover after parsing attributes in process `syz.0.347'. [ 126.153992][ T5827] sony 0003:054C:024B.0002: parse failed [ 126.173580][ T5827] sony 0003:054C:024B.0002: probe with driver sony failed with error -22 [ 126.179862][ T6723] netlink: 60 bytes leftover after parsing attributes in process `syz.0.347'. [ 126.238116][ T6731] input: syz0 as /devices/virtual/input/input7 [ 126.317458][ T5911] usb 5-1: USB disconnect, device number 5 [ 127.103016][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.284690][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.639674][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.125774][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 128.137418][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 128.145505][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 128.161340][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 128.171623][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 128.204711][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.088868][ T13] bridge_slave_1: left allmulticast mode [ 129.100375][ T13] bridge_slave_1: left promiscuous mode [ 129.117629][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.153049][ T30] audit: type=1326 audit(1752260142.963:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 129.209446][ T30] audit: type=1326 audit(1752260142.963:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 129.232232][ T13] bridge_slave_0: left allmulticast mode [ 129.254611][ T13] bridge_slave_0: left promiscuous mode [ 129.261322][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.305896][ T30] audit: type=1326 audit(1752260142.963:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 129.411178][ T30] audit: type=1326 audit(1752260142.963:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 130.325565][ T5846] Bluetooth: hci2: command tx timeout [ 130.646820][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 130.732713][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 130.768281][ T13] bond0 (unregistering): Released all slaves [ 131.599892][ T5911] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 131.787255][ T5911] usb 2-1: Using ep0 maxpacket: 32 [ 131.816239][ T5911] usb 2-1: config 0 has an invalid interface number: 219 but max is 0 [ 131.845616][ T5911] usb 2-1: config 0 has no interface number 0 [ 131.868467][ T5911] usb 2-1: config 0 interface 219 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 131.907596][ T5911] usb 2-1: config 0 interface 219 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 131.927063][ T6776] chnl_net:caif_netlink_parms(): no params data found [ 131.951040][ T5911] usb 2-1: New USB device found, idVendor=0582, idProduct=ecd6, bcdDevice=6b.1b [ 131.971419][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.992633][ T5911] usb 2-1: Product: syz [ 132.013822][ T5911] usb 2-1: Manufacturer: syz [ 132.032840][ T5911] usb 2-1: SerialNumber: syz [ 132.052834][ T5911] usb 2-1: config 0 descriptor?? [ 132.107915][ T6875] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 132.143154][ T13] hsr_slave_0: left promiscuous mode [ 132.165777][ T13] hsr_slave_1: left promiscuous mode [ 132.178309][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.186193][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.196419][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.204181][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 132.244849][ T13] veth1_macvtap: left promiscuous mode [ 132.255830][ T13] veth0_macvtap: left promiscuous mode [ 132.262469][ T13] veth1_vlan: left promiscuous mode [ 132.268274][ T13] veth0_vlan: left promiscuous mode [ 132.353583][ T5911] usb 2-1: USB disconnect, device number 3 [ 132.387562][ T51] Bluetooth: hci2: command tx timeout [ 132.435280][ T6169] udevd[6169]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.219/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 132.872653][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.880053][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.052234][ T13] team0 (unregistering): Port device team_slave_1 removed [ 133.106475][ T13] team0 (unregistering): Port device team_slave_0 removed [ 133.219412][ T6893] loop9: detected capacity change from 0 to 7 [ 133.226809][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.239832][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.251664][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.262920][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.273053][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.283294][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.291505][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.299741][ T6893] ldm_validate_partition_table(): Disk read failed. [ 133.306443][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.315793][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.324024][ T6893] Buffer I/O error on dev loop9, logical block 0, async page read [ 133.332298][ T6893] Dev loop9: unable to read RDB block 0 [ 133.338344][ T6893] loop9: unable to read partition table [ 133.344452][ T6893] loop9: partition table beyond EOD, truncated [ 133.350932][ T6893] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 133.350932][ T6893] ) failed (rc=-5) [ 134.380933][ T6776] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.397018][ T6776] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.417402][ T6776] bridge_slave_0: entered allmulticast mode [ 134.424749][ T6776] bridge_slave_0: entered promiscuous mode [ 134.449490][ T6776] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.457821][ T6776] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.465075][ T6776] bridge_slave_1: entered allmulticast mode [ 134.467278][ T51] Bluetooth: hci2: command tx timeout [ 134.481334][ T6776] bridge_slave_1: entered promiscuous mode [ 134.577580][ T6913] netlink: 1 bytes leftover after parsing attributes in process `syz.4.427'. [ 134.596245][ T6776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 134.648010][ T6776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 134.853194][ T6776] team0: Port device team_slave_0 added [ 134.924452][ T6776] team0: Port device team_slave_1 added [ 135.105631][ T30] audit: type=1326 audit(1752260148.913:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.0.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee4d8e929 code=0x7ffc0000 [ 135.170830][ T30] audit: type=1326 audit(1752260148.953:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.0.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee4d8e929 code=0x7ffc0000 [ 135.185494][ T6776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 135.208799][ T30] audit: type=1326 audit(1752260148.953:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.0.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f7ee4d8e929 code=0x7ffc0000 [ 135.247764][ T6776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.294011][ T30] audit: type=1326 audit(1752260148.953:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.0.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee4d8e929 code=0x7ffc0000 [ 135.333228][ T6776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 135.374362][ T30] audit: type=1326 audit(1752260148.953:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.0.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee4d8e929 code=0x7ffc0000 [ 135.388877][ T6776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 135.419749][ T6776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.448750][ T6776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 135.635431][ T6776] hsr_slave_0: entered promiscuous mode [ 135.658469][ T6776] hsr_slave_1: entered promiscuous mode [ 135.814731][ T30] audit: type=1326 audit(1752260149.613:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.0.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee4d8e929 code=0x7fc00000 [ 136.218920][ T6964] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 136.523127][ T6776] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 136.547423][ T51] Bluetooth: hci2: command tx timeout [ 136.599551][ T6776] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 136.647976][ T6776] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 136.690792][ T6776] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 137.014566][ T6776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.062678][ T6776] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.095204][ T4486] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.102447][ T4486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.143493][ T1003] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.150776][ T1003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.457497][ T5841] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 137.617873][ T5841] usb 2-1: Using ep0 maxpacket: 32 [ 137.634166][ T5841] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 137.650231][ T6776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 137.658890][ T5841] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.684717][ T5841] usb 2-1: config 0 descriptor?? [ 137.701420][ T5841] gspca_main: sunplus-2.14.0 probing 041e:400b [ 137.965663][ T7015] netlink: 'syz.4.469': attribute type 12 has an invalid length. [ 137.975653][ T7015] netlink: 9472 bytes leftover after parsing attributes in process `syz.4.469'. [ 138.373955][ T7026] netlink: 32 bytes leftover after parsing attributes in process `syz.4.474'. [ 138.389184][ T7026] sch_tbf: peakrate 4 is lower than or equals to rate 5 ! [ 138.518986][ T5841] gspca_sunplus: reg_r err -71 [ 138.524031][ T5841] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 138.586200][ T5841] usb 2-1: USB disconnect, device number 4 [ 138.703427][ T6776] veth0_vlan: entered promiscuous mode [ 138.758020][ T6776] veth1_vlan: entered promiscuous mode [ 138.863725][ T6776] veth0_macvtap: entered promiscuous mode [ 138.883252][ T6776] veth1_macvtap: entered promiscuous mode [ 138.919971][ T6776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 138.945859][ T6776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 138.971107][ T6776] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.980107][ T6776] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.990545][ T6776] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.999545][ T6776] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.058161][ T5827] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 139.174805][ T3480] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.204611][ T3480] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.240907][ T5827] usb 1-1: config index 0 descriptor too short (expected 72, got 10) [ 139.258724][ T5827] usb 1-1: config 1 descriptor has 1 excess byte, ignoring [ 139.266025][ T5827] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 139.292812][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.306497][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.338795][ T5827] usb 1-1: string descriptor 0 read error: -71 [ 139.345164][ T5827] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 139.372558][ T5827] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.407664][ T5827] usb 1-1: can't set config #1, error -71 [ 139.432265][ T5827] usb 1-1: USB disconnect, device number 4 [ 140.430368][ T7083] sctp: [Deprecated]: syz.1.500 (pid 7083) Use of struct sctp_assoc_value in delayed_ack socket option. [ 140.430368][ T7083] Use struct sctp_sack_info instead [ 140.949371][ T7105] tracefs: Invalid gid '00000000000037777777777' [ 141.120498][ T7112] pimreg: entered allmulticast mode [ 141.145803][ T7112] pimreg: left allmulticast mode [ 141.237599][ T7114] tap0: tun_chr_ioctl cmd 1074025677 [ 141.243366][ T7114] tap0: linktype set to 773 [ 141.283696][ T7116] netlink: 56 bytes leftover after parsing attributes in process `syz.5.515'. [ 141.777324][ T5827] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 141.919531][ T7131] netlink: 48 bytes leftover after parsing attributes in process `syz.0.522'. [ 141.967658][ T5827] usb 6-1: Using ep0 maxpacket: 32 [ 141.988631][ T5827] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 142.024962][ T5827] usb 6-1: config 0 has no interface number 0 [ 142.039443][ T5827] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 142.058553][ T5827] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.081107][ T5827] usb 6-1: Product: syz [ 142.098412][ T5827] usb 6-1: Manufacturer: syz [ 142.103079][ T5827] usb 6-1: SerialNumber: syz [ 142.171714][ T5827] usb 6-1: config 0 descriptor?? [ 142.196462][ T5827] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 142.443661][ T5827] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 142.493781][ T5827] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 142.880006][ C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 142.880576][ T24] usb 6-1: USB disconnect, device number 2 [ 142.924446][ T24] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 142.989577][ T24] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 143.026804][ T24] quatech2 6-1:0.51: device disconnected [ 143.066252][ T5903] kernel read not supported for file /dsp (pid: 5903 comm: kworker/1:3) [ 143.264573][ T7172] netlink: 92 bytes leftover after parsing attributes in process `syz.4.539'. [ 144.534501][ T7222] C: renamed from team_slave_0 (while UP) [ 144.561902][ T7222] netlink: 'syz.1.563': attribute type 1 has an invalid length. [ 144.597972][ T7226] Attempt to restore checkpoint with obsolete wellknown handles [ 144.603564][ T7222] netlink: 128 bytes leftover after parsing attributes in process `syz.1.563'. [ 144.615181][ T7222] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 144.920057][ T7240] netlink: 'syz.4.572': attribute type 5 has an invalid length. [ 145.927527][ T24] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 146.087554][ T24] usb 3-1: Using ep0 maxpacket: 16 [ 146.100322][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 146.127458][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 146.150228][ T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 146.177949][ T24] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 146.199560][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.246867][ T24] usb 3-1: config 0 descriptor?? [ 146.303530][ T7302] o2cb: This node has not been configured. [ 146.314528][ T7302] o2cb: Cluster check failed. Fix errors before retrying. [ 146.344854][ T7302] (syz.1.601,7302,1):user_dlm_register:674 ERROR: status = -22 [ 146.353982][ T7302] (syz.1.601,7302,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0" [ 146.493803][ T7310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.605'. [ 146.536137][ T7312] openvswitch: netlink: IP tunnel dst address not specified [ 146.681988][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.710911][ T24] microsoft 0003:045E:07DA.0003: ignoring exceeding usage max [ 146.726224][ T7320] sch_fq: defrate 0 ignored. [ 146.731127][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.731171][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.731199][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.731227][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.763835][ T7317] netlink: 596 bytes leftover after parsing attributes in process `syz.4.608'. [ 146.799991][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.812653][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.822491][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.835378][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.844675][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.855962][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.883585][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.931973][ T24] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 146.956772][ T24] microsoft 0003:045E:07DA.0003: unsupported Resolution Multiplier 0 [ 146.994304][ T24] microsoft 0003:045E:07DA.0003: unsupported Resolution Multiplier 0 [ 147.035548][ T36] Bluetooth: hci5: Frame reassembly failed (-84) [ 147.053651][ T24] microsoft 0003:045E:07DA.0003: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 147.079504][ T24] microsoft 0003:045E:07DA.0003: no inputs found [ 147.086057][ T24] microsoft 0003:045E:07DA.0003: could not initialize ff, continuing anyway [ 147.106829][ T24] usb 3-1: USB disconnect, device number 3 [ 147.224144][ T30] audit: type=1326 audit(1752260161.033:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 147.286738][ T30] audit: type=1326 audit(1752260161.033:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 147.321730][ T30] audit: type=1326 audit(1752260161.033:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 147.346170][ T30] audit: type=1326 audit(1752260161.033:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 147.370296][ T30] audit: type=1326 audit(1752260161.033:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 147.401578][ T30] audit: type=1326 audit(1752260161.043:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 147.431134][ T30] audit: type=1326 audit(1752260161.043:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 147.456616][ T30] audit: type=1326 audit(1752260161.043:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7337 comm="syz.4.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a878e929 code=0x7ffc0000 [ 148.168986][ T7375] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 149.107414][ T5846] Bluetooth: hci5: command 0x1003 tx timeout [ 149.110719][ T51] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 149.244178][ T7415] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.655'. [ 149.406278][ T7423] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 149.569423][ T5841] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 149.749426][ T5841] usb 5-1: config 0 has no interfaces? [ 149.757610][ T5841] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9 [ 149.786340][ T5841] usb 5-1: New USB device strings: Mfr=1, Product=234, SerialNumber=2 [ 149.815146][ T5841] usb 5-1: Product: syz [ 149.820030][ T5841] usb 5-1: Manufacturer: syz [ 149.827023][ T5841] usb 5-1: SerialNumber: syz [ 149.850926][ T5841] usb 5-1: config 0 descriptor?? [ 150.069585][ T5841] usb 5-1: USB disconnect, device number 6 [ 150.498705][ T7473] program syz.1.684 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 150.683259][ T7477] xt_hashlimit: max too large, truncated to 1048576 [ 150.709162][ T7477] xt_hashlimit: overflow, try lower: 0/0 [ 151.271994][ T7503] netlink: 'syz.1.698': attribute type 3 has an invalid length. [ 151.649221][ T30] audit: type=1326 audit(1752260165.463:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7512 comm="syz.1.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 151.713142][ T30] audit: type=1326 audit(1752260165.463:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7512 comm="syz.1.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 151.822471][ T7518] netlink: 8 bytes leftover after parsing attributes in process `syz.5.705'. [ 153.147565][ T7569] netlink: 8 bytes leftover after parsing attributes in process `syz.5.728'. [ 153.881446][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 153.881465][ T30] audit: type=1800 audit(1752260167.693:32): pid=7600 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.742" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 154.317537][ T7616] binder: Binderfs stats mode cannot be changed during a remount [ 154.544324][ T7620] program syz.2.750 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 155.922283][ T7678] bridge0: entered promiscuous mode [ 155.942971][ T7678] macvlan2: entered promiscuous mode [ 156.557528][ T5841] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 156.721392][ T5841] usb 1-1: Using ep0 maxpacket: 16 [ 156.738021][ T5841] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.763608][ T5841] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 156.788753][ T5841] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 156.812150][ T5841] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.837030][ T5841] usb 1-1: config 0 descriptor?? [ 156.842903][ T7712] netlink: 'syz.1.793': attribute type 2 has an invalid length. [ 157.278978][ T7719] block nbd1: shutting down sockets [ 157.297510][ T5841] corsair 0003:1B1C:1B02.0004: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0 [ 157.647717][ T24] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 157.705211][ T5841] usb 1-1: USB disconnect, device number 5 [ 157.840223][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 157.852786][ T24] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 157.873613][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.903224][ T24] usb 5-1: config 0 descriptor?? [ 157.962400][ T7744] netlink: 4 bytes leftover after parsing attributes in process `syz.1.806'. [ 158.132660][ T24] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 158.198064][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 158.225937][ T24] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 158.247183][ T24] usb 5-1: media controller created [ 158.303293][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 158.360410][ T24] az6027: usb out operation failed. (-71) [ 158.385434][ T24] az6027: usb out operation failed. (-71) [ 158.391906][ T24] stb0899_attach: Driver disabled by Kconfig [ 158.405178][ T24] az6027: no front-end attached [ 158.405178][ T24] [ 158.415628][ T24] az6027: usb out operation failed. (-71) [ 158.424218][ T24] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 158.443981][ T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9 [ 158.472221][ T24] dvb-usb: schedule remote query interval to 400 msecs. [ 158.497267][ T24] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 158.532165][ T24] usb 5-1: USB disconnect, device number 7 [ 158.681581][ T30] audit: type=1400 audit(1752260172.493:33): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=7763 comm="syz.1.815" dest=20002 netif=wpan0 [ 158.702711][ T24] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 160.719264][ T7825] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 160.999042][ T7835] can0: slcan on ttyS3. [ 161.031480][ T7837] netlink: 100 bytes leftover after parsing attributes in process `syz.4.847'. [ 161.149749][ T7835] can0 (unregistered): slcan off ttyS3. [ 161.659612][ T7859] netlink: 'syz.0.858': attribute type 1 has an invalid length. [ 161.700269][ T7859] netlink: 208 bytes leftover after parsing attributes in process `syz.0.858'. [ 161.712366][ T7859] netlink: 'syz.0.858': attribute type 1 has an invalid length. [ 161.730262][ T7859] netlink: 12 bytes leftover after parsing attributes in process `syz.0.858'. [ 161.888566][ T7864] netlink: 'syz.5.860': attribute type 49 has an invalid length. [ 161.914367][ T7867] program syz.2.861 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 162.269376][ T7873] block nbd0: server does not support multiple connections per device. [ 162.284686][ T7873] block nbd0: shutting down sockets [ 162.562100][ T7897] netlink: 'syz.5.876': attribute type 5 has an invalid length. [ 162.759867][ T7907] loop9: detected capacity change from 0 to 7 [ 162.771004][ T7907] buffer_io_error: 9 callbacks suppressed [ 162.771022][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 162.789032][ T7903] Falling back ldisc for ttyS3. [ 162.814564][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 162.867503][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 162.908988][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 162.926064][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 162.967849][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 162.993820][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 163.023999][ T7907] ldm_validate_partition_table(): Disk read failed. [ 163.049550][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 163.080097][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 163.110508][ T7907] Buffer I/O error on dev loop9, logical block 0, async page read [ 163.143489][ T7907] Dev loop9: unable to read RDB block 0 [ 163.167466][ T7907] loop9: unable to read partition table [ 163.183534][ T7907] loop9: partition table beyond EOD, truncated [ 163.202191][ T7907] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 163.202191][ T7907] ) failed (rc=-5) [ 163.447319][ T5827] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 163.621236][ T5827] usb 6-1: unable to get BOS descriptor or descriptor too short [ 163.642058][ T5827] usb 6-1: no configurations [ 163.646765][ T5827] usb 6-1: can't read configurations, error -22 [ 163.703341][ T7935] block nbd0: not configured, cannot reconfigure [ 163.993707][ T7947] netem: change failed [ 164.966547][ T7983] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 165.198886][ T30] audit: type=1326 audit(1752260179.013:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7991 comm="syz.2.918" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb245b8e929 code=0x0 [ 165.382731][ T7997] netlink: 52 bytes leftover after parsing attributes in process `syz.4.920'. [ 166.187601][ T5827] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 166.357216][ T5827] usb 2-1: Using ep0 maxpacket: 32 [ 166.371837][ T5827] usb 2-1: config 0 interface 0 has no altsetting 0 [ 166.383307][ T5827] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 166.415387][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.430959][ T5827] usb 2-1: Product: syz [ 166.435231][ T5827] usb 2-1: Manufacturer: syz [ 166.443573][ T5827] usb 2-1: SerialNumber: syz [ 166.451832][ T5827] usb 2-1: config 0 descriptor?? [ 166.487601][ T5979] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 166.638600][ T5979] usb 3-1: Using ep0 maxpacket: 32 [ 166.647604][ T5979] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 166.658903][ T5979] usb 3-1: config 0 has no interface number 0 [ 166.670176][ T5979] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 166.691132][ T5979] usb 3-1: config 0 interface 196 has no altsetting 0 [ 166.715505][ T5979] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 166.730113][ T5979] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.739986][ T5979] usb 3-1: Product: syz [ 166.744432][ T5979] usb 3-1: Manufacturer: syz [ 166.751736][ T5979] usb 3-1: SerialNumber: syz [ 166.766895][ T5979] usb 3-1: config 0 descriptor?? [ 166.774048][ T8023] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 166.899545][ T5827] gs_usb 2-1:0.0: Configuring for 1 interfaces [ 167.068628][ T8050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.943'. [ 167.218811][ T5979] ipheth 3-1:0.196: ipheth_get_macaddr: usb_control_msg: short packet: 0 bytes [ 167.229198][ T5979] ipheth 3-1:0.196: probe with driver ipheth failed with error -22 [ 167.301006][ T5827] gs_usb 2-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO) [ 167.321401][ T5827] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71 [ 167.350060][ T5827] usb 2-1: USB disconnect, device number 5 [ 167.436187][ T5982] usb 3-1: USB disconnect, device number 4 [ 167.496807][ T8061] netlink: 24 bytes leftover after parsing attributes in process `syz.5.949'. [ 167.510450][ T8061] netlink: 24 bytes leftover after parsing attributes in process `syz.5.949'. [ 168.973495][ T5982] kernel write not supported for file /dlm-control (pid: 5982 comm: kworker/0:6) [ 169.004726][ T8106] netlink: 40 bytes leftover after parsing attributes in process `syz.1.968'. [ 169.283446][ T8120] netlink: 120 bytes leftover after parsing attributes in process `syz.0.973'. [ 169.580147][ T5841] kernel read not supported for file /usbmon9 (pid: 5841 comm: kworker/1:2) [ 169.991603][ T8151] netlink: 8 bytes leftover after parsing attributes in process `syz.2.987'. [ 170.003596][ T8151] netlink: 12 bytes leftover after parsing attributes in process `syz.2.987'. [ 170.020441][ T8156] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 170.045277][ T8151] netlink: 'syz.2.987': attribute type 13 has an invalid length. [ 170.174785][ T8159] tap0: tun_chr_ioctl cmd 1074025673 [ 170.193296][ T8160] netlink: 20 bytes leftover after parsing attributes in process `syz.1.991'. [ 170.234645][ T8160] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.243958][ T8160] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.609447][ T8184] loop8: detected capacity change from 0 to 1 [ 170.616993][ T8184] Dev loop8: unable to read RDB block 1 [ 170.628292][ T8184] loop8: unable to read partition table [ 170.643615][ T8184] loop8: partition table beyond EOD, truncated [ 170.656871][ T8184] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 170.801305][ T8191] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1006'. [ 170.820570][ T8191] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1006'. [ 170.872046][ T8194] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 172.835603][ T8262] netlink: 'syz.5.1040': attribute type 1 has an invalid length. [ 172.853845][ T8262] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1040'. [ 172.871983][ T8262] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1040'. [ 173.611780][ T8284] tipc: Started in network mode [ 173.639144][ T8284] tipc: Node identity ac14140f, cluster identity 4711 [ 173.657041][ T8284] tipc: New replicast peer: 255.255.255.255 [ 173.678325][ T8289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1051'. [ 173.719311][ T8284] tipc: Enabled bearer , priority 10 [ 173.725689][ T8290] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1049'. [ 173.757315][ T8290] tipc: Disabling bearer [ 174.766459][ T8329] kernel profiling enabled (shift: 17) [ 174.924208][ T8339] erspan0: entered promiscuous mode [ 174.992065][ T8343] sctp: [Deprecated]: syz.1.1078 (pid 8343) Use of struct sctp_assoc_value in delayed_ack socket option. [ 174.992065][ T8343] Use struct sctp_sack_info instead [ 175.292308][ T8357] ubi31: attaching mtd0 [ 175.321302][ T8357] ubi31: scanning is finished [ 175.326064][ T8357] ubi31: empty MTD device detected [ 175.484192][ T8357] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 175.497235][ T8357] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 175.514921][ T8357] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 175.537861][ T8357] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 175.557478][ T8357] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 175.568178][ T8357] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 175.587728][ T8357] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3934362482 [ 175.598194][ T8357] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 175.609802][ T8360] ubi31: background thread "ubi_bgt31d" started, PID 8360 [ 176.133197][ T8378] input: syz0 as /devices/virtual/input/input12 [ 176.424739][ T30] audit: type=1326 audit(1752260190.233:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8392 comm="syz.4.1099" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f43a878e929 code=0x0 [ 176.445608][ C0] vkms_vblank_simulate: vblank timer overrun [ 176.448663][ T8391] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1098'. [ 176.503548][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805aad1400: rx timeout, send abort [ 176.513675][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805aad1400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 177.175579][ T8420] netlink: 1041 bytes leftover after parsing attributes in process `syz.0.1109'. [ 177.546746][ T8432] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1115'. [ 178.119154][ T8462] netlink: 'syz.2.1131': attribute type 3 has an invalid length. [ 178.126968][ T8462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1131'. [ 178.244856][ T8468] mmap: syz.4.1134 (8468) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 179.052128][ T8505] mkiss: ax0: crc mode is auto. [ 179.165685][ T8512] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1152'. [ 179.657515][ T5979] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 179.827542][ T5979] usb 5-1: Using ep0 maxpacket: 32 [ 179.834983][ T5979] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 179.867653][ T5979] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.895412][ T5979] usb 5-1: config 0 descriptor?? [ 180.131035][ T5979] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 180.168064][ T5979] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 180.198454][ T5979] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 180.205715][ T5979] usb 5-1: media controller created [ 180.285930][ T5979] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 180.352793][ T5979] az6027: usb out operation failed. (-71) [ 180.371837][ T5979] az6027: usb out operation failed. (-71) [ 180.389868][ T5979] stb0899_attach: Driver disabled by Kconfig [ 180.395965][ T5979] az6027: no front-end attached [ 180.395965][ T5979] [ 180.437940][ T5979] az6027: usb out operation failed. (-71) [ 180.457193][ T5979] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 180.488391][ T5979] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input13 [ 180.532310][ T5979] dvb-usb: schedule remote query interval to 400 msecs. [ 180.541724][ T5979] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 180.585619][ T5979] usb 5-1: USB disconnect, device number 8 [ 180.759197][ T5979] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 180.857721][ T8581] Falling back ldisc for ptm0. [ 181.734230][ T8625] netlink: del zone limit has 4 unknown bytes [ 181.838804][ T8630] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 182.297368][ T8651] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1214'. [ 182.306417][ T8651] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1214'. [ 182.511484][ T5827] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 182.563450][ T8666] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1221'. [ 182.691621][ T5827] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 182.711419][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.749506][ T5827] usb 3-1: config 0 descriptor?? [ 182.762075][ T5827] cp210x 3-1:0.0: cp210x converter detected [ 182.829042][ T8677] autofs4:pid:8677:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(0.0), cmd(0xc0189379) [ 182.845914][ T8677] autofs4:pid:8677:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189379) [ 183.171573][ T5827] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 183.197762][ T5827] usb 3-1: cp210x converter now attached to ttyUSB0 [ 183.303494][ T8699] capability: warning: `syz.0.1236' uses 32-bit capabilities (legacy support in use) [ 183.397326][ T5982] usb 3-1: USB disconnect, device number 5 [ 183.423830][ T5982] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 183.452649][ T5982] cp210x 3-1:0.0: device disconnected [ 183.696047][ T8683] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 183.707609][ T8683] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 183.728873][ T8683] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 183.751091][ T8683] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 183.760448][ T8683] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 183.770110][ T8683] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 183.786323][ T8683] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 183.796701][ T8683] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 183.815888][ T8683] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 183.833853][ T8683] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 183.842759][ T8683] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 183.850133][ T8683] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 184.107937][ T5982] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 184.267197][ T5841] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 184.278922][ T5982] usb 6-1: Using ep0 maxpacket: 32 [ 184.294960][ T5982] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 184.311280][ T5982] usb 6-1: config 0 has no interface number 0 [ 184.326211][ T5982] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 184.351681][ T5982] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.374599][ T5982] usb 6-1: Product: syz [ 184.385139][ T5982] usb 6-1: Manufacturer: syz [ 184.394085][ T5982] usb 6-1: SerialNumber: syz [ 184.413959][ T5982] usb 6-1: config 0 descriptor?? [ 184.426775][ T5982] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 184.463556][ T5841] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 184.507127][ T5841] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 184.533783][ T5841] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 184.546995][ T5841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.565911][ T8715] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 184.589716][ T5841] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 184.656369][ T5982] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 184.713255][ T5982] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 184.759948][ T8735] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 184.820845][ T5982] usb 5-1: USB disconnect, device number 9 [ 184.876969][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short [ 185.027388][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.089589][ C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 185.099514][ T927] usb 6-1: USB disconnect, device number 5 [ 185.132990][ T927] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 185.180006][ T927] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 185.188895][ T8745] batman_adv: batadv0: Adding interface: gretap1 [ 185.205487][ T927] quatech2 6-1:0.51: device disconnected [ 185.207181][ T8745] batman_adv: batadv0: The MTU of interface gretap1 is too small (1382) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.247185][ T8745] batman_adv: batadv0: Interface activated: gretap1 [ 185.478733][ T30] audit: type=1400 audit(1752260199.283:36): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=wx pid=8754 comm="syz.4.1264" name="254" dev="tmpfs" ino=1309 [ 185.787448][ T8767] sctp: [Deprecated]: syz.1.1266 (pid 8767) Use of int in maxseg socket option. [ 185.787448][ T8767] Use struct sctp_assoc_value instead [ 185.823499][ T8771] syz.0.1271 (8771) used greatest stack depth: 19064 bytes left [ 185.837604][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.844490][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 185.917917][ T51] Bluetooth: hci2: command 0x0405 tx timeout [ 186.162688][ T8785] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1278'. [ 186.178357][ T30] audit: type=1400 audit(1752260199.993:37): lsm=SMACK fn=smack_key_permission action=denied subject="w" object="_" requested=w pid=8786 comm="syz.5.1279" key_serial=781175710 key_desc="_uid_ses.0" [ 186.207423][ T8785] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.216327][ T8785] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.247712][ T8791] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 186.636657][ T8807] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1289'. [ 187.117296][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 187.676229][ T8836] netlink: 'syz.5.1301': attribute type 9 has an invalid length. [ 187.698953][ T8836] netlink: 200108 bytes leftover after parsing attributes in process `syz.5.1301'. [ 187.727838][ T8836] openvswitch: netlink: Message has 5 unknown bytes. [ 187.835213][ T8841] vlan2: entered promiscuous mode [ 187.843193][ T8841] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 187.855779][ T8841] vlan2: entered allmulticast mode [ 187.862796][ T8841] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 187.872138][ T8841] team0: Device vlan2 is up. Set it down before adding it as a team port [ 187.907690][ T5846] Bluetooth: hci4: command 0x0c1a tx timeout [ 187.913923][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 187.988419][ T5846] Bluetooth: hci2: command 0x0405 tx timeout [ 188.247220][ T927] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 188.307341][ T5846] Bluetooth: hci5: command 0x1003 tx timeout [ 188.311738][ T51] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 188.349685][ T5827] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 188.412219][ T927] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 188.440161][ T927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.461441][ T927] usb 6-1: Product: syz [ 188.474404][ T927] usb 6-1: Manufacturer: syz [ 188.486031][ T927] usb 6-1: SerialNumber: syz [ 188.510313][ T5827] usb 5-1: Using ep0 maxpacket: 16 [ 188.532466][ T927] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 188.551731][ T5827] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 188.583864][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 188.603106][ T5982] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 188.628330][ T5827] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 188.647636][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.655928][ T5827] usb 5-1: Product: syz [ 188.660633][ T5827] usb 5-1: Manufacturer: syz [ 188.665334][ T5827] usb 5-1: SerialNumber: syz [ 188.693324][ T5827] usb 5-1: config 0 descriptor?? [ 188.714892][ T5827] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 188.728192][ T5979] kernel write not supported for file /input/mouse0 (pid: 5979 comm: kworker/0:5) [ 188.744151][ T5827] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 188.763210][ T8874] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1320'. [ 188.885084][ T8877] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 189.194628][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 189.314545][ T5827] em28xx 5-1:0.0: chip ID is em2870 [ 189.473185][ T8894] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.491167][ T8894] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.548873][ T5827] usb 5-1: USB disconnect, device number 10 [ 189.562131][ T5827] em28xx 5-1:0.0: Disconnecting em28xx [ 189.582851][ T5827] em28xx 5-1:0.0: Freeing device [ 189.677779][ T5982] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 189.687346][ T5982] ath9k_htc: Failed to initialize the device [ 189.733230][ T5982] usb 6-1: ath9k_htc: USB layer deinitialized [ 189.753308][ T5979] usb 6-1: USB disconnect, device number 6 [ 190.002963][ T5846] Bluetooth: hci4: command 0x0c1a tx timeout [ 190.007326][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 190.077387][ T5851] Bluetooth: hci2: command 0x0405 tx timeout [ 190.524500][ T8926] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1344'. [ 191.780896][ T8969] syz.0.1363: attempt to access beyond end of device [ 191.780896][ T8969] loop0: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 191.827334][ T8969] gfs2: error -5 reading superblock [ 192.147306][ T51] Bluetooth: hci2: command 0x0405 tx timeout [ 192.317179][ T5979] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 192.500237][ T5979] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 192.509561][ T5979] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.527690][ T5979] usb 5-1: config 0 descriptor?? [ 192.542940][ T5979] cp210x 5-1:0.0: cp210x converter detected [ 192.559410][ T8986] input: syz1 as /devices/virtual/input/input15 [ 192.956730][ T5979] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 192.990473][ T5979] usb 5-1: cp210x converter now attached to ttyUSB0 [ 193.042366][ T8995] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 193.097442][ T8995] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 193.197046][ T24] usb 5-1: USB disconnect, device number 11 [ 193.215275][ T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 193.249642][ T24] cp210x 5-1:0.0: device disconnected [ 193.404091][ T9015] overlayfs: missing 'workdir' [ 193.998769][ T5979] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 194.169837][ T5979] usb 6-1: Using ep0 maxpacket: 32 [ 194.177228][ T5979] usb 6-1: config 0 has no interfaces? [ 194.182776][ T5979] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 194.199940][ T9052] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 194.217536][ T5979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.230845][ T5851] Bluetooth: hci2: command 0x0405 tx timeout [ 194.235582][ T5979] usb 6-1: config 0 descriptor?? [ 194.312769][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.319512][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.371784][ T9058] netlink: 'syz.4.1406': attribute type 2 has an invalid length. [ 194.383151][ T9058] netlink: 'syz.4.1406': attribute type 2 has an invalid length. [ 194.391249][ T9058] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1406'. [ 194.642990][ T5979] usb 6-1: USB disconnect, device number 7 [ 194.689472][ T9066] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 194.717670][ T9066] syzkaller0: linktype set to 7 [ 194.746418][ T9069] kvm: apic: phys broadcast and lowest prio [ 195.327573][ T9097] netlink: 192 bytes leftover after parsing attributes in process `syz.5.1425'. [ 195.687601][ T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 195.849123][ T24] usb 5-1: config 0 has an invalid interface number: 209 but max is 0 [ 195.864843][ T24] usb 5-1: config 0 has no interface number 0 [ 195.877794][ T24] usb 5-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=53.a6 [ 195.896500][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.924429][ T24] usb 5-1: config 0 descriptor?? [ 195.940849][ T24] ftdi_sio 5-1:0.209: FTDI USB Serial Device converter detected [ 195.958410][ T24] ftdi_sio ttyUSB0: unknown device type: 0x53a6 [ 196.170008][ T24] usb 5-1: USB disconnect, device number 12 [ 196.186749][ T24] ftdi_sio 5-1:0.209: device disconnected [ 196.417196][ T5827] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 196.579708][ T5827] usb 2-1: Using ep0 maxpacket: 16 [ 196.597709][ T5827] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 196.616985][ T5827] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 196.636163][ T5827] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 196.660314][ T5827] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 196.670914][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.684859][ T5827] usb 2-1: Product: syz [ 196.699482][ T5827] usb 2-1: Manufacturer: syz [ 196.713619][ T5827] usb 2-1: SerialNumber: syz [ 196.967205][ T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 197.085118][ T9171] vlan2: entered promiscuous mode [ 197.111211][ T9171] hsr0: entered promiscuous mode [ 197.135362][ T5827] usb 2-1: 0:2 : does not exist [ 197.150264][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 197.171921][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 197.206601][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 197.224830][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 197.246154][ T24] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 197.287156][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.325645][ T24] usb 3-1: Product: syz [ 197.332993][ T24] usb 3-1: Manufacturer: syz [ 197.350769][ T24] usb 3-1: SerialNumber: syz [ 197.353810][ T5827] usb 2-1: USB disconnect, device number 6 [ 197.375428][ T24] usb 3-1: config 0 descriptor?? [ 197.418735][ T24] ums-isd200 3-1:0.0: USB Mass Storage device detected [ 197.477423][ T30] audit: type=1800 audit(1752260211.273:38): pid=9176 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1462" name="[kvm-gmem]" dev="anon_inodefs" ino=25207 res=0 errno=0 [ 197.593660][ T9186] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1466'. [ 197.665181][ T24] scsi host1: usb-storage 3-1:0.0 [ 197.888065][ T24] usb 3-1: USB disconnect, device number 6 [ 198.066341][ T9208] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1476'. [ 198.104835][ T9208] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1476'. [ 198.116973][ T9208] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1476'. [ 198.220133][ T5982] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 198.389085][ T5982] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 198.408306][ T5982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.430908][ T5982] usb 5-1: config 0 descriptor?? [ 199.063684][ T5982] ath6kl: mismatched byte count 0 vs. expected 12 [ 199.074980][ T5982] ath6kl: Failed to init ath6kl core: -22 [ 199.101593][ T9254] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1497'. [ 199.104510][ T5982] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -22 [ 199.286048][ T5982] usb 5-1: USB disconnect, device number 13 [ 199.334059][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1501'. [ 199.407526][ T9267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1501'. [ 199.446346][ T9267] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 199.478528][ T9267] gretap1: entered promiscuous mode [ 199.830122][ T9280] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1509'. [ 200.197264][ T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 200.232095][ T30] audit: type=1326 audit(1752260214.043:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.295575][ T30] audit: type=1326 audit(1752260214.073:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.335078][ T9305] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 200.346451][ T30] audit: type=1326 audit(1752260214.083:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.368503][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 200.398276][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 200.416225][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 200.426643][ T30] audit: type=1326 audit(1752260214.083:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.454583][ T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 200.482743][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.497209][ T30] audit: type=1326 audit(1752260214.083:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.535929][ T24] usb 5-1: config 0 descriptor?? [ 200.549109][ T24] hub 5-1:0.0: USB hub found [ 200.560183][ T30] audit: type=1326 audit(1752260214.083:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.587342][ T30] audit: type=1326 audit(1752260214.083:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.610198][ T30] audit: type=1326 audit(1752260214.083:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.693313][ T30] audit: type=1326 audit(1752260214.083:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9301 comm="syz.1.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f888178e929 code=0x7ffc0000 [ 200.763585][ T24] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 201.164764][ T24] hid-generic 0003:046D:C31C.0005: unknown main item tag 0x0 [ 201.219499][ T24] hid-generic 0003:046D:C31C.0005: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0 [ 201.497666][ T5827] usb 5-1: USB disconnect, device number 14 [ 201.957569][ T5827] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 202.149298][ T5827] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 202.184044][ T5827] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 202.224196][ T5827] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 202.262482][ T5827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.293512][ T9347] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 202.310987][ T5827] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 202.534657][ T5827] usb 6-1: USB disconnect, device number 8 [ 202.860157][ T9393] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 202.933277][ T9396] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 202.978440][ T9396] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 203.477714][ T5827] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 203.678371][ T5827] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 203.692778][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.716243][ T5827] usb 5-1: Product: syz [ 203.721503][ T5827] usb 5-1: Manufacturer: syz [ 203.726175][ T5827] usb 5-1: SerialNumber: syz [ 203.754459][ T5827] usb 5-1: config 0 descriptor?? [ 203.988089][ T5827] usb 5-1: ignoring: probably an ADSL modem [ 204.157585][ T5979] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 204.280739][ T9459] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1594'. [ 204.329585][ T5979] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 204.340418][ T5979] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 204.368964][ T5979] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 204.378366][ T5979] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 204.386445][ T5979] usb 2-1: SerialNumber: syz [ 204.398788][ T5827] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 204.601721][ T5827] usb 5-1: USB disconnect, device number 15 [ 204.631316][ T5979] usb 2-1: 0:2 : does not exist [ 204.664182][ T5979] usb 2-1: USB disconnect, device number 7 [ 204.831432][ T9472] sp0: Synchronizing with TNC [ 204.849348][ T12] [ 204.851757][ T12] ===================================================== [ 204.858708][ T12] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 204.866202][ T12] 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 Not tainted [ 204.873311][ T12] ----------------------------------------------------- [ 204.880326][ T12] kworker/u8:0/12 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 204.887953][ T12] ffffffff8ece0938 (disc_data_lock#2){.+.+}-{3:3}, at: sixpack_write_wakeup+0x30/0x480 [ 204.897635][ T12] [ 204.897635][ T12] and this task is already holding: [ 204.904996][ T12] ffffffff99dcafb8 (&port_lock_key){-.-.}-{3:3}, at: uart_port_ref_lock+0xc4/0x3b0 [ 204.914397][ T12] which would create a new lock dependency: [ 204.920375][ T12] (&port_lock_key){-.-.}-{3:3} -> (disc_data_lock#2){.+.+}-{3:3} [ 204.928234][ T12] [ 204.928234][ T12] but this new dependency connects a HARDIRQ-irq-safe lock: [ 204.937704][ T12] (&port_lock_key){-.-.}-{3:3} [ 204.937727][ T12] [ 204.937727][ T12] ... which became HARDIRQ-irq-safe at: [ 204.950280][ T12] lock_acquire+0x120/0x360 [ 204.954882][ T12] _raw_spin_lock_irqsave+0xa7/0xf0 [ 204.960195][ T12] serial8250_handle_irq+0x6b/0xbb0 [ 204.965499][ T12] serial8250_default_handle_irq+0xbf/0x1b0 [ 204.971482][ T12] serial8250_interrupt+0xa5/0x1d0 [ 204.976676][ T12] __handle_irq_event_percpu+0x28c/0x980 [ 204.982398][ T12] handle_irq_event+0x8b/0x1e0 [ 204.987251][ T12] handle_edge_irq+0x267/0x9c0 [ 204.992102][ T12] __common_interrupt+0x140/0x250 [ 204.997221][ T12] common_interrupt+0x5e/0xe0 [ 205.001992][ T12] asm_common_interrupt+0x26/0x40 [ 205.007104][ T12] lock_release+0x5c/0x3e0 [ 205.011607][ T12] is_module_text_address+0x18b/0x1e0 [ 205.017071][ T12] kernel_text_address+0x94/0xe0 [ 205.022108][ T12] __kernel_text_address+0xd/0x40 [ 205.027225][ T12] unwind_get_return_address+0x4d/0x90 [ 205.032950][ T12] arch_stack_walk+0xfc/0x150 [ 205.037741][ T12] stack_trace_save+0x9c/0xe0 [ 205.042510][ T12] kasan_save_track+0x3e/0x80 [ 205.047283][ T12] kasan_save_free_info+0x46/0x50 [ 205.052456][ T12] __kasan_slab_free+0x62/0x70 [ 205.057317][ T12] kfree+0x18e/0x440 [ 205.061301][ T12] slab_free_after_rcu_debug+0x60/0x2a0 [ 205.066936][ T12] rcu_core+0xca8/0x1710 [ 205.071284][ T12] handle_softirqs+0x283/0x870 [ 205.076161][ T12] __irq_exit_rcu+0xca/0x1f0 [ 205.080879][ T12] irq_exit_rcu+0x9/0x30 [ 205.085213][ T12] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 205.090958][ T12] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 205.097094][ T12] pv_native_safe_halt+0x13/0x20 [ 205.102149][ T12] default_idle+0x13/0x20 [ 205.106612][ T12] default_idle_call+0x74/0xb0 [ 205.111483][ T12] do_idle+0x1e8/0x510 [ 205.115658][ T12] cpu_startup_entry+0x44/0x60 [ 205.120518][ T12] rest_init+0x2de/0x300 [ 205.124872][ T12] start_kernel+0x47d/0x500 [ 205.129475][ T12] x86_64_start_reservations+0x24/0x30 [ 205.135037][ T12] x86_64_start_kernel+0x143/0x1c0 [ 205.140248][ T12] common_startup_64+0x13e/0x147 [ 205.145284][ T12] [ 205.145284][ T12] to a HARDIRQ-irq-unsafe lock: [ 205.152313][ T12] (disc_data_lock#2){.+.+}-{3:3} [ 205.152349][ T12] [ 205.152349][ T12] ... which became HARDIRQ-irq-unsafe at: [ 205.165251][ T12] ... [ 205.165258][ T12] lock_acquire+0x120/0x360 [ 205.172474][ T12] _raw_read_lock+0x36/0x50 [ 205.177086][ T12] sixpack_receive_buf+0x5c/0x1450 [ 205.182300][ T12] tiocsti+0x23c/0x2c0 [ 205.186465][ T12] tty_ioctl+0x626/0xde0 [ 205.190816][ T12] __se_sys_ioctl+0xf9/0x170 [ 205.195514][ T12] do_syscall_64+0xfa/0x3b0 [ 205.200113][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.206097][ T12] [ 205.206097][ T12] other info that might help us debug this: [ 205.206097][ T12] [ 205.216332][ T12] Possible interrupt unsafe locking scenario: [ 205.216332][ T12] [ 205.224672][ T12] CPU0 CPU1 [ 205.230047][ T12] ---- ---- [ 205.235466][ T12] lock(disc_data_lock#2); [ 205.240008][ T12] local_irq_disable(); [ 205.246781][ T12] lock(&port_lock_key); [ 205.253659][ T12] lock(disc_data_lock#2); [ 205.260746][ T12] [ 205.264236][ T12] lock(&port_lock_key); [ 205.268744][ T12] [ 205.268744][ T12] *** DEADLOCK *** [ 205.268744][ T12] [ 205.276890][ T12] 6 locks held by kworker/u8:0/12: [ 205.282003][ T12] #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 205.293696][ T12] #1: ffffc90000117bc0 ((work_completion)(&buf->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 205.305395][ T12] #2: ffff888024760ca0 (&buf->lock){+.+.}-{4:4}, at: flush_to_ldisc+0x38/0x720 [ 205.314491][ T12] #3: ffff888051e3a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90 [ 205.324201][ T12] #4: ffffffff99dcafb8 (&port_lock_key){-.-.}-{3:3}, at: uart_port_ref_lock+0xc4/0x3b0 [ 205.333980][ T12] #5: ffff888051e3a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90 [ 205.343323][ T12] [ 205.343323][ T12] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 205.353760][ T12] -> (&port_lock_key){-.-.}-{3:3} { [ 205.359016][ T12] IN-HARDIRQ-W at: [ 205.362999][ T12] lock_acquire+0x120/0x360 [ 205.369157][ T12] _raw_spin_lock_irqsave+0xa7/0xf0 [ 205.376108][ T12] serial8250_handle_irq+0x6b/0xbb0 [ 205.382984][ T12] serial8250_default_handle_irq+0xbf/0x1b0 [ 205.390534][ T12] serial8250_interrupt+0xa5/0x1d0 [ 205.397299][ T12] __handle_irq_event_percpu+0x28c/0x980 [ 205.404589][ T12] handle_irq_event+0x8b/0x1e0 [ 205.411009][ T12] handle_edge_irq+0x267/0x9c0 [ 205.417423][ T12] __common_interrupt+0x140/0x250 [ 205.424118][ T12] common_interrupt+0x5e/0xe0 [ 205.431600][ T12] asm_common_interrupt+0x26/0x40 [ 205.438302][ T12] lock_release+0x5c/0x3e0 [ 205.444374][ T12] is_module_text_address+0x18b/0x1e0 [ 205.451411][ T12] kernel_text_address+0x94/0xe0 [ 205.458017][ T12] __kernel_text_address+0xd/0x40 [ 205.464696][ T12] unwind_get_return_address+0x4d/0x90 [ 205.471804][ T12] arch_stack_walk+0xfc/0x150 [ 205.478652][ T12] stack_trace_save+0x9c/0xe0 [ 205.484987][ T12] kasan_save_track+0x3e/0x80 [ 205.491315][ T12] kasan_save_free_info+0x46/0x50 [ 205.497992][ T12] __kasan_slab_free+0x62/0x70 [ 205.504406][ T12] kfree+0x18e/0x440 [ 205.509953][ T12] slab_free_after_rcu_debug+0x60/0x2a0 [ 205.517171][ T12] rcu_core+0xca8/0x1710 [ 205.523064][ T12] handle_softirqs+0x283/0x870 [ 205.529485][ T12] __irq_exit_rcu+0xca/0x1f0 [ 205.535741][ T12] irq_exit_rcu+0x9/0x30 [ 205.541650][ T12] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 205.548940][ T12] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 205.556598][ T12] pv_native_safe_halt+0x13/0x20 [ 205.563208][ T12] default_idle+0x13/0x20 [ 205.569195][ T12] default_idle_call+0x74/0xb0 [ 205.575611][ T12] do_idle+0x1e8/0x510 [ 205.581353][ T12] cpu_startup_entry+0x44/0x60 [ 205.587786][ T12] rest_init+0x2de/0x300 [ 205.593693][ T12] start_kernel+0x47d/0x500 [ 205.599853][ T12] x86_64_start_reservations+0x24/0x30 [ 205.606973][ T12] x86_64_start_kernel+0x143/0x1c0 [ 205.613785][ T12] common_startup_64+0x13e/0x147 [ 205.620392][ T12] IN-SOFTIRQ-W at: [ 205.624376][ T12] lock_acquire+0x120/0x360 [ 205.630526][ T12] _raw_spin_lock_irqsave+0xa7/0xf0 [ 205.637390][ T12] serial8250_handle_irq+0x6b/0xbb0 [ 205.644413][ T12] serial8250_default_handle_irq+0xbf/0x1b0 [ 205.652050][ T12] serial8250_interrupt+0xa5/0x1d0 [ 205.658811][ T12] __handle_irq_event_percpu+0x28c/0x980 [ 205.666105][ T12] handle_irq_event+0x8b/0x1e0 [ 205.672542][ T12] handle_edge_irq+0x267/0x9c0 [ 205.679061][ T12] __common_interrupt+0x140/0x250 [ 205.685748][ T12] common_interrupt+0x5e/0xe0 [ 205.692089][ T12] asm_common_interrupt+0x26/0x40 [ 205.698783][ T12] lock_release+0x5c/0x3e0 [ 205.704963][ T12] is_module_text_address+0x18b/0x1e0 [ 205.712106][ T12] kernel_text_address+0x94/0xe0 [ 205.718746][ T12] __kernel_text_address+0xd/0x40 [ 205.725467][ T12] unwind_get_return_address+0x4d/0x90 [ 205.732608][ T12] arch_stack_walk+0xfc/0x150 [ 205.739080][ T12] stack_trace_save+0x9c/0xe0 [ 205.745424][ T12] kasan_save_track+0x3e/0x80 [ 205.751767][ T12] kasan_save_free_info+0x46/0x50 [ 205.758465][ T12] __kasan_slab_free+0x62/0x70 [ 205.764905][ T12] kfree+0x18e/0x440 [ 205.770476][ T12] slab_free_after_rcu_debug+0x60/0x2a0 [ 205.777694][ T12] rcu_core+0xca8/0x1710 [ 205.783633][ T12] handle_softirqs+0x283/0x870 [ 205.790063][ T12] __irq_exit_rcu+0xca/0x1f0 [ 205.796313][ T12] irq_exit_rcu+0x9/0x30 [ 205.802224][ T12] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 205.809519][ T12] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 205.817154][ T12] pv_native_safe_halt+0x13/0x20 [ 205.823769][ T12] default_idle+0x13/0x20 [ 205.829756][ T12] default_idle_call+0x74/0xb0 [ 205.836175][ T12] do_idle+0x1e8/0x510 [ 205.841904][ T12] cpu_startup_entry+0x44/0x60 [ 205.848326][ T12] rest_init+0x2de/0x300 [ 205.854230][ T12] start_kernel+0x47d/0x500 [ 205.860401][ T12] x86_64_start_reservations+0x24/0x30 [ 205.867548][ T12] x86_64_start_kernel+0x143/0x1c0 [ 205.874329][ T12] common_startup_64+0x13e/0x147 [ 205.880936][ T12] INITIAL USE at: [ 205.884837][ T12] lock_acquire+0x120/0x360 [ 205.890903][ T12] _raw_spin_lock_irqsave+0xa7/0xf0 [ 205.897666][ T12] serial8250_do_set_termios+0x4bb/0x1c20 [ 205.904965][ T12] uart_set_options+0x3c2/0x5b0 [ 205.911376][ T12] serial8250_console_setup+0x2f4/0x3c0 [ 205.918485][ T12] univ8250_console_setup+0x43a/0x540 [ 205.925439][ T12] try_enable_preferred_console+0x4e4/0x650 [ 205.932911][ T12] register_console+0x551/0xf90 [ 205.939327][ T12] univ8250_console_init+0x52/0x90 [ 205.946007][ T12] console_init+0x1a1/0x670 [ 205.952167][ T12] start_kernel+0x2cc/0x500 [ 205.958256][ T12] x86_64_start_reservations+0x24/0x30 [ 205.965285][ T12] x86_64_start_kernel+0x143/0x1c0 [ 205.971963][ T12] common_startup_64+0x13e/0x147 [ 205.978468][ T12] } [ 205.980962][ T12] ... key at: [] port_lock_key+0x0/0x20 [ 205.988600][ T12] [ 205.988600][ T12] the dependencies between the lock to be acquired [ 205.988608][ T12] and HARDIRQ-irq-unsafe lock: [ 206.002124][ T12] -> (disc_data_lock#2){.+.+}-{3:3} { [ 206.007522][ T12] HARDIRQ-ON-R at: [ 206.011503][ T12] lock_acquire+0x120/0x360 [ 206.017655][ T12] _raw_read_lock+0x36/0x50 [ 206.023821][ T12] sixpack_receive_buf+0x5c/0x1450 [ 206.030597][ T12] tiocsti+0x23c/0x2c0 [ 206.036319][ T12] tty_ioctl+0x626/0xde0 [ 206.042211][ T12] __se_sys_ioctl+0xf9/0x170 [ 206.048548][ T12] do_syscall_64+0xfa/0x3b0 [ 206.054717][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.062260][ T12] SOFTIRQ-ON-R at: [ 206.066241][ T12] lock_acquire+0x120/0x360 [ 206.072393][ T12] _raw_read_lock+0x36/0x50 [ 206.078551][ T12] sixpack_receive_buf+0x5c/0x1450 [ 206.085338][ T12] tiocsti+0x23c/0x2c0 [ 206.091083][ T12] tty_ioctl+0x626/0xde0 [ 206.096991][ T12] __se_sys_ioctl+0xf9/0x170 [ 206.103276][ T12] do_syscall_64+0xfa/0x3b0 [ 206.109451][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.117012][ T12] INITIAL USE at: [ 206.120912][ T12] lock_acquire+0x120/0x360 [ 206.126979][ T12] _raw_write_lock_irq+0xa2/0xf0 [ 206.133490][ T12] sixpack_close+0x2c/0x280 [ 206.139578][ T12] tty_ldisc_kill+0xa3/0x1a0 [ 206.145730][ T12] tty_ldisc_release+0x1a4/0x200 [ 206.152253][ T12] tty_release_struct+0x2a/0xd0 [ 206.158669][ T12] tty_release+0xcb0/0x1640 [ 206.164736][ T12] __fput+0x44c/0xa70 [ 206.170459][ T12] task_work_run+0x1d4/0x260 [ 206.176616][ T12] exit_to_user_mode_loop+0xec/0x110 [ 206.183461][ T12] do_syscall_64+0x2bd/0x3b0 [ 206.189615][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.197070][ T12] INITIAL READ USE at: [ 206.201399][ T12] lock_acquire+0x120/0x360 [ 206.207894][ T12] _raw_read_lock+0x36/0x50 [ 206.214398][ T12] sixpack_receive_buf+0x5c/0x1450 [ 206.221510][ T12] tiocsti+0x23c/0x2c0 [ 206.227581][ T12] tty_ioctl+0x626/0xde0 [ 206.233822][ T12] __se_sys_ioctl+0xf9/0x170 [ 206.240413][ T12] do_syscall_64+0xfa/0x3b0 [ 206.246916][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.254806][ T12] } [ 206.257304][ T12] ... key at: [] disc_data_lock+0x18/0x100 [ 206.265206][ T12] ... acquired at: [ 206.269004][ T12] lock_acquire+0x120/0x360 [ 206.273680][ T12] _raw_read_lock+0x36/0x50 [ 206.278367][ T12] sixpack_write_wakeup+0x30/0x480 [ 206.283670][ T12] tty_wakeup+0xbb/0x100 [ 206.288084][ T12] tty_port_default_wakeup+0xa2/0xf0 [ 206.293546][ T12] serial8250_tx_chars+0x72e/0x970 [ 206.298833][ T12] __start_tx+0x33b/0x480 [ 206.303707][ T12] __uart_start+0x23f/0x440 [ 206.308404][ T12] uart_write+0xdc/0x130 [ 206.312819][ T12] sixpack_receive_buf+0x447/0x1450 [ 206.318192][ T12] tty_ldisc_receive_buf+0x116/0x160 [ 206.323653][ T12] tty_port_default_receive_buf+0x6e/0xa0 [ 206.329549][ T12] flush_to_ldisc+0x24a/0x720 [ 206.334404][ T12] process_scheduled_works+0xade/0x17b0 [ 206.340134][ T12] worker_thread+0x8a0/0xda0 [ 206.344902][ T12] kthread+0x711/0x8a0 [ 206.349151][ T12] ret_from_fork+0x3fc/0x770 [ 206.353915][ T12] ret_from_fork_asm+0x1a/0x30 [ 206.358887][ T12] [ 206.361209][ T12] [ 206.361209][ T12] stack backtrace: [ 206.367115][ T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) [ 206.367134][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 206.367144][ T12] Workqueue: events_unbound flush_to_ldisc [ 206.367170][ T12] Call Trace: [ 206.367181][ T12] [ 206.367190][ T12] dump_stack_lvl+0x189/0x250 [ 206.367209][ T12] ? __pfx_dump_stack_lvl+0x10/0x10 [ 206.367224][ T12] ? __pfx__printk+0x10/0x10 [ 206.367248][ T12] validate_chain+0x1f05/0x2140 [ 206.367274][ T12] __lock_acquire+0xab9/0xd20 [ 206.367290][ T12] ? sixpack_write_wakeup+0x30/0x480 [ 206.367307][ T12] lock_acquire+0x120/0x360 [ 206.367319][ T12] ? sixpack_write_wakeup+0x30/0x480 [ 206.367339][ T12] ? ldsem_down_read_trylock+0x137/0x1a0 [ 206.367359][ T12] ? tty_ldisc_ref+0x1c/0x90 [ 206.367375][ T12] _raw_read_lock+0x36/0x50 [ 206.367394][ T12] ? sixpack_write_wakeup+0x30/0x480 [ 206.367410][ T12] sixpack_write_wakeup+0x30/0x480 [ 206.367428][ T12] ? __pfx_sixpack_write_wakeup+0x10/0x10 [ 206.367444][ T12] tty_wakeup+0xbb/0x100 [ 206.367458][ T12] tty_port_default_wakeup+0xa2/0xf0 [ 206.367477][ T12] serial8250_tx_chars+0x72e/0x970 [ 206.367499][ T12] __start_tx+0x33b/0x480 [ 206.367517][ T12] __uart_start+0x23f/0x440 [ 206.367532][ T12] uart_write+0xdc/0x130 [ 206.367548][ T12] sixpack_receive_buf+0x447/0x1450 [ 206.367574][ T12] ? __pfx_sixpack_receive_buf+0x10/0x10 [ 206.367590][ T12] tty_ldisc_receive_buf+0x116/0x160 [ 206.367609][ T12] tty_port_default_receive_buf+0x6e/0xa0 [ 206.367628][ T12] flush_to_ldisc+0x24a/0x720 [ 206.367647][ T12] ? process_scheduled_works+0x9ef/0x17b0 [ 206.367663][ T12] process_scheduled_works+0xade/0x17b0 [ 206.367688][ T12] ? __pfx_process_scheduled_works+0x10/0x10 [ 206.367709][ T12] worker_thread+0x8a0/0xda0 [ 206.367738][ T12] kthread+0x711/0x8a0 [ 206.367757][ T12] ? __pfx_worker_thread+0x10/0x10 [ 206.367772][ T12] ? __pfx_kthread+0x10/0x10 [ 206.367790][ T12] ? _raw_spin_unlock_irq+0x23/0x50 [ 206.367809][ T12] ? lockdep_hardirqs_on+0x9c/0x150 [ 206.367829][ T12] ? __pfx_kthread+0x10/0x10 [ 206.367847][ T12] ret_from_fork+0x3fc/0x770 [ 206.367861][ T12] ? __pfx_ret_from_fork+0x10/0x10 [ 206.367876][ T12] ? __switch_to_asm+0x39/0x70 [ 206.367893][ T12] ? __switch_to_asm+0x33/0x70 [ 206.367909][ T12] ? __pfx_kthread+0x10/0x10 [ 206.367927][ T12] ret_from_fork_asm+0x1a/0x30 [ 206.367951][ T12] [ 206.368262][ C0] vkms_vblank_simulate: vblank timer overrun [ 206.614735][ C0] vkms_vblank_simulate: vblank timer overrun